Practical Assessment 0523

Similar documents
Changing face of endpoint security

Web Security. Outline

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

CS 356 Operating System Security. Fall 2013

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

Paloalto Networks PCNSA EXAM

TestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified

HikCentral V1.3 for Windows Hardening Guide

Fireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.

CompTIA SY CompTIA Security+

HikCentral V.1.1.x for Windows Hardening Guide

WatchGuard XCS and Outlook Web Access 2013

CompTIA Security+ (2008 Edition) Exam

Introduction. The Safe-T Solution

Microsoft Installing, Configuring, and Administering Microsoft Exchange 2003 Server Implementing &Managing MS Exchange Server 2003

Step 1 - Set Up Essentials for Office 365

Practical Network Defense Labs

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Security Assessment. Prepared For: Prospect Or Customer Prepared By: Your Company Name

Appliance Installation Guide

Tiger Scheme QST/CTM Standard

CIH

Chapter 9. Firewalls

Ethical Hacking and Prevention

Step 1 - Set Up Essentials for Office 365

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com

Course 10233: Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010

Netwrix Auditor for Active Directory

ASA/PIX Security Appliance

SonicWALL Security Software

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

Centralizing Services on a Cisco Content (M-Series) Security Management Appliance

Security+ SY0-501 Study Guide Table of Contents

Web Application & Web Server Vulnerabilities Assessment Pankaj Sharma

SMTP Scanner Creation

Install and Manage Windows Nano Server 2016 Step by Step

Microsoft PRO- Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Pro:Deploying Messaging Solutions w/ms Exchange Server Exam.

7.16 INFORMATION TECHNOLOGY SECURITY

Lab 3: Introduction to Metasploit

ANATOMY OF AN ATTACK!


FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

G/On OS Security Model

Outlook Desktop Application for Windows

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

The following are the recommended minimum system requirements for modusgate Server:

Simple and Powerful Security for PCI DSS

Microsoft Official Course

20413B: Designing and Implementing a Server Infrastructure

Security in the Privileged Remote Access Appliance

for businesses with more than 25 seats

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

UDS Enterprise Preparing Templates Windows 7 + RDP + UDS Actor

COPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51

The following are the recommended minimum system requirements for modusgate Server:

A Measurement Companion to the CIS Critical Security Controls (Version 6) October

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Introduction to Installing and Managing Microsoft Exchange Server 2007 (Course 5047A)

CIS Controls Measures and Metrics for Version 7

Midland University Remote VPN Instructions

Citrix Exam 1Y0-301 Deploying Citrix XenDesktop 7.6 Solutions Version: 8.0 [ Total Questions: 112 ]

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Using Trustwave SEG Cloud with Cloud-Based Solutions

Reporter User Guide RapidFire Tools, Inc. All rights reserved Ver 4T

Centralized Policy, Virus, and Outbreak Quarantines

Using Trustwave SEG Cloud with Exchange Online

CIS Controls Measures and Metrics for Version 7

Microsoft Design and Deploy Messaging Solutions with Microsoft Exchange Server 2010

Transport Gateway Installation / Registration / Configuration

IJSER. Virtualization Intrusion Detection System in Cloud Environment Ku.Rupali D. Wankhade. Department of Computer Science and Technology

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

AccessEnforcer Version 4.0 Features List

Remote Administration

Vision deliver a fast, easy to deploy and operate, economical solution that can provide high availability solution for exchange server

ECCouncil Exam v8 Certified Ethical Hacker v8 Exam Version: 7.0 [ Total Questions: 357 ]

Computer Security: Cyber Essentials KAMI VANIEA 1

Introduction With the move to the digital enterprise, all organizations regulated or not, are required to provide customers and anonymous users alike

Computer Network Vulnerabilities

Integrating Password Management with Enterprise Single Sign-On

5047 : Introduction to Installing and Managing Microsoft Exchange Server 2007

Endpoint Security - what-if analysis 1

Designing and Operating a Secure Active Directory.

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network

T22 - Industrial Control System Security

Security Solutions. Overview. Business Needs

M2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres

RSA FRAUDACTION ANTI-PHISHING SERVICE: BENEFITS OF A COMPREHENSIVE MITIGATION STRATEGY

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

MDaemon Vs. Kerio Connect

epldt Web Builder Security March 2017


Five Nightmares for a Telecom

THREAT MODELING IN SOCIAL NETWORKS. Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda

How We Delivered Compliance to a London-based Law Firm. A Network Security Project Case Study.

Transcription:

Practical Assessment 0523 Build the environment 1. Installing two forest domain controllers for the root domain muduri.com. Role Name FQDN IP address OS Primary DC SDC01 Sdc01.muduri.com 192.168.31.1/24 Windows Server 2012 R2 Secondary DC SDC02 Sdc02.muduri.com 192.168.31.2/24 Windows Server 2012 R2 2. Installing mail server for the forest. Role Name FQDN IP address OS Mail server EXS01 Exs01.muduri.com 192.168.31.3/24 Windows Server 2012 R2 1

3. Installing Microsoft Exchange Server 2013 on the mail server. Setting up mailbox and groups for testing Send connector 2

Distribution groups and dynamic distribution groups 4. Allowing remote access to the exchange server. Create a new user named remote for remote access purpose; Grant necessary permission to the user; Enable remote access on the exchange server, and allowing the designated user remote ; Add port forwarding rules on the firewalls; Strick remote user behaviour through group policy. 3

Add firewall and setting up the DMZ 1. Installing IPCOP for as the gateway for the internal network. Role FQDN IP internal IP to DMZ OS Gateway NING-IPCOP.muduri.com 192.168.31.254/24 192.168.30.1/24 IPCOP 1.4.20 2. Installing pfsense firewall for the Role FQDN IP to DMZ IP public OS Firewall ningfw.muduri.com 192.168.30.254/24 172.16.10.30/24 pfsense 2.1 Topology Five vulnerabilities of this scenario 1. Spam mail flood to the mail server cause a lot problem. This is a common attack, which dramatically consuming the resource of the mail servers and costly bandwidth. 2. Attack on open ports. Attackers can conduct port scan on the public IP. Once ports were identified, attacks will target on these ports. Some port conventionally for some known protocols would be risky. 3. Denial of Service (DoS) attack. Dos attack keep on requesting connection to port or services, it will exhaust the available connections of the server. Consequently, the valid communication would be blocked. 4. Directory harvest attacks (DHAs). Attackers sending emails to the targeted organization from spoofed mail address. The email server will send back Non-Delivery Reports, if the address is invalid. Then the attacker would eventually know which addresses are valid within that organization. Some attacker will conduct DHA to gather valid email, then use this valid information for other attacks. In this case DHAs would also occupy large amount of resources. 5. Risks caused by domain users. 4

Some valid user could also cause problem through inappropriate behaviours. For example, if some user send email with large attachment, the mail server will be out of storage soon. Some insecure behaviour of domain users would also inject malware to the mail system. Namely these three we are going to address. Simple password Removable disk carries malware Large attachment Block the vulnerabilities 1. Add and enable Malware filter On the ECP console, go protection-malware filer, add rules. 2. Disable unnecessary ports on both server and firewalls, On the internal and perimeter firewall, block unnecessary ports. On the internal and perimeter firewall, change the Remote Desktop Protocol port into other available ports. In my case the port has been translated from 3389-3398-3399. I changed RDP port number through group policy, so that we can change the port through modifying one policy. 5

Both firewalls accepted Snort published rules for internet security. The Suricata was installed on the pfsense firewall. 3. Limiting mailbox(es) On the ECP, go to server-database, modify the limitation of mailbox database to meet the limits. On the ECP, go to recipients-mailbox, choose a user or user group, 6

On the ECP, go to mail flow-organization transport setting, modify the limits of all mailbox. 4. Domain user policies Blocking USB disk 7

Password complexity 24 May 2017 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback