CONTENTS

• Access Control & OS
  1. Tutorial Overview
  2. Windows Lab Procedures
  3. Unix 's File System
  5. SOLARIS
  6. SOLARIS Lab Procedures
• Apache SSL
  1. Tutorial Overview
  2. Installing Components
  3. Creating a Certificate
  4. Configuring Apache SSL
• Authenticode
  1. Tutorial Overview
  2. Installing .NET Framework SDK
  3. Signing a File
  4. Verifying a Signature
• Common Criteria Methodology
  1. Tutorial Overview
  2. General Evaluation Guidelines
  3. Evaluation of Functional Requirements TOE
  4. Questions
  5. References
• Cryptography with C#
  1. Tutorial Overview
  2. C# .NET Framework Examples
  3. Message Authentication
  4. Digital Signatures
  5. Exercises
  6. Resources
• Cryptographic Libraries
  1. Tutorial Overview
  2. OpnelSSL's Toolkit
  3. Java Cryptography Extension
  4. Exercises
  5. Resources
• Firewall Access Control Lists
  1. Tutorial Overview
  2. Technical Details
  3. Telnet and FTP
  4. Lab Report
• Firewall Configurations & Attacks
  1. Tutorial Overview
  2. Attacking Without a Firewall
  3. Filter an IP Address
  4. Filter TCP Traffic
  5. Misconfigured Firewall Examples
  6. Exercises
• Forensics
  1. Tutorial Overview
  2. Exercises
  3. Hidden Data
  4. Steganography
  5. Viewing IE Cache
  6. Installation Instructions
• IIS & Server 2003
  1. Tutorial Overview
  2. Installing Components
  3. Create a Certificate Request
  4. Submit a Certificate Request
  5. Installing a Certificate
  6. Secure Certificate Services
  7. Secure the Server
  8. Secure IIS
• IPSec and VPN Tunnel
  1. Tutorial Overview
  2. Technical Details
  3. VPN Tunnel Parameters
  4. Lab Report
• Java Code Signing
  1. Tutorial Overview
  2. Installing Java & Signing a File
  3. Verifying a Signature
• Network Protocol Analyzers
  1. Tutorial Overview
  2. TCPDump
  3. Ethereal
  4. Sniffer Distributed System
  5. Telnet Session
• PKI
  1. Tutorial Overview
  2. Installing Thunderbird
  3. Installing GPG and Enigmail
  4. Create and Use Key Pairs
• Secure Cookies
  1. Tutorial Overview
  2. Installing Components
  3. Creating a Secure Cookie
• Three Tier

Lab report.  The lab report for this laboratory should include the following

1. Evaluation reports for PP, ST and TOE.
2. ST for Cisco PIX 501 (basic framework).
3. Answers to the Lab Questionnaire.

Tutorial Questionnaire. 

Question 1: Which users/ groups have access to audit logs?
Question 2: Why are audit policies disabled by default?
Question 3: What is the difference between security logs and system logs?
Question 4: What is the minimum size of the log allowed?
Question 5: Why is the default size very different from the minimum?
Question 6: What size would you choose as the maximum?
Question 7: Which other user can access the even viewer?
Question 8: Why is the audit view limited to specific users only?
Question 9: Does the local policies cover security management functions for administrators also?
Question 10: Can different security functions be created for each user?
Question 11: Which of the above mentioned security management functions can be performed by user other than the administrator group? within the network?
Question 12: Can the user data be situated at a remote machine in a trusted domain within the network?
Question 13: How does the group policy relate to local policy?
Question 14: Why are policies for administrator in user-configuration and computer-configuration different?
Question 15: Which other user other than from the administrator group enable or disable quota management?
Question 16: Is the quota limit applicable to all the users? Is there any user that is not limited by the quota management?
Question 17: What encryption function is used by operating system?
Question 18: Does it provide any information about what the password could be? Or whether even the username was correct?
Question 19: How are all the security-relevant information captured in the displayed information?
Question 20: Can anyone else unlock the computer apart from the user who locked it?
Question 21: What is the difference between the User Ticket and Service Ticket?
Question 22: Do you think it is more important to have a service Ticket timeout than a User Ticket timeout?

 

Browse Pages << | < | 1 2 3 4 5 | > | >>