Project: Securing a Microsoft Windows Environment

Project: Securing a Microsoft Windows Environment

Purpose This course-wide project introduces you to a variety of tasks and skills that are required for an entry-level security administrator who is tasked with securing systems in a Microsoft Windows environment.

Required Source Information and Tools

The following tools and resources will be needed to complete this project:

 Course textbook  Access to the Internet

Learning Objectives and Outcomes You will be able to:

 Describe the impact of adding Active Directory to an existing Windows network.  Develop procedures for changing access controls.  Develop procedures for ensuring a malware-free environment.  Recommend Group Policy Objects for a Windows environment.  Develop procedures for auditing security in a Windows system.  Develop procedures for restoring a failed Windows system.  Recommend Windows hardening techniques.  Describe security goals and write policies for securing Windows applications.  Ensure the integrity of all evidence collected in a Windows environment.

Overall Project Scenario Always Fresh Foods Inc. is a food distributor with a central headquarters and main warehouse in Colorado, as well as two regional warehouses in Nevada and Virginia.

The company runs Microsoft Windows 2019 on its servers and Microsoft Windows 10 on its workstations. There are 2 database servers, 4 application servers, 2 web servers, and 25 workstation computers in the headquarters offices and main warehouse. The network uses workgroups, and users are created locally on each computer. Employees from the regional warehouses connect to the Colorado network via a virtual private network (VPN) connection.

Due to a recent security breach, Always Fresh wants to increase the overall security of its network and systems. They have chosen to use a solid multilayered defense to reduce the likelihood that an attacker will successfully compromise the company’s information security. Multiple layers of defense throughout the IT infrastructure makes the process of compromising any protected resource or data more difficult than any single security control. In this way, Always Fresh protects its business by protecting its information.

Deliverables (next page)

Project: Securing a Microsoft Windows Environment

This project is divided into several parts, as follows:

LESSON 1

• Project Part 1: Active Directory Recommendations LESSON 2

• Project Part 2: Access Controls Procedure Guide LESSON 3

• Project Part 3: Malware Protection Procedure Guide • Project Part 4: Group Policy Objects Recommendations

LESSON 4

• Project Part 5: Security Audit Procedure Guide • Project Part 6: System Restoration Procedure Guide

LESSON 5

• Project Part 7: Network Security Controls Recommendations LESSON 6

• Project Part 8: Windows Hardening Recommendations LESSON 7

• Project Part 9: Secure Windows Applications Policy • Project Part 10: Evidence Collection Policy