R. Craig Collins > CPMT
2449 > Lab 9
R. Craig Collins > CPMT
2449 > Lab 9
Lab 9 © R. Craig Collins, 2005/6
General Lab Directions
Note: There is not enough time in lecture to cover all
the material; read your book BEFORE you begin the lab
Note: Typically labs will require you to invest some time in the lab, outside
of class lecture hours
Check with your Instructor for due date, typically Friday, 11:59PM, of the week assigned
Part 1, Server Activity (30%):
• Windows Project 12-1
Part 2: Documentation, (30%)
• Linux Project 12-2
Part 3: Q&A (40% 2pt each)
• Security: the 20 review questions at the end of chapter 12
1. Your organization prints out many logs from servers each morning, but no
one looks at them, except occasionally. What might your organization use in
relation to the logs to help make server administrators aware of possible intrusions?
Answer:
2. You are working for a bank that provides Internet banking 24 hours a day,
seven days a week. The bank cannot afford to have security personnel scanning
for intruders and taking action against intruders during every moment that Internet
banking is available. What might be the best solution?
Answer:
3. Your company has decided to put intrusion-detection software on all servers
and workstations. This is called:
Answer:
4. You have installed Network Monitor in Windows 2000 Server, but the software
is not gathering statistics on network activity. What might be the problem?
(Choose all that apply.)
Answer:
5. The art director in your company suspects that someone is accessing her Mac
OS X computer over the network. Which of the following enables her to monitor
who is logged onto her computer?
Answer:
6. The IT manager in your company wants a way to check which users are logged
on to his Windows XP Professional workstation, because he enables programmers
to access employment and vacation information from his computer. Which of the
following do you recommend? (Choose all that apply.)
Answer: (multiple)
7. Which of the following types of information can you obtain from MONITOR
in NetWare 6.x? (Choose all that apply.)
Answer: (multiple)
8. A Mac OS X user, who is also a frequent user of the Internet, has downloaded
a worm. You want to trace the user's steps to determine how this might have
happened. Which of the following would be most productive?
Answer:
9. You are training a new server administrator on the Windows 2000 and 2003
servers in your organization. You decide to train the new server administrator
to use Network Monitor to track only BPDU traffic. What capability do you show
her?
Answer:
10. While still training the new server administrator in Question 9, you show
her how to monitor shared folders, and she asks what the "$" reference
means in the folder names. You explain that this refers to _____________________.
Answer:
11. In Red Hat Linux 9.x, most logs are found in the __________________ directory.
Answer:
12. Your organization is experiencing lots of port scanning and various attempts
at breaking into servers. Which of the following intrusion-detection methods
might you try, to redirect attackers away from these servers? (Choose all that
apply.)
Answer:
13. A(n) _____________________ examines logs and other recorded data and determines
if there has been an intrusion attempt.
Answer:
14. You want to examine failed attempts to access the Payroll folder in Windows
Server 2003. What log would you check?
Answer:
15. When you see a white "x" inside a red circle in Windows 2000
Server or Windows Server 2003 log, this signifies a(n) ________________________.
Answer:
16. You notice that a process that should be starting when Red Hat Linux 9.x
boots is not starting. Where would you look to track down the error?
Answer:
17. You suspect that an attacker has changed the schema in NetWare 6.0. Where
would you look to trace this possibility?
Answer:
18. You've identified an intruder on a NetWare 6.5 server on your network.
Now you need to quickly terminate this intruder's log on session. Which of the
following tools can you use? (Choose all that apply.)
Answer: (multiple)
19. In Network Monitor, how might you view traffic only from one workstation,
as a way to determine if that workstation is creating a network load? (Choose
all that apply.)
Answer: (multiple)
20. Your assistant is worried that the logs on computers running Red Hat Linux
9.x will become too full and must be managed. What is your comment about this?
Answer:
Save the changes to yourname-lab8.doc. Print the results to turn in. Upload the file as directed.
for Labs that require files to be electronically submitted
• zip the
required file(s) and/or folder(s)
• rename the
zipped file to reflect your name and the lab being turned in
•Example: yourname-lab1 or yourname-lab1.zip
(if your extensions are visible)
If submitting by Temple College Desire2Learn:
•Log into D2L, scroll to the
bottom, and choose the correct course
•When the Course Home Page appears,
click on the Dropbox link.
1. Choose the class for which you want to drop off an assignment.
2. Find the Dropbox tool, click on it.
3. Choose the appropriate Dropbox folder, click on it.
4. Choose [Add a File], then choose [Browse]
5. Find the file that you would like to upload and click open, then choose [Upload]
6. Type in a short description or comment about the file, if you like.
7. Select [Add] for any additional files that may be pertinent, and repeat
8. After your files have been selected, click [Upload]. (You will always click upload at least twice)
9. Some files may take a long time to upload (especially if there are graphics in the file). After the upload is complete the File Upload dialog box should appear. See the steps below to verify that your file went through.
Did my file get through? 1. Go to the Dropbox tool
2. Click the number under Submissions
3. All of the assignments that have been submitted will be listed.
• if submitting by eCampus,
by Blackboard
•Log in to your class, and Click once
on the Drop Box/Tools button
•Select the Digital Drop Box
•Select the [Add file]
• For Name,
type in the name of the lab
• For File
• [Browse...]
to the file you wish to submit,
• Choose
[Open] to select it
• For Comments,
include your name, your class, your section, and what you are submitting
•Select Submit
• if submitting by email:
•Send the mail to your instructor,
cc yourself
•The subject line should include
your name, your class, your section, and what you are submitting
•Attach the file