AMRITA VISHWA VIDYAPEETHAM (UNIVERSITY),

BANGALORE CAMPUS
(MS 2017-2019)
INFORMATION ASSURANCE

LAB ASSIGNMENT 1
Implementing Security: Personal Computers

Bharat Bhaskar - BL.BU.P2EMBA17003

Pavithra B - BL.BU.P2EMBA17010
Vamsi - BL.BU.P2EMBA17011
Lab Assignment 1

1. Security with Security Center

Although may firewall softwares such as ZoneAlarm, Symantec, Checkpoint are available in market
and are used by organizations, Microsoft Windows comes with a built in firewall.
1. Click Start -> Control Panel -> Security and Maintenance. (For Windows XP see this link and
for Windows 10 see this link)

2. To help protect your computer, Windows security center provided some essential services. What are
these essential services and what is the status of each service?

1
Lab Assignment 1

3. Go back to control panel and click on the Windows Firewall. Click on Turn firewall on or off and
review and briefly discuss if the setting are safe enough.

2
Lab Assignment 1

Windows firewall is safe enough to provide security for our computer with following reasons

 It filters the network traffic permitted to enter the device.

 Also control what network traffic the device is allowed to send to the network
 It enables you to require authentication from any device that is attempting to communicate
with our device. If any device cannot authenticate, then it cannot communicate with our
device.
 Specific network traffic will be encrypted to prevent it from being read or intercepted while
in transit between devices.

2.0 Web Browser Security and Configuration (IE)

2.1 Setting Security Zones

4. In Internet Explorer, click Extras, Internet Options, and click the Security tab. You see
four distinct security zones listed.

The Internet zone is the default for all sites not found in other zones. The Local intranet zone is for
local network sites and files. The Trusted sites zone is for sites that the user explicitly defines,
normally visited frequently and needing ActiveX controls or Flash animation, and so on. Finally, the
Restricted sites zone is for sites that are known to have pop-up animations and windows, may contain
malicious or corrupt content, and so on. These are also defined by the individual user. For each zone,
there is a Default level and a Custom level.

5. Click the Internet icon. Now, click the Default Level button. What level does this zone default to?

Ans: Default level is Medium High

3
Lab Assignment 1

6. Now, click the Custom Level button. You are presented with a number of more granular controls, each
with the possible settings of Disable, Enable, or Prompt. List the settings for the items below:

Download signed ActiveX controls: Prompt

Download unsigned ActiveX controls: Disable
Run ActiveX controls and plug-ins: Enable

7. Change all of the settings for these items to Disable.

8. What are the threats caused by ActiveX objects?

ActiveX objects
 could monitor your personal browsing habits
 install malware
 generate pop-ups
 log your keystrokes and passwords

4
Lab Assignment 1

 do other malicious things

 infect and damage computer

9. Scroll down to the section labeled Scripting. Set all three of these variables in the section to Disable.
10. Now, click Extras, Internet Options, and click the Security tab. Click the Internet zone. Click
the Default Level button. Click OK.
11. Click Extras, Internet Options and click the Security tab. Click the Local intranet zone, and
then click the Sites button.
12. Click Advanced. This is where you can enter sites that are known to be part of the local network.

13. Similarly, can you can make changes to allow for specific WWW sites that you know to be
Trusted sites and Restricted sites. Try few sites.

2.2 Privacy, Cookies, and Miscellaneous Settings in IE

14. To begin an examination of how IE handles cookies, click Extras, Internet Options, and click
the Privacy tab. You should see a slider control there with various settings.

15. What is the default level for this setting?

Default level of setting is Medium

5
Lab Assignment 1

16 .Move the slider up until the setting is High. Describe the policies at this level

 Blocks all cookies from all website

 Blocks cookies that do not have a compact privacy policy
 Blocks cookies that use personally identifiable information

17. Now click the Advanced button. Click the Override automatic cookie handling check box.
What options do you see and explain in brief what they mean.

6
Lab Assignment 1

Below are the options for Override automatic cookie

Accept: Allow the cookies to be stored
Block: Block the cookies
Prompt: Ask if the cookies can be accepted or blocked,

18. You also have an option to always allow "session cookies." Session cookies are not stored on your
hard drive, whereas persistent cookies are. Now, click OK, and then OK again. To see where Internet
Explorer stores its Cookies in Windows Vista, Windows 7 or Windows 8, open Explorer >
Organize > Folder Options > Views > Check ‘Do not show hidden files and folders’ and
Uncheck ‘Hide protected OS files’ > Apply > OK. Now you will be able to see the two real
locations of Windows Cookies folders at the following address in Windows 7:

C:\Users\username\AppData\Roaming\Microsoft\Windows\Cookies
C:\Users\username\AppData\Roaming\Microsoft\Windows\Cookies\Lo
w
In Windows 8 and Windows 8.1, the Cookies are stored in this folder:
C:\Users\username\AppData\Local\Microsoft\Windows\INetCookies

19. All of these cookies should be named consistently as someusername@somesitename.txt. What

are some of the site names you have listed?

Cookie:pabasava@facebook
Cookie:pabasava@microsoft
Cookie:pabasava@webex
Cookie:pabasava@live
7
Lab Assignment 1

20. Pick some of these files and double-click to open and peruse them. Do you see anything of interest?

Below text is in the cookie file, which we try to open.

“Cookies are no longer stored in files. Please use Internet*Cookie* APIs to access cookies.”
The internet page details are not stored.

2.3 IE’s Content Advisor and Miscellaneous Settings

21. In Internet Explorer, click Extras, Internet Options, and click the Content Tab. In this tab,
you could see the content advisor. However, to see this site, you need the Supervisor password. By
setting certain sites as acceptable and others as restricted, for example if an organization deploys a
standard image of the operating systems with the browser configured to block specific web pages, the
organization can exert some degree of control over Web site access using the native Internet Explorer
security tools. If you have the password, enter it, or click Cancel. Finally, click Extras, Internet
Options, and click the Advanced tab. Scroll all the way down to the Security category.

22. Which versions of SSL are enabled in your browser?

SSL 3.0 is not enabled.
TLS 1.0, 1.1, 1.2 is enabled

8
Lab Assignment 1

3.0 Antivirus Evaluation

There are a number of antivirus software programs available. However, unless the antivirus programs
are updated regularly, they might miss a virus or worm. Following lab examines the antivirus
configuration on your computer for Symantec Antivirus. [If you do not use the Symantec Antivirus,
review the antivirus software used on your computer and provide one paragraph write up regarding
the product, the capabilities and version used].

Write one paragraph write up regarding the product, the capabilities and version used.

Product:
McAfee VirusScan is an antivirus program created and maintained by McAfee, Inc. (formerly known as
Intel Security, and Network Associates prior to that). It is not available as a standalone package, but is
included in McAfee LiveSafe, McAfee AntiVirus Plus[1] and McAfee Total Protection. Additionally,
BSkyB and McAfee have previously produced a "Sky Broadband" branded version of VirusScan, offered
free to Sky Digital customers upon broadband modem installation. McAfee LiveSafe integrates antivirus,
firewall and anti-spyware/anti-ransomware capabilities. McAfee Antivirus software works to block viruses
from entering your computer system and kill or quarantine viruses that have some broken through the
firewall.

Capabilities:
The Virus Database: McAfee Antivirus software updates its virus database by using an automatic web
crawler that scans the Internet and identifies malicious software by name, type and destructive capability.
Once the scan is complete, the program is prepared to impede the entry of malware on a computer system
or destroy it, if it is already on the system.

The Firewall: Once the virus database is updated, McAfee Antivirus software strengthens a computer's
firewall. A warning is issued whenever there is a perceived threat. The firewall on some versions of
McAfee even extends to the Internet, so you are notified about harmful websites while you surf the web.
If, by accident, you allow a virus or a worm past the firewall and into your system by downloading an
infected program or opening a corrupted email attachment, the last line of defense is the virus scan tool,
which finds and kills or contains malware for manual deletion.

The Virus Scan Utility: The virus scan utility searches every file on your computer system for malware
and compiles a list of malicious software that you can delete at the end of the scan. The depth of McAfee
Antivirus's database permits the program to detect and eliminate most threats quickly with a thorough scan.
9
Lab Assignment 1

Version Used: 5.5.0.447

4.0 Patches and Fixes

10
Lab Assignment 1

If these patches (especially critical updates) are not installed, the system may become vulnerable and can
be exploited. If the Automatic Update feature in the security center is turned On, Windows routinely
checks the Windows Update Web site for high-priority updates that can help protect your computer from
the latest viruses and other security threats. These updates can include security updates, critical updates,
and service packs. Depending on the setting you choose, Windows automatically downloads and installs
any high-priority updates that your computer needs, or notifies you as these updates become available.

You can review the different categories of types of updates available for your system by going
to http://windowsupdate.microsoft.com. To review you can click on Custom tab.

26. Discuss which of these categories might be most important to the network security
administrator and why?

Types of Updates:

 Critical Update
 Security update
 Update Rollup
 Service Pack
 Driver updates
 Definition Update
 Tool
 Feature Pack
 Update

Critical Updates, Definition Updates, Update Rollup and Service Pack will be the most important to
the network security administrator. Serious performance degradation, interoperability malfunction
or disturb application compatibility can be caused if the system is not updated.

27. Seasoned administrator waits for a while before rushing to install system updates. Can you
explain why?

Before rushing to install system updates, a thorough study of the updates should be done. It should be
seen than effect of updates should not hinder with the current operation of the system. Also it should be
assessed that Updates will conform to the current system software and hardware configuration.
It should also be properly confirmed the updates that are being received are from authentic sources and
are not the method to infect the system for hacking.

11