Project: Securing a Business Network

Reconnaissance

Criteria	Meet Specification
The student is able to identify the hardware in use on this virtual PC.	Student will complete the Hardware section in the worksheet. This includes providing at least one screenshot of the system settings screen.
The student is able to identify the software applications in use on this virtual PC	Student will complete the Software section in the worksheet by naming at least 5 installed applications on the virtual PC. This includes providing at least one screenshot of the installed Programs screen. Student should name the Center for Internet Security or NIST Control in use.
The student is able to identify the user accounts in use on this virtual PC.	Student will complete the Accounts section in the worksheet by naming at least 5 user accounts on the virtual PC. This includes providing at least one screenshot of the Accounts screen.
The student is able to identify the service and the security settings on the PC and explain vulnerabilities and risks with these settings.	Student will complete the Services and Security Services section in the worksheet. This includes providing at least screenshots of Services running on this PC. Windows Security screen Security and Maintenance Firewall settings Windows Defender Firewall Change Security and Maintenance settings Student will complete the Security Feature table in the worksheet Students will name at least three vulnerabilities.

Securing the PC

Criteria	Meet Specification
The student is able to recommend an industry security baseline and justify the choice	Student will answer ALL questions asked in the Baseline section. This includes: Students will recommend the industry standard and baseline Students will provide an explanation for their choices.
The student is able to secure a Windows 10 PC following a security baseline.	Students will choose 3 from the 5 security areas provided in the System and Security section. Answer ALL questions and provide screenshots as asked in the areas they choose.

Criteria

Meet Specification

The student is able to recommend an industry security baseline and justify the choice

Student will answer ALL questions asked in the Baseline section. This includes:

Students will recommend the industry standard and baseline
Students will provide an explanation for their choices.

The student is able to secure a Windows 10 PC following a security baseline.

Students will choose 3 from the 5 security areas provided in the System and Security section. Answer ALL questions and provide screenshots as asked in the areas they choose.

Securing Access

Criteria	Meet Specification
The student is able to identify user accounts found on the sample computer and identify vulnerabilities and risks associated	Student will answer ALL questions asked in the User accounts sections. This includes: Identify which user should be disabled/removed and the users’ level of privilege based on the scenario given. Take steps to remove unwanted account and change the level of privilege Explain the vulnerabilities and risks associated Identify the security principle followed
The student is able to identify current access and authentication policies and setting new policies.	Student will answer ALL questions asked in the Setting Access and Authentication Policies, and auditing and logging sections. This includes Locate the local security policy window Students will take steps to set password policy, account lockout policy and auditing and logging based on the scenario given Students will provide screenshots to demonstrate the work.

Criteria

Meet Specification

The student is able to identify user accounts found on the sample computer and identify vulnerabilities and risks associated

Student will answer ALL questions asked in the User accounts sections. This includes:

Identify which user should be disabled/removed and the users’ level of privilege based on the scenario given.
Take steps to remove unwanted account and change the level of privilege
Explain the vulnerabilities and risks associated
Identify the security principle followed

The student is able to identify current access and authentication policies and setting new policies.

Student will answer ALL questions asked in the Setting Access and Authentication Policies, and auditing and logging sections. This includes

Locate the local security policy window
Students will take steps to set password policy, account lockout policy and auditing and logging based on the scenario given
Students will provide screenshots to demonstrate the work.

Securing Applications

Criteria	Meet Specification
The student is able to identify applications running on the sample computer, remove unwanted applications, and identify vulnerabilities and risks associated	Student will answer ALL questions and provide screenshots in the Remove unneeded or unwanted applications, Default browser and Windows Services sections. Identify at least 3 applications that are violated the policies Take steps to uninstall unwanted applications List at least 3 vulnerabilities and risks associated with unnecessary applications Identify and change default browser List at least 2 vulnerabilities and risks associated with IE browser Turn IE browser and web services off
The student is able to identify patching and updates of PC and applications and make setting changes	Student will answer ALL questions and provide screenshots in the Patching and updates section. Update PC to the latest version and provide a screenshot List at least two applications on the PC that are out of date Update applications with screenshots

Criteria

Meet Specification

The student is able to identify applications running on the sample computer, remove unwanted applications, and identify vulnerabilities and risks associated

Student will answer ALL questions and provide screenshots in the Remove unneeded or unwanted applications, Default browser and Windows Services sections.

Identify at least 3 applications that are violated the policies
Take steps to uninstall unwanted applications
List at least 3 vulnerabilities and risks associated with unnecessary applications
Identify and change default browser
List at least 2 vulnerabilities and risks associated with IE browser
Turn IE browser and web services off

The student is able to identify patching and updates of PC and applications and make setting changes

Student will answer ALL questions and provide screenshots in the Patching and updates section.

Update PC to the latest version and provide a screenshot
List at least two applications on the PC that are out of date
Update applications with screenshots

Securing Files and Folders

Criteria	Meet Specification
The student is able to identify the access of files and secure files	Student will answer ALL questions and provide screenshots in section. This include: Identify who has access to files and make changes based on the scenario given. Encrypt files with password Identify the security principle followed Setting share folders

Criteria

Meet Specification

The student is able to identify the access of files and secure files

Student will answer ALL questions and provide screenshots in section. This include:

Identify who has access to files and make changes based on the scenario given.
Encrypt files with password
Identify the security principle followed
Setting share folders

Optional: Basic Computer Forensics (Advanced)

Criteria	Meet Specification
The student is able to locate suspicious files in PC	Student will locate suspicious files by looking through unwanted users’ folder

Tips to make your project standout:

Students answer the topics listed as “Advanced Students” in the template.
Students complete at least four of the security areas in Section 2, Securing the PC
Students complete Section 6, Basic Computer Forensics