03. Instructions

Project Instructions

Project Steps Overview

To complete this project, you will need to complete the following:

  1. Download from the Project Resources (Available in the top left of the classroom. You may need to click on the three lines to show the menu):
    • The Monitoring and Securing the DFI Environment Template
    • Udacity_FW.xlsx Firewall Report Document
  2. Ensure that you are able to log into the project Windows 10 Desktop Environment.
  3. Login to the Udacity Windows 10 Desktop and subsequently, the Windows and Linux servers from it.
  4. In each system provided, analyze using Defense in Depth, Principles of least privilege, NIST 800, and Microsoft best practices (links provided.)
  5. Recommend firewall rule for new vendor connections (information provided.)
  6. Recommend encryption in transit for new vendor connections.
  7. Create at least one IDS rule based on intelligence provided.
  8. Ensure executables received from vendors are legitimate by comparing file hash with known good copy.
  9. Recommend areas that could be improved using automation.
  10. Create a report detailing successful and unsuccessful connection attempts using PowerShell to view event logs.
  11. Using NIST 800 and Microsoft Best Practices, recommend which updates should be installed and which could be left off.
  12. Create a data directory on CentOS for internal use and set appropriate permissions.
  13. Provide mitigation response to firewall alert report. (Sample data provided.)
  14. Encrypt data files and folders for delivery to the vendor.
  15. Ensure that you have met all of the requirements of the Project Rubric.

Project Details

After downloading the templates:

  1. Rename the templates with your name in them. Example: Peyton Smith Monitoring and Securing the DFI Environment
  2. The Monitoring and Securing the DFI Environment Template has detailed instructions as to what to complete for each step of our project. You should complete your work inside if this template and submit the template when you have completed the project.
  3. Where the project asks for justification or rationale, please be thorough in your explanations and provide answers that a non-technical stakeholder would understand.
  4. Important In the final step you are asked to encrypt your project .zip file with a secure password. When you submit your project, please remember to add the password to the Notes to the reviewer section or they will not be able to assess your project.

Submission Details

After completing the project:

  1. Ensure that you have met all of the requirements of the Project Rubric.
    • If you have not, please update your project before submission.
  2. Important In the final step you are asked to encrypt your project .zip file with a secure password. When you submit your project, please remember to add the password to the Notes to the reviewer section or they will not be able to assess your project.
  3. Create a folder called Defending and Securing Systems Project
  4. Add your Zip file to this folder for submission. This needs to be in a folder for our system to handle it.
  5. Submit that folder and the password to decrypt (in the notes for reviewer section) it for review on the submission page.