Could it be possible to site the work?
Running head: UNIT 8 ASSIGNMENT 1
UNIT 8 ASSIGNMENT 6
Unit 8 Assignment
Your Name
Purdue University Global
IT484 Cybersecurity Policies
Associate Professor David Lecomte
May 14, 2020
Table of Contents
Abstract 3
Replace these words with your first heading 4
Replace these words with your second heading 5
Replace these words with your next heading 6
Replace these words with your next heading 7
Replace these words with your next heading 8
References
9
NOTE:
Overwrite this page or delete
this page
entirely.
I’ll
give
1 point to your grade if you need it if you attempt this page.
Abstract
The abstract is written in block format, meaning that the start of the paragraph is not indented. It begins on the next line following the Abstract heading and should be short–100-200 words. The Abstract heading should NOT be in bold. All numbers in an abstract should be typed as digits and not as words unless they are at the beginning of a sentence. The abstract is a one-paragraph summary of the most important elements of the paper. An abstract summarizes what you set out to do in a project together with a summary of your findings.
NOTE: Overwrite this page or delete
this
entirely.
I’ll
give
1 point to your grade if you need it
,
if you attempt this page.
Part 1: Using the Internet and/or the Library
Research and explain your answer to the following: Evaluate how to implement a secure wireless network using Active Directory and RADIUS server.
Replace these words 400-600 of your own and then remove the italics and change the color to black. SOME THOUGHTS: Use WPA2 [appropriate? Discuss] with AES. WP2 Personal or WPA2 Enterprise … describe advantages and disadvantages of these protocols. WPA2 is able to authenticate to RADIUS server [explain] … CHAP is part RADIUS. Describe how Active Directory operates by providing access control. Can use a combination of certificate authentication and active directory credentials to authenticate with RADIUS
Explain how to do this and provide it in a step-by-step implementation guide using screenshots and explanations.
Replace these words 400-600 of your own and then remove the italics and change the color to black. SOME THOUGHTS: Provide two screen shots that indicate any of the steps that you might go through to implement a secure wireless network.
Step 1: Install Active Directory … Configure it.
Step 2: Allocate privileges to users through some kind of policy.
Step 3: Devise a remote login policy. User/group membership, group policy / OU location
Step 4: Test your configuration.
OTHER THOUGHTS: You can use Active Directory Group Policy to push Wireless profiles w/ certificates to domain-joined mobile Windows devices. KB arcticles are generally based on a wireless product i.e. Cisco Meraki, Netgear
Part 2: Research and Explain the Following
1) Explain step-by-step how a hacker would crack passwords starting with extracting the hash file in a non-Active Directory and an Active Directory client.
Replace these words 200-300 of your own and then remove the italics and change the color to black. SOME THOUGHTS: Explain what a has file is. In Active Directory it is stored in c:Windows\NTDS.dlt and at C:\Windows|Sytems32\config\STYSTEM. To extract the files you need a tool … example us the utility ndsutil. [
https://ss64.com/nt/ntdsutil.html
or
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc753343(v%3Dws.11)
] Once you have the files you can run them through a program like “John the Ripper” “ncrack” “rainbox cracker”. The hard part is to get hashes.
OTHER THOUGHTS: Would they use a keystroke logging application …. windows/system32/… If they are extracting would it be a man in the middle attack … /etc/shadow … unless they are configured to login via ldap authentication … Active Directory is unique, Linux doesn’t natively use domains to the extent of Windows devices. LDAP would be the closest Linux comes
2) Write a remote access cybersecurity policy for remote users.
Replace these words 200-300 of your own and then remove the italics and change the color to black. SOME THOUGHTS: E.g. A policy for all employees who want to connect to the internal corporate network remotely. Ensure that only authorized personnel of the company are able to connect remotely. Specific VPN software … no other connection is allowed.
OTHER THOUGHTS: VPN with SmartCard for auth, and Group Policy enforcing standards applied to the computer … only approved devices can be connected … only approved devices can be connected … to verify your anti-virus policies and is updated
References
Lodha, I., Kolur, L., Hari, K. S., & Prasad, H. (2019). Secure Wireless Internet of Things Communication using Virtual Private Networks.
Murphy, B. (2015). SSCP (ISC)2 Systems security certified practitioner official study guide, (1st, Ed.). [VitalSource Bookshelf Online]. Retrieved from https://purdueuniversityglobal. vitalsource.com/#/books/9781119059684/cfi/0!/4/2@100:0.00
Pauli, J. J. (2013). The Basics of Web Hacking : Tools and Techniques to Attack the Web. Syngress.
Thompson, D. (n.d.). (2020). Implementing a Secure Wireless Network for a Windows Environment. SANS Institute. Retrieved from
https://www.sans.org/reading-room/whitepapers/wireless/implementing-secure-wireless-network-windows-environment-1619
Sak, B., & Ram, J. R. (2016). Mastering Kali Linux Wireless Pentesting. Packt Publishing.
SANS Institute. (2014). Remote Access Policy. Retrieved from
https://www.sans.org/security-resources/policies/network-security/pdf/remote-access-policy
Arias, N. (2019, April 12). How to Crack an Active Directory Password in 5 Minutes or Less. Retrieved March 3, 2020, from
https://www.semperis.com/blog/easy-hacking-active-directory-password/
Miller, L. C., & Gregory, P. H. (2016). CISSP for dummies. (4th, Ed.). [VitalSource Bookshelf Online]. Retrieved from
https://kaplan.vitalsource.com/#/books/9781119210252/
Murphy, B. (2015). SSCP (ISC)2 Systems security certified practitioner official study guide, (1st, Ed.). [VitalSource Bookshelf Online]. Retrieved from https://purdueuniversityglobal. vitalsource.com/#/books/9781119059684/cfi/0!/4/2@100:0.00
Ranbe, R. (2017, November 21). How to Use RADIUS for WLAN Authentication. Retrieved March 3, 2020, from
https://smallbusiness.chron.com/use-radius-wlan-authentication-59871.html
SANS Org. (2014). Remote Access Policy. Consensus Policy Resource Community, 1–3. Retrieved from https://www.sans.org/security-resources/policies/network-security/pdf/remote-access-policy
Active Directory Authentication. (2007). Oracle. Retrieved March 3, 2020, from
https://docs.oracle.com/cd/E19728-01/820-2550/activedir_auth.html
Bhargava, R. (2016, Feb. 11). Active Directory WiFi Authentication and RADIUS Support. Jump Cloud.
Boller, M. (2017, Aug. 21). Cracking Active Directory Passwords or “How to Cook AD Crack.” SANS Institute.
https://pen-testing.sans.org/resources/papers/gpen/cracking-active-directory-passwords-how-cook-ad-crack-139215
Chandel, R. (2017, Oct. 15). 4 Ways to Capture NTLM Hashes in Network [blog]. Hacking Articles.
Network Radius. (n.d.). How A Radius Server Works.
https://networkradius.com/how-a-radius-server-works/
Microsoft. (2018, Aug. 30). Step 4. Install and configure the Network Policy Server (NPS).
https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/vpn-deploy-nps
Microsoft. (2019, Nov. 16). Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS.
https://support.microsoft.com/en-us/help/814394/certificate-requirements-when-you-use-eap-tls-or-peap-with-eap-tls
Podāns, V. (2018, April 8). Certificate Autoenrollment in Windows Server 2016 (part 1). Sysadmins LV.
https://www.sysadmins.lv/blog-en/certificate-autoenrollment-in-windows-server-2016-part-1.aspx
Ranbe, R. (n.d.). How to Use RADIUS for WLAN Authentication. Chron. https://smallbusiness.chron.com/use-radius-wlan-authentication-59871.html
Rouse, M. (2018, June). Active Directory. Tech Traget.
https://searchwindowsserver.techtarget.com/definition/Active-Directory
TechTerms. (2017, July 13). Active Directory.
https://techterms.com/definition/active_directory
Arias, N. (2017). How to Crack an Active Directory Password in 5 Minutes or Less. Retrieved from: https://www.semperis.com/blog/easy-hacking-active-directory-password/
Cisco. (2018). Retrieved from:
https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_with_WPA2-Enterprise
Geier, E. (2010). Moving to WPA/WPA2-Enterprise Wi-Fi Encryption. Retrieved from:
https://www.ciscopress.com/articles/article.asp?p=1576225
Microsoft. (2019). Retrieved from:
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/wireless/e-wireless-access-deployment
Murphy, B. (2015). SSCP (ISC)2 Systems security certified practitioner official study guide, (1st, Ed.). [VitalSource Bookshelf Online]. Retrieved from https://purdueuniversityglobal. vitalsource.com/#/books/9781119059684/cfi/0!/4/2@100:0.00
Radius Chart . (2018). Retrieved from: https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_with_WPA2-Enterprise
Wireless-gp . (2019). Retrieved from: https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/wireless/e-wireless-access-deployment
Wireless-policy-properties. (2019). Retrieved from: https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/wireless/e-wireless-access-deployment
Arias, N. (2019, April 12). How to Crack an Active Directory Password in 5 Minutes or Less. Semperis. Retrieved March 6, 2020, from https://www.semperis.com/blog/easy-hacking-active-directory-password/
How to Configure Radius Server on Windows Server 2016? – TheITBros. (2019, November 25). TheITBros. Retrieved March 6, 2020, from
https://theitbros.com/radius-server-configuration-on-windows/
Bartlett, M. (2018, December 15). Windows 10 & 8: Install Active Directory Users and Computers. Retrieved from TechniPages: https://www.technipages.com/windows-install-active-directory-users-and-computers
Get-FileHash. (2020). Retrieved from ss64: https://ss64.com/ps/get-filehash.html
Jarko, C. (2015, April). Remote Access Policy. Retrieved from SANS: https://www.sans.org/security-resources/policies/network-security/pdf/remote-access-policy
John the Ripper password cracker. (ND). Retrieved from Openwall: https://www.openwall.com/john/
Miller, L. C. (N.D.). Wireless Security Protocols: WEP, WPA, and WPA2. Retrieved from dummies: https://www.dummies.com/computers/computer-networking/wireless/wireless-security-protocols-wep-wpa-and-wpa2/
Rouse, M. (2005, June). CHAP (Challenge-Handshake Authentication Protocol) . Retrieved from Tech Target Search Security: https://searchsecurity.techtarget.com/definition/CHAP-Challenge-Handshake-Authentication-Protocol
Rouse, M. (2007, June). RADIUS (Remote Authentication Dial-In User Service) . Retrieved from Tech Target Search Security: https://searchsecurity.techtarget.com/definition/RADIUS
SentinelOne. (2019, May 22). What is a Hash? (And How Does It Work?). Retrieved from SentinelOne : https://www.sentinelone.com/blog/what-is-hash-how-does-it-work/
NOTE: DELETE this line and ALL blue text before submitting your Assignment.
Assignment 8 Grading Rubric = 45 points
Assignment Requirements |
Points Possible |
Points
Earned |
Part 1 |
||
Evaluate how to implement a secure wireless network using Active Directory and RADIUS server. Explain how to do this and provide it in a step-by step-implementation guide using screenshots and explanations. (400- 600 words) |
0–30 |
|
Part 2 |
||
Explain step-by-step how a hacker would crack passwords starting with extracting the hash file in a non-Active Directory and an Active Directory client. (200-300 words) |
0–5 |
|
Write a remote access cybersecurity policy for remote users. (200-300 words) |
||
Column Total |
0–45 |
|
Less deduction taken for spelling, grammar, and APA errors. Plagiarism is totally unacceptable. |
||
New total after deductions |