Need two page summary with descriptions with steps.
Security Baseline Scanning Security Baseline Scanning General Instructions To complete this lab exercise, you will be required to keep notes of all steps that you take. Your notes should include screenshots, descriptive explanations, and labels for each screenshot where applicable. The notes should also include copies of any scan results, results of any outputs created by using the benchmark tools in this exercise, as well as copies of any referenced reports not specifically referenced in these instructions. After completing this lab exercise, you are expected to: · Provide a description and copy of the proposed hardening approach you would take to address the vulnerabilities found during your Nessus scan. · Incorporate answers to any questions set forth in this lab in your final Security Baseline Report. The Goal of the Lab: The Need for Nations' Security Baseline Based on the Global Summit, you will need to work with other nation teams to build a system security baseline. Generally, all nations need to define a security baseline. First, you will use OpenSCAP Workbench to build a custom baseline, and then use Nessus to scan the systems for vulnerabilities. The SCAP tools are used for modifying industry benchmark characteristics. In this lab, you will use OpenSCAP Workbench to customize a National Institute of Standards and Technology (NIST)-provided Configuration Baseline (the .xml file) in Part 1 and use Nessus to perform vulnerability scans of the computer systems with the NIST-provided Windows 7 Configuration Baseline in Part 2. Normally, your computer system would be hardened after building the baseline. However, you will not need to harden the computer system in this exercise. As part of the activities in this lab, you will keep a copy of the following in your notes for inclusion in your final project report deliverables: · a copy of the Nessus scan report · a copy of the benchmark configuration file you created in this exercise You will also describe and document an effective approach for hardening the computer system that will be included in your notes and final project report. Lab Reference Resources Review the following to reinforce your understanding of the key concepts in this lab: · Refer to the OpenSCAP Portal and Nessus websites for official documentations, user manuals, FAQs, webcast slides, online videos, and online presentations. · Use tools such as the UMGC library, Google search engine, YouTube, and others for external resources such as videos, peer review articles, white papers, trade magazines, and online documentations. · Be mindful of digital rights infringement and cite sources to credit authors where appropriate to support your work. Getting Started In order to get started on this lab, you must first access the Virtual Labs environment using the instructions provided in the UMGC Virtual Lab document (Navigating the Workspace and the Lab Setup) in the classroom. The link to this document is found in the "Complete This Lab" box in the project step where the link to this lab instructions is located and labeled. Launch the Lab Broker application as instructed in the above document to connect to the lab VMs. Note: (a) After Lab Broker is launched, you will see a list of modules reflecting your course names. If you are accessing the lab for the first time, after expanding the list of nodes available for your course (CYB670), you will notice that the Connect and Start buttons are grayed out and only the Allocate Lab button is clickable. (b) If necessary, refer to the lab setup document described above for additional details. 1. Enter the following credentials to connect to the WINATK01 VM when prompted: Username: StudentFirst Password: Cyb3rl@b Source: Microsoft Windows, UMGC Virtual Labs 2. Once successfully connected, you will be taken to the desktop of the WINATK01 VM. Source: Microsoft Windows, UMGC Virtual Labs 3. Double-click the Lab Resources shortcut located on the desktop of the VM to open the folder. Source: Microsoft Windows, UMGC Virtual Labs 4. Once in the Lab Resources folder, double-click on the Resources shortcut/bookmark to take you to the CYB 670 Project Resources. 5. On the CYB 670 Project Resources page, right-click the (scap_gov.nist_USGCB-Windows-7.xml) NIST-provided Configuration Baseline and select Save link as to download the file to the VM. Source: Microsoft, UMGC Virtual Labs Note: Notice that the NIST .xml file (scap_gov.nist_USGCB-Windows-7.xml) is currently a Windows 7 version, which should work for the purpose of this exercise. 6. Click Save link as to save the file to your Downloads folder. Source: Microsoft Windows, UMGC Virtual Labs 7. Windows Explorer will open, defaulting to the Downloads folder of the WiINATK01 VM. Click Save to save the file to the Downloads folder. Source: Microsoft, UMGC Virtual Labs Note: Close the Project Resources page to continue. Source: Microsoft, UMGC Virtual Labs Part 1 Customizing a Configuration Baseline Using OpenSCAP Workbench OpenSCAP comes preloaded with SCAP content for many versions of Linux and Windows operating systems. The tool can also be used to scan these operating systems for vulnerabilities using industry standard baseline configuration files. The purpose of this tool in this exercise is to give you the means of customizing a standard baseline obtained from NIST. As a cybersecurity professional, you may be required to develop a custom baseline for your organization. The best way to do this is by using industry-accepted benchmarks and tailoring those to meet security compliance requirements for your organization. The following are steps to customize security benchmarks for a Windows 7 system obtained from NIST. Steps: 1. Go to the Applications folder within the Lab Resources folder to launch the SCAP Workbench application from the shortcut provided. After the application launches, the SCAP content selection window will open. Source: Microsoft, UMGC Virtual Labs Source: OpenSCAP, UMGC Virtual Labs Source: OpenSCAP, UMGC Virtual Labs 2. Click the Select content to load a drop-down menu to select the Other SCAP Content. Then click Load Content to launch Windows Explorer to allow you to select the baseline file that you will customize. Source: OpenSCAP, UMGC Virtual Labs 3. Navigate to the Downloads folder and select the scap_gov.nist_USGCB- Windows-7.xml file to load it for editing in OpenSCAP. Click Open to continue. Source: Microsoft, UMGC Virtual Labs. 4. After loading the SCAP content, the following window with the Rules section will pop up. Source: OpenSCAP, UMGC Virtual Labs Note: Familiarize yourself with the interface, especially the list of rules as highlighted. 5. Click the Customize button to start the customization process of the NIST benchmark. A Customized Profile window will open. Source: OpenSCAP, UMGC Virtual Labs a) Note the name of the New Profile ID since you will change it to reflect the name of your organization. b) Note the word customized at the end of the New Profile ID to OrgName, where OrgName reflects the name of your organization. c) Ensure that you change OrgName to your organization's name. Source: OpenSCAP, UMGC Virtual Labs 6. Click OK to apply the change. A window will appear, showing the updated ID reflecting the name of your organization. Pay attention to the list of the customizable configuration baseline items on the left as highlighted in the second screenshot below. Source: OpenSCAP, UMGC Virtual Labs Source: OpenSCAP, UMGC Virtual Labs If you are unable to see the full window, follow the numbers 1 to 3 in the next screenshot and then adjust sizes as needed. Source: Microsoft and OpenSCAP, UMGC Virtual Labs 7. Now, modify the Account Lockout Policy Settings and Password Policy Settings as indicated below. Source: OpenSCAP, UMGC Virtual Labs Under the Account Lockout Policy Settings, select Reset Account Lockout After and change its settings from the default 900 seconds (15 minutes) to 1800 seconds (30 minutes) as shown. Source: OpenSCAP, UMGC Virtual Labs You may try other options by selecting the other policy settings depending on your organization's security requirements. 8. After the customization, click OK to apply the updated settings. Source: OpenSCAP, UMGC Virtual Labs Notice that even though the profile has been customized, the changes have not yet been saved as indicated by Unsaved changes in the Customization box in the screenshot below. Source: OpenSCAP, UMGC Virtual Labs 9. Before saving the file, create a Customized Windows 7 Baseline folder on the desktop of the WINATK01 VM. Source: Microsoft, UMGC Virtual Labs 10. It is now time to save the file. Go to the File menu and select Save All to save the file to the Customized Windows 7 Baseline folder on the desktop of the VM. Source: OpenSCAP, UMGC Virtual Labs After successfully saving the file, you notice that there are two files in the folder: one is the original scap_gov.nist_USGCB-Windows-7.xml file, and the other is the associated customization file, tailoring-xccdf.xml. Source: Microsoft, UMGC Virtual Labs . Source: Microsoft, UMGC Virtual Labs 11. Move a copy of the customized Windows 7 Baseline to Workspace to be included with your project deliverables by using the instructions: Moving Files Between Lab VM and Workspace VM. Part 2 Performing Vulnerability Scans Using Nessus In this second part of the lab, you are going to use a software tool, Nessus, to scan the Windows target virtual machine (WINTGT01) for vulnerabilities using the Basic Network Scan and two Advanced Network Scans. The goal is to demonstrate how using various scans can expose different vulnerabilities of the Windows system. Steps: 1. A Nessus Web Client shortcut has been created and placed in the Applications subfolder of the Lab Resources folder. Double-click on the shortcut to go to the Nessus Web Client log-in page. Source: Microsoft, UMGC Virtual Labs 2. Use your UMUC credential to log in. Note that this is the same credential used to access your LEO classroom. Enter your credentials and click Sign In. Source: Nessus, UMGC Virtual Labs 3. Once successfully signed in, you'll be taken to the Nessus Scans page by default. From this page, you can create a new scan. Source: Nessus, UMGC Virtual Labs Note: Below is a Nessus Scans page showing a list of scans created by other users. Don't be alarmed if you see that list, and don't copy or alter any scan that you did not create yourself. Source: Nessus, UMGC Virtual Labs Creating and Running a Basic Network Scan 1. Click the New Scan button to start the wizard for creating a new scan. You may need to enlarge the browser window to see this button. Source: Nessus, UMGC Virtual Labs 2. You'll be presented with various scan templates. Choose the Basic Network Scan template to create a new scan. Source: Nessus, UMGC Virtual Labs 3. Choosing the template will bring you to the following page where you'll need to provide information for the highlighted boxes as depicted below. Source: Nessus, UMGC Virtual Labs 4. You can obtain the IP addresses of the target machines. From