Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
syssec:final_project [2019/05/03 00:10] abitar [Part III - Risk (30 pts)] |
syssec:final_project [2020/12/05 23:17] aibekzhy [Linux (LAMP Stack)] |
||
|---|---|---|---|
| Line 14: | Line 14: | ||
| {{:topology_example.png?850|}} | {{:topology_example.png?850|}} | ||
| + | ## Part II - Windows + Linux (60 pts) | ||
| - | ## Part II - Choose your Path (60 pts) | + | Here is the overview of Windows(30 pts), Linux(30 pts) and Firewall setup that you will need to perform: |
| - | + | ||
| - | There are two paths you can take for this. Linux based or Windows... both are about equal work, this should give you s chance to gain more depth in what you are interested. Choose on for the project. YOU DO NOT NEED TO DO BOTH. | + | |
| ### Windows (Active Directory) | ### Windows (Active Directory) | ||
| - | * pfSense as router OR Palo Alto, if you choose Palo Alto you get 20 pts of extra credit on the assignment | + | * 1 Windows client (10 ONLY) |
| - | * 1 Windows client (10 or 7) | + | |
| * Windows Server (2016 or 2019), this will be your Domain Controller | * Windows Server (2016 or 2019), this will be your Domain Controller | ||
| - | * follow the Windows homework, setup the same stuff (users, groups, GPO) | + | * follow the Windows homework, set up the same stuff (users, groups, GPO) |
| + | * Creds: Username - Admin/Administrator, Password: - Change.me! | ||
| ### Linux (LAMP Stack) | ### Linux (LAMP Stack) | ||
| - | * pfSense as router OR Palo Alto, if you choose Palo Alto you get 20 pts of extra credit on the assignment | + | * setup MediaWiki, as set up in the Services homework |
| - | * setup Wordpress, just like we did in the Services assignment | + | * remote database and a webserver |
| - | * remote database and a webserver (one of these should be GUI so you can check your website) | + | * Linux Client with GUI (so you can check your website) |
| - | * database should have MySQL or MongoDB | + | * database that will host data for MediaWiki |
| - | * webserver should have Apache, PHP and Wordpress | + | * webserver should have Apache, MediaWiki |
| + | * Creds: Username - sysadmin, Password: - changeme | ||
| + | ### pfSense vs Palo Alto | ||
| + | pfSense as router OR Palo Alto, if you choose Palo Alto you get 20 pts of extra credit on the assignment. Please let @aibek know if you would like Palo Alto. By default, you will get pfSense | ||
| Line 51: | Line 52: | ||
| Examples of technical controls to implement [Controls - Evidence]: | Examples of technical controls to implement [Controls - Evidence]: | ||
| - | * **Hardware Inventory list** - Table (Columns for the table: Asset Name, Asset Category, IP-Address, MAC Address, Operating System) (Also include NMAP output as proof) | + | * **Hardware Inventory list** - You can just submit your **topology** for this. Normally this is done with a Table (Columns for the table: Asset Name, Asset Category, IP-Address, MAC Address, Operating System) (Also include NMAP output as proof) |
| * **Software Inventory List** - Table (Columns for the table: Software Name, Software Category, Main Use, List of assets where software was implemented) - Just list any software that you installed on the system. Just list anything that is not a default app. (Example: do not list internet explorer, but list Google Chrome) | * **Software Inventory List** - Table (Columns for the table: Software Name, Software Category, Main Use, List of assets where software was implemented) - Just list any software that you installed on the system. Just list anything that is not a default app. (Example: do not list internet explorer, but list Google Chrome) | ||
| * **Controlled use of Admin Privileges**- Screenshot what admins are on a particular system. | * **Controlled use of Admin Privileges**- Screenshot what admins are on a particular system. | ||
| * **Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers** - provide proof that you hardened a certain aspect of your system (example: SSH config file set to reject logins after X failed attempts) | * **Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers** - provide proof that you hardened a certain aspect of your system (example: SSH config file set to reject logins after X failed attempts) | ||
| * **Maintenance, Monitoring, and Analysis of Audit Logs** - Provide a screenshot of 3 log files (Actually open the files) | * **Maintenance, Monitoring, and Analysis of Audit Logs** - Provide a screenshot of 3 log files (Actually open the files) | ||
| - | * Etc... Reach out to Alex/Jay if you are unsure about anything! | + | * etc... Reach out to Jay if you are unsure about anything! |
| - | + | ||
| - | + | ||
| - | + | ||
| - | + | ||
| - | + | ||
| - | + | ||
| - | + | ||
| - | + | ||
| - | + | ||
| - | + | ||
| Line 81: | Line 71: | ||
| - the static IP on all VMs | - the static IP on all VMs | ||
| - LAN/WAN and DMZ configuration in pfSense or Palo Alto | - LAN/WAN and DMZ configuration in pfSense or Palo Alto | ||
| - | - service working and running, like you did in the previous assignment, each route will be about 10 screenshots in total for all of this | + | - service working and running as you did in the previous assignment, each route will be about 10 screenshots in total for all of this |
| + | - <color #ed1c24>**ENSURE TO ADD ALL CREDENTIALS INTO THE SUBMISSIONS, SO THAT SECDEV IS ABLE TO CHECK YOUR WORK**</color> | ||
| As usual, if you have any questions please ask in the `System Security` channel! | As usual, if you have any questions please ask in the `System Security` channel! | ||