Group Policy Protections [NG]Author: Malcolm Reed Jr.Framework Category: Operate and MaintainSpecialty Area: Systems AnalysisWork Role: Systems Security AnalystTask Description: Verify minimum security requirements are in place for all applications. (T0508)ScenarioAfter attending a conference I was made aware that our Internet Explorer and Windows servers have been left open and vulnerable. I need you to find a way to improve the security of the application through the use of Group Policy.Additional InformationMore details and objectives about this challenge will be introduced during the challenge meeting, which will start once you begin deploying the challenge.You will be able to check your progress during this challenge using the check panel within the workspace once the challenge is deployed. The checks within the check panel report on the state of some or all of the required tasks within the challenge.Once you have completed the requested tasks, you will need to document the methodology you used with as much detail and professionalism as necessary. This should be done on the documentation tab within the workspace once the challenge is deployed. Below the main documentation section be sure to include a tagged list of applications you used to complete the challenge.Your username/password to access all virtual machines and services within the workspace will be the following...Username: playeronePassword: password123The username/password used to access the Firewall's web interface within the workspace will be the following...Username: adminPassword: password123 Richard LeGrand@playerone, I just attended United States Government Configuration Baseline (USGCB) for Microsoft content seminar and found out some interesting things. I talked to some security professionals and they told me their top four Windowssecurity concerns.lone LeventisHow was that seminar boss?Richard LeGrandNot now lone l'm in the middle of something..Where was 1?Oh yea. so @playerone I was talking to some senior guys at the conference and they suggested a few things to me.First, do not send any private information to Microsoft . whatever that means stop it.Second stop cross site scripting..Uhh get that done.Richard LeGrandThere was also mention of only allowing programs with correct signatures to be downloaded via Internet Explorer.Lastly do not allow users to change any security settings within Windows Explorer. Go ahead and disable the Windows Explorer security tab altogether.Gary Thatcher@playerone, you should enforce these changes via a group policy object that spans the entire domain. Please make a new GPO called DasGroup on the Domain-Controller and set up the policies there. Group Policy Protections | Thomas BrownO 34h 06m LeftSubmit Challenge AttemptVirtual MachinesChecksStatusCheck DescriptionCheck TypeCheck StateLast ChangedO Having issues with mouse/keyboard input or connecting to VM consoles?Disable Microsoft Customer Experience Improvement [Approx. 3m Refresh]Challenge Check ?Undesireable State09:20 AM PSTMachine NameStatusActionsOpen Console ?Disable the Security Tab [Approx. 3m Refresh]Challenge Check ?Undesireable State09:20 AM PSTBackupPowered OnAction -5 HTML5VMRCDisable Cross-Site Scripting [Approx. 3m Refresh]Challenge Check ?Undesireable State09:20 AM PSTDatabasePowered OnAction5 HTML5I VMRCDisable downloads without correct signatures for files [Approx. 3m Refresh]Challenge Check 2.Undesireable State09:20 AM PSTDev-WebPowered OnAction -5 HTML5VMRCDomain-ControllerPowered OnAction -S HTML5VMRCFilesharePowered OnAction -S HTML5VMRCFirewallPowered OnAction -5 HTML5VMRCMailPowered OnAction -S HTML5VMRCProd-WebAction -5 HTML5Powered OnVMRCSecurity-DeskPowered OnAction -5 HTML5VMRCWorketation DeckDaworad A.AUTMEOVMDCDocumentationE Challenge Info- Meeting Notes* Network MapRichard LeGrand@playerone, I just attended United States Government Configuration Baseline (USGCB) for Microsoft content seminar and found out some interesting things. I talked to some security professionals and they told me their top four Windowssecurity concernsD D D D D D D D

Question

Group Policy Protections [NG]Author: Malcolm Reed Jr.Framework Category: Operate and MaintainSpecialty Area: Systems AnalysisWork Role: Systems Security AnalystTask Description: Verify minimum security requirements are in place for all applications. (T0508)ScenarioAfter attending a conference I was made aware that our Internet Explorer and Windows servers have been left open and vulnerable. I need you to find a way to improve the security of the application through the use of Group Policy.Additional InformationMore details and objectives about this challenge will be introduced during the challenge meeting, which will start once you begin deploying the challenge.You will be able to check your progress during this challenge using the check panel within the workspace once the challenge is deployed. The checks within the check panel report on the state of some or all of the required tasks within the challenge.Once you have completed the requested tasks, you will need to document the methodology you used with as much detail and professionalism as necessary. This should be done on the documentation tab within the workspace once the challenge is deployed. Below the main documentation section be sure to include a tagged list of applications you used to complete the challenge.Your username/password to access all virtual machines and services within the workspace will be the following...Username: playeronePassword: password123The username/password used to access the Firewall's web interface within the workspace will be the following...Username: adminPassword: password123 Richard LeGrand@playerone, I just attended United States Government Configuration Baseline (USGCB) for Microsoft content seminar and found out some interesting things. I talked to some security professionals and they told me their top four Windowssecurity concerns.lone LeventisHow was that seminar boss?Richard LeGrandNot now lone l'm in the middle of something..Where was 1?Oh yea. so @playerone I was talking to some senior guys at the conference and they suggested a few things to me.First, do not send any private information to Microsoft . whatever that means stop it.Second stop cross site scripting..Uhh get that done.Richard LeGrandThere was also mention of only allowing programs with correct signatures to be downloaded via Internet Explorer.Lastly do not allow users to change any security settings within Windows Explorer. Go ahead and disable the Windows Explorer security tab altogether.Gary Thatcher@playerone, you should enforce these changes via a group policy object that spans the entire domain. Please make a new GPO called DasGroup on the Domain-Controller and set up the policies there. Group Policy Protections | Thomas BrownO 34h 06m LeftSubmit Challenge AttemptVirtual MachinesChecksStatusCheck DescriptionCheck TypeCheck StateLast ChangedO Having issues with mouse/keyboard input or connecting to VM consoles?Disable Microsoft Customer Experience Improvement [Approx. 3m Refresh]Challenge Check ?Undesireable State09:20 AM PSTMachine NameStatusActionsOpen Console ?Disable the Security Tab [Approx. 3m Refresh]Challenge Check ?Undesireable State09:20 AM PSTBackupPowered OnAction -5 HTML5VMRCDisable Cross-Site Scripting [Approx. 3m Refresh]Challenge Check ?Undesireable State09:20 AM PSTDatabasePowered OnAction5 HTML5I VMRCDisable downloads without correct signatures for files [Approx. 3m Refresh]Challenge Check 2.Undesireable State09:20 AM PSTDev-WebPowered OnAction -5 HTML5VMRCDomain-ControllerPowered OnAction -S HTML5VMRCFilesharePowered OnAction -S HTML5VMRCFirewallPowered OnAction -5 HTML5VMRCMailPowered OnAction -S HTML5VMRCProd-WebAction -5 HTML5Powered OnVMRCSecurity-DeskPowered OnAction -5 HTML5VMRCWorketation DeckDaworad A.AUTMEOVMDCDocumentationE Challenge Info- Meeting Notes* Network MapRichard LeGrand@playerone, I just attended United States Government Configuration Baseline (USGCB) for Microsoft content seminar and found out some interesting things. I talked to some security professionals and they told me their top four Windowssecurity concernsD D D D D D D D

Accepted Answer

The answer is given below:-