Unit 8

Rae2021

IT484Unit8AssignmentStarterFilefromSeminarMay142020.docx

Home >Information Systems homework help >Unit 8

Running head: UNIT 8 ASSIGNMENT 1

UNIT 8 ASSIGNMENT 6

Unit 8 Assignment

Your Name

Purdue University Global

IT484 Cybersecurity Policies

Associate Professor David Lecomte

May 14, 2020

Table of Contents

Abstract 3

Replace these words with your first heading 4

Replace these words with your second heading 5

Replace these words with your next heading 6

Replace these words with your next heading 7

Replace these words with your next heading 8

References 9

NOTE: Overwrite this page or delete this page entirely. I’ll give 1 point to your grade if you need it if you attempt this page. Abstract

The abstract is written in block format, meaning that the start of the paragraph is not indented. It begins on the next line following the Abstract heading and should be short--100-200 words. The Abstract heading should NOT be in bold. All numbers in an abstract should be typed as digits and not as words unless they are at the beginning of a sentence. The abstract is a one-paragraph summary of the most important elements of the paper. An abstract summarizes what you set out to do in a project together with a summary of your findings.

NOTE: Overwrite this page or delete this entirely. I’ll give 1 point to your grade if you need it , if you attempt this page.

Part 1: Using the Internet and/or the Library

Research and explain your answer to the following: Evaluate how to implement a secure wireless network using Active Directory and RADIUS server.

Replace these words 400-600 of your own and then remove the italics and change the color to black. SOME THOUGHTS: Use WPA2 [appropriate? Discuss] with AES. WP2 Personal or WPA2 Enterprise … describe advantages and disadvantages of these protocols. WPA2 is able to authenticate to RADIUS server [explain] … CHAP is part RADIUS. Describe how Active Directory operates by providing access control. Can use a combination of certificate authentication and active directory credentials to authenticate with RADIUS

Explain how to do this and provide it in a step-by-step implementation guide using screenshots and explanations.

Replace these words 400-600 of your own and then remove the italics and change the color to black. SOME THOUGHTS: Provide two screen shots that indicate any of the steps that you might go through to implement a secure wireless network.

Step 1: Install Active Directory … Configure it.

Step 2: Allocate privileges to users through some kind of policy.

Step 3: Devise a remote login policy. User/group membership, group policy / OU location

Step 4: Test your configuration.

OTHER THOUGHTS: You can use Active Directory Group Policy to push Wireless profiles w/ certificates to domain-joined mobile Windows devices. KB arcticles are generally based on a wireless product i.e. Cisco Meraki, Netgear

Part 2: Research and Explain the Following

1) Explain step-by-step how a hacker would crack passwords starting with extracting the hash file in a non-Active Directory and an Active Directory client.

Replace these words 200-300 of your own and then remove the italics and change the color to black. SOME THOUGHTS: Explain what a has file is. In Active Directory it is stored in c:Windows\NTDS.dlt and at C:\Windows|Sytems32\config\STYSTEM. To extract the files you need a tool … example us the utility ndsutil. [ https://ss64.com/nt/ntdsutil.html or https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc753343(v%3Dws.11)] Once you have the files you can run them through a program like “John the Ripper” “ncrack” “rainbox cracker”. The hard part is to get hashes.

OTHER THOUGHTS: Would they use a keystroke logging application …. windows/system32/... If they are extracting would it be a man in the middle attack … /etc/shadow … unless they are configured to login via ldap authentication … Active Directory is unique, Linux doesn't natively use domains to the extent of Windows devices. LDAP would be the closest Linux comes

2) Write a remote access cybersecurity policy for remote users.

Replace these words 200-300 of your own and then remove the italics and change the color to black. SOME THOUGHTS: E.g. A policy for all employees who want to connect to the internal corporate network remotely. Ensure that only authorized personnel of the company are able to connect remotely. Specific VPN software … no other connection is allowed.

OTHER THOUGHTS: VPN with SmartCard for auth, and Group Policy enforcing standards applied to the computer … only approved devices can be connected … only approved devices can be connected … to verify your anti-virus policies and is updated

References

Lodha, I., Kolur, L., Hari, K. S., & Prasad, H. (2019). Secure Wireless Internet of Things Communication using Virtual Private Networks.

Murphy, B. (2015). SSCP (ISC)2 Systems security certified practitioner official study guide, (1st, Ed.). [VitalSource Bookshelf Online]. Retrieved from https://purdueuniversityglobal. vitalsource.com/#/books/9781119059684/cfi/0!/4/2@100:0.00

Pauli, J. J. (2013). The Basics of Web Hacking : Tools and Techniques to Attack the Web. Syngress.

Thompson, D. (n.d.). (2020). Implementing a Secure Wireless Network for a Windows Environment. SANS Institute. Retrieved from https://www.sans.org/reading-room/whitepapers/wireless/implementing-secure-wireless-network-windows-environment-1619

Sak, B., & Ram, J. R. (2016). Mastering Kali Linux Wireless Pentesting. Packt Publishing.

SANS Institute. (2014). Remote Access Policy. Retrieved from https://www.sans.org/security-resources/policies/network-security/pdf/remote-access-policy

Arias, N. (2019, April 12). How to Crack an Active Directory Password in 5 Minutes or Less. Retrieved March 3, 2020, from https://www.semperis.com/blog/easy-hacking-active-directory-password/

Miller, L. C., & Gregory, P. H. (2016). CISSP for dummies. (4th, Ed.). [VitalSource Bookshelf Online]. Retrieved from https://kaplan.vitalsource.com/#/books/9781119210252/

Ranbe, R. (2017, November 21). How to Use RADIUS for WLAN Authentication. Retrieved March 3, 2020, from https://smallbusiness.chron.com/use-radius-wlan-authentication-59871.html

SANS Org. (2014). Remote Access Policy. Consensus Policy Resource Community, 1–3. Retrieved from https://www.sans.org/security-resources/policies/network-security/pdf/remote-access-policy

Active Directory Authentication. (2007). Oracle. Retrieved March 3, 2020, from https://docs.oracle.com/cd/E19728-01/820-2550/activedir_auth.html

Bhargava, R. (2016, Feb. 11). Active Directory WiFi Authentication and RADIUS Support. Jump Cloud. https://jumpcloud.com/blog/active-directory-wifi-radius/

Boller, M. (2017, Aug. 21). Cracking Active Directory Passwords or “How to Cook AD Crack.” SANS Institute. https://pen-testing.sans.org/resources/papers/gpen/cracking-active-directory-passwords-how-cook-ad-crack-139215

Chandel, R. (2017, Oct. 15). 4 Ways to Capture NTLM Hashes in Network [blog]. Hacking Articles. https://www.hackingarticles.in/4-ways-capture-ntlm-hashes-network/

Network Radius. (n.d.). How A Radius Server Works. https://networkradius.com/how-a-radius-server-works/

Microsoft. (2018, Aug. 30). Step 4. Install and configure the Network Policy Server (NPS). https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/vpn-deploy-nps

Microsoft. (2019, Nov. 16). Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS. https://support.microsoft.com/en-us/help/814394/certificate-requirements-when-you-use-eap-tls-or-peap-with-eap-tls

Podāns, V. (2018, April 8). Certificate Autoenrollment in Windows Server 2016 (part 1). Sysadmins LV. https://www.sysadmins.lv/blog-en/certificate-autoenrollment-in-windows-server-2016-part-1.aspx

Ranbe, R. (n.d.). How to Use RADIUS for WLAN Authentication. Chron. https://smallbusiness.chron.com/use-radius-wlan-authentication-59871.html

Rouse, M. (2018, June). Active Directory. Tech Traget. https://searchwindowsserver.techtarget.com/definition/Active-Directory

TechTerms. (2017, July 13). Active Directory. https://techterms.com/definition/active_directory

Arias, N. (2017). How to Crack an Active Directory Password in 5 Minutes or Less. Retrieved from: https://www.semperis.com/blog/easy-hacking-active-directory-password/

Cisco. (2018). Retrieved from: https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_with_WPA2-Enterprise

Geier, E. (2010). Moving to WPA/WPA2-Enterprise Wi-Fi Encryption. Retrieved from: https://www.ciscopress.com/articles/article.asp?p=1576225

Microsoft. (2019). Retrieved from: https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/wireless/e-wireless-access-deployment

Radius Chart.jpg. (2018). Retrieved from: https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_with_WPA2-Enterprise

Wireless-gp.jpg. (2019). Retrieved from: https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/wireless/e-wireless-access-deployment

Wireless-policy-properties. (2019). Retrieved from: https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/wireless/e-wireless-access-deployment

Arias, N. (2019, April 12). How to Crack an Active Directory Password in 5 Minutes or Less. Semperis. Retrieved March 6, 2020, from https://www.semperis.com/blog/easy-hacking-active-directory-password/

How to Configure Radius Server on Windows Server 2016? – TheITBros. (2019, November 25). TheITBros. Retrieved March 6, 2020, from https://theitbros.com/radius-server-configuration-on-windows/

Bartlett, M. (2018, December 15). Windows 10 & 8: Install Active Directory Users and Computers. Retrieved from TechniPages: https://www.technipages.com/windows-install-active-directory-users-and-computers

Get-FileHash. (2020). Retrieved from ss64: https://ss64.com/ps/get-filehash.html

Jarko, C. (2015, April). Remote Access Policy. Retrieved from SANS: https://www.sans.org/security-resources/policies/network-security/pdf/remote-access-policy

John the Ripper password cracker. (ND). Retrieved from Openwall: https://www.openwall.com/john/

Miller, L. C. (N.D.). Wireless Security Protocols: WEP, WPA, and WPA2. Retrieved from dummies: https://www.dummies.com/computers/computer-networking/wireless/wireless-security-protocols-wep-wpa-and-wpa2/

Rouse, M. (2005, June). CHAP (Challenge-Handshake Authentication Protocol) . Retrieved from Tech Target Search Security: https://searchsecurity.techtarget.com/definition/CHAP-Challenge-Handshake-Authentication-Protocol

Rouse, M. (2007, June). RADIUS (Remote Authentication Dial-In User Service) . Retrieved from Tech Target Search Security: https://searchsecurity.techtarget.com/definition/RADIUS

SentinelOne. (2019, May 22). What is a Hash? (And How Does It Work?). Retrieved from SentinelOne : https://www.sentinelone.com/blog/what-is-hash-how-does-it-work/

NOTE: DELETE this line and ALL blue text before submitting your Assignment.

Assignment 8 Grading Rubric = 45 points

Assignment Requirements	Points Possible	Points Earned
Part 1
Evaluate how to implement a secure wireless network using Active Directory and RADIUS server. Explain how to do this and provide it in a step-by step-implementation guide using screenshots and explanations. (400- 600 words)	0–30
Part 2
Explain step-by-step how a hacker would crack passwords starting with extracting the hash file in a non-Active Directory and an Active Directory client. (200-300 words)	0–5
Write a remote access cybersecurity policy for remote users. (200-300 words)	0–5
Column Total	0–45
Less deduction taken for spelling, grammar, and APA errors. Plagiarism is totally unacceptable.
New total after deductions