Referencepraxx

Please provide screen shots

A) On your oracle VMware,

1) Install windows Server 2019

2) Install and Configure Active Directory

3) On command line 10 accounts for

4) Using PowerShell create the following groups

5) Design and implement password policies in Active Directory for the five groups.

B) On your Oracle VMware

1) Install windows server 10

2) Add a Windows 10 VM to the network and a joint to the domain.

3) Create 3 security policies/ Create 3 logon Policies

4) Configure VPN access

5) Ping windows 2019 from windows 10

C) a)

=Add a Linux OS VM (Ubuntu, Kali, Parrot, or SecurityOnion).

=On the Linux VM, open a terminal and run apt-get install lynis

=To run Lynis, navigate to the correct directory and add './' in from of the command.

./lynis

=Run a basic scan. This may take several minutes.

=$ lynis audit system

b) Access the Windows Server VM and perform the following hardening steps:

=Disable automatic administrative logon to the recovery console.

=Set a BIOS/firmware password to prevent unauthorized changes to the server startup settings.

=Configure the device boot order to prevent unauthorized booting from alternate media.

=Enable the Windows firewall in all profiles (domain, private, public) and configure it to block inbound traffic by default.

=Perform port blocking at the network setting level. Perform an analysis to determine which ports need to be open and restrict access to all other ports.

=Disable NetBIOS over TCP/IP and remove ncacn_ip_tcp.

=Check the Windows Defender settings.

=Configure allowable encryption types for Kerberos.

=Do not store LAN Manager hash values.

=Set the LAN Manager authentication level to allow only NTLMv2 and refuse LM and NTLM.

=Remove file and print sharing from network settings. File and print sharing could allow anyone to connect to a server and access critical data without requiring a user ID or password.

=Disable unneeded services. Most servers have the default install of the operating system, which often contains extraneous services that are not needed for the system to function and that represent a security vulnerability. Therefore, it is critical to remove all unnecessary services from the system.

=Remove unneeded Windows components. Any unnecessary Windows components should be removed from critical systems to keep the servers in a secure state.

=Enable the built-in Encrypting File System (EFS) with NTFS or BitLocker on Windows Server.

=Install an open-source antivirus program of your choice

=Run your antivirus program against your machine

c) for the antivirus you just installed,

=discuss its faults and weakness including the fact that its an open source program

=Discuss its advantages