Auditing the Workstation Domain for Compliance

profileDodi185

1.What are some risks, threats, and vulnerabilities commonly found in the Workstation Domain that

must be mitigated through a layered security strategy? 

2.

File-sharing utilities and client-to-client communication applications can provide the capability to

share files with other users (for instance, peer-to-peer networking or sharing). What risks and/or

vulnerabilities are introduced with these applications?

3.

Explain how confidentiality can be achieved in the Workstation Domain with security controls

and security countermeasures.

4Explain how data integrity can be achieved in the Workstation Domain with security controls and

security countermeasures.

5.

Explain how availability can be achieved in the Workstation Domain with security controls and

security countermeasures.

6.

Although users of desktop applications might not create mission-critical data, all of their data

represents a resource that, if lost, can result in a permanent loss of information or productivity.

Explain what countermeasures and best practices should be implemented to avoid this potential

disaster.

7.

What is the purpose of the Microsoft® Windows Security Configuration and Analysis snap-in?

Explain.

8.

How would you go about updating the Windows Security Options File? Explain how this option

can help mitigate risk in the Workstation Domain.

9.

What does the Microsoft® Windows executable GPResult.exe do and what general information

does it provide? Explain how this application helps mitigate the risks, threats, and vulnerabilities

commonly found in the Workstation Domain.

10.

What is the risk involved in caching logon credentials on a Microsoft® Windows system?

11.

What is the current URL for the location of the DISA Military STIGs on Microsoft® Windows 7

operating systems?

12.

Within the Windows 7 Security Technical Implementation Guide (STIG), what are the three

Vulnerability Severity Code Definitions defined?

13.

DumpSec is a tool used by system administrators performing information assurance on a

Microsoft® Windows 7 workstation. What is the purpose of this tool?

14.

From the Windows 7 Security Technical Implementation Guide (STIG), where can Windows 7

File & Registry Settings be reviewed and audited on a Windows 7 workstation?

15.

As per DoD and information assurance procedures, who must be notified if any exceptions to

DoD STIGs standards for workstation configurations are to be implemented?

    • 6 days ago
    • 6