documentation on active directory recommendations scenario for application security 1

Project Part 1: Active Directory Recommendations Scenario Assume you are an entry-level security administrator working for Always Fresh. You have been asked to evaluate the option of adding Active Directory to the company’s network. Tasks Create a summary report to management that answers the following questions to satisfy the key points of interest regarding the addition of Active Directory to the network:

1. System administrators currently create users on each computer where users need access. In Active Directory, where will system administrators create users?

2. How will the procedures for making changes to the user accounts, such as password changes, be different in Active Directory?

3. What action should administrators take for the existing workgroup user accounts after converting to Active Directory?

4. How will the administrators resolve differences between user accounts defined on different computers? In other words, if user accounts have different settings on different computers, how will Active Directory address that issue? (Hint: Consider security identifiers [SIDs].)

Required Resources

▪ Internet access

▪ Course textbook Submission Requirements ▪ Format: Microsoft Word (or compatible)

▪ Font: Arial, size 12, double-space ▪ APA Citation Style

▪ Length: 2 to 4 pages Self-Assessment Checklist

▪ I addressed all questions required for the summary report.

▪ I created a well-developed and formatted report with proper grammar, spelling, and punctuation.

▪ I followed the submission guidelines.

Lab Assessment: please answer the following questions

1. Relate how Windows Server 2012 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data.

2. Is it a good practice to include the account or user name in the password? Why or why not?

3. To enhance the strength of user passwords, what are some of the best practices to implement for user password definitions to maximize confidentiality?

4. Can a user who is defined in Active Directory access a shared drive on a computer if the server with the shared drive is not part of the domain?

5. When granting access to network systems for guests (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend implementing to maximize CIA of production systems and data?

6. In the Access Controls Criteria table, what sharing changes were made to the MGRfiles folder on the TargetWindows01 server?

7. In the Access Controls Criteria table, what sharing changes were made on the TargetWindows01 server to allow ShopFloor users to read/write files in the C:LabDocumentsSFfiles folder? 8

. In the Access Controls Criteria table, what sharing changes were made on the TargetWindows01 server to allow HumanResources users to access files in the C:LabDocumentsHRfiles folder?

9. Explain how CIA can be achieved down to the folder and data file access level for departments and users using Active Directory and Windows Server 2012 R2 access control configurations. Configuring unique access controls for different user types is an example of which kind of access controls?