NETLAB+ Virtual Environment Lab
Unit 5 Lab Assignment - ELO 5.3, 6.1-6.4
Using the NETLAB+ virtual environment, complete the following Labs. It is strongly suggested that you open the Lab Instructions in one window and the virtual devices in another and arrange them side by side so you may read the instructions in one window and type the commands in the other.
Download the Lab Report Form here: Unit 5 Lab Report
This lab will introduce you to the fundamentals of cryptography and specific techniques used in order to verify integrity and provide confidentiality to electronic communications and digital systems. You will also explore the fundamentals of information assurance, computer forensics, and physical security as they pertain to information assurance.
Before you begin your lab assignment, read the following documents:Cryptographic Engine FIPS 140-2 Security Policy Guideline for Implementing Cryptography In the Federal Government Exchanging Files with PGP NIST Cloud Computing Forensic Science Challenges
You should have already read the following articles in previous assignments, but if you have not, also make sure to read:Generally Accepted Principles and Practices for Securing Information Technology Systems Guide for Conducting Risk Assessments NIST Security Compliance
Once you have completed the readings above, you may begin the lab assignments.NETLAB+ Lab 3: Cryptography in Information Assurance NETLAB+ Lab 6: Information Storage and Backup NETLAB+ Lab 8: Computer Forensics NETLAB+ Lab 9: Physical Security
Prepare your responses to the Lab Assignment Report in Microsoft Word document named Lastname_U5_Lab.doc and submit it using the upload instructions below.
Select the Add Submission button below. Click Add, located in the top left hand corner of the File Submission box. The File Picker window will appear. Click Upload a file and then select the Browse button. Navigate to your file location. Once the file is located, select it and then select the Open button, the Upload this file button, and then the Save changes button. Click Submit Assignment to complete the upload process. Select Send for marking.
Questions To Be Answered For This Lab:
Unit 5 Lab Report
Directions: In your own words, complete the items below using complete sentences. You may need to refer to the lab instructions, your experience with the lab, or an outside source to answer the questions. If you use another source, please provide the link for your source.
1. What are the differences between the MD5 and SHA1 algorithms?
2. You will notice there are multiple SHA algorithms. What is the difference between SHA versions?
1. CrypTool supports a wide variety of modern and classic symmetric key algorithms. Research the Caesar and Vigenere ciphers and briefly discuss their history.
2. What is the difference between the DES and 3DES algorithms?
1. It was stated that asymmetric key algorithms often require significantly larger keys. What are the common key sizes for RSA?
2. Investigate and describe PKI and explain why it is significant in asymmetric key cryptography.
3. Determine whether there are any known attacks on RSA and if so, briefly describe how they work.
1. What information assurance issues exist with the use of “cloud” backup technologies for home users?
2. What are the most common threats to a home user’s information assets?
3. What are the most common threats to a large corporation’s information assets?
1. Use the Internet to identify and research two data backup utilities. Compare the functions and capabilities of these to the NTBackup application used in this exercise. What advantages and disadvantages does each have compared to the others?
2. Why and when might the backup option types available be used instead of the “normal” option used in this exercise?
1. Why might an administrator need to only restore a single or small subset of files that are contained in a single backup file containing many files and folders?
2. How often should data restoration tests be conducted? Find an example of a best practice guide, company policy, or other document addressing this issue.
1. What other common file types contain metadata that could potentially be used in forensic activities? What information is available in these types?
2. What specific attributes or information in metadata could be considered personally identifiable?
1. What issues may be generated by enabling logging for all events the operating system is capable of collecting?
2. What benefits does using a centralized logging system provide?
1. What are some additional software protections or modifications commonly used to improve physical security of Linux machines?
2. What other types of devices may benefit from this type of security protection?
1. What other common tools or modifications are used to help improve security on Windows systems?
2. Is there a way this could be automated and enabled on multiple systems from a central location using Windows?