Running head: TECHNICAL PAPER PROJECT

Technical Paper Project: Disseminating Organizational IT Security and Troubleshooting Best Practices Bradley Wallace CIS 329 Professor Russell Wilson September 8, 2013

TECHNICAL PAPER

1. User Account Authorization Policies. There have been unauthorized users on our systems, and we need to tighten up the security policies to stop it. Two user account authorization policies that will be implemented to prevent further breaches of our network are as follows: a) Password must meet complexity requirements feature will be enabled. b) Account Lockout Policies feature will be enabled. 2. All Employee Communication Memorandum Security Department Memorandum 09012013a. From: Senior Systems Administrator To: Employees of Conseco Systems Corporation Due to the recent unauthorized network activity at our company, we are going to implement several procedures to strengthen our ability to prevent persons from accessing our information. Below are some security best practices that we will educate you on and ensure compliance of. We will all do our part to continue to make our company a success. a) We will evaluate our network and assets to determine if we are vulnerable, and what we can do to reduce these vulnerabilities. All unauthorized software and computers will not be allowed, and re moved. b) Our network will be tested to evaluate if there is a hole in our firewall and any ports are open, and they will be patched. Microsoft Outlook will be used for local and remote email users. c) To ensure that our servers and workstations are protected, we shall begin implementation of Windows Security Update Services (WSUS). This will automatically take care of Windows Updates and will be implemented by the IT department next week. Additionally we will install AVG anti-virus full versions on all assets to protect then, as well as the full version of MalareBytes to actively protect these same assets from malicious codes.

TECHNICAL PAPER

d) Our company is going to set up a new security team to monitor our network and ensure compliance of these practices. If you detect questionable activity on our network, your machines, or become infected by a virus or malware, this team will be notified and tasked with removal of the offending software and a re-evaluation of our procedures to prevent further nefarious activities. (Microsoft, 2012) Your active participation in our security revitalization program will ensure that we will make it more difficult for intruders to penetrate our defenses in the future.

3. IT Department Communication Memorandum Security Department Memorandum 9012013b. From: Senior Systems Administrator To: IT Department Conseco Systems Corporation

TECHNICAL PAPER

Due to the recent unauthorized network activity at our company, we are going to implement several procedures to strengthen our ability to prevent persons from accessing our information. Below are some security enhancements that are to be incorporated immediately. a) All passwords will have the complexity requirements enabled to ensure that it is more difficult for our passwords to be stolen. The group policy will be used to enact the change. b) Account Lockout Policy will be enabled, with an incorrect count of three (3), and 30 minute timers to be set for duration and reset. The group policy will be used to enact the change. c) You will need to ensure all client PCs have at the minimum Windows Explorer 8 to take advantage of the security features that are inherent in the platform. d) In Private Browsing will be also be disabled using the group policy editor. e) WSUS will be installed and operational for Monday morning. You will start the process this weekend starting Friday after COB. This guide will provide detailed steps to ensure everything goes smoothly (Miccrosoft, 2012). Our SOP on new procedures including system backup and problem alerting will be in effect. f) BitLocker technology will be applied to our Tier 1 Core employees. This will ensure that our new technologies are not available if we are compromised. g) All Tier 1 and Tier 2 core employees will need to use Smart Cards to log on to their machines and the network, further enforcing our toughened up security. Third Party software is not longer needed to perform this. h) AppLocker will be implemented next month once we produce a list of authorized programs. i) Remote administration on the servers will be disabled to prevent compromise. j) Our company is going to set up a new security team to monitor our network and ensure compliance of these practices.

TECHNICAL PAPER

Your continued diligence in our security revitalization program will ensure that we will make it more difficult for intruders to penetrate our defenses in the future. 4. Troubleshooting Problems a) Samantha Stevens calls to report that she cannot access a website that she used to visit several months ago. b) Gladys Kravits has a Windows Update that did not install successfully. c) Larry Tate has not been able to use his desktop printer. d) Dr. Bombay cannot install a program he says he must have to perform his job. 5. Troubleshooting Steps

TECHNICAL PAPER

Our IT department is using the latest work order software and the following tasks have been automatically created and sent to the inbox at the IT helpdesk supervisors office to be meted out to the workers. a) This problem is routed to Ron. He has seen this problem before. The cache has saved a copy of the last page that was at that URL and needs to be cleared. They call Mrs. Stevens and have her perform the following steps. 1) On the Tools menu in Internet Explorer, click Internet Options, and then click the General tab. 2) Click Delete Cookies, and then click OK. 3) Click Delete Files, and then click OK. 4) Click Clear History, and then click Yes. 5) Click OK. After ensuring that Mrs. Stevens can now access the website, you close the ticket and take a smoke break and get some coffee. b) Johnny is checking his Torrents download when his screen alerts him to an incoming task, his first for the day. Poor Mrs. Kravits is not very computer savvy. She has called numerous times for simple problems, so out of frustration you pass this work order to a junior help desk member and ask them to walk her through it. Thankfully the new WSUS implementation will prevent these problems in the future. Your assistant visits Mrs. Kravits and watches her as she attempts to install updates. He immediately narrows in on the problem and has her perform the following steps after noticing that she is not noticing that she needs to accept the license terms to proceed with installation:

TECHNICAL PAPER

1) Open Windows Update by clicking the Start button . In the search box, type Update, and then, in the list of results, click Windows Update. 2) Review any error messages. 3) If an error message about license terms or cancelled updates is displayed, click Try again, and wait until you are prompted to review the license terms. 4) Accept the license terms, and wait to see if the update is installed successfully. After verifying that the update happened as expected, you go ahead and have Gladys run a custom update, install some drivers and Outlook updates, restart her computer, and log back in. Returning to the cubicle, the trouble can now be closed. Unfortunately there are four more troubles in your queue. c) Jennifer is at the break room describing the totally awesome night she at Rosas party Saturday. She hasnt logged into her computer yet, and it is already 30 minutes into her work day. After hunting your tardy employee down you have a little discussion with her in your office and inform the young lady that she is going to help Larry an older gentleman that hates computers and is often times seen banging keyboards in frustration. As he is the Uncle of a senior staff member he is treated with kid gloves and provided the utmost courtesies. Jennifer gives you her stink eye and you smile as you show her out of your office. To solve this problem she walks over to Mr. Tates desk and the following actions are taken: 1) Ensure that the printer is powered up. 2) Disconnect the USB cable and reconnect it, listening and looking for the windows notifications that a device was plugged in. So far so good.

TECHNICAL PAPER

3) Click the Start button, then devices and printers. Larrys Dell 968 is there, but it has an exclamation mark on it. When Jenny clicks on it, a notification comes up that the device is not working and the drivers may not have loaded properly. 4) As this is not a company asset and Mr. Tate brought it in from home, the drivers are not resident on the network, and Jenny doesnt have a driver disk. 5) She Logs on as the Administrator and navigates to the Dell website and locates the drivers on the support site. After downloading them she stores them in a temporary folder. 6) She disconnects the printer from the PC, installs the drivers, reconnects the USB when prompted, and ensures that there are no errors. 7) Checking the devices and printers page again, she sees that the error is no longer resident on the machine. 8) Double clicking on the printer she pulls up the properties and prints a test page. 9) Mr. Tate is ecstatic and tells Jenny he is going to ensure she gets a raise. 10) Jenny giggles and acts coy, then logs out of his computer and asks Larry (her buddy now) to log in and print his file. 11) He is successful, and she thanks him for helping her fix the computer. 12) Smiling, Jenny walks back to her cubicle, logs into her machine and closes the work order. She ignores her next assignment and signs into face book to ensure she tells all her friends how much she hates her boss and she is getting a raise. d) A work order comes in from Dr. Bombay, one of the older system users. He states that his Windows XP program wont install on his Windows 7 machine. Checking the database you verify that he is running an Enterprise version of Windows 7 that will support XP Mode.

TECHNICAL PAPER

Knowing that this is a difficult problem, you ask him to bring his PC into the work area to teach the other IT techs how to run XP programs in a virtual environment. 1) After the PC is brought in, Dr. Bombay expresses in interest in observing so he can learn how to run programs himself later at home. 2) The first thing is to check to see if the PC is capable of performing the virtual task. You go to the Windows XP Mode and Windows Virtual PC support website and download the Hardware-Assisted Virtualization Detection Tool. This utility can check whether your computer will work with Windows XP Mode. 3) After verifying that the CPU is capable of running that mode, you restart the computer and press F2 to go to the bios and enable the feature. 4) After restart, you download and install windows XP Mode with Service Pack 3. 5) You then download and install Windows Virtual PC. 6) Next you will have to run Windows Update, install any updates, and then restart the machine. 7) Then you must click the Start button , click All Programs, click Windows Virtual PC, and then click Windows XP Mode. 8) If you accept the license terms, click I accept the license terms, and then click Next. 9) On the Installation folder and credentials page, accept the default location where Windows XP Mode files will be stored, or choose a new location. 10) Type a password, type it again to confirm it, and then click Next. 11) On the Help protect your computer page, decide whether you want to help protect your computer by turning on automatic updates,and then click Next. 12) Click Start Setup. 13) After setup is complete, Windows XP Mode opens in a separate window.

TECHNICAL PAPER

10

14) In Windows 7, click the Start button , click All Programs, click Windows Virtual PC, and then click Windows XP Mode. 15) In Windows XP Mode, insert the program's installation disc into your computer's CD/DVD drive; or browse to the program's installation file, open the file, and follow the instructions to install the program. 16) Click the Close button at the top of the Windows XP Mode window. 17) In Windows 7, click the Start button, click Windows Virtual PC, click Windows XP Mode Applications, and then click the program you want to open. (Microsoft, 2012) 18) Finally you are finished, and the good Dr. is happy. He has several older programs he is working with to update files and now he can do it. 19) You close the work order, and everyone breaks for lunch at Hooters.

TECHNICAL PAPER

11

Reference Microsoft (2012). Install the WSUS Server. Retrieved from Microsoft tech net: http://technet.microsoft.com/en-us/library/cc708515(v=ws.10).aspx Microsoft (2012). Enterprise Security Best Practices . Retrieved from Microsoft tech net: http://technet.microsoft.com/en-us/library/dd277328.aspx Microsoft (2012). Install and use Windows XP Mode in Windows 7. Retrieved from windows: http://windows.microsoft.com/en-US/windows7/install-and-use-windows-xp-mode-inwindows-7