User Account

All Pages

To develop and verify system administration procedures

Assignment Help Business Management
Reference no: EM13956084

Lab #3: Implementing Access Controls
Purpose: To develop and verify system administration procedures which implement access controls for a Windows 8.1 system.

Objectives
1. Develop system administration procedures to manage account policies for a Windows 8.1 system
2. Develop system administration procedures to manage local user accounts and local user groups in a Windows 8.1 system
3. Develop system administration procedures to manage a "drop-box" using discretionary access controls for resources in a Windows

8.1 system

Overview
Access controls are an important part of identity & authorization management business processes. There are three primary types of access controls which are used for desktop computing: mandatory access controls, discretionary access controls, and role-based access controls.

• Mandatory access controls are built into and managed by the operating system. The two types of Windows user accounts, administrator and standard user, are examples of mandatory access controls.
• Discretionary access controls are provided by operating system components (e.g. the file system) and can be managed by system administrators and resource owners.
• Role-based access controls can be implemented under Windows 8 using the "user group" discretionary access control. Each "role" is assigned to a specific user group (one and only one "role" per group).

For this lab, you will write and test step-by-step procedures which can be used to implement access controls using local user accounts, i.e. accounts which only exist on the local workstation or laptop. You will not create or manage domain accounts. Your step-by-step system administration procedures will be used to perform the following tasks:
• Manage local user account policies (including implementing policy-based password restrictions)
• Create and manage local user accounts (both standard user and administrators)
• Create and manage local groups (to implement role-based access controls)

• Create and manage a "drop-box" folder (using group membership and resource permissions to implement role-based access controls)

Your procedures should use the following tools:
• Group Policy Management Console (GPMC)
• PC Settings
• User Accounts (access from Control Panel)
• Windows File Explorer

Deliverables
(a) Step-by-Step Local Computer Account Policies Management System Administration Procedure
(b) Step-by-Step Local User Accounts & Groups Management System Administration Procedure

(c) Step-by-Step Drop-Box Management System Administration Procedure

Submit your deliverables in a SINGLE FILE in MS Word format (.docx or .doc file types) using the corresponding assignment folder entry (in LEO). (Use the Deliverable Template file from Course Resources > Sample Files > CSIA 310 Lab Deliverable Template.docx.) Every deliverable must use the format shown below. (Replace [Section Name] with the heading for the section, e.g. Local Computer Account Policies).

Title:

Operating Environment:

1. Hardware
2. Software
Description:

Notes, Warnings, & Restrictions:

Resources (Further Reading):
1.
2.
3.

Procedures:

[Section Name]

Brief Introduction Paragraph
1.
2.
3.

[Section Name]
Brief Introduction Paragraph
1.
2.
3.

Instructions

Part (a): Managing Local Computer Account Policies

1. Investigate the use of Group Policy Management Console (access using icon on Desktop or via Microsoft Management Console). This tool is used to manage account policies for the local workstation. The group of settings that must be managed are found under: Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\

2. Identify appropriate sources of information (e.g. Windows Help, Microsoft Technet, etc.) for instructions for setting account policies for Windows 8/8.1. Using those sources, research the procedures required to perform the following tasks:
a. Set or change Password Policy (enumerate the individual settings in your procedure, e.g. minimum password age)
b. Set or change Account Lockout Policy (enumerate the individual settings in your procedure)

3. Develop a step-by-step systems administration procedure to manage the local account policies for passwords and account lockout.

4. Test your draft procedures using the virtual machine provided in the online lab environment or using a locally installed Virtual Machine (VM) running Microsoft Windows 8.1 Professional. As you run your tests, collect screen snapshots to illustrate key steps in your procedures.

Part (b): Managing Local User Accounts and Local Groups
1. Investigate the use of the Windows 8.1 PC Settings tool (PC Settings > Accounts > Other Accounts) to create and manage local user accounts

2. Investigate the use of the Windows 8.1 User Accounts tool (Control Panel > Administrative Tools > User Accounts) to create and manage local user accounts

3. Identify appropriate sources of information about both tools (e.g. Windows Help, Microsoft Technet, etc.) with particular focus upon the steps required to create and manage local User Accounts for Windows 8/8.1.

4. Develop step-by-step procedures to create and manage local user accounts using the Accounts menu in the PC Settings tool (Access from the Windows Start Screen). Your procedures should accomplish the following:
a. Create a standard local user account (do not use Microsoft Account for sign-in)
b. Change account type (add or remove administrator access)

5. Develop step-by-step procedures which use the Control Panel User Accounts tool to perform the following tasks:
a. Create a standard account (for a local user)
b. Create an administrator account (privileged access for a local user)
c. Modify a local user account

i. Change Password
ii. Change Account Type (add or remove administrator access)
iii. Change Account Settings (disable, must-change password, etc.)
d. Delete a local user account
e. Turn On/Off "Guest" account

Later in this lab, you will need several local user test accounts. The required accounts are:
a. Instructor01
b. TA01
c. Student01
d. Student02

You may wish to use these accounts as your examples for creating and managing Local User Accounts. (Instructor01 can be your administrator account for step #5.)

6. Investigate the use of the lusrmgr.exe utility to create and manage local Groups. This tool can be accessed via Control Panel > User Accounts (switch to the Advanced tab then click on the Advanced button).

7. Identify appropriate sources of information (e.g. Windows Help, Microsoft Technet, etc.) for instructions for implementing local groups under Windows 8/8.1. Using those sources, research the procedures required to perform the following tasks:
a. Create user groups which correspond to roles within an organization (e.g. instructors, students, managers, employees)
b. Assign individual user accounts to one or more groups.

8. Develop a systems administration procedure for Group Management which can be used to perform the following tasks:
a. Create the following roles using named groups
i. Instructors
ii. Teaching Assistants (TA)
iii. CSIA310_Students
b. Assign a role to one or more users
i. Assign users to a group during group creation
ii. Assign a user to an existing group
c. Remove a role from a user (delete user account from group)
d. Use the following usernames and groups for your examples. (Create the users if you have not done so previously.)
Username Assigned to Group
Instructor01 Instructors
TA01 Teaching Assistants(TA)
Student01 CSIA310_Students
Student02 CSIA310_Students

9. Test your draft procedures using the virtual machine provided in the online lab environment or using a locally installed Virtual Machine (VM) running Microsoft Windows 8.1 Professional. As you run your tests, collect screen snapshots to illustrate key steps in your procedures.

10. Incorporate your screen snapshots for key steps into the draft procedures. Each snapshot should be placed UNDER (after) the step to which it applies. Captions are not required.

11. Make any additional changes required to address issues found during testing of the step-by-step procedures.
Part (c): Creating & Managing a Drop-Box - An Example of Discretionary Access Controls

1. A drop-box is a folder which is write-only for some users (e.g. students) and read-only for other users (e.g. graders). Under Windows 8/8.1, one method for accomplishing this goal is to define user groups corresponding to roles and then assigning / restricting access to resources for specific groups. The figure below shows an example of permission settings for a drop-box that has three assigned roles: instructors, teaching assistants (TA), and students (CSIA310_Students). The instructor role is granted full access. This means that the instructor can grant access, remove access, take ownership, etc. The TA role has limited permissions which only permit the user to read files submitted to the drop-box. The permissions granted to the CSIA310_Students role are even more limited - creating and writing files.

2. Now that you have an idea of what a drop-box is and how it works, investigate the use of Windows Explorer to implement a drop-box. Begin by researching how to set advanced "sharing" and/or "access" permissions (discretionary access controls) under Windows 8/8.1. For this lab, you should focus on the capabilities provided via the right-click menu (for a folder):
a. Right click on folder > Properties > Security tab > Edit
b. Right click on folder > Properties > Security tab > Advanced Settings

3. Investigate the view function for permissions. From the "Advanced Security Settings" pop-up, click on one of the "principals" and then click View. Switch between the "basic permissions" and "advanced permissions" views.

4. Next, you should explore how to view (list) effective access for specific local user account. This will be needed to verify that you have permissions set appropriately and that permissions granted to other groups do not interfere with permissions you wish to set for your "role" groups.

5. Identify appropriate additional sources of information (e.g. Windows Help, Microsoft Technet, etc.) for instructions for configuring resource permissions under Windows 8/8.1.

6. Develop a systems administration procedure for Windows Update to accomplish the following:
a. Create a folder named Assignments
b. Change the owner of Assignments (use "Instructor01" as your example)
c. Remove access for all groups except Administrators and Owners (use check effective access to verify).
d. Give a named group "Full Control" (use the "Instructors" group as your example)
e. Give a named group "Read&Execute" access (use the "TA" group as your example)
f. Give a named group "Write" access ( use the "CSIA310_Students" group)
g. Verify effective access for each of the named groups

7. Test your draft procedures using the virtual machine provided in the online lab environment or using a locally installed Virtual Machine (VM) running Microsoft Windows 8.1 Professional. As you run your tests, collect screen snapshots to illustrate key steps in your procedures.

8. Incorporate your screen snapshots for key steps into the draft procedures. Each snapshot should be placed UNDER (after) the step to which it applies. Captions are not required.

9. Make any additional changes required to address issues found during testing of the step-by-step procedures.
Finalize Your Procedures

1. Using the grading rubric as a guide, refine your step-by-step procedures. Your final products should be suitable for inclusion in an organization's Systems Administrator's Handbook. Remember that you are preparing multiple separate procedures.

2. As appropriate, cite your sources using footnotes or another appropriate citation style.

3. Use the resources section to provide information about recommended readings and any sources that you cite. Use a standard bibliographic format (you may wish to use APA since this is required in other CSIA courses). Information about sources and recommended readings, including in-text citations, should be formatted consistently and professionally.

4. At a minimum, each systems administration or system management procedure document must include the following sections:
a. Title
b. Operating Environment
c. Description
d. Notes, Warnings, & Restrictions
e. Resources (format as Bibliography or Reference list)
f. Procedures

Additional Requirements for this Lab

1. Your step-by-step procedures should tell the reader where to find and how to launch the systems administration tools or applications used to change security configuration settings.

2. You must address each required configuration change separately and include enough detail that your reader will understand how to perform the required steps to implement each change.

3. Use screen snapshots to cue the reader to important steps or provide information required to complete check points for proper completion of a step or set of steps (e.g. including a snapshot which shows the "after" state for a group of security settings).

4. Make sure that your snapshots will enhance the reader's understanding of the procedure and required configuration changes. Too many snapshots or illustrations can make a procedure difficult to use.

5. All snapshots must be created by you for this lab using screen captures showing how you personally performed (tested) the systems administration procedure as written by you. You may not copy and paste images from help pages, manuals, or the Internet.

6. Images (screen snapshots) should be cropped and sized appropriately.

7. A screen snapshot belonging to a specific procedure step does not require a caption.

8. Your procedures must be submitted to Turn It In for originality checking. You are encouraged to consult existing configuration instructions, guidance, and procedures for both content and format. Your work must be substantially your own, however, which means you should paraphrase whenever possible. Credit the sources of information used via footnotes and in your "Resources" section.

9. Make sure that the sources you cite or recommend (additional reading) are authoritative and are the best ones available.

10. Your Operating Environment section should identify the hardware, operating system, and/or software applications to which the procedure applies. For this lab, your procedures will apply to:
a. Hardware: Laptop or Desktop Computers
b. Operating System: Windows 8.1 Professional

11. The Notes, Warnings, & Restrictions section should include important information that is not found elsewhere in the procedures document. For example, this section could include information about alternatives to the selected security configuration settings. Or, this section could include information about related security procedures or policies. This section should also include important information about harm or risk that could occur if the procedure is not correctly followed or implemented. If there are no such warnings then this section should so state.

Reference no: EM13956084

Questions Cloud

What velocity did the bullet exit the barrel : A gun fires a bullet of mass 22 grams out of a barrel 36 cm long. The gun is attached to a spring. From the recoil of the spring and the masses of the gun and the spring we determine that the gun recoiled with a total momentum of 4.7 kg m/s. With ..
What was its change in kinetic energy : An applied force of 6 Newtons acts in the direction of motion of a block of mass 9 Kg, with the mass being pulled across the floor against a frictional force of .6 Newtons. Assume that the block moved the distance 'y' in this process. What is the ..
Modify your handling of the quantity of items : Only values in the range 1-99 are accepted. Illegal or out-of-range values cause a reprompt for a valid input. Up to 3 such requests for valid input are made, and the program terminates if a valid numeric in-range quantity is not entered by the cu..
How long it takes to drive to work each day. : You draw 13 cards and not one of them is Saddam Hussein [note: this is a tough one, remember to show your work so you can get partial credit. Grading will be lenient on this one].
To develop and verify system administration procedures : Access controls are an important part of identity & authorization management business processes. There are three primary types of access controls which are used for desktop computing: mandatory access controls, discretionary access controls, and r..
What is the sum of these probabilities and why is the number : What is the sum of these probabilities and why is the number less than 1?
What is the incremental profit over the profit earned : At the price calculated in part a, what is the incremental profit over the profit earned before the introduction of the Jacques EllesCD?
Varying predetermined overhead rates : Jacarda Company makes a composting bin that is subject to wide seasonal variations in demand. Unit product costs are computed on a quarterly basis by dividing each quarter's manufacturing costs (materials, labour, and overhead) by the quarter's pr..
What is the expected profit : What is the probability that one of the respondents, selected at random, accepted the offer?

Reviews

Write a Review

Business Management Questions & Answers

  Difference between product and process layout

What is the difference between product layout and process layout and how would product layout and process layout apply to a cookie company

  Key considerations in a risk management plan

A plan must be developed from theory to practice. Assume you are starting a business. Describe the product or service provided, and the key considerations in a risk management plan for this business.

  Theory of interest and decision-making concept

Explain the theory of interest and discuss the decision-making concept it applies to in analyzing cost and return on long-term investment.

  Create a representation of actual sections

Global Employee handbook - Create a representation of actual sections of an employee handbook

  Describe ways in which globalization has changed business

Globalization has significantly changed social life in cities, disassociating it from territoriality. This has had enormous consequences for political, economic, and cultural institutions. To prepare for this Discussion, read the website, Information..

  Distributions are distributed as normal random variables

Presume that these distributions are distributed as normal random variables with the means as well as standard deviations given previously.

  Choice of product and the market structure

Choice of product and the market structure - Elasticity of demand and how pricing is related to elasticity of demand

  Explain if crosby and dash are in disagreement

Explain if crosby and dash are in disagreement as to the exact amount of money that crosby owes dash, then they may choose to form a new agreement at a set amount.

  Experience of the individuals leading the group

What are the leadership skills and experience of the individuals leading the group and Each member is to describe skills/traits and why they have been chosen to address this issue.

  Describe how damages will be calculated

Felix is a school bus driver. He is driving children home from school one day when he is distracted by a fight in the back of the bus. He turns to see what is happening behind him as well as accidentally strikes as well as kills two twins riding b..

  Self-assessment and improvement of presentation skills

How much of an improvement do you think you have made since you first began your program course work?

  Project scope is demanding to manage

Project scope is demanding to manage. Investigation two businesses that have applied an ERP system that have used change control

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd