lab – Access Control

profilebukamo0
csci302.01lab4accesscontrolv1.1.pdf

UF CSCI Lab – Access Control

csci 302.01 lab 4 access control v1.1.docx page 1 of 1

Overview This lab consists of two activities. Activity 1 involves completion of Project 12-4 in the ‘Hands-On Projects’ section of Chapter 12 of the textbook (Ciampa, 2017). Activity 2 involves completion of Project 11-1 in the ‘Hands-On Projects’ section of Chapter 11 of the textbook (Ciampa, 2017). Both activities require the Microsoft Windows OS and a Microsoft Windows based web browser. A written lab report completes the assignment. Activity 1 – Project 12-4: Exploring User Account Control (UAC) – Part 1 Follow the instructions for Project 12-4 in the ‘Hands-On Project’ section of Chapter 12 of the textbook. Which access control model is Windows UAC modelled on? In your own words, explain how Windows UAC works and why UAC is an important component of Windows access control. This activity requires use of the Microsoft Windows OS and a Microsoft Windows based web browser to perform several operations. Activity 2 – Project 11-1: Using an Online Password Cracker Follow the instructions for Project 11-1 in the ‘Hands-On Project’ section of Chapter 11 of the textbook. In your own words, explain how the password cracking application works. Experiment with different strength passwords and different hashing algorithms. Which password strengths and which hashing algorithms seem to be the strongest? In your own words, explain why strong passwords are an important component of access control. This activity requires use of a Microsoft Windows based web browser to perform several operations. Lab Report Write a lab report describing your observations and experience regarding completion of this lab. Use the recently provided lab report template, located on BB, to complete your lab report. Use screen shots to record your observations and to support your findings. Upload your finished lab report to BlackBoard in the form of a Word document. Be prepared to discuss your findings in class. You are free to use internet resources (e.g. NIST, NICE, CVE, Google, Wikipedia, etc.) to support the classroom and textbook discussions on access control, and to learn more in order to support your findings. All sources referenced in your lab report must be properly cited. References Ciampa, M. (2017). Security+ Guide to Network Security Fundamentals (Sixth ed.). USA: Cengage.