Lab Activity Chapter 8 & 9

Lab activity 8.4.2

Step 2: Log in to the user interface
c. The multi-function device should be configured to obtain an IP address from the external DHCP server.The default screen after logging in to the multi-function device is Setup > Basic Setup. What is the Internet connection type?….. (LAN)
d. What is the default router (internal) IP address and subnet mask for the multi-function device?….. (
f. What is the external IP address and subnet mask assigned to the multi-function device?

Step 3: View multi-function device firewall settings
b. From the main screen, click the Security tab to view the Firewall and Internet Filter status. What is the status of SPI Firewall protection?….. (enabled)
c. Which Internet Filter checkboxes are selected?….. (filter anonymous internet requests, filter IDENT)
d. Click Help to learn more about these settings. What benefits does filtering IDENT provide?….. (

Step 4: Set up Internet access restrictions based on IP address
d. Test the policy by attempting to access the external web server from Host-B. Open a browser and enter the IP address of the external server in the address area. Are you able to access the server?….. (ya, dapat mengakses server)
e. Change the status of the Block-IP Policy to Disabled and click Save Settings. Are you able to access the server now?….. (server tidak bisa diakses)
f. What other ways can access policies be used to block Internet access?….. (

Step 5: Set up an Internet access policy based on an application
c. Click the Edit List button and enter the IP address of Host-B. Click Save Settings and then Close.
What other Internet applications and protocols can be blocked?….. (tidak)
f. Ping the IP address of the external server from Host-B using the ping command.
Are you able to ping the server?….. (ping ke server dapat dilakukan)
g. Telnet to the IP address of the external server from Host-B using the command telnet A.B.C.D (where A.B.C.D is the IP address of the server).
Are you able to telnet to the server?…..(

Part 2 – Configuring a DMZ on the multi-function device

Step 1: Set up a simple DMZ
c. Click Help to learn more about the DMZ. For what other reasons might you want to set up a host in the DMZ?….. ()
e. Test basic access to the DMZ server by pinging from the external server to the outside address of the multi-function device. Use the ping –a command to verify that it is actually the DMZ server responding and not the multi-function device. Are you able to ping the DMZ server?….. (
f. Test HTTP access to the DMZ server by opening a browser on the external server and pointing to the external IP address of the multi-function device. Try the same thing from a browser on Host-A to Host-B using the internal addresses.
Are you able to access the web page?….. (
g. Test Telnet access by opening a command prompt as described in Step 5. Telnet to the outside IP address of the multi-function device using the command telnet A.B.C.D (where A.B.C.D is the outside address of the multi-function device).
Are you able to telnet to the server?…..(

Step 2: Set up a host with single port forwarding
d. Test HTTP access to the DMZ host by opening a browser the external server and pointing to the outside address of the multi-function device. Try the same thing from a browser on Host-A to Host-B.
Are you able to access the web page?….. (
e. Test Telnet access by opening a command prompt as described in Step 5. Attempt to telnet to the outside IP address of the multi-function device using the command telnet A.B.C.D (where A.B.C.D is the outside IP address of the multi-function device).
Are you able to telnet to the server?…..(

Lab 8.4.3 Performing a Vulnerability Analysis

Step 1: Download and install MBSA
b. What is the latest version of MBSA available?….. (MBSA 2.2 versi platform yaitu x86 dan x64)
c. What are some of the features MBSA provides?….. ( MBSA 2.2 adalah versi terbaru dari keamanan gratis Microsoft dan penilaian kerentanan scan alat untuk administrator, auditor keamanan, dan profesional TI.

MBSA 2.2 dibangun pada versi 2.1.1 sebelumnya MBSA yang mendukung Windows 7 dan Windows Server 2008 R2 dan memperbaiki masalah kecil yang dilaporkan oleh pelanggan. MBSA akan bekerja dengan didukung semua versi Windows termasuk Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 dan Windows Server 2008 R2.

MBSA juga kompatibel dengan Microsoft Update, Windows Server Update Services 2.0 dan 3.0, SMS Inventory Tool untuk Microsoft Update (ITMU), dan sccm 2007.

Untuk daftar lengkap produk yang didukung oleh MBSA berbasis Microsoft Update (MU) dan Windows Server Update Services (WSUS) teknologi, kunjungi Produk Didukung oleh halaman WSUS.

Lihat halaman MBSA untuk informasi lebih lanjut atau untuk mendownload versi terbaru.

Kecuali khusus mencatat, semua referensi MBSA 2.0 di halaman TechNet MBSA juga berlaku untuk semua versi MBSA. )
f. Click Download Files below and select the file you want to download. (The English setup file is MBSASetup-EN.msi). Click the Download button on the right of this file. How many megabytes is the file to download?….. (1.7 MB)

Step 2: Build the network and configure the hosts
c. If the host is connected to a hub or switch and a DHCP server is not available, configure it manually by assigning a static IP address.
Which IP address and subnet mask does Host-A and the server (optional) have?….. (192.168.1.101)

Step 3: Run MBSA on a host
a. Double-click the desktop icon for MBSA or run it from Start > All Programs.
When the main screen displays, which options are available?….. (

Step 4: Select a computer to scan
b. What are the two ways to specify a computer to be scanned?….. (dengan workgroup computer name atau langsung ke IP adressnya)

Step 5: View security update scan results
a. View the security report. What are the results of the security update scan?…..(office security update, windows security update, my SQL security update)
b. If there are any red or yellow Xs, click How to correct this. Which solution is recommended?….. (klik” how to connect this” maka jalankan recomendasinya)

Step 6: View Windows scan results in the security report
a. Scroll down to view the second section of the report that shows Windows Scan Results. Were there any administrative vulnerabilities identified?….. (tidak complete dalam meng_update, dan firewall nya tidak aktif dalam protection)
b. On the Additional System Information section of the screen (below), in the Issue column for Services, click What was scanned, and click Result details under the Result column to get a description of the check that was run. What did you find? When finished, close both popup windows to return to the security report…… (beberapa potensial keamanan tidak bisa diinstal maka untuk recommendasi coba lagi)

Step 7: View Desktop Application Scan Results in the Security report
a. Scroll down to view the last section of the report that shows Desktop Applications Scan Results. Were there any administrative vulnerabilities identified?
b. How many Microsoft Office products are installed?
c. Were there any security issues with Macro Security for any of them?

Step 8: Scan a server, if available
a. If a server with various services is available, click Pick a computer to scan from the main MBSA screen and enter the IP address of the server, and then click Start Scan. Which security vulnerabilities were identified?….. (IE Zone)
b. Were there any potentially unnecessary services installed? Which port numbers were they on?….. (ada)

Step 10: Reflection
a. The MBSA tool is designed to identify vulnerabilities for Windows-based computers. Search the Internet for other tools that might exist. List some of the tools discovered.
b. Which tools might there be for non-Windows computers? Search the Internet for other tools that might exist and list some of them here.

c. Which other steps could you take to help secure a computer against Internet attacks?



Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s