This lab is about Authentication and Basic Cryptography and all student should be able to:
* Explain What is Authentication and Cryptography
* Implementing Data encryption.
* Implementing Local password policy on windows 2003
* Implementing Asymmetric cryptography by using Pretty Good Privacy (PGP)
What is authentication?
Authentication is any process by which you verify that someone is who they claim they are. Authentication services provide a means to prove that whatever the subject claims is true.
Identity verification can be classified by:
* The claimant demonstrates knowledge of something, e.g.password.
* The claimant demonstrates possession of something, e.g. a physical key or card
* The claimant exhibits some required immutable characteristics, e.g. a finger print.
* Evidence is presented that the claimant is at some particular place or time.
* The verifier accepts that some other party, who is trusted, has already established authentication.
What is cryptography?
The idea of a cipher system is to disguise information in such a way that its meaning is unintelligible to an unauthorized person.
Cryptography algorithms is a type of operations used for transforming plaintext (original message) to ciphertext (coded message).
The number of keys used is symmetric (single key or private-key encryption) and asymmetric (two-keys, or public-key encryption).
Now, i would like to share some knowleges about using NTFS for data encryption.
1. Log on to the Windows 2000 server as Administrator.
2. Open My Computer, then double-click the D drive.
3. Create a new folder called Encryption.
4. Double-click the Encryption folder and create a new folder called User2Folder.
5. Double-click the User2Folder folder.
6. Create a new text document and edit the contents to say: “This document is for my eyes only.”
7. Save the document as Private Document.txt and close the document.
8. Right-click on the document.
9. Select [Properties].
10. Click the [Advanced] button.
11. Check the [Encrypt contents to secure data] box.
12. Click [OK].
13. Click [OK] a second time, and you will receive some message.
14. Click the radio button that says [Encrypt the file only].
15. Click [OK].
16. Log off as Administrator and log on as User1.
17. Try to access the New Text Document in d:\Encryption\User2Folder. Access should be denied, even though the NTFS permissions are Everyone, Full Control.
18. Log off User1.
So, how interesting hehehe ;-)
Okay, review question time :p
1.Why are complex passwords important?
Complex passwords important because complex passwords are very difficult to guess or even crack using commonly available code breaking software.
The complex passwords usually take hours and sometimes days. Enforcing longer and more complex passwords thus improves security.
Password complexity is often built on the length of the word and the difficulty one has in guessing it. The more complex a password you create, the more secure you are making your data.
Passwords that feature uppercase and lowercase letters, numbers, and characters are much more challenging for a hacker to crack.
Integrating numbers and characters into phrases also helps guard against dictionary attacks.
2.Which of the following is considered a complex password? And why?
a. zamrud
b. Pa$$w0rd
c. ncdjszkjdnc
d. Johnwiley
Pa$$w0rd is considered a complex password. It because these substitutions can be effective when combined with other measures, such as length, misspellings, or variations
in case, to improve the strength of your password. Others word not considered as a complex password because “zamrud” is contain from a dictionary word,
then “ncdjszkjdnc” only use lowercase letters, and “Johnwiley” maybe is a usernames.
3.If you implement an account lockout and reset counter policy, how can you monitor the failed attempts?
Failed attempts are logged in event logs. Any number of event log monitoring tools can alert off of them.
p/s : More details, refer to the expert! ^_^
