Section __________
Objectives:
Group Policy configuration is normally done at the domain level on servers where policy settings can
be effective for the entire domain. It is possible, though, to set local group policy for a single computer
by using the Local Group Policy Editor. Included in the editor are the Local Security Policy settings.
These settings can be configured by a local computer administrator. You will be introduced to the
Local Group Policy Editor and Local Security Policy in this laboratory.
Scoring:
Total score for this laboratory is 100 points. Every blank in the laboratory counts the same number
of points whether it is an answer you provide or an approval you obtain from the instructor. In order
to receive full credit for this laboratory, every blank must be filled in completely and correctly. Each
blank that is not filled in correctly and completely reduces the total score by 4 points.
Equipment:
2.
Use the Start Menu Search option to determine where the Local Security Policy settings can be found. Write
out below the sequence of mouse operations (no keyboard operations) that you would use to open Local
Security Policy Settings by starting at the desktop.
________________________________________________________________________________________
3.
Use information available to you under Account Policies to help in answering the following questions about
password policy and account lockout policy.
______________________________
______________________________
______________________________
______________________________
______________________________
______________________________
Name the Account Policy that would stop someone from being able to
try logging in after he/she has unsuccessfully attempted to log in 4
times?
Name the Account Policy that can be set to wait 10 minutes before
permitting logon attempts after someone has unsuccessfully
attempted to log in 4 times.
Name the Account Policy that could be used to require a password of
8 characters.
If the months of the year were used as passwords, what Account
Policy would force all 12 month names to be used before the first
month name could be used again?
Name the Account Policy that requires a user to wait a specified
amount of time before changing a password.
Name the Account Policy that forces passwords to be changed after a
certain amount of time has passed
__________________________________________
__________________________________________
__________________________________________
__________________________________________
__________________________________________
Page 1
Set up the properties shown below so that passwords created and logons attempted will meet the following
criteria: passwords must be at least 13 characters long; passwords must include numbers, symbols and/or
punctuation marks, upper and lower case letters; passwords expire every month (30 days); passwords cannot
be changed until they are within 5 days of expiring; passwords cannot be repeated for 6 months; anyone who
fails to logon in 4 attempts will be locked out of logging on for 1 hour. Do not use these values to alter the
password policy on your computer
Enforce password history
passwords remembered
days
days
characters
Enabled
Enabled
minutes
minutes
2.
Click on Advanced settings in the left pane of the Windows Firewall window and then click Inbound Rules in
the left pane of the Windows Firewall with Advanced Security.
3.
Click on New Rule under the Inbound Rules on the right pane of the window.
4.
Set up the new rule: create the rule for port 80, using TCP, allow a connection to be made with or without
IPsecurity, and make the rule apply for all types of connections
5.
6.
7.
Page 2
Open Audit Policy (located under Local Policies, under Local Security Policy, under Administrative Tools,
under System and Security, under Control Panel) and name all the types of policy that can be audited.
_________________________ ___________________________ _________________________
_________________________ ___________________________ _________________________
_________________________ ___________________________ _________________________
2.
Local Policies include User Rights Assignment : permission that users are granted to perform operations on
the local computer. Open the User Rights Assignment folder to answer the following questions.
______________________________
Name the users and groups that have the right to change the system
time.
______________________________
Which users and groups have the ability to load and unload device
drivers?
Page 3