laptop and external drive configuration guide version 1 · sec301 - hands-on exercises addendum...

SEC301 - Hands-on Exercises Addendum

GIAC Introduction to Security Fundamentals

Laptop and External Drive

Configuration Guide

Version 1.2

SEC301


Table of Contents

Background ............................................................................................................................................................ 3

Ensure that the computer can connect to a network that can access the Internet .............................................. 3

Create a local account with Administrator privilege............................................................................................ 3

Establish the laptop directory structure.............................................................................................................10

Make a folder named ‘SEC 301 Programs’ under the user folder ...................................................................10

External drive preparation ................................................................................................................................13

USB Thumb Drive ..........................................................................................................................................13


SEC301 Computer and External Drive Configuration Guide

Background This document identifies the steps you need to take to make sure that your computer is ready for the lab exercises for SEC301. Prior to coming to class you need to ensure that you have access to an account that is a member of the local administrators group and that you can login to that account. While the laptop requirements for the class strongly recommend that attendees NOT bring a production computer to class, it may not be practical for organizations to provide a separate computer for the attendee. In that case, we recommend that the organization create a local account that is a member of the administrators group.

Ensure that the computer can connect to a network that can access the Internet Some of the exercises associated with SEC301 require that the computer be able to access the Internet (e.g.,

check for software updates, access a database located on the Internet). Networks available at SANS conferences

are typically wireless (e.g., WiFi) and it’s critical that the computer be able to connect to a public WiFi network

and that the network parameters (e.g., address, DNS servers, etc.) be configured by the WiFi network

infrastructure.

Create a local account with Administrator privilege When an organization has a centralized IT element of the organization, it's typical for the user workstations and laptops to be configured with Standard User account for the individual user accounts. This is a good thing to do as it is a prime implementation of the principle of least privilege (and it minimizes risk). To be able to install and configure the programs that are on the CD associated with SEC301, the attendee will need an account (named SEC301-adm) with Administrator privilege. Participants will need to work with the administrators in their organization to ensure that the account is created and that they can login to it from the computer that they will be using for the class. When an individual buys a computer and logs in for the first time, the account that is created is a member of the Administrators group. Browsing the Internet and reading email while using an account that has elevated privilege can be risky. Use a Standard User account instead. Even if the account you use for day to day operation of the computer is a member of the Administrators group, we recommend that you complete this section (create the SEC301-adm account) before proceeding to the next configuration task (Establish the laptop directory structure). Having all attendees using the same account will simplify the process of providing assistance to attendees when they need it. Steps to create the account on a computer (running Windows 7 Home Premium) that is NOT joined to a domain are shown below.


1. Go to the User Accounts screen as shown below. (Click on Start, Control Panel, User Accounts)

2. Click on ‘Manage another account’ and provide the password to an account that is a member of the administrators group to get to the screen below:


3. Click on ‘Create a new account’ to get to the screen below:


4. Fill in the account name (SEC301-adm), select ‘Administrator’ and click on ‘Create Account’:

5. A screen similar to that shown below appears:


6. Click on the account you just created (SEC301-adm) and see the following:

7. In the screen shot shown above, click on ‘Create a password’ to get to this screen:

8. Because this is the initial account setup, you can ignore the warning in bold text shown on the screen. Note that it DOES serve as a reminder that users in ALL groups need to remember their passwords. Resetting a password will cause the loss of data that was encrypted using EFS. Select a password that you can remember but is difficult for others to guess. Enter the password into both locations and click on ’Create password’.


9. Note that the new account is now password protected. Close the screen above (click on the red X in the upper right corner).


10. Switch to the account you just created and login to confirm that it is working as expected. To do so, click on the 'Start' button and then click on the arrow to the right of the 'Shut down' selection to bring up the 'Switch user' option and select it to switch to the account you just created.(SEC301-adm) (note that your Start menu may well be different):

11. When presented with the screen displaying the available accounts, select the SEC301-adm account and provide the password to the account. After several seconds, the desktop setup will complete and the computer will be ready for use. If you are not the person who will be using the computer for the SEC301 class, we recommend that you log out from the SEC301-adm account and have the person who will be attending SEC301 perform the next step: Establish the laptop directory structure.


Establish the laptop directory structure It will be helpful to have all of the files you need for the workbook in one location. Given that most of the exercises are designed around installing, configuring and using programs, here are the steps to create a folder in the SEC301-adm user space named ‘SEC301 Programs’ to contain the requisite files. The individual who will be attending the SEC301 course should login to the SEC301-adm account created earlier and perform the steps described below.

Make a folder named ‘SEC 301 Programs’ under the user folder Unless it has been relocated, the folder for SEC301-adm will be on the C: drive under the top level folder (C:\Users).

1. To see the existing folder structure, view it in a Windows Explorer window. If you don’t already have a preferred way to open Windows Explorer, the following will work. Click on Start, mouse over the SEC301-adm login name and click on it. That will open a Windows Explorer window as shown below:

2. To create a folder in the SEC301-adm user directory, position the cursor in the white space in the right side of the window and right click to bring up a menu from which to select a New Folder:


3. Name the new folder ‘SEC301 Programs’:

The SEC301 Programs folder (e.g., C:\Users\SEC301-adm\SEC301 Programs) is the location to which you will copy files from the CD that comes with the course materials you will receive for class. The laptop is now ready for use with the SEC301 labs. The final preparation step (starting on the following page) involves preparing the external drive for use with the computer.


External drive preparation Several of the exercises in the workbook will direct you to copy files from your computer to an external drive. You can use either an external hard drive (with an appropriate interface such as USB) or a ‘thumb drive’ that connects via an interface such as USB. While the process is similar for both, the directions below are for a thumb drive. Note that in the last portion of the final lab, you will completely erase the contents of the external drive. Our recommendation is that students use a small capacity (preferably no larger than2 GB) drive because a larger drive will take more time to overwrite. If the external drive you selected contains any files you need to keep, use a blank external drive instead

USB Thumb Drive 1. Insert the thumb drive into your laptop and view the contents in a Windows Explorer window:

2. Format the drive as necessary. Right click on the Removable Disk and select ‘Format’ to see the dialog box. Label the drive SEC301 Labs:


3. Click on Start and confirm that you wish to erase all data:

4. Click on OK. After a few seconds, you will see a dialog box indicating that the drive is ready for use:

5. Click on the close button of the Format dialog box.

6. Return to the Windows Explorer window, view the contents of the drive (it should appear to be empty):


7. Create a folder with your name by right clicking on the white space in the right pane and select New; Folder, and type in your name as shown below:

The drive is now ready for use.

8. Remove/disconnect the external drive. This completes the computer and external drive setup for the

SEC301 labs.

laptop and external drive configuration guide version 1 · sec301 - hands-on exercises addendum...

Documents