The purpose of this lab is to recognize the risks, threats, and vulnerabilities commonly found in

the workstation domain. You will identify known vulnerabilities and exploits on the Common

Vulnerabilities and Exposures (CVE) database listing. You will describe how risks, threats, and

vulnerabilities or misconfigurations at the operating system level in the workstation domain

might expose that workstation. You will also identify steps to harden the workstation domain

operating system and applications installed on the user’s workstation for compliance and

safeguarding of sensitive data and access to that data.

Finally, you will apply Department of Defense (DoD) guidelines for securing the workstation

domain, including the review and assessment of Windows 10 and Windows 2016 security

guidelines. Participate in each section of the lab and follow the instructions for the exercises in

each section. You will use a text document to develop your homework assignment by completing

the sections listed below:

Lab 5.1a

Review the following scenario:

You are a security consultant for an information systems security firm and have a new healthcare

provider client under the Health Insurance Portability and Accountability Act (HIPAA)

compliance. Your new client wants to know the requirements and business drivers for securing

the workstation domain in its healthcare environment. Your new client requires compliance with

HIPAA. Similarly, your firm has a DoD client that also wants you to perform a workstation

domain compliance audit per DoD workstation hardening guidelines and baseline requirements.

In your homework assignment, discuss how the compliance law requirements and business

drivers for the healthcare provider’s workstation domain might differ from the DoD’s

workstation domain security compliance requirements.

Lab 5.1b

Launch your Web browser. Navigate to the following website: http://cve.mitre.org. Review the

site, and then in your homework assignment, identify the risks, threats, and vulnerabilities

commonly found in the workstation domain.

Launch your Web browser. Navigate to the following website: https://public.cyber.mil/stigs/.

Review the Security Technical Implementation Guides (STIGs) available and the proper

implementation of security based on DoD’s workstation/desktop hardening guidelines.

In your document, discuss three STIGs and the DoD’s workstation/desktop hardening

guidelines.

Lab 5.1c

Launch your Web browser. Navigate to the following website: https://public.cyber.mil/stigs/

Search for the ‘Desktop Application’ Security Technical Implementation Guide (Version 4,

Release 5) document from the STIG database website.

Review the following concepts from this overarching DoD standards document and, in your

homework assignment, discuss the significant points of two of these topics:

 Appropriate backup strategy does not exist

 Public instant message clients are installed

 Peer-to-Peer clients or utilities are installed

 Execution Restricted File Type Properties

 Open-restricted File Type Properties

You can view the contents of the STIG by visiting the following

site: https://vaulted.io/library/disa-stigs-srgs/desktop_applications_general

Lab 5.1d

Launch your Web browser. Type the following Web address: https://public.cyber.mil/stigs/

Using the search tool search for and review Microsoft Windows Firewall STIG and Advanced

Security. View the STIG. Determine which technical controls are appropriate for the Windows

OS.

Note these in your text document.

The STIGs Master List (A to Z) link can be found at this

link: https://public.cyber.mil/stigs/downloads/.

Scroll down the list to locate and then download the following Windows OS security guideline

documents/zip files:

1. Windows 10 STIG (you will see several Windows 10 STIG options; click the one

with only a Version number and a Release number after STIG).

2. Windows 2016 STIG (you will see a couple of Windows 2016 STIG options; click the

one with only a Version number and a Release number after STIG).

Once you have downloaded the Windows 10 STIG ZIP file to your desktop, double-click the ZIP

file to extract the Windows 10 STIG folder. Double-click the folder to open it, double-click the

Windows 10 Manual STIG ZIP file to extract the Windows 10 Manual STIG folder, double-click

the folder to open it, and then double-click the Windows 10 STIG Manual XML file to open it.

For help in viewing an XML file, watch the this video on How to Easily View a STIG XML file

In your Microsoft Word document, identify at least five security areas that the Windows 10 and

Server 2016 identifies as critical that would fix the issue. Discuss the critical areas and how they

were mitigated.

Lab 5.1e

Navigate to the following website: http://cve.mitre.org/

Review the National Cyber Security Division of the U.S. Homeland Security Department’s CVE

listing hosted by the Mitre Corporation. To access the CVE listing, click CVE List in the lefthand

column to reach the CVE List main page. In your homework assignment, discuss how

workstation domain OS and application software vulnerabilities are housed in the CVE listing.

Next, click the National Vulnerability Database link on the CVE homepage or CVE List main

page. In your text document, discuss how vulnerabilities are housed in the National Vulnerability

Database.

Discuss how this is both a security control tool and an attack tool used by hackers.

Lab 5.2

Write an executive summary to discuss the top workstation domain risks, threats, and

vulnerabilities, and include a description of the risk mitigation tactics you would perform to audit

the workstation domain for compliance. Use the U.S. DoD workstation hardening guidelines as

your example for a baseline definition for compliance.

Submit the document to your instructor as a deliverable for this homework assignment.

NOTE: When you submit your homework assignment, you can combine the assignments into

one document for grading. Please clearly mark the answers for Lab 5.1a, Lab 5.1b, Lab 5.1c, Lab

5.1d, Lab 5.1e, Lab 5.1f and Lab 5.2 within your submission by labeling those sections within

your homework assignment.

Your homework assignment should be a minimum of three pages in APA format. Include a

minimum of two sources, with at least one source from the CSU Online Library in addition to

your textbook.