Scribd Logo
Upload

Welcome to Scribd!

  • 198 views

    NT2670 Lab3-1 Worksheet

    Uploaded by

    Mobius_1
    This document contains the questions and answers from a lab worksheet on configuring security settings in IIS7. The lab covers configuring IP restrictions to control access to a website, configuring anonymous and Windows authentication, enabling SSL, and building a secure website with different authentication and access requirements for subdirectories and shares. Key points covered include denying access to unspecified clients after configuring IP restrictions, using different authentication methods like anonymous, basic and Windows based on the browser settings and website configuration, addressing authentication issues by restarting the browser, and setting up a secure website with an SSL certificate and different authentication and permissions for subdirectories and shares.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    NT2670 Lab3-1 Worksheet

    Uploaded by

    Mobius_1
    198 views17 pages
    This document contains the questions and answers from a lab worksheet on configuring security settings in IIS7. The lab covers configuring IP restrictions to control access to a website, configuring anonymous and Windows authentication, enabling SSL, and building a secure website with different authentication and access requirements for subdirectories and shares. Key points covered include denying access to unspecified clients after configuring IP restrictions, using different authentication methods like anonymous, basic and Windows based on the browser settings and website configuration, addressing authentication issues by restarting the browser, and setting up a secure website with an SSL certificate and different authentication and permissions for subdirectories and shares.

    Original Description:

    Lab 1-3 Worksheet for course NT2670

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document contains the questions and answers from a lab worksheet on configuring security settings in IIS7. The lab covers configuring IP restrictions to control access to a website, configuring anonymous and Windows authentication, enabling SSL, and building a secure website with different authentication and access requirements for subdirectories and shares. Key points covered include denying access to unspecified clients after configuring IP restrictions, using different authentication methods like anonymous, basic and Windows based on the browser settings and website configuration, addressing authentication issues by restarting the browser, and setting up a secure website with an SSL certificate and different authentication and permissions for subdirectories and shares.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    198 views17 pages

    NT2670 Lab3-1 Worksheet

    Uploaded by

    Mobius_1
    This document contains the questions and answers from a lab worksheet on configuring security settings in IIS7. The lab covers configuring IP restrictions to control access to a website, configuring anonymous and Windows authentication, enabling SSL, and building a secure website with different authentication and access requirements for subdirectories and shares. Key points covered include denying access to unspecified clients after configuring IP restrictions, using different authentication methods like anonymous, basic and Windows based on the browser settings and website configuration, addressing authentication issues by restarting the browser, and setting up a secure website with an SSL certificate and different authentication and permissions for subdirectories and shares.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 17

    Enrique Roca

    NT2670
    Unit 3 Lab 1

    -1
    70-643
    LAB 3
    WORKSHEET
    CONFIGURING IIS7
    Exercise 3-1-2

    Configuring IP Address Restrictions

    Overview

    In this exercise, you control access to a Web site based on the IP


    addresses of the client computers.

    Completion time

    15 minutes

    What happens?

    Question
    1

    Question
    2

    The IIS7 Welcome page pops up.

    What is the result?


    The IIS7 Welcome page pops up.
    What can you infer from these results about the default
    settings of the IP and Domain Restrictions role service?

    Question
    3

    Two things: First, that my partner server is part of the same


    domain as my server, or second, that there is no IP restrictions
    set up.

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    What happens?

    Question
    4

    A 403.6 error page appears

    What is the result?

    Question
    5

    A 403 error page appears

    What happens?

    Question
    6

    The IIS7 Welcome page appears

    What is the result?

    Question
    7

    A 403 error page appears

    Why can you connect to the Web site from one computer
    and not from the other?

    Question
    8

    The access for unspecified clients is set to Deny

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    Computer Name
    NT2670Svr77B

    IP Address
    172.16.77.2

    What are the results?

    Question
    9

    Question
    10

    The IIS7 Welcome page appears

    If you try connecting to your Web site from a network


    computer other than your server or your partner server, what
    would be the result? Why?
    The 403 error page would be displayed

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    28. Press Ctrl+Prt Scr to take a screen shot of the Internet Information Services (IIS) Manager
    window showing the three rules you created. Press Ctrl+V to paste the image on the page
    provided in the lab3_1_worksheet file.

    Enrique Roca
    NT2670
    Unit 3 Lab 1

    Exercise 3-1-3

    Configuring Anonymous Authentication

    Overview

    In this exercise, configure the properties of IIS7s Anonymous


    Authentication module.

    Completion time

    15 minutes

    Question
    11

    What authentication methods are provided in the default


    IIS7 configuration?
    Anonymous Authentication

    What anonymous user identity is IIS7 currently using?

    Question
    12

    IUSR

    What happens? Explain your results.

    Question
    13

    A 401.2 Unauthorized page

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    17. Press Ctrl+Prt Scr to take a screen shot of the Internet Explorer window. Press Ctrl+V to paste
    the image on the page provided in the lab3_1_worksheet file.

    What happens? Explain your results.

    Question
    14

    Exercise 3-1-4

    The IIS7 Welcome page is displayed

    Using Basic and Windows Authentication


    6

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    Overview

    In this exercise, install the Basic and Windows Authentication modules,


    and configure an IIS7 Web site to use them.

    Completion time

    10 minutes

    Question
    15

    Which of the installed authentication modules is currently


    enabled?
    Anonymous Authentication

    What happens?

    Question
    16

    Question
    17

    Question
    18

    Question
    19

    Question
    20

    A security window pops up asking for credentials in


    order to access the IIS7 Welcome page

    Which authentication method is Internet Explorer currently


    using? How can you tell?
    It is using the Anonymous Authentication method since the
    IIS7 Welcome page is displayed

    What happens?
    A logon window asking for credentials appears
    Which authentication method is Internet Explorer using
    now? How can you tell?
    Basic Authentication since it is specified in the
    description provided in the logon window

    What happens?
    Since student A is not a defined user of the domain the

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    windows keeps popping up until the right credentials
    are provided

    What happens after three failed logon attempts?

    Question
    21

    After three attempts the 401.1 error page is displayed

    13. Press Ctrl+Prt Scr to take a screen shot of the Internet Explorer window. Press Ctrl+V to paste
    the image on the page provided in the lab3_1_worksheet file.

    Question
    22

    What happens now?


    The IIS7 Welcome page is displayed

    Enrique Roca
    NT2670
    Unit 3 Lab 1

    What is the result?

    Question
    23

    A credentials window appears and after credentials are


    provided the IIS7 Welcome page is displayed

    Which authentication method did Internet Explorer use to


    connect to the site? How can you tell?

    Question
    24

    It is using Windows Authentication since the window does not


    specified that the credentials are going to be sent in an insecure
    way (Basic Authentication)

    Exercise 3-1-5

    Configuring SSL

    Overview

    In this exercise, configure a Web site to use SSL encryption.

    Completion time

    10 minutes
    9

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    5. Press Ctrl+Prt Scr to take a screen shot of the Certificate dialog box. Press Ctrl+V to paste the
    image on the page provided in the lab3_1_worksheet file.

    Question
    25

    Why are the two bindings listed in the Site Bindings box able
    to co-exist?
    Because they are using different ports

    What happens?

    Question
    26

    A 403.4 error page appears telling me that the website I am


    trying to access is secured with SSL

    10

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    17. Press Ctrl+Prt Scr to take a screen shot of the Internet Explorer window. Press Ctrl+V to paste the
    image on the page provided in the lab3_1_worksheet file.

    What happens now?

    Question
    27

    The IIS7 Welcome page is displayed

    Question
    28

    Why does the Web site fail to load from your partner server
    when it loaded successfully from your server?

    11

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    Because the SSL certificate was issued to my server whereas
    my partners doesnt have the certificate key

    12

    Enrique Roca
    NT2670
    Unit 3 Lab 1

    LAB REVIEW: QUESTIONS


    Completion time

    5 minutes

    1. With the IP Address and Domain Restrictions settings configuration at the end of Exercise 3-1-2,
    would classroom computers other than your server and your partner server be able to access your
    Web site? Explain why or why not.
    No, because they are not included in the list of IP address excluded of the restriction
    2. In Exercise 3-1-4, your repeated attempts to log on to your Web site using the Student## user
    name failed, but the logon was successful when you used the name contoso##\Student##. Explain
    why.
    Because StudentA is not a username for the contoso domain, whereas Student77 is.
    3. In Exercise 3-1-4, why was it necessary to shut down Internet Explorer and then restart it before
    logging on with Windows Authentication?
    Because otherwise if we just refresh it the logon window (from Basic Authentication) will keep
    asking for credentials to be enter. But when you restart IE a new request is used utilizing the
    Windows Authentication method, not the Basic one.

    13

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    LAB CHALLENGE: BUILDING A SECURE WEB SITE
    Completion time

    20 minutes

    Your supervisor wants you create a test Web site, using all of the security mechanisms you
    tested. To complete this challenge, create a new Web site named SecureSite on your server.
    Make it accessible using the URL https://securesite.contoso##.com. The site must adhere to
    the following requirements:

    The root directory must be accessible using Anonymous Authentication.

    Three subdirectories, called Tom, Dick, and Harry, must be accessible using only
    Basic Authentication.

    One virtual directory called Student##, pointing to the C:\Users\Student## folder,


    must be accessible using only Windows Authentication.

    The subdirectories and the virtual directory must be accessible only to users on the
    10.1.1.0 network.

    The entire site must be secured using SSL with a self-signed certificate called
    SecureSite.

    14

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    Take a screen shot of an Internet Explorer window showing the content of the Web site you
    created. Paste the image on the page provided in the lab3_1_worksheet file.

    15

    Enrique Roca
    NT2670
    Unit 3 Lab 1
    Take a screen shot of an Internet Explorer window showing the content of the virtual directory
    you created. Paste the image on the page provided in the lab3_1_worksheet file.

    Optional

    Testing Share Access


    16

    Enrique Roca
    NT2670
    Unit 3 Lab 1

    Review
    Exercise
    Overview

    Create a test user account, and connect to the share from another computer
    on the network.

    Completion time

    15 minutes

    Question
    Review.1

    Identify the groups to which the User## object is assigned


    automatically.
    Domain Users

    15. Press Ctrl+Prt Scr to take a screen shot of the Member Of tab on the User## Properties
    sheet. Press Ctrl+V to paste the image on the page provided in the lab3_1_worksheet file.

    17

    You might also like