My Lab 2

My IT Security Lab 2 on 21th July was quite interesting. Through this lab, I had been learning about the goals of Information Technology. In information security, it is refer to the protection of information and the systems and hardware that use, store, and transmit that information. After I was attend this lab, I found that although all of the operating systems such as Windows 9x version of Microsoft Windows, Windows Server 2003, or XP are compatible with FAT but local file security will be enabled ONLY IF you have NTFS installed. When doing my lab, I was following the instructions in the slides. Firstly, I was choosing to use the virtual machine to do my lab activity. Before start to do this lab, I need to be ensured that the Window Server 2003 is in NTFS format.

In Task 2, that was test the data confidentiality which provides protection to computer related assets from being used by unauthorized user. Its mean only the right person who has the authority can read, view, print, or even knowing the existing of the object. So, I was creating 2 user account s, User1 and User2 with password protected and a folder named “Confidentiality” and created a folder named UserFolder1 again inside “Confidentiality” for my User1. After that, I changed the UserFolder1 folder properties and security settings. When I logged on as User2, I found that it was denied access to see the content in folder UserFolder1.Next; I done my task 2 in lab 2 which is testing the data availability. In this task, I created a folder named “Availability” and the folder User2Folder and changed the properties and the security settings again just same like the task 1. Thus, I logged off the Administrator and logged on as User2.Wao~ I can access the folder! After finished, I logged off User2 and logged on as administrator and delete the User2 from local security database. Then, I created a new user again that also named User2 then logged off. When I logged on as User2, I cannot access to the folder User2Folder.You know why? Because the old User2 account is no longer listed. So, availability makes sure authorized user can access information at any time without any failure. Information that is not available to the authorized user is useless.

Finally, I was doing the last task to test the data integrity. What means by Data Integrity? Integrity ensures data can be modified by authorized parties and by authorized mechanism only. Information can be added, updated or deleted; hence it must be done in a correct ways and by the right person to ensure the correctness and validity of the information. So, I logged on to the Windows 2003 Server as User1. Same with the task 1 and task 2, the new folder called “Integrity” was created. Inside User1Folder folder, I also created a “New Text Document” with wrote some sentences. After I saved it then logged off. I was log on as User2 and navigate to the User1Folder folder and remove or add some words from the New Text Document and try to save it. Do you think could I save it? The answer is NO! Conclusions, I know how important the security is.