Instructions
This project requires that students work with the VirtualBox installation of Microsoft Windows Server 2012 R2 Standard 64-bit that was developed in Project 1.
I. Implement A Default Domain Password Policy GPO
Within the VirtualBox Microsoft Windows Server 2012 virtual server that was developed in Project 1, utilize the instructions outlined on the following video to edit the Default Domain Policy in order to configure a Password Policy Group Policy Object (GPO): https://www.youtube.com/watch?v=buZewCeg_cY
If you cannot modify the ‘Default Domain Policy’, under Group Policy Objects, create a new Group Policy Object and name is: ‘Default Domain Password Policy’
Set the following settings for each Policy. Leave all other settings set to their default:
Enforce password history: 24 passwords remembered
Maximum password age: 90 days
Minimum password age: 1 days
Minimum password length: 14 characters
Password must meet complexity requirements: Enabled
Store passwords using reversible encryption: Enabled
Account lockout duration: 30 minutes
Account lockout threshold: 3 invalid logon attempts
Reset account lockout counter after: 30 minutes
Enforce user logon restrictions: Enabled
Maximum lifetime for service ticket: 600 minutes
Maximum lifetime for user ticket: 10 hours
Maximum lifetime for user ticket renewal: 7 days
Maximum tolerance for computer clock synchronization: 10 minutes
II. Implement A Group Policy Object To Block USB Devices
Within the VirtualBox Microsoft Windows Server 2012 virtual server that was developed in Project 1, utilize the knowledge gained from Project 7 and the instructions outlined on the following video to edit the Default Domain Policy in order to block the use of USB devices within the domain environment: https://www.youtube.com/watch?v=0UZXYMVCkMw
I. Validation
· Part I: In a Microsoft Word document, paste screenshots of the edited ‘Password Policy’, ‘Account Lockout Policy’ and ‘Kerberos Policy’ screens from the ‘Group Policy Management Editor’ screen validating that you successfully configured the Group Policy Object utilizing the above criteria..
· Part II: Within the same Microsoft Word document as utilized for the previous validation requirements, paste a screenshot of the edited ‘Group Policy Object’ from the ‘Group Policy Management Editor’ screen validating that you successfully configured the Group Policy Object to disable to use of All Removable Storage devices.