MOAC 70-687 - Configuring Windows 8 Lab Manual LAB 12 CONFIGURING AND MAINTAINING NETWORK SECURITY THIS LAB CONTAINS THE FOLLOWING EXERCISES AND ACTIVITIES: Exercise 12.1 Installing Internet Information Server Exercise 12.2 Testing IIS Connectivity Exercise 12.3 Allowing a Program Through the Firewall Lab Challenge Creating Windows Firewall Rules Exercise 12.1 Installing Internet Information Server Overview Because this is only a test deployment, you will be using a Windows 8 computer to function as the web server. In this exercise, you will install Internet Information Services on your workstation and then configure it to host two websites. Mindset Internet Information Services enables you to configure websites to use specific port numbers. This makes it possible to test the functionality of Windows Firewall. Completion time 15 minutes MOAC 70-687 - Configuring Windows 8 Lab Manual What URLs could you use in your computer’s browser to test the functionality of the intranet website you just created? Question 1 21. Take a screen shot of the Internet Information Services (IIS) Manager console, showing the new site you created, by pressing Alt+Prt Scr, and then paste the resulting image into the Lab 12 worksheet file in the page provided by pressing Ctrl+V. [copy screen shot over this text] Exercise 12.2 Testing IIS Connectivity Overview In this exercise, you will test the functionality of the web server you just installed. Mindset The way to test the functionality of a web server is to attempt to connect to it. Completion time 15 minutes What is the result, and what does the result indicate? Question 2 What is the result, and what does it indicate? Question 3 Question What is the result? MOAC 70-687 - Configuring Windows 8 Lab Manual 4 What is the result? Question 5 Question 6 List three possible reasons as to why you might be unable to connect to your computer’s web server using a browser on another computer. 10. Take a screen shot of the Customize settings for each type of network window, showing the setting you just modified, by pressing Alt+Prt Scr, and then paste the resulting image into the Lab 12 worksheet file in the page provided by pressing Ctrl+V. [copy screen shot over this text] What are the results, and what do the results indicate? Question 7 Question 8 Question What other test could you perform to prove that it was your computer’s firewall that was blocking the connection and not the firewall on the computer you are using as a client? Why is it necessary to clear the cache before you retest the MOAC 70-687 - Configuring Windows 8 Lab Manual 9 web server connections? Why can you not simply leave Windows Firewall turned off when you deploy an actual web server? Question 10 Exercise 12.3 Allowing a Program Through the Firewall Overview Windows Firewall is preventing clients from connecting to your web server. To enable client access, you will use the Windows Firewall control panel to allow access to the web server. Mindset The Windows Firewall control panel provides access to basic functions of the firewall, but for complete control, you must use the Windows Firewall with Advanced Security console, which you’ll see in the Lab Challenge. Completion time 10 minutes Why are you now able to connect to the website from the client? Question 11 Why are you unable to connect to the intranet site from the client? Question 12 MOAC 70-687 - Configuring Windows 8 Lab Manual Lab Challenge Creating Windows Firewall Rules Overview The port you opened in Exercise 12.3 enables clients to access the default website hosted by your web server, but not the Intranet website. In this challenge, you must configure your web server to allow traffic to the Intranet website. Mindset Windows 8 often provides more than one way to complete a given task. The Windows Firewall control panel provides a relatively simple interface to the firewall, but it is not a comprehensive one, as we saw in the previous Exercise. Completion time 20 minutes To complete this challenge, you must use the Windows Firewall With Advanced Security console to configure WKSTN-MBR-B to allow traffic to both the default website and the Intranet website you created in Exercise 12.1. To complete the challenge, perform the following tasks: 1. List the steps you took to complete the task. 2. Take a screen shot of the interface you used to create the firewall rules by pressing Alt+Prt Scr and then paste it into your Lab 12 worksheet file in the page provided by pressing Ctrl+V. [copy screen shot over this text] 3. Answer the following questions. Why are there two separate rules for the World Wide Web Services in the Inbound Rules container? Question 13 Question 14 How would the opening of the port you performed in Exercise 12.3 affect the World Wide Web Services (HTTP Traffic-In) rules in the Inbound Rules container? MOAC 70-687 - Configuring Windows 8 Lab Manual Question 15 How would the rule creation procedure you just performed differ if you wanted to restrict client access to the intranet website to computers on the local network only?