Lab $8$: Implementing a Risk mitigation Plan

Need the steps to complete Lab by jones bartlett learning

While not as high severity as the previous vulnerability, running unnecessary

services on TargetWindows$01$ also qualifies as a vulnerability because each

running service contributes to a wider attack surface. If it is a network service, it

will be associated with a port number, and the attack surface will be bigger than

the one associated with a local service. As you know, TargetWindows$01$ is a

domain controller. However, it also has an active FTP service with anonymous

login enabled. The FTP service is associated with ports $21$ and $22.$ You can

check this by opening a Command Prompt window on TargetWindows$01$ and

executing the netstat $-$an command. It is a best practice for domain

controllers not to have services other than the one associated with the Windows

domain.

Make a screen capture showing the disabled Microsoft FTP service.

Like unnecessary services, unnecessary programs installed on production

servers are yet another vulnerability that expand the attack surface. Some

programs such as remote management utilities will also install services and

open port numbers on the computers. The Acme Corporation should not permit

any third$-$party management tools to remain on computers and servers on the

Acme network. Review the list of installed programs on TargetWindows$01$ and

uninstall any third$-$party remote management tools that you see.

Make a screen capture showing the uninstalled third$-$party management tool

that you located.