Difficulty
Intermediate
Time Limit
30m
Leaderboard
Listed below are the top performing students for this challenge lab!
Loading leaderboard...
1
What are challenge labs?
Lab challenges are graded IT labs. You get to compete against other students to try and earn the highest score and the #1 position on the leaderboard. You will be graded on specific task completion. You will also be awarded a bonus based on how fast you work.
Lab Description
Test your ability to secure Windows Server vulnerabilities and secure IT systems. This lab has a windows Domain already installed and configured - you just need to close the vulnerabilities listed in the table below:
| Finding ID | Title | Severity |
| V-224874 | Windows Server 2016 reversible password encryption must be disabled. | High |
| V-224954 | The Windows Installer Always install with elevated privileges option must be disabled. | High |
| V-224934 | AutoPlay must be disabled for all drives. | High |
| V-224959 | The Windows Remote Management (WinRM) client must not allow unencrypted traffic. | Medium |
| V-224943 | File Explorer shell protocol must run in protected mode. | Medium |
| V-224931 | The Application Compatibility Program Inventory must be prevented from collecting data and sending the information to Microsoft. | Low |
Each finding ID contains a link to stigviewer.com. This page will contain the details about the vulnerability as well as the fix text. The fix text will show you what you need to configure in order to close this vulnerability.
Lab Scoring
| V-224874 - Reversible password encryption | 250 Points |
| V-224954 - Elevated Windows Installer | 250 Points |
| V-224934 - AutoPlay must be disabled for all drives | 250 Points |
| V-224959 - Unencrypted WinRM traffic. | 175 Points |
| V-224943 - File Explorer shell protocolprotected mode | 175 Points |
| V-224931 - ACP Inventory Data | 100 Points |
| - | - |
| Total: | 1200 Points |
Lab Network Diagram
Click the image below to see the network diagram for this IT lab.