Overview

Introduction

Welcome to the Implement Device Security with Signed Software, Trusted Sites and Application Control Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

  • Exercise 1. Verify Software Source and Signature
  • Exercise 2. Verify Browser Security and Website Reputation
  • Exercise 3. Control Unwanted Software wI’ith Software Restriction Policies

After completing this lab, you will be able to:

  • Download exe file, standalone installer and sigcheck
  • View executable file properties
  • Use sigcheck to verify digital signatures
  • View Google Chrome, Internet Explorer Edge settings on browser security
  • Using an online tool to check website reputation
  • Create a sample batch file
  • Create a local software restriction policy

Exam Objectives

The following exam objectives are covered in this lab:

  • 6.2 Explain methods to secure devices and best practices.

Lab Duration

It will take approximately 45 minutes to complete this lab.

Exercise 1 - Verify Software Source and Signature

Microsoft uses the Portable Executable (PE) file specification to distribute executables, application extensions (DLLs), cabinet files and other essential system files in Windows operating systems and other software products. When installing Windows from an installer media, a user runs setup.exe to initiate a software installation. As the software setup continues, system files, DLLs and other support files are expanded and written to disk storage to install the operating system on a computer successfully.

In this exercise, you will learn how to verify software source by examining the digital signature on an executable file. You will use the File Explorer properties feature and a third party utility called sigcheck.exe to verify if the software is signed by the vendor.

Learning Outcomes

After completing this exercise, you will be able to:

  • Download exe file, standalone installer and sigcheck
  • View executable file properties
  • Use sigcheck to verify digital signatures

Exercise 2 - Verify Browser Security and Website Reputation

This exercise will demonstrate the security settings of web browsers such as Google Chrome and Internet Explorer. It will show a website that collects data about known phishing sites and illustrates how to use a tool for verifying a website’s reputation.

Learning Outcomes

After completing this exercise, you will be able to:

  • View Google Chrome, Internet Explorer Edge settings on browser security
  • Using an online tool to check website reputation

Exercise 3 - Control Unwanted Software with Software Restriction Policies

Software Restriction Policies (SRP) is a feature in Group Policy Objects that control the type of applications that a user can run on a Windows computer. SRP likewise reduce the threat of malware that may be present in apps not authorized to run on corporate desktops. Windows client operating systems such as Windows XP and later versions support the application of Software Restriction Policy.

In this lab, you will learn how to create a software restriction policy on a local computer based on the file path and hash rules.

Learning Outcomes

After completing this exercise, you will be able to:

  • Create a sample batch file
  • Create a local software restriction policy

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.