Page 1 of 8

CO1508 Computer Systems & Security – Week 02 –

Passwords, Patches and Mandatory Access Control (MAC)

Summary
You’re going to learn how to create and enforce passwords’ policy, learn to recognise the
importance of applying patches to software and operating systems to protect your
computing assets, and learn how to implement and enforce mandatory access control
(MAC) policy using security labels to protect your assets and their integrity. Finally, you’ll
recognise the latest cyberthreats and start/continue working on your assignment.

Activities

1. CyberCIEGE – Training – Passwords

The CyberCIEGE Passwords scenario is an example of an extremely simple security

awareness training scenario.

As with all CyberCIEGE scenarios, you are encouraged to explore the effects of “wrong”
choices as well as trying to select the correct choices. Plan on playing the scenario several
times before finally going through it making what you believe are the correct choices.

This scenario explores the following CyberCIEGE concepts:

• Use of passwords can help prevent one user from compromising information that is
only supposed to be accessible from another user’s account.
• Trivial passwords can be easily guessed, leading to compromise of information assets.
• Writing passwords on post-it notes hung from a monitor defeats the purpose of a
password.
• When workstations are unattended, they should be locked or logged off.

In this scenario you can largely ignore Zones and physical security issues. The scenario
requires that you modify procedural settings and configuration settings on one computer.
You may also choose to purchase training for one of your users to help ensure they abide by

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 2 of 8

the procedural security choices you select. Also, don’t worry about hiring or firing support
staff or the trustworthiness of your virtual users.

Hit “Play” and try to win! If any attack happens, you must play again. You should have
above $58000 left in your budget. If you need help, press F1 while playing.

Don’t move on to the next scenario until you’re done with the Passwords one.

2. CyberCIEGE – Starting Scenario – Patches

The CyberCIEGE patches scenario explores the need to apply software patches to
applications and operating systems.

As with all CyberCIEGE scenarios, you’re encouraged to explore the effects of “wrong”
choices as well as trying to select the correct choices. Plan on playing the scenario several
times before finally going through it making what you believe are the correct choices.

This scenario explores the following concepts:

• Many applications and operating systems have flaws that can be exploited by attackers
to compromise computers and/or assets stored on those computers;
• After specific flaws become publicly known, there are often a lot of attacks mounted
against systems that contain those flaws.
• Sometimes an enterprise’s use of unpatched software is visible from the Internet via a
network “scan”.
• Software patches that are only intended to address security flaws will sometimes have
unexpected effects on the behaviour of applications. It is advantageous to establish a
regime to test new patches before applying them to operational systems.
• Procedures and responsibilities for managing patches must be consistent with available
resources. In some environments, individual users must manage and apply patches to
their own systems. In these environments, user training is often necessary.

In this scenario you can largely ignore Zones and physical security issues. Also, don’t worry
about hiring or firing support staff or the trustworthiness of your virtual users.

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 3 of 8

2.1 Play

Before Play, ask your tutor to play the “Patches” movie.

Open the CyberCIEGE game then click on “Starting Scenarios” and “Patches”. Now hit
“Play”. Click the OK button in the initial briefing.

Read the objectives screen then return to the Office tab and hit play.

Phase 1: Instruct Edgar to Apply Patches

The first time through you may wish to just watch until Edgar asks you: “What can you direct
me to do to make it harder for those vandals to routinely trash our system?”

Press F1 to learn about network scans. Then go to the NETWORK screen and right click on
the Internet icon and select “Discover / Scan”. Look at the patch information reported for
the Logititan application.

Double click on the server and select the appropriate configuration setting (note the
different between configuration settings and procedural settings by hovering the mouse
over each label.)

Once you’re done and receive the good job brief, move on to the second objective of Phase
1

Phase 2: Direct Users to Apply Patches

Let the game run until Edgar asks Arlo when was the last time he applied patches to his
software.

Double click on Arlo’s computer and select the appropriate setting.

Double click on Arlo and buy him some training so he better understands what he needs to
do.

Phase 3: Patches are Breaking the Applications

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 4 of 8

In this phase, Edgar discovers that when he applies patches to the server, sometimes it
breaks the application. Consider purchasing a second server upon which Edgar can test the
patches before applying them.

2.2 Clean up

Remember, before you exit the game, show your tutor your progress. Also, make sure to
save the game before exit.

3. CyberCIEGE – Mandatory Access Control – Mandatory Access

Control

The CyberCIEGE MAC scenario is a simple example of mandatory access control (MAC) policy
enforcement using security labels and a server that enforces the MAC policy.

As with all CyberCIEGE scenarios, you’re encouraged to explore the effects of “wrong”
choices as well as trying to select the correct choices. Plan on playing the scenario several
times before finally going through it making what you believe are the correct choices.

This scenario explores the following concepts:

• Real-time sharing of information across security levels may require reliance on a

computer to enforce a MAC policy. Such computers are sometimes referred to as
“multilevel”.
• Connecting physical networks to a MAC enforcement mechanism requires that you
provide the MAC mechanism with a security label for the connection.
• Networks that contain other computers that lack suitable MAC enforcement
mechanisms are typically treated by MAC enforcing computers as “single level”
networks, i.e., the networks may handle information of different security levels, but all
of the information on the network is treated at a single security level by the MAC
mechanism.

3.1 Play

Open the CyberCIEGE game then click on “Mandatory Access Control” then choose
“Mandatory Access Control”. Now hit “Play”.

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 5 of 8

Click the OK button in the initial briefing.

Read the briefing and the objectives screens and explore the encyclopaedia (via the “F1”
key).

Ask your tutor to play the MAC movie now to better understand multilevel secure
components.

Phase 1 Assign Security Labels to Network Connect Larry to the Internet

Read the briefing in the GAME tab and check your objectives in the OBJECTIVES tab.

Look at the labels of the assets via the ASSET tab. Look at the user clearances via the USER
tab. Also look at the user goals and notice how they need to share the asset that is on the
server.

In the OFFICE screen, start the simulation and notice how both users are failing their goals
because of their inability to share the “Open Source Reports” asset.

Go to the NETWORK tab. Notice Joe’s workstation is already connected to the LAN1 network
and Jill’s workstation is connected to the LAN2 network.

Connect each network to Server by first selecting the server (click on it) and then click the
LAN1 and the LAN2 buttons in the upper right.

Right click on the server, select Networks and “Label Single Level Network” and then assign
labels to each of the two networks (based on the users’ goals and clearances).

If for some reason, the secrets are leaked from the server, the you should play again.

3.2 Clean up

Remember, before you exit the game, show your tutor your progress. Also, make sure to
save the game before exit.

4. CyberCIEGE – Mandatory Access Control – MAC Integrity

The CyberCIEGE MAC Integrity scenario is a simple example of MAC policy enforcement of
an integrity policy using security labels and a server that enforces the MAC policy. The MAC

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 6 of 8

Integrity scenario builds on the concepts covered in the previous scenario, which covered a
secrecy policy. This scenario is very similar to that, but this scenario includes an integrity
policy.

As with all CyberCIEGE scenarios, you’re encouraged to explore the effects of “wrong”
choices as well as trying to select the correct choices. Plan on playing the scenario several
times before finally going through it making what you believe are the correct choices.

This scenario explores the following concepts:

• Real-time sharing of information across integrity levels may require reliance on a

computer to enforce a MAC policy. Such computers are sometimes referred to as
providing “multilevel integrity”.
• Connecting physical networks to a MAC enforcement mechanism requires that you
provide the MAC mechanism with a security label for the connection. Some
environments may require both secrecy labels and integrity labels.
• Malicious software on a network can corrupt the integrity of information, and thus the
integrity label associated with networks should account for the potential for low
integrity or malicious software.

4.1 Play

Open the CyberCIEGE game then click on “Mandatory Access Control” then “MAC Integrity”.
Now hit “Play”. Read the briefing and the objectives screens and explore the encyclopaedia
(via the “F1” key).

Phase 1: Assign Security Labels to Network

Read the briefing in the GAME tab and check your objectives in the OBJECTIVES tab.

Look at the labels of the assets via the ASSET tab. Look at the user clearances via the USER
tab. Also look at the user goals and notice how they need to share the asset that is on the
server.

In the OFFICE screen, start the simulation and notice how both users are failing a goal
because of their inability to share the “Critical Logistics Database” asset.

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 7 of 8

Go to the NETWORK tab. Notice Grace’s workstation is already connected to the LAN1
network and Sean’s workstation is connected to the LAN2 network.

Connect each network to Server by first selecting the server (click on it) and then click the
LAN1 and the LAN2 buttons in the upper right.

Right click on the server, select Networks and “Label Single Level Network” and then assign
labels to each of the two networks.

Answer these questions:

What label did you assign to the network connected to Grace’s workstation?

What would you expect to happen if you assigned the other integrity label to Grace’s
workstation? After all, she is cleared to “CRITICAL OPERATIONS” integrity. Give it a try.

4.2 Clean up

Remember, before you exit the game, show your tutor your progress. Also, make sure to
save the game before exit.

5. Directed Task 1 – Current Threats & Malware Awareness

Do some online research on the following threats: which type of malware were, and how
was each one spread to users?

ILOVEYOU

Stuxnet

Conficker

Archiveus

Notcompatible

WannaCry

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 8 of 8

6. Directed Task 2 – The assignment

Have you started your assignment yet? If yes, keep going and use the rest of this lab to
work on it. If not, have a look here for some ideas for your investigation if you like J

https://www.computerworld.com/article/3427958/cybersecurity-trends-2019.html

If you find something interesting, please discuss with your tutor.

CO1508 Computer Systems and Security, UCLAN – 2019-2020