Lab Report: 7.1.6 Configure Windows Defender

Your Performance

Your Score: 0 of 6 (0%) Pass Status: Not Passed Elapsed Time: 12 seconds Required Score: 100%

Task Summary Perform a full scan once per week Hide Details

Perform the scan on Saturday Perform the scan at midnight (12:00 am) Perform a full system scan

Check for updates before scanning Configure default actions to take Hide Details

Remove severe alert items Remove high alert items Remove medium alert items Allow low alert items Apply recommended actions to items detected during a scan

Configure advanced options Hide Details

Scan email Scan removable drives

Display items from all users of this computer Perform a quick scan

Explanation In this lab, your task is to configure Windows Defender as follows:

Automatic scanning setting: Frequency: Saturday Approximate time: 12:00 am Type: Full scan (A quick scan checks the areas of the computer that spyware is likely to affect, and a full scan checks all files and programs on the computer) Check for updated definitions before scanning: Enabled Default actions settings: Severe alert items: Remove High alert items: Remove Medium alert items: Remove Low alert items: Allow Apply recommended actions: Enabled Advanced settings: Scan email: Enabled Scan removable drives: Enabled Administrator settings: Display items from all users of this computer: Enabled Complete this lab as follows:

1. Right-click Start > Control Panel. 2. In the top right corner under View by, select Small icons from the drop-down list. 3. Select Windows Defender. 4. Select Tools. 5. Under Settings, select Options. 6. Make sure Automatically scan my computer (recommended) is selected to allow Windows Defender to scan the computer automatically. 7. Configure automatic scanning settings as follows: a. Select the frequency. b. Select the approximate time. c. Select the type of scan. d. Select Check for updated definitions before scanning to make sure definitions are up to date prior to a scan. 8. Configure Default actions settings as follows: a. In the left-side menu, select Default actions. b. Select the Severe alert items. c. Select the High alert items. d. Select the Medium alert items. e. Select the Low alert items. f. Select Apply recommended actions to apply actions when items are detected. 9. Configure Advanced settings as follows: a. In the left menu, select Advanced. b. Select Scan email. c. Select Scan removable drives. 10. Configure Administrator settings as follows: a. In the left menu, select Administrator. b. Select Display items from all users of this computer. 11. Select Save. 12. Select Scan to run a quick scan. Lab Report: 7.3.5 Configure Automatic Updates

Your Performance

Your Score: 0 of 4 (0%) Pass Status: Not Passed Elapsed Time: 11 seconds Required Score: 100%

Task Summary On Support, configure Windows Update Hide Details

Install updates on Wednesday Install updates at 2:00 am Allow other users to install updates Include recommended updates

On Support, configure driver updates to install if they are not found on the computer On ITAdmin, Enable automatic updates Hide Details

Install updates automatically Include recommended updates for other Microsoft products

On ITAdmin, configure driver updates to download apps and icons for new devices

Explanation In this lab, you perform the following tasks:

Configure Windows Update on Support (which is running Windows 7) as follows: Download and install updates automatically each Wednesday at 2:00 am. Include recommended updates. Allow any user on the computer to install updates. Configure driver updates to install drivers if they are not found on the computer. Configure Windows Update on ITAdmin as follows: Configure Windows Update to install updates automatically. Configure Windows Update to install updates for other Microsoft products when Windows is updated. Configure driver updates to download apps and icons for new devices.

Complete this lab as follows:

1. On Support, modify Windows Update settings as follows: a. Select Start. b. Select Control Panel. c. Select System and Security. d. Select Windows Update. e. On the left, select Change settings. f. Configure the update day and time. g. Select Give me recommended updates the same way I receive important updates to include recommended updates. h. Select Allow all users to install updates on this computer to allow any user to install updates. i. Click OK. 2. On Support, configure how Windows prompts for updated drivers: a. Select Start. b. Right-click Computer and select Properties. c. On the left, select Advanced system settings. d. Select the Hardware tab. e. Select Device Installation Settings. f. Select the required update option; then click Save Changes. g. Click OK. 3. On ITAdmin, modify Windows Update settings as follows: a. From the top menu, select the Floor 1 location tab. b. Select ITAdmin. c. Select Start. d. Select Settings. e. Select Update & security. f. In Windows Update, select Advanced options. g. From the Choose how updates are installed drop-down list, select Automatically. h. Select Give me updates for other Microsoft products when I update Windows to include recommended updates. 4. On ITAdmin, configure how Windows handles apps and icons for devices: a. Right-click Start and select System. b. On the left, select Advanced system settings. c. Select the Hardware tab. d. Select Device Installation Settings. e. Select Yes; then select Save Changes. f. Select OK. 5. Select Yes; then click Save Changes. 6. Click OK. Lab Report: 7.3.7 Configure Windows Firewall

Your Performance

Your Score: 0 of 3 (0%) Pass Status: Not Passed Elapsed Time: 11 seconds Required Score: 100%

Task Summary Turn Windows Firewall On Hide Details

Enable the firewall for the Domain network Profile Enable the firewall for the Public network Profile

Configure the program exceptions on the Domain network profile Hide Details

Allow Key Management Service through the firewall Allow the Arch98 program through the firewall Allow the Apconf program through the firewall Deny the Windows Media Player program through the firewall Deny the Windows Peer to Peer Collaboration Foundation program through the firewall

Configure the program exceptions on the Public network profile Hide Details

Allow Key Management Service through the firewall Allow the Arch98 program through the firewall Allow the Apconf program through the firewall

Explanation In this lab, you configure Windows Firewall as follows:

Turn on Windows Firewall for the Domain and Public network profiles. Allow the following for the Domain and Public network profiles: Key Management Service An application named Arch98 An application named Apconf Remove the following exceptions on the Domain network profile: Windows Media Player Windows Peer to Peer Collaboration Foundation

Complete this lab as follows:

1. Right-click Start and select Control Panel. 2. Select System and Security. 3. Select Windows Firewall. 4. Turn the Windows Firewall on as follows: a. On the left, select Turn Windows Firewall on or off to enable the firewall. b. Under Domain network settings, select Turn on Windows Firewall. c. Under Public network settings, select Turn on Windows Firewall. d. Click OK. 5. Allow programs through the firewall as follows: a. On the left, select Allow an app or feature through Windows Firewall to allow a program through the firewall. b. Select Change settings. c. For Key Management Service, mark the exception box in the Domain and Public columns. d. Select Allow another app to configure an exception for an uncommon program. e. Select Arch98 from the list. f. Select Add. g. Make sure the Domain exception box is selected. h. In the Public column, select the exception box. i. Repeat steps 5d–5h for Apconf. 6. Restrict programs through the firewall as follows: a. Under Allowed apps and features, browse to the program. b. For the program, deselect the Domain exception box. c. Click OK. Lab Report: 7.4.5 Manage Services with Group Policy

Your Performance

Your Score: 0 of 5 (0%) Pass Status: Not Passed Elapsed Time: 14 seconds Required Score: 100%

Task Summary Set the Application Identity service to Automatic Set the Remote Registry service to Disabled Set the Routing and Remote Access service to Disabled Set the SSDP Discovery service to Disabled Set the UPnP Device Host service to Disabled

Explanation In this lab, you configure the Workstation GPO with the following settings:

Service Setting Application Identity Automatic Remote Registry Disabled Routing and Remote Access Disabled SSDP Discovery Disabled UPnP Device Host Disabled

Complete this lab as follows:

Your Performance

Your Score: 0 of 4 (0%) Pass Status: Not Passed Elapsed Time: 13 seconds Required Score: 100%

Task Summary Give the Accounting Resources group Full Control to D:\Departments\Accounting Give the Research Resources group Full Control to D:\Departments\Research Give the Sales Resources group Full Control to D:\Departments\Sales Give the Support Resources group Full Control to D:\Departments\Support

Explanation In this lab, you explicitly add permission assignments using the following:

Folder Domain Local Group Permissions

D:\Departments\Accounting Accounting Resources Full Control

D:\Departments\Research Research Resources Full Control

D:\Departments\Sales Sales Resources Full Control

D:\Departments\Support Support Resources Full Control

Complete this lab as follows:

1. From the taskbar, open File Explorer. 2. Browse to and right-click the folder and select Properties. 3. Select the Security tab. 4. Select Edit. 5. Select Add. 6. In the Enter the object names to select field, type the name of the group that will receive permission to the shared folder; then click OK. 7. Select the group. 8. In the Allow column, select the appropriate permission. 9. Click OK twice. 10. Repeat steps 2-9 for each domain local group. Lab Report: 7.5.6 Disable Inheritance

Your Performance

Your Score: 0 of 2 (0%) Pass Status: Not Passed Elapsed Time: 16 seconds Required Score: 100%

Task Summary Grant the Managers group Allow Full Control to D:\Personnel Prevent inherited permissions on the D:\Personnel folder Hide Details

Disable inheritance Remove all inherited permissions from the folder

Explanation In this lab, you perform the following tasks:

Grant the Managers group the Full Control permission to the D:\Personnel folder. Remove all inherited permissions that are flowing to the D:\Personnel folder.

Complete this lab as follows:

1. Configure NTFS permissions as follows: a. From the taskbar, open File Explorer. b. Browse to the folder you need to modify permissions for. c. Right-click the folder and select Properties. d. Select the Security tab. e. Select Edit. f. Select Add. g. Enter the name of the group that will receive permission to the folder. h. Click OK. i. With the Managers group selected, select the appropriate NTFS permission. j. Click OK. 2. Prevent inherited permissions from parent objects as follows: a. On the Security tab, select Advanced. b. Select Disable inheritance. c. Select Remove all inherited permissions from this object. d. Click OK to close the Advanced Security Settings for Personnel dialog. e. Click OK to close the Properties dialog. Lab Report: 7.9.4 Configure Advanced Audit Policy

Your Performance

Your Score: 0 of 9 (0%) Pass Status: Not Passed Elapsed Time: 16 seconds Required Score: 100%

Task Summary Enable Audit Policies Hide Details

Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings:--Enabled Audit: Shut down system immediately if unable to log security audits--Enabled

Enable Event Log Policy Hide Details

Retention method for security log: Enabled--do not overwrite events (clear log manually)

Enable Account Logon Audit Policy Hide Details

Audit Credential Validation: Success and Failure

Enable Account Management Audit Policies Hide Details

Audit User Account Management: Success and Failure Audit Security Group Management: Success and Failure Audit Other Account Management Events: Success and Failure Audit Computer Account Management: Success

Enable Detailed Tracking Audit Policy Hide Details

Audit Process Creation: Success

Enable Logon-Logoff Audit Policies Hide Details

Audit Logon: Success and Failure Audit Logoff: Success

Enable Policy Change Audit Policies Hide Details

Audit Authentication Policy Change: Success Audit Audit Policy Change: Success and Failure

Enable Privelege Use Audit Policy Hide Details

Audit Sensitive Privilege Use: Success and Failure

Enable System Audit Policies Hide Details

Audit System Integrity: Success and Failure Audit Security System Extension: Success and Failure Audit Security State Change: Success and Failure Audit IPsec Driver: Success and Failure Explanation In this lab, you configure the following audit policy settings in WorkstationGPO as follows:

Local Policies Setting Audit: Force audit policy subcategory settings (Windows Vista or later) to Enabled override audit policy category settings Audit: Shut down system immediately if unable to log security audits Enabled

Event Log Setting Retention method for security log Enabled: Do not overwrite events (clear log manually)

Advanced Audit Policy Configuration Setting Account Logon: Audit Credential Validation Success and Failure Account Management: Audit User Account Management Success and Failure Account Management: Audit Security Group Management Success and Failure Account Management: Audit Other Account Management Events Success and Failure Account Management: Audit Computer Account Management Success Detailed Tracking: Audit Process Creation Success Logon/Logoff: Audit Logon Success and Failure Logon/Logoff: Audit Logoff Success Policy Change: Audit Authentication Policy Change Success Policy Change: Audit Audit Policy Change Success and Failure Privilege Use: Audit Sensitive Privilege Use Success and Failure System: Audit System Integrity Success and Failure System: Audit Security System Extension Success and Failure System: Audit Security State Change Success and Failure System: Audit IPsec Driver Success and Failure

Edit audit policies as follows:

1. From Server Manager, select Tools > Group Policy Management. 2. Expand Forest: CorpNet.com > Domains > CorpNet.com > Group Policy Objects. 3. Right-click WorkstationGPO and select Edit. 4. Under Computer Configuration, expand Policies > Windows Settings > Security Settings. 5. Modify Local Policies as follows: a. Expand Local Policies. b. Select Security Options. c. In the right pane, double-click the policy you want to edit. d. Select Define this policy setting. e. Select the policy settings as required. f. Click OK. g. Click Yes to confirm changes as necessary. h. Repeat steps 5c–5g for additional policy settings. 6. Modify the event log as follows: a. In the left pane, select Event Log. b. In the right pane, double-click the policy you want to edit. c. Select Define this policy setting. d. Select the policy settings as required. e. Click OK. 7. Modify Advanced Audit Policy Configuration as follows: a. In the left pane, expand Advanced Audit Policy Configuration > Audit Policies. b. Select the audit policy category. c. In the right pane, double-click the policy you want to edit. d. Select Configure the following audit events. e. Select the policy settings as required. f. Click OK. g. Repeat steps 7b–7f for additional policy settings. Lab Report: 7.9.6 Enable Device Logs

Your Performance

Your Score: 0 of 3 (0%) Pass Status: Not Passed Elapsed Time: 20 seconds Required Score: 100%

Task Summary Enable logging and the Syslog aggregator Set RAM memory logging to Critical Set Flash memory logging to Alerts

Explanation In this lab, you perform the following:

Enable Logging and the Syslog aggregator Configure RAM memory logging as follows: Emergency, Alert, and Critical: Enable Error, Warning, Notice, Informational, and Debug: Disable Configure Flash memory logging as follows: Emergency and Alert: Enable Critical, Error, Warning, Notice, Informational, and Debug: Disable

Complete this lab as follows:

1. From the left menu, expand the Administration. 2. Expand System Log. 3. Select Log Settings. 4. Under Logging, select Enable. 5. Under Syslog Aggregator, select Enable. 6. Under RAM Memory Logging, enable and disable the appropriate settings. 7. Under Flash Memory Logging, enable and disable the appropriate settings. 8. Click Apply. Lab Report: 7.10.5 Configure Email Filters

Your Performance

Your Score: 0 of 3 (0%) Pass Status: Not Passed Elapsed Time: 15 seconds Required Score: 100%

Task Summary Set the junk email filter to Exclusive Set to Report junk messages Block attachments from unknown senders

Explanation In this lab, your task is to configure email filtering as follows:

Only allow emails from the safe senders list. Report junk email messages to your email provider. Only allow attachments from the safe senders list.

Complete this lab as follows:

1. In the upper right corner, select Options > More Options. 2. Under Preventing junk email, select Filters and Reporting. 3. Under Choose a junk email filter, select Exclusive. 4. Under Report junk messages, select Report junk. 5. Under Block content from unknown senders, select Block attachments, pictures, and links for anyone not in my safe senders list. 6. Click Save. Lab Report: 7.10.7 Secure Email on iPad

Your Performance

Your Score: 0 of 7 (0%) Pass Status: Not Passed Elapsed Time: 13 seconds Required Score: 100%

Task Summary Configure the Maggie Brown email account for SSL Configure the Emily Smith email account for SSL Turn off AutoFill on Safari Hide Details

Set Use Contact Info to OFF Set Names and Passwords to OFF

Set BlockCookies to Allow from Websites I Visited Turn on Fraud Warning Turn off JavaScript Turn on Block Pop-ups

Explanation In this lab, you perform the following:

Configure each email account to use SSL for incoming mail. Secure the Internet browser as follows: Turn off AutoFill Accept cookies only from visited sites Turn on Fraud Warning Turn off JavaScript Turn on Block Pop-ups

Complete this lab as follows:

1. Configure email for SSL as follows: a. Select Settings. b. Select Mail, Contacts, Calendars. c. Select an email account. d. Select Account. e. Select Advanced. f. Under Incoming Settings, set Use SSL to ON. g. Select Account. h. Click Done. i. At the top, select Mail, Contacts. j. Repeat steps 1c–1i for each email account. 2. Secure the Internet browser as follows: a. From the left menu, select Safari. b. Select Passwords & AutoFill. c. Set Use Contact Info to OFF. d. Set Names and Passwords to OFF. e. From the top, select Safari. f. Select Block Cookies. g. Select Allow from Websites I Visit. h. From the top, select Safari. i. Set Fraudulent Website Warning to ON. j. Select Advanced. k. Set JavaScript to OFF. l. From the top, select Safari. m. Set Block Pop-ups to ON. Lab Report: 7.11.4 Secure an iPad

Your Performance

Your Score: 0 of 5 (0%) Pass Status: Not Passed Elapsed Time: 11 seconds Required Score: 100%

Task Summary Apply the latest IOS update Set Autolock to 5 minutes Enable a passcode Hide Details

Turn off Simple passcode Turn Passcode on and set passcode to D0gb3rt Turn on Erase Data Require the passcode after 5 minutes

Turn off Ask to Join Networks Turn off Bluetooth

Explanation In this lab, you perform the following:

Apply the latest software update. Configure Auto-Lock with a 5-minute delay. Configure the Passcode Lock using D0gb3rt (0 = zero) as the passcode. Require the passcode after 5 minutes. Configure Data Erase to wipe all data after 10 failed passcode attempts. Require unknown networks to be added manually. Turn off Bluetooth.

Complete this lab as follows:

1. Apply the latest software update as follows: a. Select Settings. b. Under General, select Software Update. c. Click Download and Install. d. Click Agree. e. Click OK. f. Click Install. g. Click and slide the arrow to unlock the iPad. 2. Configure Auto-Lock as follows: a. Click General. b. Click Auto-Lock. c. Click 5 minutes. 3. Configure passcode lock and data erase as follows: a. From the left menu, select Passcode. b. Select Turn Passcode On. c. Enter the passcode; then click Next. d. Re-enter the passcode; then click Done. e. Set Erase Data to ON. f. Click Enable. g. Click Require Passcode. h. Click After 5 minutes. 4. Require unknown networks be manually added as follows: a. From the left menu, select Wi-Fi. b. Set Ask to Join Networks to OFF. 5. Turn off Bluetooth as follows: a. From the left menu, select Bluetooth. b. Set Bluetooth to OFF. Lab Report: 7.12.8 Create a Guest Network for BYOD

Your Performance

Your Score: 0 of 4 (0%) Pass Status: Not Passed Elapsed Time: 14 seconds Required Score: 100%

Task Summary Create a guest access service Hide Details

Create Guest_BYOD Use guest pass authentication Present the guest with the terms of use Redirect to the URL that the user intends to visit

Create a guest WLAN Hide Details

Name: Guest SSID: Guest_BYOD Type: Guest Access Authentication method: Open Encryption Method: None Associate with the Guest_BYOD guest access service Isolate the guests from other clients

Request a guest pass Hide Details

Generate a guest pass using the BYODAdmin account

Connect to Guest_BYOD from Gst-Lap Hide Details

Gst-Lap is connected to Guest_BYOD

Explanation In this lab, your task is to perform the following:

Access the Wireless Controller console through Internet Explorer on http://192.168.0.6. Username: WxAdmin password: ZDAdminsOnly!$ (O is the capital letter O) Set up Guest Access Services using the following parameters: Name: Guest_BYOD. Authentication: Use guest pass authentication. The guest should be presented with your terms of use statement and then allowed to go to the URL they were trying to access. Verify that 192.168.0.0/16 is on the list of restricted subnets. Create a guest WLAN using the following parameters: Network name: Guest ESSID: Guest_BYOD Type: Guest Access Authentication: Open Encryption Method: None Guest Access Service: Guest_BYOD Isolate guest wireless clients from other clients on the access point Open a new Internet Explorer window and request a guest pass using the BYODAdmin user as follows: URL: 192.168.0.6/guestpass Username: BYODAdmin Password: @dm!n1str8r Use any full name in the Full Name field. Make a note of or copy and paste the key in the Key field. Use the key from the guest pass request to authenticate to the wireless LAN Guest_BYOD from the Gst-Lap laptop computer in the lobby.

Complete this lab as follows:

1. In the Search field on the taskbar, enter Internet Explorer. 2. Under Best Match, select Internet Explorer. 3. Maximize the Internet Explorer window. 4. In the URL field, enter 192.168.0.6 and press Enter. 5. In the Admin Name field, enter WxAdmin. 6. In the Password field, enter ZDAdminsOnly!$ (O is the capital letter O). 7. Select Login. 8. Set up Guest Access Services as follows: a. Select the Configure tab. b. From the left menu, select Guest Access. c. Under Guest Access Service, select Create New. d. In the Name field, enter Guest_BYOD. e. Under Authentication, make sure Use guest pass authentication is selected. f. Under Terms of Use, select Show terms of use. g. Under Redirection, make sure Redirect to the URL that the user intends to visit is selected. h. Expand Restricted Subnet Access. i. Verify that 192.168.0.0/16 is listed. j. Click OK. 9. Create a guest WLAN as follows: a. From the left menu, select WLANs. b. Under WLANs, select Create New. c. In the Name field, enter Guest. d. In the ESSID field, enter Guest_BYOD. e. Under Type, select Guest Access. f. Under Authentication Options, make sure Open is selected. g. Under Encryption Options, make sure None is selected. h. Under Guest Access Service, make sure Guest_BYOD is selected from the drop-down list. i. Select Isolate wireless client traffic from other clients on the same AP. j. Click OK. k. Close Internet Explorer. 10. Request a guest password as follows: a. Open a new Internet Explorer browser window. b. In the URL field, enter 192.168.0.6/guestpass and press Enter. c. In the Username field, enter BYODAdmin. d. Enter @dm!n1str8r as the password. e. Select Login. f. In the Full Name field, enter any full name. g. In the Key field, highlight the key and press Ctrl + C to copy the key. h. Click Next. 11. Access the wireless Guest Access service from the guest laptop in the lobby as follows: a. From the top menu, select Floor 1. b. Select Gst-Lap in the lobby. c. In the notification area, select the wireless network icon. d. Select Guest_BYOD. e. Select Connect. f. Select Yes. g. After Internet Explorer opens to the Guest Access login page, paste the key from the Key field. h. Select Log In. Lab Report: 7.13.6 Create Virtual Machines

Your Performance

Your Score: 0 of 2 (0%) Pass Status: Not Passed Elapsed Time: 15 seconds Required Score: 100%

Task Summary Create virtual machine VM1 Hide Details

Virtual machine name: VM1 Virtual machine location: D:\HYPERV Generation 1 Startup memory: 1024 MB Networking connection: External Virtual hard disk name: VM1.vhdx Virtual hard disk location: D:\HYPERV\Virtual Hard Disk\VM1.vhdx Virtual hard disk size: 50 GB Set to install operating system later

Create virtual machine VM2 Hide Details

Virtual machine name: VM2 Virtual machine location: D:\HYPERV Generation 2 Startup memory: 2048 MB Minimum RAM: 512 MB Maximum RAM: 4096 MB Networking connection: Internal Virtual hard disk name: VM2.vhdx Virtual hard disk location: D:\HYPERV\Virtual Hard Disks\VM2.vhdx Virtual hard disk size: 250 GB Set to install operating system later

Explanation In this lab, you create two virtual machines named VM1 and VM2 using the following settings:

VM1:

Virtual machine name: VM1 Virtual machine location: D:\HYPERV Virtual machine generation: Generation 1 Startup memory: 1024 MB (Do not use Dynamic Memory) Networking connection: External Virtual hard disk name: VM1.vhdx Virtual hard disk location: D:\HYPERV\Virtual Hard Disks Virtual hard disk size: 50 GB Operating system will be installed later

VM2: Virtual machine name: VM2 Virtual machine location: D:\HYPERV Generation: Generation 2 Startup memory: 2048 MB (Use Dynamic Memory) Networking connection: Internal Virtual hard disk name: VM2.vhdx Virtual hard disk location: D:\HYPERV\Virtual Hard Disks Virtual hard disk size: 250 GB Operating system will be installed later Minimum RAM: 512 MB Maximum RAM: 4096 MB

1. Create VM1 on CorpServer as follows: a. In Server Manager, select Tools > Hyper-V Manager. b. Right-click CORPSERVER. c. Select New > Virtual Machine. d. In the Before You Begin window, click Next. e. In the Name field, enter VM1 for the virtual machine. f. Select Store the virtual machine in a different location to modify the path to the virtual machine files. g. In the Location field, verify the location for the virtual machine; then click Next. h. Make sure Generation 1 is selected; then click Next. i. In the Startup memory field, enter the amount of memory to use for the virtual machine; then click Next. j. In the Connection field, select the network connection from the drop-down list; then click Next. k. Make sure Create a virtual hard disk is selected. l. Modify the virtual hard disk name, location, and size as needed; then click Next. m. Make sure that Install an operating system later is selected; then click Next. n. Click Finish to create the virtual machine. 2. Create VM2 on CorpServer as follows: a. Right-click CORPSERVER. b. Select New > Virtual Machine. c. In the Before You Begin window, click Next. d. In the Name field, enter VM2 for the virtual machine. e. Select Store the virtual machine in a different location to modify the path to the virtual machine files. f. In the Location field, verify the location for the virtual machine; then click Next. g. Select Generation 2; then click Next. h. In the Startup memory field, enter the amount of memory to use for the virtual machine. i. Select Use Dynamic Memory for this virtual machine; then click Next. j. In the Connection field, select the network connection from the drop-down list; then click Next. k. Make sure Create a virtual hard disk is selected. l. Modify the virtual hard disk name, location, and size as needed; then click Next. m. Make sure that Install an operating system later is selected; then click Next. n. Click Finish to create the virtual machine. o. Adjust virtual machine memory: 1. Right-click VM2. 2. Select Settings. 3. From the left pane, select Memory. 4. On the Memory window, enter the minimum RAM. 5. Enter the maximum memory; then click OK.

Admin Use Only: SP713A