Forensics Question 1 correct - 5 Points
Forensics Question 2 correct - 5 Points
Forensics Question 3 correct - 5 Points
Unauthorized user jabba deleted - 1 Point
Unauthorized user r2d2 deleted - 1 Point
Unauthorized user c3po deleted - 1 Point
List of valid users correct - 1 Point
vader removed from admin group - 1 Point
luke removed from admin group - 1 Point
emperor removed from admin group - 1 Point
Administrator group correct - 1 Point
leia required set password at next login - 1 Point
rey required set password at next login - 1 Point
padme required set password at next login - 1 Point
Software updates enabled - 2 Points 
Firefox app updated - 3 Points
Firefox pop-up blocker enabled - 1 Points 
Firefox blocks dangerous downloads - 1 Points 
Thunderbird app updated - 1 Point
Putty app updated - 1 Point
Driver Support app removed- 2 Points
Web Companion app removed- 2 Points
VLC media player removed - 1 Point
WinSCP file transfer removed - 1 Point
iTunes music player removed - 5 Points
Hacking tool bircd removed - 4 Points
brutus hacking tool removed - 5 Points
Vader hidden music removed - 2 Point
FTP optional feature removed - 2 Points
FTP site FTPStuff disabled - 2 Points
Auto login disabled - 1 Point
Windows defender enabled - 2 Points
Netcat started by Start Menu stopped - 3 Points. 
Netcat stated by Run Key stopped - 3 Points. 
www.yahoo.com record disabled in Windows hosts - 3 Points
Remote desktop enabled - 2 Points
Firewall on with good default policy for domain, public and private - 2 Point
User Account Settings enabled - 2 Points
Policy MinimumPasswordAge value 5 between 2 and 100 good - 1 Point
Policy ^MaximumPasswordAge value 90 between 30 and 120 good - 1 Point
Policy MinimumPasswordLength value 10 between 10 and 30 good - 1 Point
Policy PasswordHistorySize value 5 between 5 and 30 good - 1 Point
Password Complexity enabled - 1 Point
Policy LockoutBadCount value 6 between 5 and 10 good - 1 Point
Audit of Logon Events enabled - 1 Point
Audit of Account Logon enabled - 1 Point
Audit of Privilege Use enabled - 1 Point
Audit of Policy Change enabled - 1 Point
Audit of System Events enabled - 1 Point
Audit of Account Management enabled - 1 Point
Audit of Process Tracking enabled - 1 Point
Audit of DS Access enabled - 1 Point
Audit of Object Access enabled - 1 Point
Account: Limit of blank password to console only enabled - 1 Point
Displaying of user information on locked session disabled - 1 Point
Do not require CTRL ALT DEL disabled - 1 Point
Do not display last username at login enabled - 1 Point
Do not display usernames at sign in enabled - 1 Point
Allow system to be shutdown without login disabled - 1 Point