Difference: CISFinalStudyGuide2012 (3 vs. 4)

Revision 42012-05-11 - JimSkon

Line: 1 to 1
 
META TOPICPARENT name="ComputerInformationSecurity2012"

Final Exam Study Guide

Tuesday, May 15, 10:00-11:50am

Line: 37 to 37
 
  1. What is service differentiation in a firewall. Give a specific example.
  2. When a packet enters a firewall what are tje possible operations that can be applied to the packet based on the firewall policy.
  3. In a firewall, what is a a first-match policy? Explain how it works.
Changed:
<
<
  1. What are the main five values in a modern firwall rule? What is the
>
>
  1. What are the main five values in a modern firewall rule? What is the
 
  1. What is a firewall default rule? Why are they used?
Changed:
<
<
  1. What tyoe of first match policy anomilies can happen is a fireall policy. Give two distinct examples.
  2. Whats is policy optimization? Why is it needed? What can be done, specifically, to optize a set of rules in a policy?
>
>
  1. What type of first match policy anomalies can happen in a firewall policy. Give two distinct examples.
  2. Whats is policy optimization? Why is it needed? What can be done, specifically, to optimize a set of rules in a policy?
 
  1. Explain how a default deny is different from a default accept.
  2. What is the difference between a packet filter and a stateful packet firewall? Give two specific and distinct examples of something a statefull firewall can filter that a simple packet filter would not be able to catch.
  3. What is a Application Layer Firewall? What can they do that a packet filter cannot do?
Changed:
<
<
  1. What are the imprtant difference between a network firewalls and a host firewall? Can both be used together? Why or why not?
>
>
  1. What are the important difference between a network firewalls and a host firewall? Can both be used together? Why or why not?
 
  1. What is a Demilitarized Zone, and what is it's purpose. Give two distinct examples of how they are used.
  2. What is a perimeter network? What are they used? How can they be set up?
  3. Why have a two-router configuration? How and why is a proxy server used with such an architecture.
Line: 53 to 53
 
  1. Describe. comapare, and contrast white-box, gray-box, and black-box testing.
  2. List each phase of a penetration test. Describe what takes place in each phase.
  3. Why is there a need for "rules of engagement" in a penetration test? What are several examples of typical rules?
Changed:
<
<
  1. What is the purpose of defining a methology when planning a penetration test?
>
>
  1. What is the purpose of defining a methodology when planning a penetration test?
 
  1. Describe each of the following types of penetration testing in terms of what is done:
    1. Information Gathering
    2. Vulnerability Analysis
Line: 77 to 77
 
Chapter 23: What Is Vulnerability Assessment?
  1. What are the major differences between penetration testing and vulnerability assessment.
  2. What are the steps of the Vulnerability mitigation cycle? Example each step.
Changed:
<
<
  1. What are local or central scaning? What is the advanage of each.
>
>
  1. What are local or central scanning? What is the advantage of each.
 
  1. Whats is meant by Defense in depth? Name and describe at least of the possible layers.
  2. Name and describe at least five countermeasures a company can take to protect itself from being scanned by hackers.
Changed:
<
<
  1. What is the difference and definitions of reactive and proactive security?

>
>
  1. What is the difference and definitions of reactive and proactive security?
Chapter 26: Public Key Infrastructure
  1. A digital signature can help solve the problems of message integrity, authentication of sender, and non-repudiation.
    1. What does each of these mean?
    2. How is a digital signature used solve solve of each of these problems?
    3. How is it that a digital signature works that allows it to solve these problems?
  2. For PKI, a pair of keys must be generated
    1. Why a pair? What is each used for?
    2. Why must they be generated, why can't they be simply made up by the user?
  3. When you use the Internet to buy something with a credit card:
    1. What is the purpose of a certificate?
    2. Who issues the certificate?
    3. How can you check if a certificate is valid?
    4. What method is assure that a certificate has not been tampered with?
  4. What are the three steps involved in validating a certificate? Give the name, and a description, of each step.
Chapter 30: Virtual Private Networks
  1. What does it mean to say that a VPN creates a tunnel through the Internet? Explain how a tunnel works.
  2. SSH is a tunneling system used for VPN's. SSH uses a PKI to set up the tunnel, and uses symmetrical encryption to for data flowing through the tunnel.
    1. Why is PKI used for connection setup? Why not use symmetric encryption for this?
    2. Why is symmetric encryption used for data transmission? Why not use PKI for this?
 
VPN Penetration Testing

 
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback