Final Exam Study Guide

Tuesday, May 15, 10:00-11:50am

Chapters covered

Before Midterm: Chapter 1-11. Use the midterm study guide for these chapters, found here: CISMidtermStudyGuide
Test coverage: 1-11, 12, 18, 19, 21, 22, 23, 26, 30

Below are questions to study for these chapter

Chapter 1: Building a Secure Organization
  1. What are the major Obstacles to Security?
  2. What are the Ten Steps to Building a Secure Organization
  3. The four possible ways of dealing with risk
Chapter 2: A Cryptography Primer
  1. What are Ciphers, one time pads, stream ciphers, and block ciphers? What are the advantages and disadvantages of each?
  2. What is symmetric key encryption? What are the advantages and disadvantages of this type of encryption?
  3. What is asymmetric key encryption? (Public Key Encryption) What are the advantages and disadvantages of this type of encryption?
  4. How are messages signed? Why are they signed? What is message integrity, non-repudiation, and confidentiality?
  5. What are the steps involved in sending a secure, signed message between two people using PKI technology?
Chapter 3: Preventing System Intrusions
  1. What are Hackers and Crackers?
  2. What are the key symptoms of intrusions?
  3. What is the meaning and purpose of Authentication, Authorization, and Accounting. What is an ACL?
  4. What is meant by “what the user knows” and “what the user has”? Whats is a “token”, and what types are there?
Chapter 4: Preventing System Intrusions
  1. What are the steps of a directed attack?
  2. What are some of major types of attacks, and how do they work?
  3. What is, and what are the major types of malicious software?
  4. What are lure and pull attacks?
  5. What are the major clues to recognizing misuse?
Chapter 5: Unix and Linux Security
  1. How do the Linux/Unix use the read, write and execute bits for security? What are the user categories?
  2. How does ssh work to achieve secure communication?
Chapter 6: Eliminating the Security Weakness of Linux and Unix Operating Systems
  1. What are the major steps to hardening a Linux and Unix system?
Chapter 7: Internet Security
  1. What is Strong Authentication and how can it be achieved? What are the methods used?
  2. What are the levels of response to an attack?
  3. What is the The Dolev-Yao Adversary Model? What are Eavesdrop, Forge, Replay, Delay and rush, Reorder, Delete? How do you defend against each of these?
  4. What is Independence of Keys, and why is it important?
  5. What is the significance of limited output and key size?
  6. What are the modes of operations of encryption? What is the significance, advantages, and disadvantages of each?
  7. What is Mutual Authentication?
Chapter 8: The Botnet Problem
  1. What are the major Botnet Topologies and Protocols? What is the strength and weaknesses of each?
  2. What is the typical BOT life cycle?
  3. What are the methods for detecting bots? What are the methods for taking down a botnet?
Chapter 9: Intranet Security
  1. What are some of the biggest internal security risks within a company? Consider both human and hardware.
  2. How is risk evaluated and measured?
Chapter 10: Local Area Network Security
  1. What is a TCP SYN attack, a UPD attack.
  2. What are the three levels of LAN security, and what do they mean?
  3. What is the purpose of a DMZ?
  4. What are the two levels of IDS analysis for detecting intrusions. What are the advantages and disadvantages of each?
Chapter 11: Wireless Network Security
  1. How does WEP work? What is it weakness?
  2. What are the dangers of insecure routing? How can routing be made more secure?
Chapter 12:Cellular Network Security
  1. On the cellular network, what are cross-network services? Given an example of such a service. Why, in general, are these services available? What are the inherent risk of such services?
  2. On third generation cellular networks, how are each of the following attacks avoided:
    1. false base station attack
    2. Eavesdropping
  3. What is the SS7 protocol stack? What is the security risk it introduces? To what network?
  4. What are the three dimensions of attacks against teh cellular network? For each give two example of a specific type of attack.
Chapter 18: Intrusion Prevention and Detection Systems
  1. What is a 0-day exploit? What are the dangers? What are some techniques for addressing this danger?
  2. Explain each of the following in a way which distinguishs each from all the others:
    1. Virus
    2. Worm
    3. Backdoor
    4. Trojan horse
    5. User-level root kit
    6. Kernel-level root kit
    7. Blended malware
  3. What are the three modes of a network-based intrusion detection systems (NIDS)? What is a disadvantage and advantage of each?
  4. Explain the relative advantages of a host-based verses a network based IDS or IPS? Why might using both be advantages?
  5. What is a System integrity validation (SIV)? Why are they needed? How, in general, do they work?
Chapter 19: Computer Forensics
  1. What exactly is Computer Forensics?
  2. Why is there often a tension between ethics and efficiency in the process of doing Computer Forensics? Give an example.
  3. What is Database Reconstruction and why is it so difficult?
  4. What are the four type of evidence that are used in courts? Give an example of each that involve the use of digital or computer evidence.
  5. What is a write blocker? Why are they important?
Chapter 21: Firewalls
  1. What is service differentiation in a firewall. Give a specific example.
  2. When a packet enters a firewall what are the possible operations that can be applied to the packet based on the firewall policy?
  3. In a firewall, what is a first-match policy? Explain how it works.
  4. What are the main five values in a modern firewall rule? What is the
  5. What is a firewall default rule? Why are they used?
  6. What type of first match policy anomalies can happen in a firewall policy. Give two distinct examples.
  7. Whats is policy optimization? Why is it needed? What can be done, specifically, to optimize a set of rules in a policy?
  8. Explain how a default deny is different from a default accept.
  9. What is the difference between a packet filter and a stateful packet firewall? Give two specific and distinct examples of something a statefull firewall can filter that a simple packet filter would not be able to catch.
  10. What is a Application Layer Firewall? What can they do that a packet filter cannot do?
  11. What are the important difference between a network firewalls and a host firewall? Can both be used together? Why or why not?
  12. What is a Demilitarized Zone, and what is it's purpose. Give two distinct examples of how they are used.
  13. What is a perimeter network? What are they used? How can they be set up?
  14. Why have a two-router configuration? How and why is a proxy server used with such an architecture.
Chapter 22: Penetration Testing
  1. With respect to Penetration Testing, what is internal testing and external testing.
  2. Describe. comapare, and contrast white-box, gray-box, and black-box testing.
  3. List each phase of a penetration test. Describe what takes place in each phase.
  4. Why is there a need for "rules of engagement" in a penetration test? What are several examples of typical rules?
  5. What is the purpose of defining a methodology when planning a penetration test?
  6. Describe each of the following types of penetration testing in terms of what is done:
    1. Information Gathering
    2. Vulnerability Analysis
    3. External Penetration Testing
    4. Internal Network Penetration Testing
    5. Router Penetration Testing
    6. Firewall Penetration Testing
    7. IDS Penetration Testing
    8. Wireless Network Penetration Testing
    9. Denial-of-Service Penetration Testing
    10. Password-Cracking Penetration Testing
    11. Social Engineering Penetration Testing
    12. Stolen Laptop, PDA, and Cell Phone Penetration Testing
    13. Application Penetration Testing
    14. Physical Security Penetration Testing
    15. Database Penetration Testing
    16. Voice-Over-IP Penetration Testing
    17. VPN Penetration Testing
  7. What are five major liability issues with Penetration Testing.
  8. What is meant by a “Get Out of Jail Free” card?
Chapter 23: What Is Vulnerability Assessment?
  1. What are the major differences between penetration testing and vulnerability assessment.
  2. What are the steps of the Vulnerability mitigation cycle? Give an example for each step.
  3. What are local or central scanning? What is the advantage of each.
  4. Whats is meant by Defense in depth? Name and describe at least 5 of the possible layers.
  5. Name and describe at least five countermeasures a company can take to protect itself from being scanned by hackers.
  6. What is the difference and definitions of reactive and proactive security?
Chapter 26: Public Key Infrastructure
  1. A digital signature can help solve the problems of message integrity, authentication of sender, and non-repudiation.
    1. What does each of these mean?
    2. How is a digital signature used solve solve of each of these problems?
    3. How is it that a digital signature works that allows it to solve these problems?
  2. For PKI, a pair of keys must be generated
    1. Why a pair? What is each used for?
    2. Why must they be generated, why can't they be simply made up by the user?
  3. When you use the Internet to buy something with a credit card:
    1. What is the purpose of a certificate?
    2. Who issues the certificate?
    3. How can you check if a certificate is valid?
    4. What method is assure that a certificate has not been tampered with?
  4. What are the three steps involved in validating a certificate? Give the name, and a description, of each step.
Chapter 30: Virtual Private Networks
  1. What does it mean to say that a VPN creates a tunnel through the Internet? Explain how a tunnel works.
  2. SSH is a tunneling system used for VPN's. SSH uses a PKI to set up the tunnel, and uses symmetrical encryption to for data flowing through the tunnel.
    1. Why is PKI used for connection setup? Why not use symmetric encryption for this?
    2. Why is symmetric encryption used for data transmission? Why not use PKI for this?
VPN Penetration Testing

Topic revision: r6 - 2012-05-14 - JimSkon
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback