Chaot

Final Exam Study Guide

Tuesday, May 15, 10:00-11:50am

Chapters covered

Before Midterm: Chapter 1-11. Use the midterm study guide for these chapters, found here: CISMidtermStudyGuide
After Midterm: 12, 18, 19, 21, 22, 23, 26, 30

Below are questions to study for these chapters:

Chapter 1 2:Cellular Network Security
  1. On the cellular network, what are cross-network services? Given an example of such a service. Why, in general, are these services available? What are the inherent risk of such services?
  2. On third generation cellular networks, how are each of the following attacks avoided:
    1. false base station attack
    2. Eavesdropping
  3. What is the SS7 protocol stack? What is the security risk it introduces? To what network?
  4. What are the three dimensions of attacks against teh cellular network? For each give two example of a specific type of attack.
Chapter 18: Intrusion Prevention and Detection Systems
  1. What is a 0-day exploit? What are the dangers? What are some techniques for addressing this danger?
  2. Explain each of the following in way the distinguish each from all the others:
    1. Virus
    2. Worm
    3. Backdoor
    4. Trojan horse
    5. User-level root kit
    6. Kernel-level root kit
    7. Blended malware
  3. What are the three modes of a network-based intrusion detection systems (NIDS)? What is a disadvantage and advantage of each?
  4. Explain the relative advantages of a host-based verses a network based IDS or IPS? Why might using both be advantages?
  5. What is a System integrity validation (SIV)? Why are they needed? How, in general, do they work?
Chapter 19: Computer Forensics
  1. What exactly is Computer Forensics?
  2. Why is there often a tension between ethics and efficiency in the process of doing Computer Forensics? Give an example.
  3. What is Database Reconstruction and why is it so difficult?
  4. What are the four type of evidence that are used in courts? Give an example of each that involve the use of digital or computer evidence.
  5. What is a write blocker? Why are they important?
-- JimSkon - 2012-05-09
Edit | Attach | Print version | History: r6 | r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2012-05-09 - JimSkon
 
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback