Part 1
1- “Security Objectives” Please respond to the following:
· The confidentiality, integrity, availability (CIA) triad represents generic security goals. CIA is typically applied to specific areas of information technology as a metric or guideline for establishing or maintaining security. Apply CIA principles to email technology. Explain in detail how each of the three components of CIA can be satisfied in a typical email transaction from one user to another. Be sure to include specific technologies involved (such as digital certs, signed certs, encryption, etc.).
· Security today, in one way or another, depends on trust relationships. Describe two scenarios in which the trust relationship between a user (client) and e-Commerce site (server) may be violated after being granted digital certificates from the same certificate authority (CA). Also, determine some possible mitigation steps.
2- “Necessary Filtering ” Please respond to the following:
· Analyze in detail a non-stateful firewall’s interaction with the transmission control protocol / Internet protocol (TCP / IP) stack as a packet arrives from an internal (trusted) interface and is destined for a network on its external interface. Describe the details of the decision-making process.
· As you may already be aware of by now, port 80 traffic possesses one of the largest security threats in the IT industry today. This is evident since in today’s world the Internet is so powerful and is used for so many different purposes within any organization that it cannot be completely taken out of the picture. Explain in detail how a Web proxy might be used to detect malware from entering or leaving organizations.
Part 2
1- “VPN Solutions” Please respond to the following:
· Imagine you are a consultant called upon by a large U.S. corporation having more than 10,000 employees nationwide. You are asked to implement a VPN solution for remotely located employees to access the same corporate resources as they could from their desktops at work. Describe, in order, the types of questions you would ask their management and IT personnel in an information-gathering session before providing them a plan of work.
· Explain what is meant by “split tunnel” VPNs. Explain the purpose of using this technology over other types of VPN technologies. From a security perspective, analyze how a remote user using split-tunneling to gain access to the corporate network from home might invite unintended guests.
2- “VPN Choices ” Please respond to the following:
· Organizations use VPNs for many different purposes, each having its own benefits and drawbacks when compared to others. Describe in detail four deployment models for VPNs (for example site-to-site, host-to-site, edge router). Explain the context in which each would be used and the resources required; rank the ease of implementation over the others you choose.
· Determine the characteristics of a VPN that make it a desirable form of remote access for many businesses or organizations. Be sure to address aspects of authentication, encryption, authorization, and implementation.
Part 3
1- “Knowing the Threat” Please respond to the following:
· Explain the added challenges of securing wireless devices versus securing LAN-connected devices. Imagine you are starting a new small- to-midsized cybercafe business from the ground up. Explain which areas of your network would be LAN based and which areas would be wireless.
· Analyze seven types of malware attacks applicable to a military weapons company. Explain where each is likely to manifest itself (i.e., thumb drive, hard drive, system files, email, Web pages, database server, and BIOS). Determine how likely it is the attacker is an internal employee, neighbor at home, someone located oversees, or an arbitrary person on the Internet. Finally, discuss what motivation there is for the attack.
2- “Being Prepared for Anything” Please respond to the following:
· IT “readiness” is a common buzz word of today’s information technology industries. From a security perspective, it basically refers to a posture of being prepared for both foreseeable and unforeseeable issues. Explain some key steps any organization can take regarding IT readiness planning and implementation.
· One of the ways to defend against security threats is to know what one is up against. List five most commonly used security tools. Describe their intended function and explain how they may be used with malicious intent.
Part 4
1- “Security Layers” Please respond to the following:
· Analyze the seven security domains of a typical IT infrastructure and determine which two of the seven you would implement first for a nationwide bank. Explain your rationale for your choice.
· Explain the concept of incorporating redundancy throughout and corporate network. There are also times when redundancy can produce a false sense of security primarily based on how it is incorporated in a design. Explain such a case and how to overcome the falsehood.
2- “Protecting the System” Please respond to the following:
· Describe some drawbacks to hardening a computer system which is currently in a production environment and how the fears associated with those drawbacks can be put to rest. Propose how you would proceed in this environment.
· Assess the importance of implementing Authentication, Authorization, and Accounting (AAA) as a security measure. Explain the value AAA holds throughout an organization’s network. Identify the layers of the open systems interconnection (OSI) model that are influenced by a typical AAA implementation or solution.
Part 5
1- “Beat the Hacker ” Please respond to the following:
· A honeypot can be a useful for discovering some of the hacking trends occurring within an organization. Of course, there have to be certain measures placed upon its operation, maintenance, and the reconnaissance information obtained as a result. Describe some of the negative consequences of implementing a honeypot within any organization. Determine if honeypots may or may not favor the intruder, rather than serve its true intended purpose to fool intruders.
· Provide a least two examples of security knowledge that would assist you in preparing for or preventing a threat. Explain the time-sensitive nature of the knowledge.
2- “Audits and Assessments” Please respond to the following:
· From the e-Activity, explain, in your own words, each security compliance measure and how each, in general, is designed to protect an organization.
· Security assessment tools vary with industry. Imagine being hired as a security auditor for a single, small privately-owned bank. Imagine that the bank has deployed typical industry-wide physical, network, application, and system security commonly seen in banks; including cameras, security guards, bank tellers, safes, proxies, firewalls, etc. In addition, the bank also has an Internet portal for its customers to access their bank accounts 24 / 7. Discuss the process you would go through in choosing vulnerability assessment tools.
Part 6
1- “Firewall Implementation” Please respond to the following:
· Imagine working for an organization in which you were assigned to protect mission critical cloud-based Web applications that several of your third-party customers need to have access to on a regular basis. List at least three main types of firewalls you would use. Explain your reasoning behind your choices. Note: You may make any assumptions about your fictitious employment as long as your assumption is identified in your answer.
· Today’s log management needs have come at a time when storage memory is cheap, information is abundant, and computer processors are much faster. Despite many of these benefits, challenges have also been introduced. Describe the main challenges to log management. Discuss any future challenges which may arise from newer technologies, such as external cloud hosting.
2- “Firewalling the Attacks” Please respond to the following:
· List and describe at least five different malware attacks which can be carried out against a large Internet dating company. Explain for each the role a firewall plays in either preventing or stopping the attack from fully manifesting.
· Describe the key differences between a network-based attack and client-based attack. Give some examples of each and determine which deserves the most attention at this point in time. Explain your reasoning.
Part 7
1- “How Is Your Firewall Implementation?” Please respond to the following:
Imagine you have installed and configured firewalls in all of the right places within your organization’s network. Like any other organization, you try to stay current by deploying the latest and greatest in firewall technology. Similarly, the purpose of your firewall is to filter bad traffic, which your firewall has been doing. Occasionally, you add more rules to filter more traffic, but have no evidence of going back to visit historical log data. Explain in detail and give examples of the problems that result from this practice.
You have a firewall in your production environment and occasionally need to add rules mostly to open up ports, services, IPs, and so on, from ingress traffic from the Internet, but do nothing to egress traffic leaving your network. Determine the possible pitfalls of adding rules to egress traffic leaving the network. Describe in detail solutions to such pitfalls in the order you would implement them.
2- How Much Protection Do You Really Need?” Please respond to the following:
Examine the specifications for an enterprise class firewall and a personal or home firewall. Determine why “all firewalls are not equal”. Assess the effectiveness of each and determine if one outperforms another at its intended function. Discuss risk, manageability, scalability, need, and cost of each.
Describe the applicability of software network firewalls, appliance firewalls, and virtual firewalls. Explain the circumstances under which each would be used and why. Discuss risk, manageability, scalability, need, and cost of each.
Part 8
1- “VPN Implementations” Please respond to the following:
From a very practical point, create a list of attributes you would expect to be present at any organization implementing a VPN solution for the first time. Then, explain the differences in attributes you would choose for a pharmaceutical company creating the latest groundbreaking drugs for the consumer market as opposed to the VPN implementation at a private college.
From the e-Activity, list the product specifications and features being offered. Compare and contrast what makes one different from the other. Also, determine what you believe to be the most basic requirements just about any VPN solution should have.
2- “Security and Risk” Please respond to the following:
Oftentimes, companies use VPNs to extend their employees’ internal access when they are away at home or out of the office. For many companies, this means that a VPN connection, which may be externally initiated from the Internet, mimics the level of access an employee would have if he or she was physically present at the office. Furthermore, oftentimes the employee utilizing such a VPN is allowed to access the internal corporate network from laptops, desktops, PDAs, and other personal devices owned by them and not the company. Explain the security implications and measures required to protect the assets of companies that permit the use of VPNs.
After designing a brand-new remote VPN for your corporate users, your manager tasked you with creating a training guide in the form of a presentation. The goal of the training guide is to inform end users of possible security risks when connecting as well as what goes on as the connection is being established. Mention the degree of access the remote employee would have to internal corporate resources. Explain possible limitations.
Part 9
1- Know Your VPN Building Blocks” Please respond to the following:
· Analyze the basic protocols involved in establishing a site-to-site VPN connection between two or more sites.
· Compare and contrast the differences between SSL-based VPNs and client-based VPNs. Describe cost benefits, ease of use, ease of management, ease of implementation, and scalability of each.
2- Security at the IP ” Please respond to the following:
· Examine the security characteristics of both IPv4, which is most prevalent in today’s networks, and IPv6, which is up and coming. State and explain the major shortcomings of IPv4 that are now fixed or improved in IPv6.
· Address Translation is a creative way to add yet another layer of security for networks. Explain network address translation (NAT) and port address translation (PAT). Describe at least two separate scenarios in which you would use NAT and PAT respectively. Explain how it makes your network more secure.
