Question: Network Security
1) In no less than 250 words, describe the various type os encryption defined by the National Security Agency (NSA). In many cases military applications need type 1 encryption to secure its communications. What does this mean and how does it differ from the other types of encryption.
2) In no less than 250 words, describe what an OCSP server is and what is its purpose in securing a network. Even though the textbook doesn't mention it, this is a scheme used often when doing certificate-based authentication.
3) In no less than 250 words, explain why a network engineer would enable IEEE802.1X on a Cisco switch port. Give a scenario where this would be relevant. Also write down the IOS configuration to enable it on a switchport.
4) In no less than 250 words, describe why it is advisable to use SSH instead of Telnet to connect remotely to a Cisco router to manage it. Explain the reason why that is and write down the Cisco IOS configuration to enable SSH for remote connectivity.
5) In no less than 250 words, describe the difference between a fat AP and a thin AP. What is needed to deploy a thin AP? Are there any security considerations to think about between the 2 different APs?
6) In no less than 250 words, describe a type of email threat and how a hacker can use it to get sensitive information. How can a network administrator prevent this type of attach from happening?
7) In no less than 250 words, describe a solution to securely connect a remote worker from their home and connected to the Internet to their company network. How does this solution work and what is needed on the company network and the remote worker's network to accomplish your solution?
8) In no less than 250 words, describe a hacking tool that is used to gain access to a network. Explain how the tool is used, how it works and how a network administrator can prevent this tool from access the network.
9) In no less than 250 words, explain what is meant by an IDS and an IPS. How are they different? How are they connected to a network? List a few examples of IDS/IPS tools that are currently on the market.
10) In no less than 250 words, explain the difference between an access control list (ACL) that is used in routers to block traffic and firewalls. What similarities do they share?
11) In no less than 250 words, explain the different security measures that each version of SNMP uses. What is the different between SNMPv1, v2c and v3?
Managing Information Security
1) If you were asked by your employer to develop a new Information Security Policy, where would you turn to find resources to build this policy? List the two most important items you would include in this new policy and explain why you felt these were most important.
2) What do you believe to be the most compelling reason to migrate information to the cloud? What is your biggest security concern about doing so?
3) Many believe that cloud computing can reduce the total cost of computing and enhance "green computing" (environmentally friendly). Why do you believe this to be correct? If you disagree, please explain why?
4) Explain in your own words why you believe planning is important. Select one of the following businesses: a large bank, a government agency, or a hospital, and explain which systems you feel are mission critical. Then explain how the loss of these systems would affect the organization.
5) Have you or someone you know ever received a chain letter, phishing message, or some other fraudulent message via email? If so, please share this experience. Explain what type of message it was and what you did to get rid of it.
6) What do you think is the single greatest physical threat to information systems? Fire? Hurricanes? Sabotage? Terrorism? Something else? Discuss this question and provide support for your answer.
7) In a corporate, networked setting, should end users be allowed to install applications on their company workstations, whether the applications are on a DVD or downloaded from the Internet? Be sure to weigh security against usability.
8) Many people believe that the use of biometrics is an invasion of privacy. For example, an eye scanning device records the inner structure of a person's eye and stores that image in a database. Critics worry that databases of human traits used to maintain corporate security may actually pose a privacy threat to individuals, if such data were used in other ways. In your view, are such concerns justified? Why or why not?
9) Do you believe that all data should be encrypted? Many computing professionals think this is a good idea. But a small number of computing experts feel that no data should be encrypted-that all data and software should be openly available to anyone who wants it. Explain your answer (whether you believe all data should or should not be encrypted).
10) What are the main reasons why a VPN is the right solution for protecting the network perimeter? Do they also provide protection for mobile devices?
11) A digital forensics professional must know basic IT skills, understand computer architecture and networking, and have analytical and investigative skills, as well as strong attention to detail. Why do think all these skills are necessary?
12) If you could, what would you do to help create a national "security culture," in which everyone is more knowledgeable and proactive about threats to information security?