Is3220

In: Computers and Technology

Submitted By billhayes
Words 1169
Pages 5
IS3220
Final Exam Review
1. What can you detect by analyzing a data packet? Policy violations and possible network vulnerabilities
2. NetWitness Investigator works how? Real Time
3. What is used by TCP to establish a session between two systems? Three way handshake
4. Which of the following protocols is a connection-oriented protocol that operates at the transport layer of the OSI model and supports reliable connections? TCP
5. Promiscuous mode is most commonly associated with_____________? NIC
6. What are the primary objectives of information security? CIA
7. Personnel should be authenticated and authorized prior to being granted access to company’s information resources. This statement is an example of ________________? Policy
8. What security group is responsible for managing network vulnerabilities and threats? IT Security Staff
9. What network component filters traffic between nodes? Firewall
10. What is the most important consideration when designing a network? Usage
11. What is usually the first activity in the hacking process? Reconnaissance
12. What type of attack might a hacker offer as a service? Spam
13. Which of the IT domains is most vulnerable to social engineering? User Domain
14. What type of attack can result in arbitrary code execution with system-level privileges? Buffer Overflow
15. Name three social engineering techniques? Phishing, Impersonation, Reciprocity, ALL OF THE ABOVE
16. Which domain marks the boundary where the private network meets the public network? LAN to WAN
17. A port scanner is a type of __________________ _________________scanner. Network Vulnerability
18. Which of the following is not covered by a data loss/data leak prevention tool?
a. File shares
b. E-mail
c. Stored data
d. Paper documents

19. Which of the following is not a purpose of network analysis?
a. Prevent…...

Similar Documents

Is3220 Week 7

...IS3220 VPN connectivity troubleshooting checklist 1. Users can't access file servers If the user can access the file server using an IP address but not a name, then the most likely reason for failure to connect is a name resolution problem. Name resolution can fail for NetBIOS or DNS host names. If the client operating system is NetBIOS dependent, the VPN clients should be assigned a WINS server address by the VPN server. If the client operating system uses DNS preferentially, VPN clients should be assigned an internal DNS server that can resolve internal network host names. When using DNS to resolve internal network host names for VPN clients, make sure that these clients are able to correctly resolve unqualified fully qualified domain names used on the corporate network. This problem is seen most often when non-domain computers attempt to use DNS to resolve server names on the internal network behind the VPN server. 2. Users can't access anything on the corporate network Sometimes users will be able to connect to the remote access VPN server but are unable to connect to any resources on the corporate network. They are unable to resolve host names and unable to even ping resources on the corporate network. The most common reason for this problem is that users are connected to a network on the same network ID as the corporate network located behind the VPN server. For example, the user is connected to a hotel broadband network and is assigned a......

Words: 1569 - Pages: 7

Test

...SecurityContext in Legal Access Security Networking I Networking II   NT1110  NT1210 Structure and Introduction to  ComputerLogic Networking    IS3120 IS3110 NT1210 Network  Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications Information Technology Introduction to Information Security NSANetworking Capstone Project IS4550 NT2640 Security Policies and Implementation IP NT2640 Networking IP Networking PT2520 IS3445 PT2520 Database Concepts Security for Web Applications and Social Database Concepts Networking IS3340 NT1430 Windows Security Linux Networking NT1430 Linux Networking PT1420 Introduction to Programming IS3440 PT1420 Introduction to Linux Security Programming IS3220 NT1310 IT Infrastructure Security Physical Networking PM3110 Introduction to Project Management NT1310 NT1430 Physical Networking Linux Networking NT2640 IP Networking Infrastructure CO2520 Communications EC2555 Survey of Economics MA3110 Statistics SS3150 Research Methods EN3220 Written Analysis CO2520 Communications SP3450 Social Psychology EC2555 Survey of Economics GS1140 Problem Solving Theory HU4640 Ethics SC4730 Environmental Science EN1420 Composition II EN1320 Composition I EN1320 Composition I GS1145 Strategies for the Technical Professional MA1210 College Math I MA1210 College Mathematics I MA1310 College Math II EN1420 Composition II EN1420 Composition II EN1320......

Words: 2305 - Pages: 10

Is3220 Lab 1 Assesment Questions

...Lab 1 Assessment Questions 1. What is the purpose of the address resolution protocol (ARP)? A – IP to host name resolution, host name to IP address resolution, Mac to IP address resolution, and IP to Mac address resolution. 2. What is the purpose of the dynamic host control protocol (DHCP)? A – To issue IP addresses dynamically to clients in a certain IP range. 3. What was the DHCP allocated source IP host address for the Student VM and Target VM? A – 172.16.8.101 – Student VM, Target switch 172.16.8.1 and 172.16.8.5 4. When you pinged the targeted IP host, what was the source IP address and destination IP address of the ICMP echo-request packet? A – Source IP address is 172.16.0.105 and destination IP address is 172.16.8.115 5. Did the targeted IP host respond to the ICMP echo-request packet with an ICMP echo-reply packet? If yes, how many ICMP echo-request packets were sent back to the IP source? A – Yes and 4 replies. 6. Find a TCP 3-way handshake for a TELNET, FTP, or SSH session. What is the significance of the TCP 3-way handshake? A – FTP transfers file across internet to server, server guarantees sent file is not malicious and checks senders information, server sends back the ok message that they are then connected if credentials and file are validated, and they are now both communicated. TELNET sends IP addressing information towards server, server checks it, if ok, sends message back to client it’s ok to transfer,......

Words: 447 - Pages: 2

Is3230 Assignment 1

...Jesse Robinson IS3220 Lab 1 Assessment 1. What does DACL stand for, and what does it mean? A. Discretionary access control List (DACL) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. 2. Why would you add permissions into a group instead of the individual? What policy definition do you think is required to support this type of access control implementation? A. Adding permissions in a group is a lot more resourceful and less time consuming via individually. Group Policies 3. List the 5 different access control permissions that can be enabled on user folders and data within a Microsoft Windows Server. A. Full Control, Modify, Execute, Read, Write. 4. What is the lowest level of permission you can enable for a user who must view the contents of a folder and its files? Why is this type of permission necessary? A. Read, so the user has access to any file on the system that they are entitled to but not able to make any changes. 5. What are other available Password Policy options that could be enforced within a Microsoft Windows Server to improve security? A. Enforce password history, Maximum password age, Minimum password age, Minimum password length, Store passwords using reversible encryption 6. Using the option to “Store passwords using reversible encryption’ a good security practice? Why or why not? When...

Words: 490 - Pages: 2

Is3220 Unit 3 Discussion 1

...Sean Shields (15314971) Sean Shields (15314971) 5 Policy’s [Document subtitle] 5 Policy’s [Document subtitle] PASSWORDS POLICY 1.0 Overview All employees and personnel that have access to computer systems must adhere to the password policies defined below in order to protect the security of the network, protect data integrity, and protect computer systems. 2.0 Purpose This policy is designed to protect the organizational resources on the network by requiring strong passwords along with protection of these passwords, and establishing a minimum time between changes to passwords. 3.0 Scope This policy applies to any and all personnel who have any form of computer account requiring a password on the organizational network including but not limited to a domain account and e-mail account. 4.0 Password Protection Never write passwords down. Never send a password through email. Never tell anyone your password. Never reveal your password over the telephone. Never use the "Remember Password" feature of any application programs. If anyone asks for your password, refer them to your IT computer security office. Don't use names of people or places as part of your password. Don't use part of your login name in your password. Don't use parts of numbers easily remembered such as phone numbers, social security numbers, or street addresses. Be careful about letting someone see you type your password. 5.0 Password Requirements Minimum Length - 8 characters Maximum......

Words: 1383 - Pages: 6

Selecting Security Countermeasures

...03/30/2014 IS3220 Unit 2 Assignment 1 Selecting Security Countermeasures The primary components that make up a network infrastructure are routers, firewalls, and switches. An attacker may exploit poorly configured network devices. Common vulnerabilities include weak default installation settings, wide open access controls, and devices lacking the latest security patches. Top network level threats include: •Information gathering •Sniffing •Spoofing •Session hijacking •Denial of service Information Gathering Network devices can be discovered and profiled in much the same way as other types of systems. Attackers usually start with port scanning. After they identify open ports, they use banner grabbing and enumeration to detect device types and to determine operating system and application versions. Armed with this information, an attacker can attack known vulnerabilities that may not be updated with security patches. Countermeasures to prevent information gathering include: •Configure routers to restrict their responses to footprinting requests. •Configure operating systems that host network software (for example, software firewalls) to prevent footprinting by disabling unused protocols and unnecessary ports. Sniffing or eavesdropping is the act of monitoring traffic on the network for data such as plaintext passwords or configuration information. With a simple packet sniffer, an attacker can easily read all plaintext traffic. Also, attackers can crack......

Words: 650 - Pages: 3

Is3230 Unit 2 Assignment 1

...Selecting Security Countermeasures IS3220 As a technology associate in the information system department at Corporation Tech I have reviewed the new network design and identified possible security threats and appropriated countermeasures. Entering the internet without proper security can be harmful in many ways. The first thing that should be added is a firewall. Firewalls can prevent unwanted traffic from infiltrating the network. This is essential now that the company is deciding to add a web server and internet access. The other priority is to protect business and customer data and to prevent their unauthorized use whether the data is printed or stored locally, or transmitted over a public network to a remote server or service provider. Maintain a Vulnerability Management Program: Vulnerability management is the process of systematically and continuously finding weaknesses in the Corp Techs IT infrastructure system. This includes security procedures, system design, implementation, or internal controls that could be exploited to violate system security policy. Implement Strong access Control Measures: Access control allows Corp Tech to permit or deny the use of physical or technical means to access Corp Techs data. Access will be granted on a business need to know basis. Antivirus software is also needed to make sure the computers and servers aren’t infected with malicious programs that could cause major losses. The WIFI needs to have a password to keep unauthorized......

Words: 307 - Pages: 2

Legal and Security

...Crystal Walker IS3220 Assignment 2 Network Security Basics When trying to secure a network you will want to understand how the company flows and then work on physical security. The following paper will have suggestions that is important for the network to implement as soon as possible because these are high network risks. By looking at a network diagram the company will surely get attacked if nothing is done to prevent these risks. A network will need a firewall, secure the wireless connection and work on single points of failure. The network will need a firewall between the cloud and the router. A good firewall, configured properly will help screen out hackers, viruses and worms. A firewall will carefully analyze data entering and exiting the network based on your configuration. It ignores information that comes from an unsecured, unknown or suspicious locations. In reference to the diagram a hard ware firewall would be prefer over a software one. Hardware-based firewalls protect all the computers on your network. A hardware-based firewall is easier to maintain and administer than individual software firewalls. While not necessary a security issue there are many parts of the network have single point of failure. Single point of failure is when one piece of hardware goes down so does the whole network. In no part of the diagram does it show any back up to the one router that is the backbone of the whole network. There are other parts of the network that......

Words: 494 - Pages: 2

Selecting Security Countermeasures

...IS3220 Assignment 2: Selecting Security Countermeasures As a Technology Associate in the Information System Department at Corporation Tech, I have reviewed the new network design and identified possible security threats and appropriated countermeasures. Entering the Internet without proper security can be harmful in many ways. The first thing that should be added is firewalls. Firewalls can prevent unwanted traffic from infiltrating the network. Next, we should consider segmenting the internal network to a DMZ (Demilitarized Zone). This is essential now that the company is deciding to add a web server and internet access. Including IDS (Intrusion Detection Systems) and IPS (Intrusion Prevention Systems) would greatly increase the level of security relating to the traffic coming into to the network. These two components would also allow for a greater transparency by utilizing the logging features and monitoring those logs regularly, looking for anomalies by the IT Administrator. The other priority is to protect business and customer data and to prevent their unauthorized use whether the data is printed or stored locally, or transmitted over a public network to a remote server or service provider. Maintain a Vulnerability Management Program: Vulnerability management is the process of systematically and continuously finding weaknesses in the Corp Techs’ IT infrastructure system. This includes security procedures, system design, implementation, or internal controls that......

Words: 374 - Pages: 2

Is3220 Unit 2 Assignment 1: Selecting Security Countermeasures

...Listed below are the reasons for chosen countermeasures in addition with the benefits and limitations of each countermeasure. 1. Setting up a firewall will help eliminate open ports that network traffic travels in and out by disabling or limiting access to the port. The benefit of having a firewall is that it can close ports meaning closed doors. In other words, hackers won’t be able to enter the network infrastructure. Limitation of needing an open port can be or become vulnerable to the system or network. 2. Setting up a secure wireless access is the same as the workstations connected via wired to a domain, therefore the wireless network needs to be secure with credentials. The benefit is that users can use wireless devices while having a secure and mobile wireless access. Limitation of a secure wireless access is that it can become vulnerable from unsecure devices or location due to wireless access being everywhere. 3. Enforcing proper user training will ensure that users read and follow the policies in-place of the company. The majority of the users will just sign the AUP and the employers assume they have read the policies in-place, when in reality they did not. The benefit of having proper training will inform users what they have to do and what will happen if the policy is not followed. Limitation of proper user training, is that most users will probably not care or forget about it. 4. Using credentials will provide an extra layer of security and limit what users...

Words: 436 - Pages: 2

Is3220 Discussion Unit1

...1. What role does TCP/IP play for Internet communications? The Internet Protocol (IP) is the main communications protocol in the internet protocol suite for relaying datagrams across network boundaries its routing function enables inter networking and essentially establishes the internet. 2. IP being the primary protocol has the task of delivering packets from the source host to the destination host based on IP addresses in packet headers. So IP defines packet structures that contain the data to be delivered, while also defining addressing methods used to label datagram with source and destination information. 3. DHCP (Dynamic Host Configuration Protocol) is a protocol that lets network administrators manage centrally and automate the assignment of IP (Internet Protocol) configurations on a computer network. Basically DHCP lets a network administrator supervise and distribute IP addresses from a central point. 4. The Domain Name System (DNS) is basically a large database which resides on various computers and it contains the names and IP addresses of various hosts on the internet and various domains. DNS is used to provide information to the DNS to use when queries are made. The service is the act of querying the database, and the system is the data structure and data itself. 5. Secure Shell (SSH) encryption and authentication mechanisms enhances security to a greater extent, because mostly the communication occurs through a medium, which is unsecured that......

Words: 259 - Pages: 2

Is3220 Project Part 1

...IS 3220 IT Infrastructure Security Project Part 1: Network Survey Project Part 2: Network Design Project Part 3: Network Security Plan ITT Technical Institute 8/4/15 Project Part 1: Network Survey Network Design and Plan Executive Summary: We have been engaged in business for some time, and have been very successful, however we need to re-examine our network configuration and infrastructure and identify that our network defenses are still reliable, before we make any changes. We need to take a hard look at our current configuration of host, services and our protocols within our organization. Data from a large number of penetration tests in recent years show most corporate networks share common vulnerabilities. Many of these problems could be mitigated by appropriate education in “hacker thinking” for technical staff. We will take a look at our security on routers and switches to make sure there are no leakages of data traffic. OBJECTIVE We have identified that we have loss some major accounts to competitors whose bids have been accurately just under our bid offers by exact amounts. We also believe due to shared reporting and public Web site functions that our Web servers have been compromised and our RFP documents have been leaked to competitors which enabled them to under bid us. We want to mitigate Web threats in the future; we realize the web is a mission critical business tool. We want to purchase new products and services, that will give us an edge and......

Words: 3355 - Pages: 14

Is3220 Paper

...When looking to strengthen our network designs we looked at the typical threats and risks that they pose. Here are some of the attacks we used as of priority to protect ourselves when looking to see what we would be up against: • DOS/DDOS Attacks • Man In the Middle Attacks / Spoofing • Buffer Overflow • Fragmentation Attacks • Session Hijacking • Social Engineering • SQL Injection / Injection attacks • Eavesdropping • Replay Attacks There are many more attacks possible but these are the attack we focused on. With each threat, we analyzed how these attacks could be used against us and what counter measures would be used to prevent or mitigate such events from happening. DOS/DDOS Attacks- In general, Denial of Service attacks are used to flood an infrastructure with requests to the point where systems cannot keep up with the volume and crash as a result. As a business that relies on bidding and some public access, this can be troublesome as it would crash the website and stop business at critical times. In order to prevent such attacks, a NIDS or Network Intrusion Detection System can and should be implemented to “weed out” false requests from IP addresses that are flooding the system. For further protection the use of a “Honeypot” or trap for hackers can be used to direct any incoming attacks towards a lesser valuable target. Man in the Middle attacks- Man in the middle attacks are......

Words: 1272 - Pages: 6