CSCI 4417/5417: Final Quiz. Due at start of Final Exam



Similar documents
PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

Firewalls P+S Linux Router & Firewall 2013

Manage a Firewall Using your Plesk Control Panel Contents

Lab Objectives & Turn In

Linux Operating System Security

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

Firewall Firewall August, 2003

Raritan Valley Community College Academic Course Outline. CISY Advanced Computer Networking

Firewalls CSCI 454/554

Designing and Implementing a Server Infrastructure

GL254 - RED HAT ENTERPRISE LINUX SYSTEMS ADMINISTRATION III

Network Security and Firewall 1

HP Education Services

FIREWALL AND NAT Lecture 7a

Prerequisites: Fundamentals of Networking, Knowledge of Operating Systems

Firewalls. Chapter 3

What is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services

FREQUENTLY ASKED QUESTIONS

Firewall VPN Router. Quick Installation Guide M73-APO09-380

IT6203 Systems & Network Administration. (Optional)

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

CIT 212 Microsoft Networking II Windows Server 2012 R2 Administration Fall 2015

Linux Network Security

Firewalls, NAT and Intrusion Detection and Prevention Systems (IDS)

Multi-Homing Dual WAN Firewall Router

How To Learn To Use Libreware On Librerove 9 On A Linux (Susu) On A Pc Or Mac Or Ipa (Windows) On Your Own Computer (Windows Xp) On An Ubuntu (Networking)

Small Systems Solutions is the. Premier Red Hat and Professional. VMware Certified Partner and Reseller. in Saudi Arabia, as well a competent

Firewall Piercing. Alon Altman Haifa Linux Club

Firewalls. Ahmad Almulhem March 10, 2012

CMPT 471 Networking II

CS155 - Firewalls. Simon Cooper <sc@sgi.com> CS155 Firewalls 22 May 2003

Table of Contents. Introduction. Audience. At Course Completion

Network Security ITP 457 (4 Units)

Firewalls. configuring a sophisticated GNU/Linux firewall involves understanding

Stateful Firewalls. Hank and Foo

COURCE TITLE DURATION LPI-202 Advanced Linux Professional Institute 40 H.

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

MCSA Security + Certification Program

Module: Firewalls. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

Port Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.

CSE 571S: Network Security CSE571S

CSCI 4250/6250 Fall 2015 Computer and Networks Security

Firewalls. Pehr Söderman KTH-CSC

Inside-Out Attacks. Security Event April 28, 2004 Page 1. Responses to the following questions

Looking for Trouble: ICMP and IP Statistics to Watch

Security Advice for Instances in the HP Cloud

APPLICATION FOR BOARD APPROVAL. of Locally Developed Course. MCP CERTIFICATION 11/12a/12b/12c

Filtering remote users with Websense remote filtering software v7.6

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

Inside-Out Attacks. Covert Channel Attacks Inside-out Attacks Seite 1 GLÄRNISCHSTRASSE 7 POSTFACH 1671 CH-8640 RAPPERSWIL

Lab - Observing DNS Resolution

Firewalls. Test your Firewall knowledge. Test your Firewall knowledge (cont) (March 4, 2015)

MS 10972A Administering the Web Server (IIS) Role of Windows Server

Nixu SNS Security White Paper May 2007 Version 1.2

Firewalls (IPTABLES)

Designing and Implementing a Server Infrastructure

Cryptography and network security

What is included in the ATRC server support

COURSE 20413C: DESIGNING AND IMPLEMENTING A SERVER INFRASTRUCTURE

12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028

Cisco Secure PIX Firewall with Two Routers Configuration Example

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

20413C: Designing and Implementing a Server Infrastructure

10972-Administering the Web Server (IIS) Role of Windows Server

Designing and Implementing a Server Infrastructure 20413C; 5 days, Instructor-led

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Course 20413: Designing and Implementing a Server Infrastructure

I. PREREQUISITES For information regarding prerequisites for this course, please refer to the Academic Course Catalog.

Project 4: IP over DNS Due: 11:59 PM, Dec 14, 2015

Vulnerability Assessment and Penetration Testing

Linux MDS Firewall Supplement


Experiences from Educating Practitioners in Vulnerability Analysis

How To Understand A Firewall

Designing and Implementing a Server Infrastructure

Proxies. Chapter 4. Network & Security Gildas Avoine

Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University

ACADEMIC PROGRAM REVIEW PC AGE 145 TALMADGE ROAD EDISON, NJ REVIEW DATE. Report Amended October 2011

Chapter 5. Figure 5-1: Border Firewall. Firewalls. Figure 5-1: Border Firewall. Figure 5-1: Border Firewall. Figure 5-1: Border Firewall

NETWORK SECURITY WITH OPENSOURCE FIREWALL

Distributed Systems. Firewalls: Defending the Network. Paul Krzyzanowski

Linux System Administration on Red Hat

TUNNA. A tool designed to bypass firewall restrictions on remote webservers. By: Rodrigo Marcos Nikos Vassakis

Lync SHIELD Product Suite

Protecting and controlling Virtual LANs by Linux router-firewall

Open Source Security Tools for Information Technology Professionals

Host Discovery with nmap

Firewalls and System Protection

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Linux Administrator (Advance)

Upgrade to Webtrends Analytics 8.7: Best Practices

CSE543 - Computer and Network Security Module: Firewalls

Designing and Implementing a Server Infrastructure

Transcription:

CSCI 4417/5417: Final Quiz Due at start of Final Exam April 27, 2005 Overview This quiz is optional, and your grade on it will replace your lowest quiz grade. Overall, the main goal of this assignment is to get your suggestions on how to improve the course. There are also a set of quiz questions on Security, to help you practice for the final. There are 39 questions for a total of 41 points. You should submit your solutions to this quiz at the start of the final exam. Even though many of these questions are open-ended, you should take this seriously: mediocre and vague feedback will receive only partial credit. 1 Security 1. (1 point) What is the purpose of nmap? 2. (1 point) What is the purpose of John the Ripper? 3. (1 point) True/False: iptables is stateful. 4. (1 point) What is the difference in functionality and overhead between stateful and stateless firewalls? 5. (1 point) True/False: a SOCKS server is a type of proxy server 6. (1 point) True/False: an HTTP proxy server is a type of SOCKS server 7. (1 point) What is the purpose of tripwire? 8. (1 point) What type of scalability problem might you encounter if you use tripwire to watch files in the /tmp directory? 1

9. (1 point) Explain the difference between how rpm -Va works versus how TripWire works. 10. (1 point) If a fellow student hands you a copy of einstein s /etc/passwd file, what should you do? 11. (1 point) Discuss how tripwire could be used to solve the problem of uninstalling software that was built and installed from source. 12. (1 point) True/False: if you have a personal firewall, then you don t need to also have a separate, standalone firewall. 13. (1 point) True/False: if you have a separate, standalone firewall, then you don t need to also have a personal firewall. 14. (1 point) How does blocking an incoming, initial SYN on a firewall increase security slightly? 15. (1 point) Assume that you are working for a company as a system administrator, and your boss asks you to run l0phtcrack on your domain controller. In a sentence or two, explain your response. 16. (1 point) True/False: using a foreign language word for a password is a good idea. 17. (1 point) Explain the difference between a brute force attack and a dictionary attack on passwords. 18. (1 point) Explain blacklisting with respect to firewalls. 19. (1 point) Explain whitelisting with respect to firewalls. Page 2

20. (1 point) According to the specification, an unexpected message to an open connection should receive a RST. Carefully explain how you would design an experiment to test this. 21. (1 point) True/False: According to the specification, a UDP packet sent to a closed port gets an HTTP port unreachable message. 22. (1 point) What is a bastion host? 23. (1 point) List two problems with blacklisting with respect to the Fireall FAQ: 1. 2. 2 Feedback Take a look at http://einstein.etsu.edu/jenkinss/4417/spring-2003-eval.pdf for my thoughts on how the Spring 2003 version of this course went, and then give your feedback on the following aspects. 2.1 Assignments Assignments 1. Lab design 2. Operating System Installation 3. Virtual PC and File Permissions 4. DHCP and DNS 5. Users and Groups 6. Web and FTP 7. Distributed File Sharing 8. Software management 9. Security Page 3

1. (1 point) Which assignment was the most interesting to you? 2. (1 point) Which assignment was the most difficult? 3. (1 point) The Distributed File Sharing assignment was moved, and other assignments rearranged, to make the Samba portion of file sharing more feasible. Was this rearrangement successful? Put another way, was the Samba portion of the file sharing assignment more difficult than other assignments? 4. (1 point) 5. I have received some individual feedback on the prerequisite of CSCI 2235 (Introduction to Unix) and would like to explore ways of improving the transition. In Fall 2005, I will be teaching a 3-credit version of 2235 that will extend the full 15 weeks of the semester. The initial thought is to divide the additional 10 weeks into 5 weeks of additional Unix material (e.g., ps, lsof, netstat and other basic tools and parts of a system like standard locations for files and logs) and the other 5 weeks would be focused on scripting. (a) (1 point) Should there be a pre-test at the beginning of 4417 on Unix skills? (b) (1 point) Does the tentative change to 2235 sound effective, or would you think a different balance would be more helpful? (If the latter, what balance would you like to see) (c) (1 point) Please give me suggestions on how to improve either CSCI 2235 (with respect to the needs of CSCI 4417/5417) or the transition from 2235 to 4417/5417. 6. (1 point) Please comment on the balance between group and individual assignments this semester (i.e., Good, Not Good). If you choose Not Good, please suggest a way that the balance could be improved. 7. (1 point) What one topic would you suggest be dropped from 4417/5417 that we covered this semester? 8. (1 point) What one topic would you like to see covered in 4417/5417 that we have not covered this semester (i.e., if we dropped something, what should we put in its place). 9. (1 point) Someone suggested adding a new module to CSCI 4800 (the IT Capstone) class where instead of either helping with CSCI 1100 or volunteering to do IT support in an area K-12 school, a student could be a 4417/5417 mentor. Give your feedback on that (including a description of how you think the logistics could work out). 2.2 Quizzes 10. (1 point) Were the quizzes useful in helping you know if you understood the material? Page 4

11. (1 point) Were the quizzes useful in helping you prepare for the exam? 12. (1 point) Should the quizzes be dropped from the course, or perhaps rolled into assignments so that we could spend less time in class doing the mechanics of the quizzes? 2.3 References 13. (1 point) Estimate how many times you actually opened the Windows reference. 14. (1 point) Estimate how many times you actually opened the Linux reference. 15. (1 point) Should both of the texts be required? If no, which should be required? 16. (1 point) If there were a selection of materials put together on Safari.com, and a printed, bound version of it available in the bookstore, do you think that would be an improvement over the current texts and readings? Why or why not? Page 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information