Starr_Tim-Sec02_HW9 - Tim Starr

chainbirdinhandSecurity

Feb 23, 2014 (3 years and 8 months ago)

82 views

Copyright 2004 Prentice
-
Hall

Review Questions Page 9
-
1

Homework

Chapter 9:

Security

Due Date:
11/8/05


Last name (family name):
Starr


First name (given name):
Tim


Test Your Understanding Questions

9.

a)

What is authentication?

Authentication is requiring someone wishing to use a resource to prove his or her
identity.

b)

Distinguish between the applicant and the verifier.

The applicant is the one trying to pr
ove his or her identity. The verifier is the
party requiring the applicant to prove his or her identity.

c)

What are credentials?

Credentials are a proof of identity.

d)

Why are authentication servers used?

The authentication server stores data to help the

verifier check the credentials of
the applicant.

e)

Why must authentication be appropriate for the sensitivity of an asset?

Sensitive personnel information should be protected by ver
y

strong
authentication methods. For relatively
nonsensitive

data, less e
xpensive but weak
authentication methods may be sufficient.

(
Strong authentication schemes almost
always require more effort and money to implement properly and weaker
schemes are cheaper and easier. Obviously if the resource you’re trying to
protect isn’t

valuable or secret in anyway you shouldn’t waste your resources on
protecting it.)

Copyright 2004 Prentice
-
Hall

Review Questions Page 9
-
2

14.

a)

What fields does a packet filter firewall examine in arriving packets?

A packet filter firewall examines fields in the internet and transport headers of
individual arriving packets.

b)

What is an ACL?

An Access Control
List (ACL) is an ordered list of pass/deny rules.

c)

Why is the last rule in an ACL “deny all”?

The “deny all” rules is in place to drop all other traffic which has not been
explicitly allowed.


d)

Why can’t packet filter firewalls be used as main corporat
e firewalls?

Packet filter firewalls cannot be used as main corporate firewalls because they
only examine isolated packets and many attack packets cannot be recognized in
isolation.


e)

How can they be used effectively?

Packet filter firewalls may be place
d before the main corporate firewall to
“screen out” many simple attacks so that the main corporate firewall will not
have to deal with these attacks.

16.

a)

What is protocol fidelity?

Pr
otocol fidelity is ensuring that an application using a particular port is the
application it claims to be.

b)

Why is it needed?

It is needed because “if an application attempts to come in over Port 80 (HTTP),
the application firewall will ensure that it
really is an HTTP application, not a
peer
-
to
-
peer file
-
sharing
programming

trying to get around firewall restrictions”

c)

What type of content filtering do application firewalls do?

Application firewalls may ensure only FTP GET
commands

are made and that
PUT commands

are dropped before they even reach the FTP daemon. HTTP
requests to websites on a corporate blacklist of banned websites may be dropped.

d)

Do application firewalls normally do virus scanning?

No, separate application firewalls do virus scanni
ng usually.

20.

a)

Why is a negotiation

phase needed in cryptographic systems?

A negotiation phase is needed because the parties must negotiate optional
parameters.

b)

What is mutual authentication?

Copyright 2004 Prentice
-
Hall

Review Questions Page 9
-
3

Mutual authentication is authentication by both parties.

c)

What two protections do digital sign
atures provide?

The digital signature provides message
-
by
-
message authentication in addition to
ensuring that the message has not been changed en route.

23.

a)

What is host hardening?

Host hardening is setting up a server to protect itself. This includes patching
vulnerabilities, minimizing applications running on each server, using host
firewalls.

b)

What are the four st
eps in hardening hosts?

1.

Patching vulnerabilities

2.

Minimizing applications

3.

Host firewalls

4.

Backup

c)

What are the steps in hardening client PCs?

The same steps as in host hardening only that you should add a good antivirus
program.

27.

a)

What is business continuity?

Business continuity is the company’s ability to continue

operations.

b)

What is disaster recovery?

Disaster recover is the reestablishment of information technology operations.

c)

What types of backup sites do firms use in disaster recovery?

Dedicated backup sites that allow the transfer of all technology oper
ations to this
site very quickly after data and eomploees have been moved to the backup site.

d)

How is business continuity recovery a broader process than disaster recovery?

Business continuity is dealing with protecting employees during disasters,
mainta
ining or reestablishing communication among key employees, and
providing the exact procedures needed to get the most critical operations
working again in the correct order. Which is more than just getting the IT
backup.