Study material for final exam. 1.Be sure to look at the Exam #1 study material for the Common Criteria. 2.Know the security awareness training mistakes and how they relate to your group project. 3.What are the common best practices required to create a a.proper backup procedure b.proper restore procedure

equableunalaskaSecurity

Dec 9, 2013 (3 years and 7 months ago)

88 views


Study material for final exam.


1.

Be sure to look at the Exam #1 study material for the Common Criteria.

2.

Know the security awareness training mistakes and how they relate to your group project.

3.

What are the common best practices required to create a

a.

proper

backup procedure

b.

proper restore procedure

4.

NIST 800
-
37 Certification and Accreditation:

a.

What are the ISO, CA and AO?

b.

What are the four phases of NIST Certification and Accreditation?

c.

What is the relationship between the four phases of Cert & Accreditation
and the
ISO, CA, and AO?

d.

Give job title examples of the ISO, CA, and AO within a typical corporate
organization.

5.

Discuss the benefits and pitfalls of cyber insurance.


Best:


Question: What characteristics of a malware sample might lead an investigator to
believe
that it was
created by a Nation State actor?


Carrick:

What is the main penalty for being non compliant with PCI, and what are the main
reasons businesses fail to become compliant?


Demmler:

How does firewalking use the TTL(Time to Live) value in o
rder to determine what traffic

is allowed through a firewall


Fielder:

Specifically describe two of the problems with encryption or authentication in the WEP
protocol, and describe how the TKIP protocol did or did not address them.


Hellmann:


What is e
-
Di
scovery and what are some issues of e
-
discovery relevant to the system
administrator?


Moss:


What advice can you give colleagues about
posting work
-
related issues on social
networking/blogging public websites?


Parks:


What is multifactor authentication?


Rahimian:



Why do companies struggle with writing secure software?

Raines:



What are several (2
-
3) issues you should consider before using the cloud?


Rowland:


What are some of the main advantages of using open source software over proprietary
software
?


Thavisay:


What is the importance of Intrusion Detection and Pre
vention Systems (IDS/IPS)?


Vignesh:



List some
liabilities of using a GPS system
.


Wagner


What protocol does OpenVPN use?




Wagoner

What does it mean for an encryption scheme to be full
y homomorphic and what use can it
have in today’s world?


Wiebke
:


Q: Describe why attribution is an issue in cyber warfare.