CS 459/559 - FINAL STUDY GUIDE

FORMAT

Matching
Discussion Questions

CONTENT

Chapters 1-21; Homework, Labs

What Have You Got to Lose?
1. Accessing Security Needs (3-4)
2. Policy Document (5-8)
  - Passwords
  - Guidelines
3. Types of Security (15-26)
  - Internet
  - Network
  - Physical
4. 56 bit vs. 128 bit encryption (30-31)
Implementing a Security Policy
Disaster Planning
1. Automated Data Backup (55-59)
2. Hierarchical Storage Management (60-61)
Security Levels
1. Trusted Computer System Evaluation Criteria (Orange Book)
2. Class A, B, C, D
3. C2 (67-70)
4. Discretionary Access Control (70-71)
Encryption
1. Public (asymmetric) and Private (symmetric) Key (76-82)
2. Digital Certificates (84-89)
Security Systems of Network Operating Systems
1. Netware Security Features (102-114)
2. NT Security Features (114-120)
  - Registry
  - Security Settings
  - Securing an NT Server
  - Breaking into an NT Server
3. UNIX Security Features (120-127)
Security Management Platforms
1. Systems Management Standards (136-139)
Network Monitors and Other Security Programs
1. Monitoring a Web Server (154-156)
2. Application Management (158-159)
3. Proxy Servers (159-160)
4. Risk Analysis Tools (160-162)
Security Audits
1. Auditing Process (173-177)
Remote Access & Remote Control
- software (184-5)
- protocols (SLIP, PPP, PAP, CHAP, RADIUS)
Virtual Networking
- VLAN advantages (187-189)
- VLAN types (189-190)
- VPN Security (191-193)
- VPN Software (193-198)
Firewalls
- Types of firewalls (packet filtering, dual-homed, screened host, screened subnet) (202-209)
- Firewall Pros and Cons (209-211)
- Firewall Policy (211-212)
- Next Generation Firewalls (212-215)
- Implementing Firewall Services (217-222)
Security Devices (face recognition, theft recovery, web site blocking tools, physical security devices)
Redundancy
- Reliability, Availability, Serviceability (235-6)
- Redundant Cabling (236 - 7)
- Redundant Servers
- Redundant Storage (239-241)
- Redundancy in High Speed Networking (244-5)
Preventing Telephone Fraud
Securing Your Web Connection (S-HTTP, SSL, Java vs. ActiveX)
Viruses
- Types of Viruses (274-5 & my notes)
- Antivirus Security Policy (275-6)
- Protecting Against Viruses (277-281)
Ensuring Secure Electronic Commerce
Intranets
Identifying and Preventing Common Attacks
- Types of Attackes (Brute Force & Dictionary, DoS, SYN, IP Spoofing, Web Spoofing, Physical, Social Engineering)
- Attack Recognition (319-321)
- Vulnerable External Devices
Security and TCP/IP Services
- Using TCP/IP Services (323 - 325)
- TCP Wrappers (330 - 332)
Security Standards and Protocols
- S-HTTP
- SSL
- IPSec
- PPTP
- S/MIME
Secure Shell Program (Installing and Using)
***Security Policy***

TERMINOLOGY
data remanence	degaussing	PGP
Trojan horse	sniffer	CERT
cold site	hot site	dump
tar	discretinary access control	ACL
access control matrix	audit capability	digital signatures
authentication	nonrepudiation	DES
RSA	Diffie-Hellman	IDEA
hash	X.509	Certificate Authority
Kerberos	Verisign	electronic postmark
SATAN	DMI	SNMP
MIB	HP OpenView	Solstice Domain Manager
proxy server	CIAC
RAS	VLAN	VPN
data sniffing	data tampering	DoS attack
packet filtering	IPSEC	SKIP
DMZ	smart cards	dongle (HASP)
disk duplexing	disk mirroring	disk striping
RAID	S-HTTP	SSL
Cookies	virus	worm
Trojan horse	time bomb	logic bomb
polymorphic virus	stealth virus	macro virus
Brute Force	SYN	IPv6
IPSec