1. (DUE November 15, 2005 by midnight EDT) Briefly discuss what you learned from the readings in chapters 21-22:
   • What was the most surprising thing you learned?
   • What was the most difficult part for you?
2. (DUE November 15, 2005 by midnight EDT) Select one of the following questions to discuss in detail through the threaded discussion.
   1. You have been hired as the security officer for Compute Computers, Inc. Your boss asks you to determine the number of erroneous login attempts that should be allowed before a user's account is locked. She is concerned that too many employees are being locked out of their accounts unnecessarily, but is equally concerned that attackers may be able to guess passwords. How would you determine an appropriate value for the threshhold?
   2. One view of intrusion detection systems is that they should be of value to an analyst trying to disprove that an intrusion has taken place. Insurance companies and lawyers, for example, would find such evidence invaluable in assessing liability. Consider the following scenerio. A system has both classified and unclassified documents in it. Someone is accused of using a word processing program to save an unclassified copy of a classified document. Discuss, if, and how, each of the three forms of intrusion detection mechanisms could be used to disprove this accusation.
   3. Consider the "counterworm" in the example on page 483.
      1. Pretend that you are a technical expert called as a witness in a lawsuit between the sender of the "counterwork" and the target. What arguments could you make for and against the sending of the worm?
      2. How might the arguments for a company providing "worms" to fix security programs in their software differ from those for providing a "counterworm"? How would they be the same?
3. (DUE November 20, 2005 by midnight EDT) Select a discussion from one or more of your classmates and respond to their comments.

Click here to return to Wayne's World's homepage: