CS 459/559 - MIDTERM STUDY GUIDE

FORMAT

CONTENT

Chapters 1-9; Homework, Labs

  1. What Have You Got to Lose?
    1. Accessing Security Needs (3-4)
    2. Policy Document (5-8)
      • Passwords
      • Guidelines
    3. Types of Security (15-26)
      • Internet
      • Network
      • Physical
    4. 56 bit vs. 128 bit encryption (30-31)
  2. Implementing a Security Policy
  3. Disaster Planning
    1. Automated Data Backup (55-59)
    2. Hierarchical Storage Management (60-61)
  4. Security Levels
    1. Trusted Computer System Evaluation Criteria (Orange Book)
    2. Class A, B, C, D
    3. C2 (67-70)
    4. Discretionary Access Control (70-71)
  5. Encryption
    1. Public (asymmetric) and Private (symmetric) Key (76-82)
    2. Digital Certificates (84-89)
  6. Security Systems of Network Operating Systems
    1. Netware Security Features (102-114)
    2. NT Security Features (114-120)
      • Registry
      • Security Settings
      • Securing an NT Server
      • Breaking into an NT Server
    3. UNIX Security Features (120-127)
  7. Security Management Platforms
    1. Systems Management Standards (136-139)
  8. Network Monitors and Other Security Programs
    1. Monitoring a Web Server (154-156)
    2. Application Management (158-159)
    3. Proxy Servers (159-160)
    4. Risk Analysis Tools (160-162)
  9. Security Audits
    1. Network Auditing Tools (172-173)
TERMINOLOGY
data remanencedegaussingPGP
Trojan horsesnifferCERT
cold sitehot sitedump
tardiscretinary access controlACL
access control matrixaudit capabilitydigital signatures
authenticationnonrepudiationDES
RSADiffie-HellmanIDEA
hashX.509Certificate Authority
KerberosVerisignelectronic postmark
SATANDMISNMP
MIBHP OpenViewSolstice Domain Manager
proxy serverCIAC
To Table of Contents