consolidated objectives Unit 3 chapter 6 by group 3

R.V.College of Engineering Bangalore Department of Computer Science & Engineering

Subject: Information security (group 3, Unit3, chapter 6, page no 199 to205) Assignment-1 Submitted by: Mohana (5WF09DPZ12)

Date: 26-08-2011 Topic: Introduction, Physical design, Firewalls

1. The team responsible for physical design a. Selects specific technologies to support the information security blueprint. b. Designs physical security measures to support the technical solution. c. Prepares project plans for the implementation phase that follows. d. all the above. 2. A firewall is an ____________ similar to a buildings firewall in that it prevents specific types of information from moving between the outside world known as the ________and inside world known as the_____________ Ans: Information security program, untrusted network, trusted network

3. Firewalls can be categorized by a. processing mode b. development era or structure c. development era and structure d. both (a) and (b) e. only c 4. There are ________major processing mode categories of firewalls. a. 2 b. 3 c. 4 d. 5 5. processing modes of firewalls are a. packet filtering firewalls b. application gateways c. circuit gateways d. MAC layer firewalls e. hybrids f. all the above. 6. A packet filtering firewall installed on a ____________based network Ans: TCP/IP 7. Filtering firewalls inspect packets at the _________layer.

a. Data link layer B. network layer C.transport layer D. application layer 8. Packet filtering firewalls are based on a combination of a. IP source and destination address b. Direction (inbound or outbound) c. TCP or UDP source and destination port requests D. all the above 9. A packets content will vary in _________ depending on the nature of the packet. Ans: Structure 10. There are_________subsets of packet filtering firewalls. a. 2 b. 3 c.4 d.5

11. Subsets of packet filtering firewalls are A. static filtering B. dynamic filtering C. stateful inspection d. all the above. 12. Stateful inspection firewalls perform_________ Ans: Packet filtering 13. The application firewall is also known as __________

A. application gateway b. Application-level firewall C. proxy server D. both (a) and (b) E. only c 14. _________ servers can store the most recently accessed pages in their internal cache. Ans: cache servers 15. The circuit gateway firewall operates at the_____________layer. a. Data link layer B. network layer C.transport layer D. application layer 16.Hybrid firewalls combine the elements of other types of firewalls.(True/False) Ans: True. 17. Circuit level gateway can be a standalone system( true/false) Ans: true 18. The dominant firewall architecture used today is screened subnet firewall (yes/no) Ans: yes 19. __________allows the firewall to react to an emergent event & updates or create rules to deal with the event. a. static filtering,

b. dynamic filtering, c. stateful inspection, d. application gateway 20. Match the following 1. First generation 2. Second generation 3. Third generation 4. Fourth generation 5. Fifth generation Ans: Matched 21. Match the following 1. First generation a. simple networking devices that filter packets according to their headers as the packet travel to and from the Organizations network 2. Second generation b. Dedicated systems that are separate from the filtering router and that provide intermediate services for Requestors 3.Third generation c. monitor network connections between internal and external systems using state tables 4. Fourth generation d. Allow only a particular packet with a particular source, destination , and port address to enter a. Static filtering firewalls b. application level firewalls or proxy servers c. Stateful inspection firewalls d. dynamic packet filtering firewall e. kernal proxy

Ans: Matched

INS OBJECTIVESCHAPTER-6 By Mahitha K

1. Most firewalls are appliances. (true/false).

2. Following are firewall appliances. a. Standalone b. Selfcontained c. Both

3. Residential grade firewall software is installed directly on users system.(true/false).

4. Commercial grade firewall systems run on_______.(general purpose computers). 5. Example software firewalls are: 1. Norton personal firewall 2. Zone labs zone alarm 3. Tiny personal firewall 4. Sygate personal firewall 5. All the above 6. Common architectural implementation of firewalls a. Packet filtering firewalls b. Screened host firewalls c. Dual homed firewalls d. Screened subnet firewalls. e. All the above

7. Correct choice of firewall architecture depends on _____factors. Ans: three 8. The factors that need to be considered while choosing the fire wall architecture are: a. Objectives of the network b. Budget c. Both 9. SVEN stands for: a. Security verification engine. b. Several verification network c. Security verification network 10. NAT stands for: a. Network address transmission b. Network address translation c. Network address technique d. Network acknowledgement transfer
11. DSL stands for

a. Digital service line b. Digital subscriber line c. Dynamic service line d. None 12. Effective method of improving computing security in SOHO is by ________ a. Residential level firewall b. Residential grade firewall c. Secure grade firewall

d. Secure level firewall 13. WAP stands for a. Wireless application point b. Wireless area providers c. Wireless access point d. Wireless access providers 14. Logical screened sub network is also called as ______(demilitarized zone). 15. _____can be configured to allow internet clients access to servers inside the trusted networks. (barricade).

Information security system (page212 to 217) of chapter 6

PATHANJALI

1)An is an attack against an information asset that poses a clear threat to the confidentiality ,integrity or availability of information resources. a)incident b)incident response c) incidentrecovery

2)All the threats could result in attacks that would be classified as a)information security incidents b) information services incidents c) information planning incidents

3)Characteristics of an attack that can be classified as incidents are

i) They are directed against information assets ii)They have a realistic chance of success iii)they could threaten the confidentiality ,integrity or availability of information resources a)only i b)i,ii& iii c)only i&ii

4)The set of activities taken to plan for ,detect and correct the impact of an incident on information assets a)incident b)incident response c) incident planning

5)Incident Response consist of how many phases a)4 b)3 c)5

6)Incident Response phase are a) recovery b)detection c)reaction d)planning e)all

7)planning for an developed for the BIA a)incident b) detection

requires a detailed understanding of the scenarious c)response

8)IR team consists of individuals who must i)handle the systems ii)functional areas iii)minimize the impact of an incident a)only iii b) i&iii c)all the above

9)which is not a testing strategies are a)checklist b)simulation c)single

10)Match the following 1)check list a )copies of the IR plan are distributed to each individual with a role to play during an actual incident

2)structured Walk-through

-b)each individual practices the steps that they take during an actual event

3)simulation --

c) each individual works individually rather than conference

4)parallel

-d)individual act as if an actual incident occurred

5)full interruption- e)individual follow each and every procedure Ans:1-a,2-b,3-c,4-d,5-e

11) the process of examining a potential incident a)incident classification b) incident candidate c) none of the above d)only a&b

12)Categories of incident indicator are a)impossible b)probable c)probability

13)events that are possible indicators of incidents are i)presence of unfamiliar files

ii)presence or execution of unknown program or process iii)unusual consumption of computing resources iv)unusual system crashes a)only i b)i,ii,iv c)ii,iii d)i,ii,iii,iv

14)Probable indicator of incidents 1)activities of expected times 2)presence of new accounts 3)reported attacks 4)notification from IDs a)1,2,3 b)2,3,4 c)1,3,4

15)predefined situation that signal an automatic incident are a)loss of unavailability c)loss of confidentiality b)loss of unity d)all the above

16) is a document containing contact information for the individuals to be notified in the event of an incident Ans :alert roster

INFORMATION AND NETWORK SECURITY Unit III: Security Technology RAMYA R

1. An alert is a document containing contact information for the individuals to be notified in

the event of an incident. [True/False] 2. Which one of the following are the predefined situations. a) Loss of availability and Integrity b) Loss of confidentiality c) Violation of Law d) Violation of policy e) All the above

3. _______________ is the rapid determination of the scope of the breach of the confidentiality, integrity and availability of information. a) Incident damage assement b) Incident assement c) Both a & b d) All the above 4. The recovery process involves much more than the simple restoration of stolen, damaged Or destroyed data files. [True/False] 5. Match the following: 1) Loss of availability 2) Loss of Integrity 3) Loss of confidentiality 4) Violation of policy 5) Violation of law 6. Information system becomes available Uses report corrupt data fils,garbage Sensitive information leaks organization policies addressing information organization info assets were involved

________________ consists of actions outlined in the IRP that guide the organization in the attempting to stop the incident and provide information for recovery from the incident. a) Incident Reaction

b) Indirect reaction c) both a & b d) all the above 7. Arange the Following: 1)Identify the vulnerabilities that allowed the incident to occur and spread. 2)Address the safeguards that failed to stop or limit the incident. 3)Evaluate monitoring capabilities 4)Restore the confidence of the members of the organization communication of ineret 5)Continuously monitor the system 6)Restore the services and process in use 7)Restore the data from backup. a)1,2,3,4,5,6,7 b)2,3,4,1,5,6,7 c)1,7,2,3,4,5,6 d)1,2,3,7,6,5,4 8. The __________ is a detailed examination of the events that occurred from first detection to final the recovery. a) AAR b) ABR c) None of the above d) All the above 9. The common type of backup media include a) Digital audio tapes b) Quarter-inch cartridge drive c) Digital linear tape d) All the above

10. __________ is the process of collecting, analyzing and preserving compute-related evidence.

a) computer Forensic b) only a & c c) Evidence d) None of the above 11.__________is the physical object or documented information that proves an action occurred or identifies the intent of a perpetrator. a)Evidence b)computer forensics c)only a d)None of the above 12.An event cannot be categorized as a disaster when the organization is unable to mitigate the impact of an incident. [True/False] 13.An alert roaster is document contains contact info for the individual to be notified in the event of an incident.[True/False] 14.___________is a scripted description of the incident. a) Alert message b) Incident message c) only a d) none of the above 15. Backups can also be performed to _________ and _________ options. a) CDROM b) DVD c) Tape arrays d) Specialized drives e) All the above

OBJECTIVES ON UNIT 3
Prepared by: Ramyashree B R 5wf09spz15
1.

An utility that help protect an organization systems from misuse and denial of service and which is closely associated with firewalls is called as ----------------------a.CONTENT FILTER b.command filter c,Common filter d.Control filter

2.

Content Filter is a software filter not a firewall.TRUE/False

3. Content filters are also reffered as --------------------a.Forward firewalls b.REVERSE FIREWALLS C.Backward firewalls d.None of the above 4.Content filter has --------------------------components. a.One b.Four

c.TWO d.Five

5.Components of content filters are named as------------ and --------ANS:RATING AND FILTERING. 6.A ------------------is an automatic phone dialing program that dials every number in a configure range. ANS:WAR DIALER. 7.--------------- and ----------------- are systems that authenticate the credentials of users who are typing to access an organizations network via a dial up connection. ANS:RADIUS AND TACACS 8.Expansion of RADIUS is --------------a. Remote Access dial in user service b.REMOTE AUTHENTICATION DIAL IN USER SERVICE c.Remote authentication dial in used service d.none of the above 9.Expansion of TACACS------------a.temporay access controller access control system. b.Terminated authenticated controller access control system. C.TERMINAL ACCESS CONTROLLER ACCESS CONTROL SYSTEM

d.None of the above. 10.What is AAA services? ANS:AUTHENTICATION ,AUTHERIZATION ,ACCOUNTING 11.------------------------------define the minimum requirement for a system that provides AAA services. a.radius protocol B.DIAMETER PROTOCOL c.Circular Protocol d.All the above 12.Expansion of VPN-------------------------a.Very private number b.Virtual private number C.VIRTUAL PRIVATE NETWORK d.None of the above 13.VPNC stands for --------------a.Virtual private network committee b.Virtual private network commitment C.VIRTUAL PRIVATE NETWORK CONSORTIUM d.None of the above 14.VPNC defines-------------------number of VPN technologies. a.one

b.Two C.THREE d.Four 15.VPNCS three VPN technologies are------------------------- and ------------------ and -----------------------. ANS:TRUSTED AND SECURE HYBRID.

16.Trusted VPN is also known as ------------------------ VPN ANS:LEGACY.