Midterm Exam Firewall for Security

Total Questions Answered: 10

Download All the Answers By Clicking Add To Cart.

$10.00Add to cart


Midterm

Chapter 1

Exercise # 2: Consider the most important item among all the categories of information stored on your personal computer. As it applies to that item of information (your information asset), identify an example of a corresponding threat, threat agent, vulnerability, exposure, risk, attack, and exploit.

Answer: The corresponding threat that I consider is always present to my information on my computer is the fact that I receive spam emails that sometimes look very real. They have links that I am supposed to click. These links are supposedly intended at resetting my email password to the email account because it is “compromised”. Once I clicked that link and some malware was downloaded automatically to my computer that took control of my processes and I could see some of my data folders disappearing. In the PC task manager I could see an upload routine, while I was not uploading anything over the internet.

This is an example of how my computer was vulnerable to such attacks. I should have installed a malware detector that could have minimized the risk of this attack. I believe that Windows 10 come with inbuilt protection against these malwares.

Chapter 2

Exercise # 2: Search the Web for a listing of security education and training programs in your area. Make a list and determine which type of program (online, on-site at an employer’s location, at a conference facility, at a training facility) has the most examples. Determine the costs associated with each example. Which do you feel would be more cost effective?


Answer: Following is a list of programs that are offered in different colleges with the cost associated with each example (“What Colleges Have Networking Security Degrees in Washington, DC?,”).

Howard Community College

Program: Associate of Arts in Information Technology

Specialization Areas: Network security

Program Length: Two years of full-time study

Tuition: $124 per credit for Howard County students; $207 per credit for in-state but out-of-county students; $252 for out-of-state residents (2012-2013)

Admission Requirements: ACCUPLACER test

Capitol College

Program: Bachelor of Science in Information Assurance

Program Length: Four years of full-time study

Tuition: $20,972 per year (2011-2012 estimates)

Admission Requirements: High school courses admission essay; letters of recommendation; placement tests and personal interview

George Mason University

Program: Bachelor of Science in Information Technology

Specialization Areas: Networking and telecommunications, database technology and programming, Web development and information security

Program Length: Four years of full-time study

Tuition: $9,420 per year in-state, $27,564 per year out-of-state (Fall 2012)

Admission Requirements: Counselor recommendation; personal statement; secondary school report

George Washington University

Program: Bachelor of Science in Computer Science

Specialization Areas: Computer and information security, computer systems, computer theory, digital media, software engineering and research

Program Length: Four years of full-time study

Tuition: $45,735 per year (2012-2013)

Admission Requirements: Counselor and teacher recommendations; essay; senior grades for the Fall term

George Washington University

Program: Master of Science in Cybersecurity

Program Length: Two years of full-time study

Tuition: $1,310 per credit hour (Fall 2012)

Admission Requirements: GRE scores; statement of purpose; three letters of recommendation for students applying for an assistantship or fellowship

George Mason University

Program: Master of Science in Information Security and Assurance

Specialization Areas: Network and system security or advanced cybersecurity

Program Length: Two years of full-time study

Tuition: $578.75 per credit hour for VA residents; $1,142.50 per credit hour for non-residents (Fall 2012)

Admission Requirements: GRE scores; three letters of recommendation; goals statement; resume; departmental self-evaluation form.

Chapter 3

Exercise # 4: You have configured your firewall to authenticate a group of 100 users who are in your company. You set up the database of users using your firewall’s own user management software. As your network grows and security items are added, other network components need to access the same database of users. What strategies could you employ to provide the other network components with access to the database of users?

Answer: There are different strategies present to provide users to access a database for different purposes. Firewall are a mean to control the access of different users and/or network components to access network resources. In the example provided in the exercise, I could use User Authentication, Client Authentication and Session Authentication methods to limit the access to the user database. I would personally prefer the Session Authentication method. It provides access to the clients for sessions. After each session expires, the client has to re-login.


 

Exercise # 5: Using an Internet search engine, look up the term “one-time password.” Access Web sites that define the term. After reading at least two definitions, write your own definition. Using an Internet search engine, look up the term “biometric user authentication.” Access several Web sites that define the term. Write a paragraph expressing your opinion about if and when this will be the dominant way that users authenticate when using home computers.

Answer: “One-time password” is the kind of password that can be used only once to login to a computing device. Any attempt to login with the same password again will not be entertained by the computing device.

Biometric user authentication is the kind of user authentication that is based on the unique biological characteristics of that specific user to login or access the desired computer/electronic systems. Finger prints and retina scans are the primary examples of biometric user authentication.

Biometric authentication systems are used in mobile devices at the moment but I do not see a lot of computer using this technology. I do believe that we will see many computer users opting biometric authentication for home computer in the near future. The reason is the reliability and validity of the biometric authentication systems. It is also easy to use and as each humans have unique biological characteristics when I comes to biometric authentication, there is greater opportunity for security in this authentication method.

Chapter 4

Exercise # 4: Your local network needs to be set up with an IP address range that cannot be routed over the Internet. What are the nonroutable IPv4 address ranges you can use? If you have fewer than 25 computers to network, pick one of the classes and create an IP address range that will be suitable. What if you have 2500 computers? Which range will you use?

Answer: The nonroutable IPv4 address ranges that can be used are:

10.0.0.0 – 10.255.255.255, Class A

172.16.0.0 – 172.31.255.255, Class B

192.168.0.0 – 192.168.255.255, Class C

If there are fewer than 25 computer then the IP class and range could be: Class C, Range 192.168.5.0 – 192.168.5.25, 255.255.255.224 range 0-31

If the network has more than the IP class and Range could be: 192.168.5.0/23 range 5.0 to 6.255 with Class C.

Exercise # 5: What is the Media Access Control (MAC) or hardware address of your computer’s net- work connector? You can use the Internet to find out, based on what operating system you are using. If you work on a Mac, use a search engine with the phrase “finding MAC on Macintosh.” If you have a Windows system, search with the phrase “finding MAC on Windows.” If you have a Linux system, search with the phrase “finding MAC on Linux.”

Answer: My compute’s MAC address is: C4-54-44-85-59-3B

Please see the screenshot in the bellow:

Chapter 5

Exercise # 1: Your employer asks you to block traffic from the Web site www.offensivecontent.com, which a group of employees has been caught visiting. You open a command prompt window and type ping www.offensivecontent.com to determine the IP address of the site. After a few minutes, the IP address 197.34.5.56 comes back, but you get several messages stating that the request has timed out, and no packets are exchanged. Based on what you’ve read in this chapter, what does this tell you about the security measures at the www.offensivecontent.com Web site? What rule would you add to the rule base to block access to this site?


Answer: Ping is an ICMP (Internet Control Message Protocol) packet. Attacker might use it to gather information about the host at www.offemsivecontent.com to plan a reconnaissance attack. ICMP can be used to manipulate messages to get the Host Detection, Network Topology, ACL Detection Packet Filter Detection and OS Fingerprinting information at website hosting servers. The fact that www.offencivecontent.com is blocking PING means that the website host is preventing an attack and it is a good security measure.

I would add the application Control and URL Filtering rule to block access to the website.

Exercise # 2: When you install a personal firewall, it doesn’t work. You suddenly lose the ability to share files with other computers in your lab. You open a command prompt, ping your default gateway router, and get a successful response. You try to ping another computer on your network and get a series of “Request Timed Out” messages. You are sure the problem has to do with the firewall blocking communications with the “trusted” computer. What would you do to restore communications with the other local machine?

Answer: I would look at the settings of the firewall and see its behavior. I would go and edit the Rules of the firewall. I would edit the trusted zones for the firewall on the gateway router and add the IP’s of the trusted computer so they are no more blocked.

Chapter 6

Exercise # 1: Consider a user named Ken, who’s a work-study student in a university department protected by a firewall and a member of the Work-Study user group in the Windows domain. Ken wants to access a Web site on the Internet from within the firewall. When Ken launches his Web browser and attempts to connect, the request is received by the firewall. The firewall has been configured with the rules pertaining to HTTP Web access shown in Table 6-4. What happens to the request if the firewall processes its rules using (a) In Order, (b) Deny-All, (c) Allow-All, and (d) Best Fit?


Answer:

In Order: The firewall will process the rules in top-to-bottom order as specified in table 6.4.

Deny-All: Will allow packets from Ken as he is specifically allowed.

Allow-All: Will not allow packets from Work-Study as it is specifically denied.

Best-Fit: The firewall makes its own decisions based on the rules.

 

Exercise # 2: You are instructed to take a restrictive approach to firewall rules—“as close to Deny- All as is practically possible.” However, the staff needs to look at training videos online during regular business hours. People should be allowed to use the Web and exchange e-mail at all times. However, access to multimedia should be prohibited at night. What rules would you set up for this?

Answer: I would setup the Port 80/Except Video rules for this situation. It will allow user to surf websites but I would be able to block access to Multimedia in the night.



 

References

What Colleges Have Networking Security Degrees in Washington, DC? (n.d.). Retrieved from             http://learn.org/articles/What_are_My_College_Choices_for_Getting_a_Networking_Security_Degree_near_Washington_DC.html

Download All the Answers By Clicking Add To Cart.

$10.00Add to cart


OR

Please Contact Educational Expert Tutors for help with this Assignment/Exam or any Other!