1. Explain the difference between a vulnerability and a threat.

Threats: Something that has the potential to cause harm Vulnerabilities:

Weaknesses that can be used to harm
2. List six items that might be considered logical controls.
3. What term might we use to describe the usefulness of data?

4. Which category of attack is an attack against confidentiality?

5. How do we know at what point we can consider our environment to be
secure?
6. Using the concept of defense in depth, what layers might we use to secure
ourselves against someone removing confidential data from our office on a USB
flash drive?
7. Based on the Parkerian hexad, what principles are affected if we lose a
shipment of encrypted backup tapes that contain personal and payment
information for our customers?
8. If the Web servers in our environment are based on Microsofts Internet
Information Server (IIS) and a new worm is discovered that attacks Apache Web
servers, what do we not have?
9. If we develop a new policy for our environment that requires us to use
complex and automatically generated passwords that are unique to each system
and are a minimum of 30 characters in length, such as !Hs4(j0qO$
&zn1%2SK38cn^!Ks620!, what will be adversely impacted?
10. Considering the CIA triad and the Parkerian hexad, what are the advantages
and disadvantages of each model?

1. What is the difference between verification and authentication of an identity?

2. How do we measure the rate at which we fail to authenticate legitimate users
in a biometric system?
3. What do we call the process in which the client authenticates to the server
and the server authenticates to the client?
4. A key would be described as which type of authentication factor?
5. What biometric factor describes how well a characteristic resists change over
time?
6. If we are using an identity card as the basis for our authentication scheme,
what steps might we add to the process in order to allow us to move to
multifactor authentication?
7. If we are using an 8-character password that contains only lowercase
characters, would increasing the length to 10 characters represent any
significant increase in strength?
8. Name three reasons why an identity card alone might not make an ideal
method of authentication.
9. What factors might we use when implementing a multifactor authentication
scheme for users who are logging on to workstations that are in a secure
environment and are used by more than one person?
10. If we are developing a multifactor authentication system for an environment
where we might find larger-than-average numbers of disabled or injured users,
such as a hospital, which authentication factors might we want to use or avoid?
Why?

1. Discuss the difference between authorization and access control.

2. What does the Clark-Wilson model protect against?
3. Why does access control based on the MAC address of the systems on our
network not represent strong security?
4. Which should take place first, authorization or authentication?
5. What are the differences between MAC and DAC in terms of access control?
6. The Bell-LaPadula and Biba multilevel access control models each have a
primary security focus. Can these two models be used in conjunction?
7. Given a file containing sensitive data and residing in a Linux operating system,
would setting the permissions to rw-rw-rw- cause a potential security issue? If so,
which portions of the CIA triad might be affected?
8. Which type of access control would be used in the case where we wish to
prevent users from logging in to their accounts after business hours?
9. Explain how the confused deputy problem can allow privilege escalation to
take place.
10. What are some of the differences between access control lists and
capabilities?

1. What is the benefit of logging?

2. Discuss the difference between authentication and accountability.
3. Describe nonrepudiation.
4. Name five items we might want to audit.
5. Why is accountability important when dealing with sensitive data?
6. Why might auditing our installed software be a good idea?
7. When dealing with legal or regulatory issues, why do we need accountability?
8. What is the difference between vulnerability assessment and penetration
testing?
9. What impact can accountability have on the admissibility of evidence in court
cases?
10. Given an environment containing servers that handle sensitive customer
data, some of which are exposed to the Internet, would we want to conduct a
vulnerability assessment, a penetration test, or both? Why?

1. What type of cipher is a Caesar cipher?

2. What is the difference between a block and a stream cipher?
3. ECC is classified as which type of cryptographic algorithm?
4. What is the key point of Kerckhoffs Principle?
5. What is a substitution cipher?
6. What are the main differences between symmetric and asymmetric key
cryptography?
7. Explain how 3DES differs from DES.
8. How does public key cryptography work?
9. Decrypt this message: V qb abg srne pbzchgref. V srne gur ynpx bs gurz.
-Vfnnp Nfvzbi
10. How is physical security important when discussing cryptographic security of
data?

1. Why is it important to identify our critical information?

2. What is the first law of OPSEC?
3. What is the function of the IOSS?
4. What part did George Washington play in the origination of operations
security?
5. In the operations security process, what is the difference between assessing
threats and assessing vulnerabilities?
6. Why might we want to use information classification?
7. When we have cycled through the entire operations security process, are we
finished?
8. From where did the first formal OPSEC methodology arise?
9. What is the origin of operations security?
10. Define competitive counterintelligence.

1. Name the three major concerns for physical security, in order of importance.
2. Name the three main categories in which we are typically concerned with
physical security.
3. Why might we want to use RAID?
4. What is the foremost concern as related to physical security?
5. What type of physical access control might we put in place in order to block
access to a vehicle?
6. Give three examples of a physical control that constitutes a deterrent.
7. Give an example of how a living organism might constitute a threat to our
equipment.
8. Which category of physical control might include a lock?
9. What is residual data and why is it a concern when protecting the security of
our data?
10. What is our primary tool for protecting people?

1. For what might we use the tool Kismet?

2. Explain the concept of segmentation.
3. If we needed a command-line tool that could sniff network traffic, what tool
might we use?
4. What are the three main types of wireless encryption?
5. What tool might we use to scan for devices on a network?
6. Why would we use a honeypot?
7. Explain the difference between signature and anomaly detection in IDSes.
8. What would we use if we needed to send sensitive data over an untrusted
network?
9. What would we use a DMZ to protect?
10. What is the difference between a stateful firewall and a deep packet
inspection firewall?

1. What is a vector for malware propagation?

2. What is an exploit framework?
3. What is the difference between a port scanner and a vulnerability assessment
tool?
4. Explain the concept of an attack surface
5. Why might we want a firewall on our host if one already exists on the network?
6. What is operating system hardening?
7. What is the XD bit and why do we use it?
8. What does executable space protection do for us?
9. How does the principle of least privilege apply to operating system hardening?
10. Download Nmap from www.nmap.org and install it. Conduct a basic scan of
scanme.nmap.org using either the Zenmap GUI or the command line. What ports
can you find open?

1. What does a fuzzing tool do?

2. Give an example of a race condition.
3. Why is it important to remove extraneous files from a Web server?
4. What does the tool Nikto do and in what situation might we use it?
5. Name the two main categories of Web security.
6. Is an SQL injection attack an attack on the database or an attack on the Web
application?
7. Why is input validation important?
8. Explain a cross-site request forgery (XSRF) attack and what we might do to
prevent it.
9. How might we use a sniffer to increase the security of our applications?
10. How can we prevent buffer overflows in our applications?

10