Do the following review questions:
- 11.1 List and briefly define three classes of intruders.
- 11.2 What are two common techniques used to protect a password file?
- 11.3 What are three benefits that can be provided by an intrusion detection system?
- 11.4 What is the difference between statistical anomaly detection and rule-based intrusion detection?
- 11.5 What metrics are useful for profile-based intrusion detection?
- 11.6 What is the difference between rule-based anomaly detection and rule-based penetration identification?
- 11.7 What is a honeypot?
- 11.8 What is a salt in the context of UNIX password management?
- 11.9 List and briefly define four techniques used to avoid guessable passwords.
-
- 12.1 List three design goals for a firewall.
- 12.2 List four techniques used by firewalls to control access and enforce a security policy.
- 12.3 What information is used by a typical packet filtering firewall?
- 12.4 What are some weaknesses of a packet filtering firewall?
- 12.5 What is the difference between a packet filtering firewall and a stateful inspection firewall?
- 12.6 What is an application-level gateway?
- 12.7 What is a circuit-level gateway?
- 12.9 What are the common characteristics of a bastion host?
- 12.10 Why is it useful to have host-based firewalls?
- 12.11 What is a DMZ network and what types of systems would you expect to find on such networks?
- 12.12 What is the difference between an internal and an external firewall?
Submit a Microsoft Word document