Answer the one question from each assigned section this week (sections 13.8 & 14.1 – 14.4). Each response should be 1-2 paragraphs in length. Type your numbered answers in a Word document (i.e. Section 14.1 Question 2, etc.). APA formatting is not required. If you use outside sources to support your answers, provide APA-style citations and a reference page.
Answer one of the following from Section 13.8:
- How do you defend against a Ping of Death attack?
- What does the sniffer-detect script with the NMAP utility allow you to do?
- What tools that can help you find backdoors?
- What can you do to prevent your network from becoming an amplifier for DoS attacks?
- What do you need to configure two-factor authentication?
Answer one of the following from Section 14.1:
- What type of recognition method is used by most virus scanning software?
- How does an IPS differ from an IDS?
- What is the advantage to using a network-based IDS instead of a host-based IDS?
- What should you regularly do when using a signature-based IDS?
- How can packet sniffing and port scanning software be used to improve the security of your network?
- Which device(s) can you use to discover open ports?
Answer one of the following from Section 14.2:
- Why should you perform a penetration test on your network?
- Which type of penetration testing provides you with the most accurate results regarding your network’s vulnerabilities?
- How does black box testing differ from grey box testing?
- In which stage of penetration testing do you create a fingerprint of your system?
- What is the difference between operations and electronic penetration testing?
Answer one of the following from Section 14.3:
- How does SecureDynamic differ from SecureSticky?
- How does DAI validate ARP packets on the network?
- What is the difference between enforcement and remediation servers?
- How does an A port violation occur? How can you resolve it?
- What does DHCP snooping do on your network?
Answer one of the following from Section 14.4:
- How does enticement differ from entrapment?
- What is your first step when responding to an incident?
- What information is included in the incident response plan?
- How do you handle any evidence you collect?
- What is the difference between a search warrant and a subpoena?
- In which stage(s) of the evidence life cycle should you be concerned about how the evidence is handled?