All assignments (papers and presentations) should be submitted as computer-generated hard copies on the P: drive
Perform the following: 1. What benefit can a private, for-profit derive from best practices designed for federal agencies? This is Review Question 6 in your text book page 239. Your answer need to be organized as a list of bullets and not to exceed half a page. Information to develop policy and security model Planning documents Implementation strategies Personnel position descriptions Operating procedures 2. When is BC plan used? How do you determine when to use IR plan, DR plan, or BC plan? This is Review Question 14 in your text book page 239. Your answer need to be organized as a list of bullets and not to exceed half a page. used if catastrophic incident or disaster occurs IR plan: used for immediate response, but not for disastrous incidents DR plan: used to restore systems at original site of disaster BC plan: used with DR plan if the damage is major or ongoing and requires more than simple restoration. Also establishes critical business function at alternate site. 3. Perform Exercise 5 in your text book page 240. Incident attack against information asset that poses a threat to confidentiality, integrity, or availability Disaster organization is unable to mitigate impact of incident during incident or level of damage is so bad that the org is unable to recover quickly a. incident restore server with backup, investigate how hacker got access, inform law enforcement of incident b. incident clean and repair storeroom, replace damaged computers, do not inform law enforcement c. disaster use BC plan, move to temporary location with power and try to resume operations, wait until power is restored, do not inform law enforcement d. disaster do not use BC plan, resume operations with staff not on strike, wait for strike to end/come to an agreement, do not inform law enforcement e. incident contact law enforcement, recover critical server 4. How is an application layer firewall different from a packet filtering firewall? Why is an application layer firewall sometimes called a proxy server? This is Review Question 3 in your text book page 284. Your answer need to be organized as a list of bullets and not to exceed half a page. Packet filtering firewall functions on the IP level and determines whether to allow or deny and packets based on the information in their packet heading and if this information violates a rule in the firewall settings. Application layer firewalls do the same thing as packet filtering firewalls but on the application level and with protocols such as FTP, HTTP, SMTP, etc. Application layer firewalls are sometimes called proxy servers because it runs a special program that acts as a proxy server for a service request. 5. Perform Exercise 1 in your text book page 285. Name ZoneAlarmPro Outpost Firewall Pro Norman Personal Firewall Injoy Firewall eConceal Pro Price $30 $40 $58 $30 $35 Features Port Monitoring, Network Traffic Monitor, Data Filtering, Phone Support, Intruder Alert, Individual Users Port Monitoring, Network Traffic Monitor, Data Filtering, Phone Support, Intruder Alert, Individual Users Port Monitoring, Network Traffic Monitor, Data Filtering, Intruder Alert Email, File, Registry Protection, Port Monitoring, Network Traffic Monitor Port Monitoring, Network Traffic Monitor, Data Filtering Functionality Windows 7, Vista, XP Windows XP, 2000, 98, ME Windows XP or earlier Windows XP, 2000, 98. 95 Windows XP or earlier Type of protection Email, File, Personal Information, Registry Protection Email, File, Personal Information, Registry Protection File, Registry Protection Email, File, Registry Protection None Ranking 1 2 3 4 5