khmer song ពែកមី,Computer Network


IT Network Question for Exam

1.      What are Typical Elements that Require Security in Microsoft Network?
-          Physical security
-          Computers
-          Accounts
-          Authentication
-          Data
-          Data transmission
-          Network perimeters
2.      What are the phase are used to Designing Security?
-          Creating a Design Team
-          Performing Threat Modeling
-          Performing Risk Management
-          Designing Security Measures
-          Detecting and Reacting
-          Ongoing Security Management
3.      What are Security Policy?
ü  There are three general types of security policies. Each is based on its primary method of enforcement:
-            Administrative policies.
§  Policies that are enforced by management that cannot be enforced by operating systems, applications, or physical controls.
-            Technical policies.
§  Policies that are enforced by the operating system and applications, such as Security Templates.
-            Physical policies.
§  Policies that are enforced by implementing physical controls, such as locks.
4.      What are Relationship between Policies and Procedures?
-          Policies describe what must be implemented to secure a network
-          Procedures describe how to implement policies
5.      What are typical Reasons Why security Policies Fail?
-          Not enforced
-          Difficult to read
-          Difficult to find
-          Outdated
-          Too vague
-          Too strict
-          Not supported by management
6.      What are guidelines for Creating Policies and Procedure?
ü  Guidelines for Creating Policies and Procedure are:
-          Write clear and concise policies
-          Write simple procedures
-          Obtain management support
-          Ensure employees can find and refer to them easily
-          Ensure no disruption to business processes
-          Use technology to enforce
-          Ensure consequence of violating policy is consistent
-          Create incentives for following security policies
7.      What are the Benefits of MSF when Designing a Security plan?
-          The Envisioning Phase for Network Security
-          The Planning Phase for Network Security
-          The Developing Phase for Network Security
-          The Stabilizing Phase for Network Security
-          The Deploying Phase for Network Security
8.      What are Core Team Members of Security Design?
-          Product management
-          Program management
-          Development
-          Testing
-          User education
-          Logistics management
9.      What are Extended Team Members of Security Design?
-          Executive sponsor
-          Legal
-          Human resources
-          Managers
-          End users
-          Auditors.
10.  List down and give details explanation of Guidelines for Creating a Security Design Team
ü  Guidelines for creating a security design team include:
§  A single executive sponsor
-          An executive sponsor who can make decisions gives your design  authority and helps keep team members focused on the project.
§  An experienced program manager
-          Coordinating team members from different parts of your organization is a difficult task. Ensure that you use a program manager who is experienced with personnel and with your corporate culture.
§  Involvement of teams
-          Team that will deploy and manage network security in the planning phase. These teams are essential to the success of your design after you have finished it.
§  Legal and human resources.
-          These departments can ensure that your design is legal and ethical.
§  Participation of managers and end users.
-          Involving representatives of managers and end users in the design will help ensure that all managers and end users follow your policies.
§  Clear roles and responsibilities for all team members.
-          Ensure that all members of the security design team understand their responsibilities and the goals of all other roles.
§   A communication plan.
-          Communicate regularly and clearly to your organization so that people know whom to expect communication from and so that they have time to prepare for your design.
11.  Why do Network Attacks occur?
ü  The reasons that network attacks occur include:
-          Revenge
-          Espionage
-          Publicity
-          Personal satisfaction
-          Terrorism
12.  Who attacks Network?
-          Novice : attackers have only basic computer knowledge but are still dangerous
-          Intermediate: Attackers with intermediate skills are often trying to gain respect in attacker communities
-          Advanced: Highly skilled attackers present a serious challenge to network security
13.  What are typical Anatomy of an Attack?
-          Survey and Assess
-          Exploit and Penetrate
-          Escalate Privileges
-          Maintain Access

-          Deny Service
No comments :

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )