1. What is security policy?
2. What is user policies?
3. Say something regarding the following coverage of effective user policies:
a. password
b. internet use
c. email usage
d. installing/uninstalling software
e. instant messaging
f. desktop configuration
g. bring your own device
4. What is system administration policies?
5. What system administration policies should be defined for the following:
a. new employees
b. departing employees
c. security breaches
d. virus infections
e. dos attacks
f. hacker intrusion
6. What is an access control?
7. What is data classification?
8. What is a disaster recovery plan?
Huwebes, Nobyembre 14, 2019
9. Malware
1.
What is a virus?
2.
How a virus spreads?
3.
Types of viruses
4.
Ways on how to avoid viruses?
5.
What is a Trojan horse?
6.
What is the Buffer-Overflow Attack?
7.
What is the Sasser Virus?
8.
What is a spyware?
9.
What are the legal uses of spyware?
10.
How is spyware delivered to a target system?
11.
Other forms of malware
a.
Rootkit
b.
Malicious web-based code
c.
Logic bombs
d.
Spam
e.
Advanced Persistent Threats
12.
How to educate users regarding malwares?
Lunes, Nobyembre 11, 2019
8. Computer Security Technology
1. What is a virus scanner and how does it works?
2. How the following virus-scanning techniques work?
a. Email and attachment scanning
b. Download scanning
c. File scanning
d. Heuristic scanning
e. Sandbox
3. Techniques used by commercial scanners?
a. Active code scanning
b. False positives and false negatives
4. What is a firewall?
a. What are the benefits and limitations of firewalls?
b. What is an application gateway?
c. How does each firewall configuration works?
- network host-based
- dual-homed host
- router-based firewall
- screened host
d. What is a firewall log?
5. What is an antispyware?
6. What is an IDS?
a. What is a passive IDS? active IDS?
b. Ways in identifying intrusions?
- signature based
- statistical anomaly
c. What is a honey pot?
d. What is intrusion deflection?
e. What is authentication?
7. What is a digital certificate?
8. What is SSL/TLS?
9. What is a Virtual Private Network?
a. Protocols used in creating a VPN
- PPTP
- L2TP
- IPsec
10. Wi-Fi Security Protocols
a. Wired equivalent privacy
b. Wi-Fi Protected Access
c. WPA2
2. How the following virus-scanning techniques work?
a. Email and attachment scanning
b. Download scanning
c. File scanning
d. Heuristic scanning
e. Sandbox
3. Techniques used by commercial scanners?
a. Active code scanning
b. False positives and false negatives
4. What is a firewall?
a. What are the benefits and limitations of firewalls?
b. What is an application gateway?
c. How does each firewall configuration works?
- network host-based
- dual-homed host
- router-based firewall
- screened host
d. What is a firewall log?
5. What is an antispyware?
6. What is an IDS?
a. What is a passive IDS? active IDS?
b. Ways in identifying intrusions?
- signature based
- statistical anomaly
c. What is a honey pot?
d. What is intrusion deflection?
e. What is authentication?
7. What is a digital certificate?
8. What is SSL/TLS?
9. What is a Virtual Private Network?
a. Protocols used in creating a VPN
- PPTP
- L2TP
- IPsec
10. Wi-Fi Security Protocols
a. Wired equivalent privacy
b. Wi-Fi Protected Access
c. WPA2
Lunes, Nobyembre 4, 2019
7. Encryption
1. What is encryption and decryption?
2. What is symmetric and asymmetric cryptography?
3. What is the Caesar Cipher?
4. What is Atbash?
5. What is Multi-Alphabet Substitution?
6. What is Rail Fence?
7. What is Enigma?
8. What is block cipher and stream cipher?
9. What is Data Encryption Standard?
10. What is Advanced Encryption Standard?
11. What is Blowfish?
12. What is Public Key Encryption?
13. What is RSA?
14. What is Pretty Good Privacy?
15. What is a Digital Signature?
16. What is Hashing?
17. What is SHA?
18. What is MAC and HMAC?
19. What is Rainbow Tables?
20. What is Steganography?
21. What is Frequency Analysis?
2. What is symmetric and asymmetric cryptography?
3. What is the Caesar Cipher?
4. What is Atbash?
5. What is Multi-Alphabet Substitution?
6. What is Rail Fence?
7. What is Enigma?
8. What is block cipher and stream cipher?
9. What is Data Encryption Standard?
10. What is Advanced Encryption Standard?
11. What is Blowfish?
12. What is Public Key Encryption?
13. What is RSA?
14. What is Pretty Good Privacy?
15. What is a Digital Signature?
16. What is Hashing?
17. What is SHA?
18. What is MAC and HMAC?
19. What is Rainbow Tables?
20. What is Steganography?
21. What is Frequency Analysis?
Lunes, Oktubre 14, 2019
6. Hacking Techniques
1. Active Scanning Techniques
a. Port Scanning (Ping scan, Connect scan, SYN scan, FIN scan)
b. Vulnerability Assessment
c. Enumeration
2. Actual Attacks
a. SQL Script Injection
b. Cross-Site Scripting
c. Password Cracking
3. Malware Creation
4. Windows Hacking Techniques
a. Pass the Hash
b. Net User Script
c. Login as System
5. Penetration Testing
a. Port Scanning (Ping scan, Connect scan, SYN scan, FIN scan)
b. Vulnerability Assessment
c. Enumeration
2. Actual Attacks
a. SQL Script Injection
b. Cross-Site Scripting
c. Password Cracking
3. Malware Creation
4. Windows Hacking Techniques
a. Pass the Hash
b. Net User Script
c. Login as System
5. Penetration Testing
Lunes, Setyembre 9, 2019
4. Denial of Service Attack
1. What is a DoS attack?
2. Illustrate how a DoS attack works in general.
3. Explain how the common tools used for DoS work.
a. Low Orbit Ion Cannon
b. XOIC
c. TFN and TFN2K
d. Stacheldraht
4. What are the weaknesses of DoS attacks?
5. Specific DoS attacks (select only 4 items)
a. TCP SYN Flood Attack (Micro blocks, SYN cookies,
RST cookies, Stack tweaking)
b. SMURF IP Attack
c. UDP Flood Attack
d. ICMP Flood Attack
e. The Ping of Death
f. Teardrop Attack
g. Land Attack
h. DDoS
6. Give an example of a real-world DoS attack and
discuss briefly.
7. How to defend against the DoS attacks?
Lunes, Setyembre 2, 2019
3. Cyber Stalking, Fraud, and Abuse
Internet Fraud
1. Investment Offers
a. Nigerian fraud
b. Investment advice
c. Pump and dump
d. Auction fraud (Shill Bidding, Bid Shielding, Bid Siphoning)
2. Identity Theft
a. Phishing
3. Cyber Stalking
1. Investment Offers
a. Nigerian fraud
b. Investment advice
c. Pump and dump
d. Auction fraud (Shill Bidding, Bid Shielding, Bid Siphoning)
2. Identity Theft
a. Phishing
3. Cyber Stalking
Mag-subscribe sa:
Mga Post (Atom)