Final exam will be 12/12 4:30-7
pm Monday in class, open book open note.
The final exam will cover the following topics:
Penetration Testing
What are 9 potential hacking steps of the hacking methodology discussed
in "Hacking exposed" by McClure et al?
How the nmap detects the OS version?
How the scanning tools evades the detection?
Given an example of how fpipe can be used to avoid blocking by the firewall.
How can netcat be used to set up a backdoor connection? How the information
collected with footprinting, scanning, and enumeration can help gain access
to the system? Give three examples
Firewall
Why the servers in DMZ are not allowed to initiate the connections to
the systems in the intranet?
What would happen if a machine in Internet pings a machine in the intranet?
When should we use SNAT instead of MASQUERADE?
How DNAT is used? Is it applied in PREROUTING or POSTROUTING?
IDS
With the possibility of the inside attack, where should IDS devices
be located?
What are two basic types of IDS devices?
If a hacker changes the content of the TFN DDoS attack msg from "1234"
to "haha", what will be the new snort rule, you will add?
The above scenario indicates the problems with IDS detection with specific
patterns. If the attacker changes the content, the existing rules will
produce false negatives. What is your solution to this.
Give three examples of designs or syntax in snort rules, that tries
to improve the efficiency of intrusion detection process.
Explain how honeypot can be used to reduced the false positives to zero.
Intrusion Tolerance
How to hide alternate gateway from potential intruders?
Perform a vulnerable analysis on the proposed SCOLD system, what are
vulnerable components? How can it be improved?
Wireless Security
What is required to implement EAS-TLS secure wireless access system?
Why PEAP and TTLS is a better choice than EAS-TLS?
Security Policies
Explain what is WURD policy? Why it prevent classified info from leaking
out?