Information Assurance: Homework 1Name:Information Assurance: Homework 1Due September 1, 20061. What do you hope to get out of this class?2. What is your main area of interest in computer security?3. What programming languages are you comfortable with? What operating systemsare you comfortable working with?Name:4. Consider the following topics. You have 8 positive marks and an optional 8 negative marks that you can apply to these topics. We will touch on most of thesetopics this semester. Your feedback will influence the degree we go into these topics this and future semesters. For example, if you are very interested in Information warfare and Disaster recovery, you may split your positive marks between these two. If Hardware Security does not interest you, you may apply your negative marks to this topic. You should apply all positive marks. You do not need to apply negative marks. a. Computer security and the law.b. Security and Ethicsc. Cryptographic theory and algorithmsd. Public Key Infrastructure and other network security protocolse. Information Warfaref. Computer Forensicsg. System Evaluation and Accreditationh. Security System Development Processesi. Disaster Recoveryj. Security of Critical Infrastructures such as Process Control or SCADA systemsk. Ethical hacking and software vulnerabilitiesl. Hardware support for securitym. Physical Securityn. Emanations or TEMPEST securityo. Database Securityp. Other topics? Please note.Name:5. Classify each of the following as a violation of confidentiality, of integrity, of availability, or of some combination thereof. Briefly explain your reasoning.a. Mary forges Bob's name on a check.b. Mary forges Bob's name on a check with his knowledge and permission.c. Larry incorrectly configures his scanning tool and ends up using 90% of the network bandwidth in his computer lab.d. Sara sniffs traffic to retrieve Anna's FTP account information.e. Margret's computer is infected via an unpatched OS bug causing her computer to run slowing and send out unauthorized traffic.f. Blaine registers the domain name goggle.com and other close typos of google.com, and he presents an interface similar to google's on these URL's.Name:6. Given the mechanism state policy that could be enforced by this mechanism.a. Parent of child enrolling in grade school must present two ID's showing current address.b. Credit card can only be activated by calling specified number from the home phone.c. New passwords must be at least eight characters and include a combination of alphabetic and non-alphabetic characters.7. Given the policy briefly outline an enforcing mechanism.a. Students should not copy other student's computer problem solutions.b. Employees must not send personal email from their work addresses.c. Company proprietary information must be protected from unauthorized
View Full Document
Unlocking...