View previous topic :: View next topic |
Author |
Message |
tonybradley Just Arrived
Joined: 13 Jun 2003 Posts: 0 Location: Michigan
|
Posted: Tue Sep 02, 2003 4:08 pm Post subject: FINAL EXAM: Computer Security 101 |
|
|
If you have been following along and reading and studying the Computer Security 101 lessons and taking each of the 10 associated quizzes- then you should be ready for the BIG TIME!
I have posted a 50-question Final Exam based on all 10 lessons / quizzes. Click below to take the Final Exam and see how much you really know.
Computer Security 101: Final Exam
WARNING
The link will take you to the final exam quiz on my About.com Internet / Network Security site. For those who aren't familiar, About.com likes to use pop-up / pop-under advertising. Make sure you have these things blocked (you can get free tools here: Free Pop-Up and Messenger Spam Blocking Tools) or at least just be prepared.
/WARNING
|
|
Back to top |
|
|
b4rtm4n Trusted SF Member
Joined: 26 May 2002 Posts: 16777206 Location: Bi Mon Sci Fi Con
|
Posted: Tue Sep 02, 2003 4:41 pm Post subject: |
|
|
Nice quiz although I disagree about your guest account question.
Guest should be disabled. No need for it in most environments.
Any chance of an sfdc link either at the beginning or the end?
Also theres one or two *end quizzes* appearing rather than continues.
Any chance of an sfdc link either at the beginning or the end?
Thumbs up from me tho.
|
|
Back to top |
|
|
tonybradley Just Arrived
Joined: 13 Jun 2003 Posts: 0 Location: Michigan
|
Posted: Tue Sep 02, 2003 4:54 pm Post subject: |
|
|
which Guest question are you referring to? The one about establishing a strong password?
If so, I agree completely that the Guest account should be disabled (frankly I believe it shouldn't exist in the first place- I've never seen it actually used in a legitimate way). However, even when disabled the account should have a strong password assigned so that if a virus or other malicious code manages to enable the account they won't have free access by virtue of the fact that it has a blank password by default.
In the actual lesson associated with that question I do say to leave the account disabled as well.
Let me take a look and see if there is a good place to squeeze an SFDC link in.
|
|
Back to top |
|
|
b4rtm4n Trusted SF Member
Joined: 26 May 2002 Posts: 16777206 Location: Bi Mon Sci Fi Con
|
Posted: Tue Sep 02, 2003 5:03 pm Post subject: |
|
|
Ahaa that clarifys the answer. Maybe a slight rewording of the question?
Otherwise top hole!
|
|
Back to top |
|
|
aberent Trusted SF Member
Joined: 08 May 2003 Posts: 2 Location: Toronto
|
Posted: Tue Sep 02, 2003 5:08 pm Post subject: |
|
|
Nice quiz, tons of network stuff, not enough cryptography
Also it would be nice to see your score at the end.
|
|
Back to top |
|
|
Sgt_B Trusted SF Member
Joined: 28 Oct 2002 Posts: 16777215 Location: Chicago, IL US
|
Posted: Tue Sep 02, 2003 5:13 pm Post subject: |
|
|
Question 49 is a little suspect to me.
Quote: |
A(n) ______ is a device or application used to inspect all network traffic and alert the user or administrator when there has been unauthorized attempts or access.
|
a)Firewall b)Network Monitor c)IDS d) Honeypot.
An IDS can be configured to look for unauthorized access attempts based on exploit signatures, or via anomoly-based to check any crazy looking traffic. What about the user who sniffed a password? They log on correctly the first time. No exploit sig, and I doubt an anomloy based IDS would be implemented here. No alert would be sent. This is where OS auditing would take over.
I'm being picky, but the phrase "unauthorized attempts or access" can be open to interpretation.
Example....I'm scanning your firewall looking to gain unauthorized access. The firewall is alerting you to my presence....thus 'a' is correct.
Might want to rephrase that one so IDS is the only correct answer.
[edit]
Oh, and great quiz! I like it...too much criticism, and not enough praise!
|
|
Back to top |
|
|
EricTheBald Just Arrived
Joined: 06 Feb 2003 Posts: 3
|
Posted: Tue Sep 02, 2003 7:52 pm Post subject: |
|
|
I got to question 13 and I see this:
An IP Address is the Internet equivalent of:
a) Your birth date
b) Your mailing address
c) Your social security number
d) Your phone number
First I chose D, because it actually is the best answer. A mailing address is like a MAC address. It stays the same no matter who lives there (other than adressee name), and the phone number is dynamically assigned, each successive resident getting a new one.
But that was wrong.
So I figured they must be thinking it's like the Social Security Numbers they use in the US, because they are at least heirarchical, so I chose C.
But NO...
They figure the answer is B!
Edit: I couldn't help myself. I had to finish the test, although i repeatedly found myself wondering what answer "THEY" were looking for, instead of looking to answer the questions "correctly".
Last edited by EricTheBald on Wed Sep 03, 2003 1:06 am; edited 2 times in total |
|
Back to top |
|
|
b4rtm4n Trusted SF Member
Joined: 26 May 2002 Posts: 16777206 Location: Bi Mon Sci Fi Con
|
Posted: Tue Sep 02, 2003 8:00 pm Post subject: |
|
|
MMM iirc all the ip4 coursework, howtos, examples, etc etc use the street address analogy.
Also this is supposed to carry on from TB's introductory courses and not really to be taken out of context (correct me if i'm wrong Tony) as all the analogies will have been explained before hand.
So lets avoid the personal abuse. Cheers
|
|
Back to top |
|
|
EricTheBald Just Arrived
Joined: 06 Feb 2003 Posts: 3
|
Posted: Tue Sep 02, 2003 8:14 pm Post subject: |
|
|
MMM iirc all the ip4 coursework, howtos, examples, etc etc use the street address analogy.
I wouldn't know. I didn't do the courses on that website, i just took the test.
But street address is a damn poor analogy. Poor to the point that it's wrong, because it conveys the wrong concept.
So lets avoid the personal abuse. Cheers
I thought I was heaping abuse on a faceless corporate entity.
Silly of me to think that, since obviously SOMEBODY wrote it, even if it was a committee.
I'll go back and edit my comment. I shouldn't let personal annoyance lead me to hurting someone's feelings.
|
|
Back to top |
|
|
MattA Trusted SF Member
Joined: 13 Jun 2003 Posts: 16777193 Location: Eastbourne + London
|
Posted: Tue Sep 02, 2003 10:37 pm Post subject: |
|
|
actually that whole analogy very interesting..
An IP Address is the Internet equivalent of:
a) Your birth date
b) Your mailing address
c) Your social security number
d) Your phone number
Yeah the MAC address is more like a mailing address on that basis.....
The IP address analogy is used as you have the 'street name' being the network ID and house number as the 'host' section of the IP address.
I always use the telephone analogy for what a port and socket is
It's all quite amusing using analogy to describe computer science, as the objective of analogy is to have people remember what something is like rather than knowing exactly , so we need good analogies that are accurate
you should hear my analogy about Active directory transitive links and the fuse box........
|
|
Back to top |
|
|
Sgt_B Trusted SF Member
Joined: 28 Oct 2002 Posts: 16777215 Location: Chicago, IL US
|
Posted: Tue Sep 02, 2003 10:41 pm Post subject: |
|
|
Quote: |
you should hear my analogy about Active directory transitive links and the fuse box........ |
I hate analogies....
|
|
Back to top |
|
|
EricTheBald Just Arrived
Joined: 06 Feb 2003 Posts: 3
|
Posted: Wed Sep 03, 2003 12:52 am Post subject: |
|
|
MattA wrote: |
you should hear my analogy about Active directory transitive links and the fuse box........ |
Actually, I'd like to.
|
|
Back to top |
|
|
|