• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

FINAL EXAM: Computer Security 101

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> General Security Discussion

View previous topic :: View next topic  
Author Message
tonybradley
Just Arrived
Just Arrived


Joined: 13 Jun 2003
Posts: 0
Location: Michigan

Offline

PostPosted: Tue Sep 02, 2003 4:08 pm    Post subject: FINAL EXAM: Computer Security 101 Reply with quote

If you have been following along and reading and studying the Computer Security 101 lessons and taking each of the 10 associated quizzes- then you should be ready for the BIG TIME!

I have posted a 50-question Final Exam based on all 10 lessons / quizzes. Click below to take the Final Exam and see how much you really know.

Computer Security 101: Final Exam


WARNING

The link will take you to the final exam quiz on my About.com Internet / Network Security site. For those who aren't familiar, About.com likes to use pop-up / pop-under advertising. Make sure you have these things blocked (you can get free tools here: Free Pop-Up and Messenger Spam Blocking Tools) or at least just be prepared.

/WARNING
Back to top
View user's profile Send private message Visit poster's website
b4rtm4n
Trusted SF Member
Trusted SF Member


Joined: 26 May 2002
Posts: 16777206
Location: Bi Mon Sci Fi Con

Offline

PostPosted: Tue Sep 02, 2003 4:41 pm    Post subject: Reply with quote

Nice quiz although I disagree about your guest account question.

Guest should be disabled. No need for it in most environments.

Any chance of an sfdc link either at the beginning or the end? Wink

Also theres one or two *end quizzes* appearing rather than continues.

Any chance of an sfdc link either at the beginning or the end? Wink Wink

Thumbs up from me tho.
Back to top
View user's profile Send private message Send e-mail
tonybradley
Just Arrived
Just Arrived


Joined: 13 Jun 2003
Posts: 0
Location: Michigan

Offline

PostPosted: Tue Sep 02, 2003 4:54 pm    Post subject: Reply with quote

which Guest question are you referring to? The one about establishing a strong password?

If so, I agree completely that the Guest account should be disabled (frankly I believe it shouldn't exist in the first place- I've never seen it actually used in a legitimate way). However, even when disabled the account should have a strong password assigned so that if a virus or other malicious code manages to enable the account they won't have free access by virtue of the fact that it has a blank password by default.

In the actual lesson associated with that question I do say to leave the account disabled as well.

Let me take a look and see if there is a good place to squeeze an SFDC link in. Wink
Back to top
View user's profile Send private message Visit poster's website
b4rtm4n
Trusted SF Member
Trusted SF Member


Joined: 26 May 2002
Posts: 16777206
Location: Bi Mon Sci Fi Con

Offline

PostPosted: Tue Sep 02, 2003 5:03 pm    Post subject: Reply with quote

Ahaa that clarifys the answer. Maybe a slight rewording of the question?

Otherwise top hole!
Back to top
View user's profile Send private message Send e-mail
aberent
Trusted SF Member
Trusted SF Member


Joined: 08 May 2003
Posts: 2
Location: Toronto

Offline

PostPosted: Tue Sep 02, 2003 5:08 pm    Post subject: Reply with quote

Nice quiz, tons of network stuff, not enough cryptography Smile

Also it would be nice to see your score at the end.
Back to top
View user's profile Send private message Visit poster's website
Sgt_B
Trusted SF Member
Trusted SF Member


Joined: 28 Oct 2002
Posts: 16777215
Location: Chicago, IL US

Offline

PostPosted: Tue Sep 02, 2003 5:13 pm    Post subject: Reply with quote

Question 49 is a little suspect to me.

Quote:
A(n) ______ is a device or application used to inspect all network traffic and alert the user or administrator when there has been unauthorized attempts or access.

a)Firewall b)Network Monitor c)IDS d) Honeypot.

An IDS can be configured to look for unauthorized access attempts based on exploit signatures, or via anomoly-based to check any crazy looking traffic. What about the user who sniffed a password? They log on correctly the first time. No exploit sig, and I doubt an anomloy based IDS would be implemented here. No alert would be sent. This is where OS auditing would take over.
I'm being picky, but the phrase "unauthorized attempts or access" can be open to interpretation.
Example....I'm scanning your firewall looking to gain unauthorized access. The firewall is alerting you to my presence....thus 'a' is correct.

Might want to rephrase that one so IDS is the only correct answer.

[edit]
Oh, and great quiz! I like it...too much criticism, and not enough praise! Smile
Back to top
View user's profile Send private message Visit poster's website
EricTheBald
Just Arrived
Just Arrived


Joined: 06 Feb 2003
Posts: 3


Offline

PostPosted: Tue Sep 02, 2003 7:52 pm    Post subject: Reply with quote

I got to question 13 and I see this:

An IP Address is the Internet equivalent of:

a) Your birth date
b) Your mailing address
c) Your social security number
d) Your phone number


First I chose D, because it actually is the best answer. A mailing address is like a MAC address. It stays the same no matter who lives there (other than adressee name), and the phone number is dynamically assigned, each successive resident getting a new one.

But that was wrong.

So I figured they must be thinking it's like the Social Security Numbers they use in the US, because they are at least heirarchical, so I chose C.

But NO...

They figure the answer is B!


Edit: I couldn't help myself. I had to finish the test, although i repeatedly found myself wondering what answer "THEY" were looking for, instead of looking to answer the questions "correctly".


Last edited by EricTheBald on Wed Sep 03, 2003 1:06 am; edited 2 times in total
Back to top
View user's profile Send private message AIM Address
b4rtm4n
Trusted SF Member
Trusted SF Member


Joined: 26 May 2002
Posts: 16777206
Location: Bi Mon Sci Fi Con

Offline

PostPosted: Tue Sep 02, 2003 8:00 pm    Post subject: Reply with quote

MMM iirc all the ip4 coursework, howtos, examples, etc etc use the street address analogy.

Also this is supposed to carry on from TB's introductory courses and not really to be taken out of context (correct me if i'm wrong Tony) as all the analogies will have been explained before hand.

So lets avoid the personal abuse. Cheers
Back to top
View user's profile Send private message Send e-mail
EricTheBald
Just Arrived
Just Arrived


Joined: 06 Feb 2003
Posts: 3


Offline

PostPosted: Tue Sep 02, 2003 8:14 pm    Post subject: Reply with quote

MMM iirc all the ip4 coursework, howtos, examples, etc etc use the street address analogy.
I wouldn't know. I didn't do the courses on that website, i just took the test.
But street address is a damn poor analogy. Poor to the point that it's wrong, because it conveys the wrong concept.



So lets avoid the personal abuse. Cheers
I thought I was heaping abuse on a faceless corporate entity.
Silly of me to think that, since obviously SOMEBODY wrote it, even if it was a committee.

I'll go back and edit my comment. I shouldn't let personal annoyance lead me to hurting someone's feelings.
Back to top
View user's profile Send private message AIM Address
MattA
Trusted SF Member
Trusted SF Member


Joined: 13 Jun 2003
Posts: 16777193
Location: Eastbourne + London

Offline

PostPosted: Tue Sep 02, 2003 10:37 pm    Post subject: Reply with quote

actually that whole analogy very interesting..

An IP Address is the Internet equivalent of:

a) Your birth date
b) Your mailing address
c) Your social security number
d) Your phone number

Yeah the MAC address is more like a mailing address on that basis.....

The IP address analogy is used as you have the 'street name' being the network ID and house number as the 'host' section of the IP address.

I always use the telephone analogy for what a port and socket is

It's all quite amusing using analogy to describe computer science, as the objective of analogy is to have people remember what something is like rather than knowing exactly , so we need good analogies that are accurate

you should hear my analogy about Active directory transitive links and the fuse box........
Back to top
View user's profile Send private message
Sgt_B
Trusted SF Member
Trusted SF Member


Joined: 28 Oct 2002
Posts: 16777215
Location: Chicago, IL US

Offline

PostPosted: Tue Sep 02, 2003 10:41 pm    Post subject: Reply with quote

Quote:
you should hear my analogy about Active directory transitive links and the fuse box........

I hate analogies.... Razz
Back to top
View user's profile Send private message Visit poster's website
EricTheBald
Just Arrived
Just Arrived


Joined: 06 Feb 2003
Posts: 3


Offline

PostPosted: Wed Sep 03, 2003 12:52 am    Post subject: Reply with quote

MattA wrote:


you should hear my analogy about Active directory transitive links and the fuse box........


Actually, I'd like to.
Back to top
View user's profile Send private message AIM Address
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> General Security Discussion All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register