Funding

Overview While you have not been given carte blanche by the CEO, she has made it clear that money isn't necessarily an issue, within reason of course. The problems need to be solved so that the company can safely continue to manufacture its products in the most efficient manner possible.

CEO & CFO "Look, we don't think that we need the Rolls Royce of installations, but, we can tell you that everything is riding on our ability to ship our combined products in a timely manner, and the network we're asking you to build is going to be a big part of that. We think the company will continue to grow, though not as rapidly as in the last several months. So, that being said, give us a network that is secure and makes sense."

The Multinational Startup 191

Questions

1. What is the current business problem? Choose all that apply.^^^^^^l

A.

The e-mail systems are not the same.

B.

Each of the units is connected to the Internet with no firewalls in place.

C.

Management is suddenly concerned with security.

D.

There has not been any risk assessment, security assessment, or risk management.

2. What solution(s) should you implement to solve the customer's business problem? Select all correct responses.

A.

Ensure that each location has a secure connection to the Internet by instituting a bastion host firewall solution.

B.

Set up secure wide area connections between all of the sites. Wide area bandwidth should be adjusted according to the size of the site and its needs.

C.

Up-version all servers to Windows 2000.

D.

Begin the risk management process to provide a framework for the internal and external security plans.

E.

Set up some form of IIS Server in a central location for the sharing of information.

F.

Assure that all users are on a uniform O/S desktop, and that service pack and service release levels are current.

G.

Establish a plan to up-version the existing Exchange servers to Exchange 2000 by Q1 of next year.

H.

Plan and deploy screened subnet firewalls at each location.

I.

Plan and deploy a combination of bastion host and screened subnet types of firewalls.

Copyright ©2000 SYBEX, Inc., Alameda, CA www.sybex.com

192 Chapter 4 ■ Enterprise Risk Assessment

3. As you begin the risk assessment and management process, what step(s) should you immediately take? Choose the best answer.

A.

Begin forming a study committee, including a member of senior management, and members from all three locations.

US B.

Gather in all the network documentation.

C.

Begin taking a high-level overview of the Internet connectivity and intranet plans of the organization.

zL D.

Talk with the ADS design committee to find out how the network is being integrated into Active Directory Services.

O E.

Talk with the infrastructure group to determine how the infrastructure will be affected by the implementation of the firewalls.

F.

All of the above.

4. What is an example of identity interception?

A.

This term refers to malicious code running as auto-executed ActiveX control or a Java Applet uploaded from the Internet on a Web server.

B.

This is a generic term for a malicious program that masquerades as a desirable and harmless utility.

C.

The intruder floods a server with requests that consume system resources and either crash the server or prevent useful work from being done. Crashing the server sometimes provides opportunities to penetrate the system.

D.

Someone discovers the user name and password of another valid user. This can occur by a variety of methods, both social and mechanical.

E.

An unauthorized user pretends to be a valid user. In one case, a user may assume the IP address of a trusted system and use it to gain the access rights that are granted to the impersonated device or system.

Copyright ©2000 SYBEX, Inc., Alameda, CA www.sybex.com

The Multinational Startup 193

B.

What is an example of manipulation?

A.

The intruder floods a server with requests that consume system resources and either crash the server or prevent useful work from being done. Crashing the server sometimes provides opportunities to penetrate the system.

B.

The intruder records a network exchange between a user and a server and plays it back at a later time to impersonate the user.

C.

This is a generic term for a malicious program that masquerades as a desirable and harmless utility.

D.

This term refers to malicious code running as auto-executed ActiveX control or a Java Applet uploaded from the Internet on a Web Server.

E.

The intruder causes network data to be modified or corrupted. Unencrypted network financial transactions are vulnerable to manipulation. Viruses can corrupt network data.

B.

What is an example of a denial of service?

A.

Network-based business and financial transactions are compromised if the recipient of the transaction cannot be certain who sent the message.

B.

This is a generic term for a malicious program that masquerades as a desirable and harmless utility.

C.

The intruder floods a server with requests that consume system resources and either crash the server or prevent useful work from being done. Crashing the server sometimes provides opportunities to penetrate the system.

D.

Application-specific viruses could exploit the macro language of sophisticated documents and spreadsheets.

E.

This term refers to malicious code running as auto-executed ActiveX control or a Java Applet uploaded from the Internet on a Web server.

Copyright ©2000 SYBEX, Inc., Alameda, CA www.sybex.com

194 Chapter 4 ■ Enterprise Risk Assessment

7. What is an example of a macro virus?

Q A.

The intruder records a network exchange between a user and a server and plays it back at a later time to impersonate the user.

U B.

Application-specific viruses could exploit the macro language of sophisticated documents and spreadsheets.

C.

This is a generic term for a malicious program that masquerades as a desirable and harmless utility.

zL D.

An administrator of a computing system knowingly or mistakenly uses full privileges over the operating system to obtain private data.

O E.

Network-based business and financial transactions are compromised if the recipient of the transaction cannot be certain who sent the message.

8. What is repudiation?

A.

Network-based business and financial transactions are compromised if the recipient of the transaction cannot be certain who sent the message.

B.

An unauthorized user pretends to be a valid user. In one case, a user may assume the IP address of a trusted system and use it to gain the access rights that are granted to the impersonated device or system.

C.

The intruder causes network data to be modified or corrupted. Unencrypted network financial transactions are vulnerable to manipulation. Viruses can corrupt network data.

D.

This is a generic term for a malicious program that masquerades as a desirable and harmless utility.

E.

If data is moved across the network as plain text, unauthorized persons can monitor and capture the data.

Copyright ©2000 SYBEX, Inc., Alameda, CA www.sybex.com

The Multinational Startup 195

9. What is an example of misuse of privilege?

A.

Application-specific viruses could exploit the macro language of sophisticated documents and spreadsheets.

B.

If data is moved across the network as plain text, unauthorized persons can monitor and capture the data.

C.

Sometimes breaking into a network is as simple as telephoning new employees, telling them you are from the IT department, and asking them to verify their password for your records.

D.

An administrator of a computing system knowingly or mistakenly uses full privileges over the operating system to obtain private data.

E.

The intruder records a network exchange between a user and a server and plays it back at a later time to impersonate the user.

10. What is a Trojan horse?

A.

If data is moved across the network as plain text, unauthorized persons can monitor and capture the data.

B.

The intruder records a network exchange between a user and a server and plays it back at a later time to impersonate the user.

C.

Sometimes breaking into a network is as simple as telephoning new employees, telling them you are from the IT department, and asking them to verify their password for your records.

D.

This term refers to malicious code running as auto-executed ActiveX control or a Java Applet uploaded from the Internet on a Web Server.

E.

This is a generic term for a malicious program that masquerades as a desirable and harmless utility.

Copyright ©2000 SYBEX, Inc., Alameda, CA www.sybex.com

196 Chapter 4 ■ Enterprise Risk Assessment

S

Answers

1.

B, D. At this stage of the process, management has suddenly discov

ered security and wants to make sure that everything in the network is

as it should be. This is especially true of the connections to the Inter

S

net, which at this point in time are exposed. In addition, no one has

assessed exactly what risks exist in the company—and before you can

z

protect something, you have to know what to protect.

2.

D, H. This calls for a two-pronged attack. You should begin with the

risk assessment and risk management process while making plans to

implement firewalls at each site. If you look closely at the answers, you

■■

will see several that call for the implementation of different types of

firewalls. Microsoft says that the bastion host method should be used

S

for small implementations. Over 1,000 in each location does not con

stitute "small," so go with the recommendations of the screened sub-

H

net deployment.

S

3.

F. Again, you have some serious analysis to do, and while that is going

on, there are some open connections to the Internet to contend with.

Risk assessment should start with the open connections and solve that

O

problem first.

4.

D. Identity interception is when someone discovers the user name and

password of another valid user. This can occur by a variety of meth-

ods, both social and mechanical.

5.

E. Manipulation is when an intruder causes network data to be mod

ified or corrupted. Unencrypted network financial transactions are

vulnerable to manipulation. Viruses can corrupt network data.

6.

C. A denial of service attack (DoS) is when the intruder floods a server

with requests that consume system resources and either crash the

server or prevent useful work from being done. Crashing the server

sometimes provides opportunities to penetrate the system.

7.

B. A macro virus is when application-specific viruses could exploit the

macro language of sophisticated documents and spreadsheets.

Copyright ©2000 SYBEX, Inc., Alameda, CA www.sybex.com

8. A. Repudiation is when network-based business and financial transactions are compromised if the recipient of the transaction cannot be certain who sent the message.

9. D. An example of misuse of privilege is when the administrator of a computing system knowingly or mistakenly uses full privileges over the operating system to obtain private data.

10. E. A Trojan horse is a generic term for a malicious program that masquerades as a desirable and harmless utility.

Chapter

Was this article helpful?

0 0

Post a comment