Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

SI110 Homework Alpha: ________ Name: ______________ Page 1... Collaboration Policy: Default ...

advertisement 
SI110 Homework Alpha: ________ Name: ______________ Page 1 of 3
Collaboration Policy: Default
MIDN Last, F.
choose one: □ None □ XS110 □ EI with:
(or more)
□ MGSP
□ Discussed with: ________________
Homework:
/SI110/Cyber Operations/Cyber Defense
1. [ 20 / 15 / 10 / 0 ] The following diagram shows a network with a DMZ for the web server.
The following security policies are desired:
•
•
•
•
•
•
•
•
Internal hosts (intranet hosts) can access the DMZ web server using default HTTP.
External hosts (Internet hosts) can access the DMZ web server using default HTTP.
Internal hosts can access external web servers using default HTTP.
External hosts cannot access intranet web servers using HTTP.
Intranet hosts can access the DMZ web server using default SSH.
External hosts cannot access the DMZ web server using default SSH.
Non-intranet hosts cannot access intranet hosts using default SSH.
Intranet hosts and DMZ hosts cannot access Internet hosts using SSH.
firewall
Host
firewall
InternalNetwork
web
server
Host
INTERNET
Host
In the below table: circle the rules to allow the desired traffic, line through the rules to drop the
desired traffic.
Intranet Firewall
Internet Firewall
Inbound
Traffic
←
Destination Port 22
Outbound
Traffic
→
Destination Port 22
Destination Port 80
Destination Port 80
Inbound
Traffic
←
Destination Port 22
Outbound
Traffic
→
Destination Port 22
Destination Port 80
Destination Port 80
SI110 Homework
Alpha: ________
Name: __________________Page 2 of 3
2. [ 15 / 10 / 5 / 0 ] When a web server is installed on a host, the System Administrator (Sys
Admin) has a choice: the web server can run with the administrator account as its owner, or with
a non-administrator account as its owner. Why is it safer to not have the web server run with the
administrator account as its owner? What principle would apply by setting up the web server
such that it does not run as an administrator process?
3. [ 15 / 10 / 5 / 0 ] Suppose an organization you belong to has both public web pages and
password-protected web pages containing financial and personnel data for use by people who
work at the organization. Explain why splitting the web pages up so that the public ones are
housed on a web server in a DMZ, while the password-protected pages are kept on a web server
on the internal network (see the diagram from previous page), is more in keeping with the
principle of defense in depth than having all the data on the same web server in the DMZ?
SI110 Homework
Alpha: ________
Name: __________________Page 3 of 3
4. [ 50 / 40 / 30 / 20 / 10 / 0 ] For each defense practice below: circle the related principle, and
write the letter in the right column for an attack that the practice mitigates. Note: In some cases
there might be multiple attack options; you only need to provide one.
Cyber Attack Action:
a. Flood packets onto a network to degrade, disrupt, or deny service.
b. Gain remote access to a host on the target network.
c. Use access on one target host to gain access to another host on the target network.
d. Escalate privileges on a target host.
e. Use privileged access to read secret information.
f. Infiltrate a target network and conduct an attack without being noticed.
Principle
DiD: Defense in Depth Mitigates
Best Practice
LP: Least Privilege
Risk Of
Vig: Vigilance
Use encryption to protect important files
DiD
/
LP
/
Vig
Employ a firewall that blocks inbound SSH traffic
DiD
/
LP
/
Vig
DiD
/
LP
/
Vig
DiD
/
LP
/
Vig
Store password hashes vice passwords
DiD
/
LP
/
Vig
Use salt with password hashes
DiD
/
LP
/
Vig
Change default passwords
DiD
/
LP
/
Vig
Monitor log files for abnormal events
DiD
/
LP
/
Vig
Remove unneeded software from a server
DiD
/
LP
/
Vig
Use different passwords for accounts on different
systems
DiD
/
LP
/
Vig
Run a process in a sandboxed environment
DiD
/
LP
/
Vig
Monitor network traffic for unusual traffic (e.g. an
internal host begins sending GBs of data to an
external host)
DiD
/
LP
/
Vig
Enforce a policy of using strong passwords
DiD
/
LP
/
Vig
Setup a DMZ for publicly accessible servers
DiD
/
LP
/
Vig
Remove unneeded user accounts
DiD
/
LP
/
Vig
Minimize the number of programs that run as a
superuser
DiD
/
LP
/
Vig
Set firewall rules that drops incoming traffic based on
rate from the source IP address
Routinely patch operating systems and software
Related documents
Video Interaction Guidance - Centre for Evidence Based Early
Video Interaction Guidance - Centre for Evidence Based Early
1 2
1 2
Promoting Collaborative Learning and Development through Video
Promoting Collaborative Learning and Development through Video
VIG PERMISSION FORM CLIENT and Clients rights
VIG PERMISSION FORM CLIENT and Clients rights
File - Professor Timothy Lindberg
File - Professor Timothy Lindberg
Marketing & Technology
Marketing & Technology
Download
advertisement