DA 107 - Introduction to Information Systems Security Homework Assignment 1 (10 points) Objective: The objective of this assignment is to gather various (web) sources to find up-to-date information regarding information assurance/computer security issues. (A compiled list can be used to put on the website.) These sources can be especially helpful in obtaining up-to-date information regarding the computer security threats and how to manage them although they can be helpful in obtaining information about all aspects of the objectives listed for this course such as historical and background information about the attacks, key terms and critical concepts of information security as well as types of controls. Sources of Information Find any ten sources of information and write short (5 line) description of each regarding what type of information the source provides. These sources can be - governmental agencies/task forces (US-CERT, FBI-CSI etc.) private organizations (Symantec, Microsoft etc.) non-profit organization or any other source that gives relevant information The description should include the details such as the URL address of the source, what type of the information the source provides, if it is a task forces when was it established and what are the objectives and any such pertaining information. DA 107 - Introduction to Information Systems Security Homework Assignment 2 Note: You can give any attacks. I have used code red and Nimda attacks. ( 10 points) Objective: The objective of this assignment is to understand the most common attacks and how to deal with them. Vulnerabilites 1. (3 points) List few sources where you would find updated information about computer security threats, vulnerabilities and remedies. 2. (2 points) What kind of security threats does the site (http://securityresponse.symantec.com/) list. 3. (2 points) Using this site find out about a ‘code red’ attack – (the effects, and what was the cause and remedy). 4. 4. (3 points) Also find the information about “W32.Nimda.A@mm” worm. Initially what category was the threat? What did it mean? Report all the information regarding the distribution of the worm, what was the cause and what was the remedy, and what was the overall effect of this attack. DA 107 - Introduction to Information Systems Security Homework Assignment 3 ( 10 points) Objective: It is considered that proper ethical training creates informed, well prepared and low-risk system users. The objective of this assignment is to understand the significance of ethics in computer security for personal purposes as well as understanding the different deterrent factors that are considered while creating computer use policies. Ethical considerations Draft a simple policy for “Fair and Responsible Use of resources provided in Information Assurance Curriculum” based on the rules and regulations you have been provided by your institution. (Computing resources as well as knowledge provided) Students can read the computing policies at different places to generate ideas (such as ECC computing policy, UB computing policy at http://www.itpolicies.buffalo.edu/ etc.) DA 107 - Introduction to Information Systems Security Homework Assignment 4 ( 15 points) Objective: This assignment will help you assess different security risks and determine how to manage them. Risk Management 1. Download the current CSI/FBI survey and keep it for your reference. Visit http://www.gocsi.com/ , click on the CSI/FBI SURVEY link on the top left hand side, fill the form to receive the link to the CSI/FBI Survey. - List the top threats mentioned in the survey. According to CSI/FBI survey, what are the different security technologies adopted by corporations 2. (Whitman Mattord Page 148) If an organization has three information assets to evaluate for risk management as shown in the accompanying data, which vulnerability should be evaluated for additional controls first? Which should be evaluated last? Discuss your answers. Switch L47 connects a network to the Internet. It has two vulnerabilities: it is susceptible to hardware failure at a likelihood of 0.2, and it is subject to an SNMP buffer overflow attack of a likelihood of 0.1. This switch has an impact rating of 90 and has no current controls in place. You are 75 percent certain of the assumptions and data. Server WebSrv6 hosts a company web site and performs e-commerce transactions. It has a web server version that can be attacked by sending it invalid Unicode values. The likelihood of that attack is estimated at 0.1. The server has been assigned an impact value of 100 and a control has been implanted that reduces the vulnerability by 75 percent. You are 80 percent certain of the assumptions and data. Operators use MGMT45 control console to monitor operations in the server room. It has no passwords and is susceptible to unlogged misuse by the operators. Estimates show that the likelihood of misuse is 0.1. There are no controls in place on this asset; it has an impact rating of 5. You are 90 percent certain of the assumptions and data. DA 107 - Introduction to Information Systems Security Homework Assignment 5 ( 15 points) Objective: The objective of this assignment is to understand general as well as issue-specific policies that aid in understanding the security architecture as well as recovery in case of disaster. Planning for Security 1. Go through the computer use policy for your school. Does it contain all the elements listed in the text (chapter 6). Discuss. 2. Find out information about one disaster in local organization. What policies were in place? How did they respond to the disaster? 3. Find out a policy of company or an institution to deal with an incident using web? csrc.nist.gov/fasp/FASPDocs/incident-response/Incident-Response-Guide.pdf www.washington.edu/computing/security/responding.html www.microsoft.com/technet/security/topics/disasterrecovery/responding_sec_incidents.mspx DA 107 - Introduction to Information Systems Security Homework Assignment 6 ( 15 points) Objective: The objective of this assignment is to learn about a type of access control, specifically firewalls. At the end of this assignment, you should be able to identify various types of firewalls and the features they provide. Firewalls 1. SecurityDog.com provides access to a number of third party reviews of commercial firewall products. Select any three products and compare their functionality, cost, features and type of protection. 2. You have just installed a DSL line in your home so you will have faster Internet access. Yu have heard that this makes your computer susceptible to DDoS attacks and you want to install personal firewall to guard against this treat. What sorts of commercial products are available? Which one would you choose and why? - In the newer versions of Windows OS for personal computers, firewall is embedded with the operating system. What is the OS your personal computer have? What are the configuration details? DA 107 - Introduction to Information Systems Security Homework Assignment 7 ( 10 points) Objective: The objective of this assignment is to understand the principles of cryptography. At the end of the assignment, you should be able to discuss common approaches to cryptography and the process of encryption. Cryptography Write a short description and find a use for each symmetric key, asymmetric key (PKI, digital signatures, digital certificates), hybrid models (PGP). Visit http://www.pgpi.com and find out what is the difference between PGPi and PGP. What does “i” stand for? What is the latest version of PGPi? DA 107 - Introduction to Information Systems Security Homework Assignment 8 Objective: The objective of this assignment is to understand the different types of careers in Information Security and availability and need of specific trainings for these jobs. Security Personnel (Careers and Training in Computer Security) Jobs and careers - What do the terms CSO (or also referred as CISO) and CSA stand for? Describe each in short with respect to the qualifications needed and the responsibilities. - Visit National Security Alliance (NSA) website and list a few computer security jobs Trainings - CISSP what does it stand for? Find out the requirements to earn CISSP? - What do the terms CISM, CISA stand for? What are the requirements to earn them? www.cissps.com www.issa.org www.issabuffaloniagara.org www.isaca.org (see certification section) www.sans.org www.sans.org/rr