Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to Prepare for the Fall Exam COM380/CIT304 Harry Erwin, PhD University of Sunderland.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "How to Prepare for the Fall Exam COM380/CIT304 Harry Erwin, PhD University of Sunderland."— Presentation transcript:

1 How to Prepare for the Fall Exam COM380/CIT304 Harry Erwin, PhD University of Sunderland

2 Exam Structure Two parts –Fall Exam (Harry Erwin) Security, with three questions of 20 marks each. You answer two. Server Side Technology, with two questions of 10 marks each. You answer one. –Spring Exam (John Wraith) worth 50 marks on e-commerce management. John has briefed you separately.

3 Exam Ground Rules We are aware some of you are relatively non- technical. We are aware that even those of you who are technical come from a number of courses. The exam is designed to be passable by all of you. It tests critical thinking. The exam is hard, but the marking takes that into account. You need to pass the exam as a whole, not each part individually.

4 Reread: Schneier, Beyond Fear—discusses how to think critically about security. Know his five-step analysis process and be able to apply it. Schneier, Secrets and Lies—the threat environment. Understand what it may mean for your organization. Anderson, Security Engineering—the technology (Don’t memorize—but know how it fits in!) Erwin, COM380 Lecture Slides—thinking about security requirements and solutions

5 Be Able To: Define the terms used in security Describe what a security analyst does. Write a job description for a security analyst. Conduct a job interview for a security engineer/ analyst in your field. Identify snake-oil when someone tries to sell you some technology. –Know what probing questions to ask as a skeptical manager with some money to spend on security. –Know what each security technology is good for.

6 For Example Suppose someone tries to sell you an intrusion detection system as a security solution. –Know what an IDS is good (and bad) for. –Know the two basic IDS technologies and their strengths and weaknesses.

7 Another Example Do ID cards solve the terrorism problem? –What do ID cards do? –What are their risks? –What are the threats to ID cards? –What do they not do? –Do they solve the problem?

8 Likely Exam Areas The Threat Risk Analysis Trust Analysis Policies (particularly legal areas) Assumptions of Secure Operation Security Objectives Security Mechanisms Securing E-Commerce

9 The Server-Side Technology Questions Read up on server side technology (see Bergsten, JavaServer Pages and my lectures for a start). Be prepared to evaluate it critically.

10 Some Questions from Previous Years The 25-mark security questions are from 2003, the 20-mark security questions from 2004, and the 10-mark server-side questions from 2004. You won’t see these specific questions on the exam.

11 Risk Analysis (25 marks total) What is a risk and how does it differ from a vulnerability or threat? (10 marks) Describe the risk analysis process in detail using an example. (10 marks) What information does a complete risk analysis give a manager? How can he use it in risk management? (5 marks)

12 Security Mechanisms (25 marks total) “Audit” describes a specific family of security mechanisms. In an essay, a)Explain what an audit mechanism does and describe the possible uses of audit log data (5 marks) b)Describe and critically justify against alternatives an approach to audit in a distributed environment. (10 marks) c)Describe the risks associated with the storage of audit log data and how to mitigate those risks. Critically justify your recommended approach. (10 marks)

13 Intrusion Detection (25 marks total) a)Explain what an intrusion detection system does. (6 marks) b)Describe in detail the three problems that developers of intrusion detection systems must solve –i)The timely notification problem (3 marks) –ii)The false alarm problem (3 marks) –iii)The response problem (3 marks) c)Name and describe two general approaches to intrusion detection, compare them critically, and explain how they address the three problems listed under (b). (10 marks)

14 Job Description (20 marks) What questions does a computer security analyst have to answer about a system? Discuss in detail using an example of a specific kind of business or service, e.g., an e-mail provider, a business web-site, a human resources department of a company, an electronic voting system, or an on-line bank. Describe critically how the analyst might approach each question.

15 Threat Environment (20 marks) Critically evaluate the current threat environment for a specific kind of business or service, for example an e-mail provider, a business web-site, a human resources department of a company, an electronic voting system, or an on-line bank. In other words, what are the threats, what is their relative importance, why did you come up with that rank-ordering, and how can the system be protected against those threats?

16 Privacy (20 marks) Describe the EU and US legal positions on individual privacy, and critically compare them. Critically discuss the possible ways that a US business has to address the requirements of the EU Data Protection Directive.

17 Job Description (20 marks) Assume you are hiring a security analyst. Describe and critically justify the required knowledge (10 marks) and skills (10 marks) you would list on the job description.

18 Trust Analysis (20 marks) Explain how to do a trust analysis (10 marks) and critically discuss mechanisms to enforce trust. (10 marks)

19 ID Cards (20 marks) Discuss in a short critical essay the Home Office proposal on identification cards.

20 Server-Side Technology (10 marks) Four example technologies were given and the following choices of question posed: Describe and evaluate in detail the technical pros and cons of these four approaches. That is, from a technical perspective, what are the issues that affect the choice of approach and what factors need to be assessed in making that choice?

21 SST Question Continued Describe and evaluate in detail the security pros and cons of these four approaches. That is, from a security perspective, what are the issues that affect the choice of approach and what factors need to be assessed in making that choice? Describe and evaluate in detail the managerial pros and cons of these four approaches. That is, from the perspective of a non-technical manager, what are the issues that affect the choice of approach and what factors need to be assessed in making that choice?

22 Server-Side Technology The ref-def question used another example, web services, but asked the same questions.

23 Changes this year The security questions remain similar. One will be on security in general that can be answered based on Schneier and the lectures, a second on some specific technology discussed in Anderson, and the third will be a critical analysis of a current security proposal. The server-side question now asks for a critical comparison of technical approaches. You will have a choice of question here.

24 Questions?

Download ppt "How to Prepare for the Fall Exam COM380/CIT304 Harry Erwin, PhD University of Sunderland."

Similar presentations

AS Sociology Exam Technique.

AS Sociology Exam Technique.
What to ask during an interview. Always prepare questions to ask. Having no questions prepared sends the message that you have no independent thought.

What to ask during an interview. Always prepare questions to ask. Having no questions prepared sends the message that you have no independent thought.
Unit 4 – Assignment 3 Today you will know the requirements of assignment 3. You will understand the assessment criteria for P4, M1 & D1. You will be able.

Unit 4 – Assignment 3 Today you will know the requirements of assignment 3. You will understand the assessment criteria for P4, M1 & D1. You will be able.
TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.

TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.
Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Grade 6 EQAO Parent Information Session Malvern Junior P.S. Presented by Mrs. Frendjian, Mr. Melchiorre and Mrs. Shuttin.

Grade 6 EQAO Parent Information Session Malvern Junior P.S. Presented by Mrs. Frendjian, Mr. Melchiorre and Mrs. Shuttin.
The Security Analysis Process University of Sunderland CIT304 Harry R. Erwin, PhD.

The Security Analysis Process University of Sunderland CIT304 Harry R. Erwin, PhD.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
CSCD 555 Research Methods for Computer Science

CSCD 555 Research Methods for Computer Science
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
IACT303 – INTI 2005 World Wide Networking Welcome and Introduction to Subject. Penney McFarlane The University of Wollongong.

IACT303 – INTI 2005 World Wide Networking Welcome and Introduction to Subject. Penney McFarlane The University of Wollongong.
WF SEM II 4.05 C Employ marketing-information to develop a marketing plan.

WF SEM II 4.05 C Employ marketing-information to develop a marketing plan.
Information Technology Professionals Overview and Job Roles Mr. Gallagan.

Information Technology Professionals Overview and Job Roles Mr. Gallagan.
E-commerce Unit 2.

E-commerce Unit 2.
Teaching Security via Problem- based Learning Scenarios Chris Beaumont Senior Lecturer Learning Technology Research Group Liverpool Hope University College.

Teaching Security via Problem- based Learning Scenarios Chris Beaumont Senior Lecturer Learning Technology Research Group Liverpool Hope University College.
Case Study - 2014. The PDST is funded by the Department of Education and Skills under the National Development Plan, 2007-2013.

Case Study The PDST is funded by the Department of Education and Skills under the National Development Plan,
Welcome to the fourth LB720 Elluminate tutorial! Discussing and identifing problems Microsoft Office.

Welcome to the fourth LB720 Elluminate tutorial! Discussing and identifing problems Microsoft Office.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Career Development Anita DeIure 30 hours PHASE 1: Exploration of Employment Opportunities in Accounting n Preparing a personal assessment describing.

Career Development Anita DeIure 30 hours PHASE 1: Exploration of Employment Opportunities in Accounting n Preparing a personal assessment describing.
G53SEC Computer Security Introduction to G53SEC 1.

G53SEC Computer Security Introduction to G53SEC 1.

Similar presentations

Ads by Google