INSTRUCTIONS:

Provide what is needed

Submission: April 23, 2019

PLEASE INDICATE YOUR NAME, SUBJECT/SECTION & STUDENT NUMBER

1. Describe each networking tool

• Firewall
- ACL
- Application-based vs. network-based
- Stateful vs. stateless
- Implicit deny
• VPN concentrator
- Remote access vs. site-to-site
- IPSec
- Tunnel mode
- Transport mode
- AH
- ESP
- Split tunnel vs. full tunnel
- TLS
- Always-on VPN
• NIPS/NIDS
- Signature-based
- Heuristic/behavioral
- Anomaly
- Inline vs. passive
- In-band vs. out-of-band
- Rules
- Analytics
- False positive
- False negative
• Router
- ACLs
- Antispoofing
• Switch
- Port security
- Layer 2 vs. Layer 3
- Loop prevention
- Flood guard
• Proxy
- Forward and reverse proxy
- Transparent
PUBLIC
For Public Use
 - Application/multipurpose
• Load balancer
- Scheduling
- Affinity
- Round-robin
- Active-passive
- Active-active
- Virtual IPs
• Access point
- SSID
- MAC filtering
- Signal strength
- Band selection/width
- Antenna types and placement
- Fat vs. thin
- Controller-based vs. standalone
• SIEM
- Aggregation
- Correlation
- Automated alerting and triggers
- Time synchronization
- Event deduplication
- Logs/WORM
• DLP
- USB blocking
- Cloud-based
- Email
• NAC
- Dissolvable vs. permanent
- Host health checks
- Agent vs. agentless
• Mail gateway
- Spam filter
- DLP
- Encryption
• Bridge
• SSL/TLS accelerators
• SSL decryptors
• Media gateway
• Hardware security module

2. Give a scenario for each software tool

• Protocol analyzer
• Network scanners

PUBLIC
For Public Use
 - Rogue system detection
- Network mapping
• Wireless scanners/cracker
• Password cracker
• Vulnerability scanner
• Configuration compliance scanner
• Exploitation frameworks
• Data sanitization tools
• Steganography tools
• Honeypot
• Backup utilities
• Banner grabbing
• Passive vs. active
• Command line tools
- ping
- netstat
- tracert
- nslookup/dig
- arp
- ipconfig/ip/ifconfig
- tcpdump
- nmap
- netcat

3. Give a scenario for each security issue

• Unencrypted credentials/clear text
• Logs and events anomalies
• Permission issues
• Access violations
• Certificate issues
• Data exfiltration
• Misconfigured devices
- Firewall
- Content filter
- Access points
• Weak security configurations
• Personnel issues
- Policy violation
- Insider threat
- Social engineering
- Social media
- Personal email
• Unauthorized software
• Baseline deviation

PUBLIC
For Public Use
 • License compliance violation (availability/integrity)
• Asset management
• Authentication issues

4. Give a scenario for each security technology

• HIDS/HIPS
• Antivirus
• File integrity check
• Host-based firewall
• Application whitelisting
• Removable media control
• Advanced malware tools
• Patch management tools
• UTM
• DLP
• Data execution prevention
• Web application firewall

5. Describe each device security

• Connection methods
- Cellular
- WiFi
- SATCOM
- Bluetooth
- NFC
- ANT
- Infrared
- USB
• Mobile device management concepts
- Application management
- Content management
- Remote wipe
- Geofencing
- Geolocation
- Screen locks
- Push notification services
- Passwords and pins
- Biometrics
- Context-aware authentication
- Containerization
- Storage segmentation
- Full device encryption
• Enforcement and monitoring for:
- Third-party app stores

PUBLIC
For Public Use
 - Rooting/jailbreaking
- Sideloading
- Custom firmware
- Carrier unlocking
- Firmware OTA updates
- Camera use
- SMS/MMS
- External media
- USB OTG
- Recording microphone
- GPS tagging
- WiFi direct/ad hoc
- Tethering
- Payment methods
• Deployment models
- BYOD
- COPE
- CYOD
- Corporate-owned
- VDI

PUBLIC
For Public Use