week 11 and week 12

Week 11

• 11.1 List and briefly define three classes of intruders.
• 11.2 What are two common techniques used to protect a password file?
• 11.3 What are three benefits that can be provided by an intrusion detection system?
• 11.4 What is the difference between statistical anomaly detection and rule-based intrusion detection?
• 11.5 What metrics are useful for profile-based intrusion detection?
• 11.6 What is the difference between rule-based anomaly detection and rule-based penetration identification?
• 11.7 What is a honeypot?
• 11.8 What is a salt in the context of UNIX password management?
• 11.9 List and briefly define four techniques used to avoid guessable passwords.

Week 12

• 12.1 List three design goals for a firewall.
• 12.2 List four techniques used by firewalls to control access and enforce a security policy.
• 12.3 What information is used by a typical packet filtering firewall?
• 12.4 What are some weaknesses of a packet filtering firewall?
• 12.5 What is the difference between a packet filtering firewall and a stateful inspection firewall?
• 12.6 What is an application-level gateway?
• 12.7 What is a circuit-level gateway?
• 12.9 What are the common characteristics of a bastion host?
• 12.10 Why is it useful to have host-based firewalls?
• 12.11 What is a DMZ network and what types of systems would you expect to find on such networks?
• 12.12 What is the difference between an internal and an external firewall?