Exam Study Guide - Chapter 4
Exam Study Guide - Chapter 4 IST 233 - M001
Popular in Introduction to Computer Networking
Popular in Information technology
This 6 page Study Guide was uploaded by Frankie Prijatel on Wednesday October 7, 2015. The Study Guide belongs to IST 233 - M001 at Syracuse University taught by D. Molta in Fall 2015. Since its upload, it has received 90 views. For similar materials see Introduction to Computer Networking in Information technology at Syracuse University.
Reviews for Exam Study Guide - Chapter 4
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 10/07/15
Chapter 4 Review Monday September 28 2015 848 PM A Review Questions a Explain the concept ofa kill chain as applied to security management How could an explicit understanding of that concept have helped Target to potentially avoid their 2013 security breach The concept of a kill chain is derived from the military It is the manufacturing handling and tactical steps needed for an attack to destroy its target and failure of any part of the kill chain will create failure Acompany39s identification of a kill chain in progress with the proper software can help them to stop or at least disrupt it and a company39s understanding of who may want to attack them can help that company develop methods of identifying a kill chain with a specific pattern and purpose and preventing it completely Target39s problems were due to relaxed policies and practices relating to computer security They chose an external security company Fazio Mechanical Services who used a free consumer version of an antivirus program that didn39t make realtime assessment for arriving emails and their attachments This lack of Target39s foresight in understanding what software their outsourced security uses in addition to failing to follow up on warning signs allowed the kill chain to fully breach into their system b With respect to network management what was Hewlett Packard implying in their white paper about network management tools entitled A Fool with a Tool is Still a Fool lecture Hewlett Packard was referring the fact that effective network management is mostly a managementprocess problem and only a technical problem in a secondary sense It39s important for Managers to not only own sufficient tools for security but using those tools and understanding the pain points in their information systems and develop a strategy that explicitly addresses all elements of the network and system lifecycle c Differentiate between strategic tactical and operational network man aanmnn39l llnr39II Irn I I ICII ICIECI I ICI III ICDIUI C 39 Strategic III 35 years III Process of choosing the right design architecture and standards for security 39 Tactical III Budget year III Managing currently budgeted projects 39 Operational III Day to day III Routine tasks Explain how the FCAPS model relates to enterprise network and systems management Fault Con guration AccountingAuditing Performance Security lecture i Fault quickly fixing what39s broken ideally with a proactive approach aka you39re aware of the problem before your customers are ii Con guration insuring that all hosts and internetwork devices are appropriately configured and updated iii AccountingAuditing keeping track of usage forensic analysis capabilities iv Performance monitoring application throughput proactively planning for growth v Security insuring that all devices and info is adequately secure based on risk analysis What do IT managers mean when they talk about Lifecycle Costs or Five Year Total Cost of Ownership TCO 39 The costs it would take to implement security over a 5year period Explain the concept of network Quality of Service QoS why it is becoming increasingly important and what are the key 105 performance metrics Explain the difference between rated raw speed and throughput Explain the difference between individual throughput and aggregate throughput in the context of a wireless router installed in a residence hall I QualityofService QoS metrics are quantitative measures of network performance which track the service quality that users receive This is important because company39s must have networks that not only work but work well otherwise businesses will come to a halt The important Quality of Service metrics include III speed the raw dimension of bits aka what a network39s speed should be which is always higher than throughput which is the actual speed seen by applications III Availability percentage of time a network is available to users III Errors the percentage of incorrect packets or bits III Latency time delay in packet delivery quotlagquot measured in milliseconds What is a service level agreement SLA Explain the key challenges associated with managing SLA s both as a customer and as a service provider I A Service Level Agreements are guarantees given to customers by cloud service providers that they will meet specified service parameters mostly relating to speed or pay a penalty There are 3 dimensions that determine a network39s speed 1 Throughput speed that applications see vs quotspeedquot is the raw dimension of bits which is always higher than throughput throughput data rate of the network overhead everything else happening on a network 2 Latency roundtrip packet delay aka quotlagquot 3 Jitter the variability of latencyquotlagquot Explain why network traf c analysis is important when designing a network topology How does redundancy factor into such a design i Impacts how many switchesrouters you will need ii Redundancy is important because if one switch goes down you have others to back it up With respect to network performance interpret the four graphs depicted in Figure 49 Explain the major options available to network managers for dealing with traf c peaks and congestion including overprovisioning prioritization and QoS guarantees Hawk and Sm urity Almagcmcnt Congestion and Latency Traf c Momentary Traffic Peak l Network Capacity UODQGSUOD and Latency Time Overprovisioning Overprovisioned Net work apacity Momentary Peak39 No Delay Traffic Time Priority l Traffic 39 Highpriority traffic goes first Networkc Momentar Peak ap amty y Lowpriority traffic waits Time Traf c Gu 39 aranteed trafro gets reserved capacity New 0L CapaCity Momentar p V 98k Other traffic gets what lsleft Signing is a labor burd g t x w ne eadvar m e in termEzfthe netWOrkhtage 0f Overpro ac er hi 3 addiu 39ansmi staf 39 e V S Omng is that if Pk 3 W at 2 am 31 1 CostslsadVantage is that overpro based cm A was mask emits kpensivammsiomng may m f ant be Wigwam PPM Ve 1 Wide area network WMmL il DMMEEMW 7 iffnprac mr k Regarding strategic security planning de ne the PlanProtect Respond cycle i Plan security network any potential attacks ii Implement in Protect takes the most time iii Respond to any attacks that weren39t already blocked Explain the following security planning principles risk analysis comprehensive security defense in depth weakest link analysis single point of failure least permissions in access control 39 Risk Analysis balancing risks and protection costs bc the goal of secuirty is to reduce the risk of attacks to the extent that is economically feasible Comprehensive Security closing off all areas of attack iii Defense in Depth having several lines of defense that must all be breached for an attacker to succeed any element must be effective to stop an attack iv Weakest link analysis several lines of defense where ALL elements must be effective to stop an attack v Single Point of Failure if this is hacked you are fucked central firewall policy server is compromised everything is compromised vi Least permission in access control access control limits who may have access to each resource and least permissions are the minimum permissions that the user need to accomplish his or her job Explain the role that policy plays in security management Provide several examples related to SU information security i The heart of security management is the creation and implementation of security policies broad statements that specify what should be accomplished How can network management systems based on SNMP be used to provide network managers with greater network visibility Explain the key components of an SNMP management system Network Visualization Program SNMP agents SNMP commands GET SET TRAP management information base i SNMP is a more powerful version of network visualization for remote device management 1 Manager manages network by connecting remotely via switch or router 2 Agent used to communicate between the manager and quotmanaged devicequot switchrouter 3 Commands get trap set get gets data from the switchrouter ping data to understand traffic flow trap goes to the device if there39s a problem and sends feedback data set reroutes traffic around failed equipment or congestion 4 Network Visualization Program visualizes MIB info 5 Management info base data recorded from commands Explain the bene ts of software de ned networking and the role of SDN controllers as relates to the forwarding and control functions of network devices Why are standards like OpenFlow extremely important to the development of SDN Softwarede ned networking SDN instead of having multiple managers for multiple devices you can centralize management to the SDN Open flow is a protocol for communication between all SDN devices routers switches etc
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'