The book you need to help you answer some of these questions : :)
****Chapter 1 questions:
page 35: The next day at SLS found everyone in technical support busy restoring computer systems to their former state and installing new virus and worm control software. Amy found herself learning how to install desktop computer operating systems and applications as SLS made a heroic effort to recover from the attack of the previous day. Questions:
Do you think this event was caused by an insider or outsider? Why do you think this?
Other than installing virus and worm control software, what can SLS do to prepare for the next incident?
Do you think this attack was the result of a virus, or a worm? Why do you think this?
**********Chapter 2 Questions:
1- Using the Internet, browse to http://www.us-cert.gov/ and find the most recent CERT advisory. What threat group and threat category does this advisory warn against?
2- Using the Internet, find and read the SANS/FBI Top 20 Vulnerabilities. Choose one of the 20 vulnerabilities listed and identify the threat group and threat category it warns about.
3- What is the difference between a threat and an attack? How do exploits relate to vulnerabilities?
4- Is there an ethically acceptable reason to study and use the various attack methods described in this chapter?
5- page84 Case Exercises: Soon after the board of directors meeting, Charlie was promoted to CISO, a new position that reports to the CIO Gladys Williams, and that was created to provide leadership for SLS's efforts to improve its security profile. Questions:
How do Fred, Gladys, and Charlie perceive the scope and scale of the new information security effort?
Which of the threats discussed in this chapter should receive Charlie's attention early in his planning process?
- How will Fred measure success when he evaluates Gladys' performance for this project? How about Charlie's performance?