You are on page 1of 3




HONG KONG INSTITUTE OF VOCATIONAL EDUCATION Tutorial 1: Modern network security threats 1 State TRUE or FALSE for the following state ents !a" Networ# se$%rit& is %lti atel& the res'onsi(ilit& of e)er&one that %ses it* !( An IDS 'ro)i+es real,ti e +ete$tion of $ertain t&'es of atta$#s while the& are in " 'rogress* !$" Threats $ontin%e to (e$o e ore so'histi$ate+ as the te$hni$al #nowle+ge nee+e+ (& atta$#ers to i 'le ent atta$#s in$reases* !+ The -orris Internet .or was fo%n+e+ in /012* " !e" 3otnet hit U*S* -ilitar& S&ste s in 4556* !f" 7a$#et Filter Firewall was first intro+%$e+ in late /022* !g Tra+itional se$%rit& +e)i$es relie+ on the la&er of 'ro+%$ts an+ %sing %lti'le " filters* !h Re$ent se$%rit& +e)i$es in$l%+e ore +&na i$ %'+ates of infor ation an+ 8%i$# " res'onse ti es to threats* !i" Threats to networ#s $an (e $lassifie+ into internal an+ e9ternal threats* !:" S'oofing an+ +enial of ser)i$e !DoS" are $o on internal threats* 3riefl& e9'lain infor ation se$%rit& an+ the three $o 'onents of infor ation se$%rit&*

-at$h +o ains of networ# se$%rit& to their f%n$tions* Do ains of networ# se$%rit&; !a" ris# assess ent !("Se$%rit& 'oli$&< !$"organi=ation of infor ation se$%rit&< !+" asset anage ent< !e" h% an reso%r$es se$%rit&< !f"'h&si$al an+ en)iron ental se$%rit&* / This is the go)ernan$e o+el set o%t (& an organi=ation for infor ation se$%rit&* 4 This +es$ri(es the 'rote$tion of the $o '%ter fa$ilities within an organi=ation* 6 It +eter ines the 8%antitati)e an+ 8%alitati)e )al%e of ris# relate+ to a s'e$ifi$ sit%ation or re$ogni=e+ threat* > This a++resses se$%rit& 'ro$e+%res relating to e 'lo&ees :oining< o)ing within< an+ lea)ing an organi=ation* ? A +o$% ent that a++resses the $onstraints an+ (eha)iors of e (ers of an organi=ation an+ often s'e$ifies how +ata $an (e a$$esse+ an+ what +ata is a$$essi(le (& who * @ This is an in)entor& of $lassifi$ation s$he e for infor ation assets* -at$h +o ains of networ# se$%rit& to their f%n$tions* Do ains of networ# se$%rit&; !a" Co %ni$ations an+ o'erations anage ent !(" a$$ess $ontrol< !$" Infor ation s&ste s a$8%isition< +e)elo' ent an+ aintenan$e* !+" infor ation se$%rit& in$i+ent anage ent< !e"(%siness $ontin%it& anage ent< !f" $o 'lian$e / This +es$ri(es the 'rote$tion< aintenan$e< an+ re$o)er& of (%siness,$riti$al 7age / of 6

IT7>>52 A A+)an$e+ networ# se$%rit&




4 6 > ? @ 5

'ro$esses an+ s&ste s* This +es$ri(es the anage ent of te$hni$al se$%rit& $ontrols in s&ste s an+ networ#s* This +es$ri(es the integration of se$%rit& into a''li$ations* This +es$ri(es the 'ro$ess of ens%ring $onfor an$e with infor ation se$%rit& 'oli$ies< stan+ar+s< an+ reg%lations* This +es$ri(es the restri$tion of a$$ess rights to networ#s< s&ste < a''li$ations< f%n$tions< an+ +ata* This +es$ri(es how to anti$i'ates an+ res'on+ to infor ation se$%rit& (rea$hes* ent this state ent*

A se$%rit& 'oli$& is a Bli)ing +o$% entC* Co

-at$h the atta$#s with their +efinitions* !a" a )ir%s !(" a wor !$" a Tro:an Horse / It is +ownloa+e+ an+ o'en< it atta$#s the en+ %ser $o '%ter fro within* 4 It is ali$io%s software whi$h atta$hes to another 'rogra to e9e$%te a s'e$ifi$ %nwante+ f%n$tion on a $o '%ter* 6 It e9e$%tes ar(itrar& $o+e an+ installs $o'ies of itself in the e or& of the infe$te+ $o '%ter< whi$h then infe$ts other hosts*

.hat are the feat%res of a )ir%sD

.hat are the $hara$teristi$s of a wor D

.hat are the

a:or $o 'onents of wor



.hat are the 'hases of atta$#

etho+s e 'lo&e+ (& ha$#ersD


.hat are t&'es of Tro:an HorsesD


.hat is the $o%nter eas%re in

itigate )ir%s< wor s< an+ Tro:an HorsesD

13 .hat are the fo%r 'hases wor itigationD IT7>>52 A A+)an$e+ networ# se$%rit&

7age 4 of 6




14 This 8%estion is a(o%t SEL Sla er wor * In the $ase of the SEL Sla er wor < ali$io%s traffi$ was +ete$te+ on UD7 'ort FFFFFFFFFFFF* It is ne$essar& to FFFFFFF this 'ort on all +e)i$es thro%gho%t the internal networ#* If the networ# +e)i$es %sing the ser)i$e on the affe$te+ 'ort are #nown< 'er itting FFFFFFFFFFFF is an o'tion* .hat are the three atta$# etho+ologiesD



.hat are re$onnaissan$e atta$#sD


.hat are a$$ess atta$#sD


.hat are +enial of ser)i$e atta$#sD


Gi)e e9a 'les of a$$ess atta$#s*


.hat is Distri(%te+ Denial of Ser)i$e Atta$#s !DDoSs" atta$#sD


.hat are re$onnaissan$e atta$#

itigation te$hni8%esD


.hat are the a$$ess atta$#

itigation te$hni8%esD


.hat are the DoS atta$#

itigation te$hni8%esD

IT7>>52 A A+)an$e+ networ# se$%rit&

7age 6 of 6