Section A

1. What are firewalls? What are their common uses?

A firewall is a form of protection that allows one network to connect to another network while
maintaining some amount of protection. One of the most familiar examples of a firewall is the
door to a home or office. The door allows residents to get out of the house, while blocking rain
and sleet from entering the home. The door also helps residents maintain some degree of
confidentiality.

2. What is a patch? What is a patch bundle and why is it used?

A patch is software that corrects security and functionality problems in software and firmware.
Patches are also called updates. Patches are usually the most effective way to mitigate software
vulnerabilities. A patch bundle is a collection of related patches. Instead of releasing patches as
soon as they are ready, product vendors often release aggregates of many patches as patch
bundles at quarterly or other periodic schedules. This reduces patch testing effort at organizations
and facilitates deployment. Patch bundling can even eliminate the need for prioritization if
testing and deployment efforts are sufficiently reduced by bundling.

3. What are the differences between the perimeter network and the interior network, from the
perspective of information security?
The perimeter network, also called the demilitarized zone, is the network that lies between the
external network and the organization’s internal network. The perimeter network hosts external
services such as http, smtp, and DNS. The internal network, or the militarized zone, is the
location of all the organization’s information assets. The interior firewall limits access to the
organization’s internal network.

4. What are some common issues involved in communicating about incidents?

Some common issues include people in the organization asking questions and speculating causes
when no information is forthcoming. This is especially true for those folks affected by the event.
If the event is affecting managers and other executive leaders, the pressure for quick
communication and resolution will be even greater. Another issue is that inexperienced IT
managers can fall into the temptation of getting into the limelight, and making improper
assertions that can get the organization into trouble.

5. What is the incident response team? How is it constituted?

Just as organizations have designated employees for specific functions, it is important to have
staff designated to respond to incidents. These staff members are called the incident response
team. Even though security incidents do not happen every day, the designated incident response
staff develops experience into the expectations of the organization during incidents.