ITS 421 - Tactical Perimeter Defense
Review for Third Test
The following questions are provided to help you study for
the third test. Do not expect to see these exact questions on the test.
Questions on Chapters 9 and 10
- What does perimeter security mean?
- How does landscaping affect intruders? How does it affect surveillance
- Name a case in which we care more about when someone leaves a location
than when they enter it.
- What is an appropriate use of a series of bollards?
- What are the two major divisions of biometrics?
- With regard to biometrics, what is enrollment? What is identification?
- How do most fingerprint scanners work that do not rely on a photograph?
- There are two kinds of eye scans. Name them and and tell me which
is more prone to errors caused by surgery, glasses, or contact lenses.
- What are false acceptance and false rejection?
- What is a crossover error rate?
- What is the difference between an ACL and an ACE? What does each contain?
- Where are we likely to find Kerberos being used?
- What feature of a device does a Layer 2 control usually depend on?
- What are two features of a packet that are typically used for filtering
on routers and firewalls?
Questions on Chapter 11
- What does the text present as a slightly different idea about standards
in this chapter?
- Assuming we use the group of authoritative organizations presented
in the chapter, which is likely to have the best selection of standards
for all phases of any organization?
- If a federal agency chooses not to adopt NIST standards, then what
must they do to be in legal compliance?
- Which of the listed bodies are most likely to present hard standards
that address networking hardware and software? There are two.
- Why does it make sense to establish guidelines after you establish
policies, standards, and procedures?
- Why should standards follow the selection or creation of policies?
- How does the use of roles and groups make assigning and removing
rights more manageable and uniform?
Questions on Chapter 13
- What is the difference between the methods used in symmetric key cryptography
and asymmetric key cryptography?
- What is the difference between public key cryptography and public
- When you make a purchase across the Internet do you use the vendor's
public or private key?
- If we decide to create key pairs inside our own organization, what
would we need a certificate authority for?
- What are algorithms use for regarding keys and encryption?
- If we have a symmetric key system for 10 users who need to all send
and receive securely to each of the others, how may keys do we need?
- What is secure about my encrypting a message with your public key
in a public key system?
- What is the point of encrypting a message with your private key and
sending it to me?
- What are some of the fields we expect to see in a digital certificate?
What standard must it follow?
- What is done with private keys when they are compromised? What is
done with digital certificates when they are compromised?
- What does the text mean when it says that PKI does not prove that
the holder of a key pair is trustworthy?