Tanner Carlson

ITS 370



1.      Search the Web for the Forum of Incident Response and Security Teams (FIRST). In your own words, what is the forumís mission.

The Forum of Incident Response and Security Teams (FIRST) provides a company, business or educational organization with reliable incident response guidelines and support. FIRST uses a variety of computer security incident response teams (such as commercial, government and educational organizations), and aims to coordinate incident prevention, stimulate rapid reaction to incidents and to promote information sharing among members. FIRST also provides hands-on-classes, publications and web services, special interest groups, technical colloquia for security experts and much more.

2.      Search the Web for two or more sites that discuss the ongoing responsibilities of the security manager. What other components of security management can be adapted for use in the security management model?

The security manager of an organization addresses management and operation of five main topics; fault management, configuration and name management, accounting management, performance management and security management. A component that could be adapted for use in the security management model is a firewall that serves dual roles to keep external intrusion from entering an organizations internal data, and prevent internal users from accessing that same data.

3.      This chapter lists five tools that can be used by security administrators, network administrator and attackers alike. Search the Web for three to five other tools that fit this description.

Metrics could be used by security administrators or attackers. Metrics are designed to improve performance and accountability through the collection, analysis and reporting of performance data. Log analyzers could also be used by security administrators or attackers. Log analyzers can consolidate systems logs, perform comparative analysis and detect common occurrences. A platform security validation could also be used by security administrators or attackers. The platform security validation process is designed to find documents with vulnerabilities.

4.      Using a Web browser and the names of the tools you found in Exercise 3, find a site that claims to be dedicated to supporting hackers. Do you find any references to other hacker tools? If you do, create a list of the tools along with a short description of what they do and how they work.

Finding a site that is dedicated to supporting hackers is a lot harder than one may think. After doing some research I found a site, but I am not sure if the site is serious or sarcastic. I found that this site is mostly focused on key logging. Key logging is an art of hacking where you have physical access to the computer and its hardware ports. By using undetectable hardware, one is able to record every key the victim preses on their keyboard.

5.      Using components of risk assessment documentation presented in the chapter, draft a tentative risk assessment of a lab, department or office at your university. Outline the critical risks you found and discuss them with your class.

For this exercise I will be focusing on the SBE office located on the top of Erlanson Hall on the University Wisconsin Ė Superior campus. I find this to be an interesting office because it is always open, but there isnít always someone at the main secretary desk, or people in their offices. I think that this would leave them vulnerable to many types of attacks.