ITS 370

Nan Hu

CH12

 

 

Chapter 12 Exercises

1.      Search the Web for the Forum of Incident Response and Security Teams (FIRST). In your own words, what is the forum’s mission?

FIRST is the premier organization and recognized global leader in incident response. Membership in FIRST enables incident response teams to more effectively respond to security incidents reactive as well as proactive.

FIRST brings together a variety of computer security incident response teams from government, commercial, and educational organizations. FIRST aims to foster cooperation and coordination in incident prevention, to stimulate rapid reaction to incidents, and to promote information sharing among members and the community at large.

FIRST is the Forum of Incident Response and Security Teams. The idea of FIRST goes back until 1989, only one year after the CERT(r) Coordination Center was created after the infamous Internet worm. Back then incidents already were impacting not only one closed user group or organization, but any number of networks interconnected by the Internet.

 2.     Search the Web for two or more sites that discuss the ongoing responsibilities of the security manager. What other components of security management can be adapted for use in the security management model?

                  The two website I was searching was :

      https://www.cdse.edu/documents/cdse/webinar-dod-activity-security-manager-responsibilities.pdf

      http://h10076.www1.hpe.com/us/en/training/index.html

      Mostly they are all just using the firewall which serves dual roles to keep external intrusion from the whole organization’s inside data for integrity availability of the system as the component of the network management been adapted to the security management.

3.     This chapter lists five tools that can used by security administrators, network administrators, and attackers alike. Search the Web for three to five other tools that fit this description.

Essential nettools from the Tamos.com

Essential NetTools is a set of network scanning, security, and administrator tools useful in diagnosing networks and monitoring your computer's network connections. It's a Swiss Army knife for everyone interested in a powerful network tool kit for everyday use. It includes

XTeq’s X-Setup 5.7

Called “The Mother of All Windows Tweak Programs”, this program lends a handy way to personalize your system. Edit boot options, stop programs from automatically loading with Windows, and remove items from the uninstall list. It also contains some handy security settings and administrative options, normally done by editing the registry.

PrcView Process viewer 

     This one is a “Must Have” utility written by Igor Nys of Computer Technology Inc. View all active processes on your NT or95/98 box as well as their .dll dependencies. Do you know that you’ve been “NetBussed” but you don’t know the name of the .exe? Click on “View/Module Usage” for a list of the all modules in the system alphabetically sorted, highlight the “keyhook.dll” and PrcView will show you the module(s) that use this dll.

 4.     Using a Web browser and the names of the tools you found in Exercise 3, find a site that claims to be dedicated to supporting hackers. Do you find any references to other hacker tools? If you do, create a list of the tools along with a short description of what they do and how they work.

Most of the website that mentioned in the tools I found in the exercise 3 have the link in their description, but most of them are not been able to work anymore, so I just found another anti-virus firewall software which is really well-known in China, its called 360 safety grade and this tool is also feature with the firewall system protecting your computer. Also even your computer is been hacked, you can still use this software to keep your file remain safe.

5.     Using the components of risk assessment documentation presented in the chapter, draft a tentative risk assessment of a lab, department, or office at your university. Outline the critical risks you found and discuss them with your class.

                      I just find out that many people in our campus don’t have a personal information security sense , many people are just don’t log their account off when they are finish using the school computer. And when I was using it, they even didn’t log their Facebook or google account out on their computer. And another thing I was found out is with all the Apple devices, whenever you are trying to link your Bluetooth earphone, and it just automatically link to the nearest even if that devices are not belong to you. You can even sent any video or audio you want to play to any Xbox system that is linked in the same wifi on campus whenever there is power plugged in.