Describe and explain information security threats, vulnerabilities, and attack types.

Assignment #5 – VPNs, Firewalls, & IDPS
Answer the following questions and explain with as much detail as necessary for each of the concepts.
What will we do?
1. Describe the three logical components of an IDS.
2. List some desirable characteristics of an IDS.
3. An example of a host-based intrusion detection tool is the tripwire program. This is a file
integrity checking tool that scans files and directories on the system on a regular basis and
notifies the administrator of any changes. It uses a protected database of cryptographic
checksums for each file checked and compares this value with that recomputed on each file as it
is scanned. It must be configured with a list of files and directories to check and what changes,
if any, are permissible to each. It can allow, for example, log files to have new entries appended,
but not for existing entries to be changed. What are the advantages and disadvantages of using
such a tool? Consider the problem of determining which files should only change rarely, which
files may change more often and how, and which change frequently and hence cannot be
checked. Consider the amount of work in both the configuration of the program and on the
system administrator monitoring the responses generated.
4. What are the benefits of VPNs? What are the limitations of VPNs – especially in home usage?
5. List three design goals for a firewall.
6. How does an IPS differ from a firewall?
7. Consider the threat of “theft/breach of proprietary or confidential information held in key data
files on the system.” One method by which such a breach might occur is the
accidental/deliberate e-mailing of information to a user outside of the organization. A possible
countermeasure to this is to require all external e-mail to be given a sensitivity tag
(classification if you like) in its subject and for external e-mail to have the lowest sensitivity
tag. Discuss how this measure could be implemented in a firewall and what components and
architecture would be needed to do this.
Why are we doing this?
These are complex topics that can take time to hone the skills. These discussions are meant to show
that you have a basic understanding of the concepts and that you can critically think through complex
topics.
Learning Objectives
This assignment makes use of multiple course objectives
• Describe and explain information security threats, vulnerabilities, and attack types.
• Identify information security requirements for organizations and systems.
• Explain Integral parts of best practices in information security.