ICTNWK511-Manage Network Security

Questions:

1. Identify the purpose and describe at least one activity performed in each of the following three phases in implementing a network security design:

(i) the planning phase;

(ii) building phase

(iii) managing phase.

2. Describe the purpose of the main elements of risk management, such as

(i) risk identification and

(ii) risk treatment. Identify at least one activity that is performed in each element.

3. Identify two types of network attacks that could be made on an e-commerce site selling books, and storing credit card information about customers. For each attack, describe the vulnerabilities/weaknesses of network infrastructure that attackers seek to exploit.

4. Give two examples of emerging security threats that have emerged as a result of the popularity of mobile phones. List one example of a countermeasure that can be used to mitigate the threats.

5. Briefly define the purpose of auditing, as it applies to network security.

6. Briefly define the purpose of penetration testing, as it applies to network security.

7. Briefly define how logging analysis can be used to enhance network security

8. List two security measures that can be applied to protect an organisation’s infrastructure of servers and switches.

9. List two capabilities of (i) a hardware firewall and (ii) a software intrusion detection system (IDS)

10. Define what is meant by “defence in depth” in security planning. Describe how could the defence in depth principle be applied to the deployment of hardware and software firewalls in a corporate network