Principles of Information Security and Privacy
SEC571 Principles of Information Security and Privacy
Midterm Study Guide
The midterm exam consists of 5 questions which relate to material from the first 4 weeks of the course including assigned reading from the text, lectures, tutorials, and threaded discussions. The exam questions are randomly selected for each student from question pools so that the questions you get will be different from those another student gets. Specifically, the questions address Terminal Course Objectives A, B, and C.
A
Given a specific description of hardware, systems software, and application software components of a computer-based system, identify and assess the controls we expect to find in each of the system components and describe how they function.
B
Given a Local Area Network (LAN) and Wide Area Network (WAN), identify and analyze the inherent weaknesses and exposures, identify control techniques commonly used to provide security of data and control over access to the network, and demonstrate how a security plan functions to safeguard against unauthorized network access.
C
Given a computer network for data transmission, identify and analyze the possibilities for loss or modification of data and demonstrate techniques to safeguard data from loss, modification or improper disclosure during transmission by using encryption, digital signatures, cryptographic seals and time stamp techniques and describe how they provide the elements of secrecy, authenticity, detection of modification and detection of reuse of the transaction data.
In preparing for the exam you should be familiar with:
Information security objectives as drivers for security architecture development.
Identification of security threats and vulnerabilities in enterprise environments.
Identification of security controls used to address threats and vulnerabilities in enterprise environments.
Strategies and controls used in the development of trusted operating systems and programs.
Strategies and
Midterm Study Guide
The midterm exam consists of 5 questions which relate to material from the first 4 weeks of the course including assigned reading from the text, lectures, tutorials, and threaded discussions. The exam questions are randomly selected for each student from question pools so that the questions you get will be different from those another student gets. Specifically, the questions address Terminal Course Objectives A, B, and C.
A
Given a specific description of hardware, systems software, and application software components of a computer-based system, identify and assess the controls we expect to find in each of the system components and describe how they function.
B
Given a Local Area Network (LAN) and Wide Area Network (WAN), identify and analyze the inherent weaknesses and exposures, identify control techniques commonly used to provide security of data and control over access to the network, and demonstrate how a security plan functions to safeguard against unauthorized network access.
C
Given a computer network for data transmission, identify and analyze the possibilities for loss or modification of data and demonstrate techniques to safeguard data from loss, modification or improper disclosure during transmission by using encryption, digital signatures, cryptographic seals and time stamp techniques and describe how they provide the elements of secrecy, authenticity, detection of modification and detection of reuse of the transaction data.
In preparing for the exam you should be familiar with:
Information security objectives as drivers for security architecture development.
Identification of security threats and vulnerabilities in enterprise environments.
Identification of security controls used to address threats and vulnerabilities in enterprise environments.
Strategies and controls used in the development of trusted operating systems and programs.
Strategies and