1)Using a Web browser, search for any information security policies used at your academic institution. Compare them to the ones discussed in this chapter. Are there sections missing? If so, which ones?
2)Using a Web browser and a search engine, search the terms “BP deepwater disaster plan failure.” You will find many results. Select one article and identify what that article considers a shortcoming in BP’s planning. What part of the contingency planning process came up short (IR, BP, or CP)? How could the shortcoming have been prevented?
3)a). This chapter’s opening scenario illustrates a specific type of incident/disaster. Using a Web browser, search for information related to preparing an organization against terrorist attacks. Look up information on (a) anthrax or another biological attack (like smallpox), (b) sarin or another toxic gas, (c) low-level radiological contamination attacks.
b) Using a Web browser, search for available commercial applications that use various forms of RAID technologies, such as RAID 0 through RAID 5. What is the most common implementation? What is the most expensive?
4)a. Using a Web browser, identify at least five sources you would want to use when training a CSIRT.
b. Using a Web browser, visit www.mitre.org. What information is provided there, and how would it be useful?
c. Using a Web browser, visit www.securityfocus.com. What is Bugtraq, and how would it be useful? What additional information is provided under the Vulnerabilities tab?
d. Using a Web browser, visit www.cert.org. What information is provided there, and how would it be useful? What additional information is provided at www.cert.org/csirts/?
5)Using a Web browser, visit the site www.honeynet.org. What is this Web site, and what does it offer the information security professional? Visit the “Know your Enemy” white paper series and select a paper of your own choice. Read it and prepare a short overview for your class.
6)Using a Web browser, search for “incident response template.” Look through the first five results and choose one for further investigation. Take a look at it and determine if you think it would be useful to an organization creating a CSIRT. Why or why not?
7)Using a Web browser, perform some research on a newer malware variant that has been reported by a major malware containment vendor. Using a search engine, go to the vendor’s Web site; this could be Symantec, McAfee, or any of their competitors. Visit one malware prevention software vendor. Search for the newest malware variants and pick one. Note its name and try to understand how it works. Now look for information about that same malware from at least one other vendor. Were you able to see this malware at both vendors? If so, are there any differences in how they are reported between the two vendors?
8)At the end of 2006, a new edition of the Federal Rules of Civil Procedure (FRCP) went into effect. Using a Web search tool, learn more about the FRCP. What likely effect will its emphasis on electronically stored information (ESI) have on an organization’s need for a digital forensic capability?
FOR ALL U NEED TO FOLLOW BELOW INSTRUCTIONS
- Type your responses with proper headings in a word document.
- Detailed and significant scholarly answers will be graded with full point value. Incomplete, inaccurate, or inadequate answers will receive less than full credit depending on the answers provided.
- All submissions need to submitted to the appropriate area within Moodle.
- Late submissions, or email submissions will not be accepted
PLEASE SUBMIT ON TIME