Discussion Questions

I.

Topic 1: CommonPort Scanning Techniques

Do some research on computer ports that are most often scanned by hackers. Identify a port scanning exploit that is interesting to you and share it with the class. If you have experienced or witnessed port scanning activity on a computer network, consider including this in your response as well.

Topic 2: Popular Reconnaissance Tools

Do some research and identify two popular reconnaissance tools. Compare and contrast your chosen reconnaissance tools and explain the benefits and limitations of each.

II.

Topic 1: Wireless

Research the Internet and published research to find a recent wireless exploit that is not discussed in the textbook. Provide a brief summary of the exploit and the threat that it poses to an organization. Also, identify a recommendation for how an organization can protect itself from the exploit.

Topic 2: Organizational Attacks

Websites continue to be a primary vulnerability to organizations. For example, SQL injection attacks have been understood for years, yet organizations continue to fall victim to such attacks. Why do you suppose this continues to be such an issue? Research a recent attack on an organization in which the attack occurred via a vulnerability in the organization's website (and related infrastructure). Describe the attack. What steps could the organization have taken to protect against such an attack?

III.

Topic 1: Hijacking Techniques

A variety of session hijacking techniques have been developed with new techniques continuing to be developed. Using the Kaplan library and the Internet, research session hijacking techniques. Select a session hijacking technique or threat and summarize the technique as well as the threat it presents to the person or organization being attacked. Be sure to include references to the source of your research and try to select a session hijacking technique that has not already been discussed.

Topic 2: Incident Response

Using the Internet, identify an incident where a company or other organization has suffered a security breach. Research the incident, paying particular attention to the way in which the organization responded to it. Post a summary of the incident, followed by your assessment of the organization's response. Did the company respond appropriately and in a timely manner? Why or why not? Be sure to cite the sources of your information.

IV.

Topic 1: User Security Education

You have probably received some form of information security education, either in your workplace, school, or other settings. Discuss a situation where you received security education. How was it delivered? How long did it take? How often, if ever, did you receive refresher or update training? Was the training effective? Why or why not? If you have never received such training, discuss what you think should be included in such training and why it would be effective?

Topic 2: System Hardening

System hardening is the term used to improve a system's security incrementally making it more and more difficult for a hacker to breach it. Research and discuss some best practices in system hardening. Describe any hardening approaches you have seen used, if any.

V.

Topic 1: IDPS Effectiveness

During the lab activity, you gained experience using SNORT. Based on that experience (and any other IDPS experience you have, if any), discuss the benefits and limitations you see with IDPS. What does IDPS do really well? What are some of its shortcomings, and how can those be addressed? Is there ever a situation where an organization would be justified in not using an IDS, IPS, or both? Respond to at least two of your peers' assessments of IDPS effectiveness, focusing on Discussion about why or why not an organization should dedicate some of its financial and human resources to the use of IDPS.

Topic 2: IT 542 Takeaways

Now that you are at the end of the course, consider the security of information you use, have access to, or for which you have stewardship. What have you learned in this class that will help you contribute to the security of that information? How can you help others also contribute to increased information security? Are there any activities that you think would qualify as ‘ethical hacking' that you could do relative to information you work with? If so, discuss.