1 / 12

Midterm Review

Midterm Review. ITIS 3110 - Fall 2012. Midterm Format. ~60 points total Some true/false Multiple choice One discussion question . General Study Help. I'm looking for understanding What infrastructure technologies are (names) What infrastructure technologies do (purpose)

tannar
Download Presentation

Midterm Review

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Midterm Review ITIS 3110 - Fall 2012

  2. Midterm Format ~60 points total • Some true/false • Multiple choice • One discussion question

  3. General Study Help • I'm looking for understanding • What infrastructure technologies are (names) • What infrastructure technologies do (purpose) • What are the security issues (secure) • Slides only give overview • Read wikipedia and 24x7 chapters for more understanding • Ask me questions via email for better understanding • Study together if you need help

  4. General Study Help • I'm NOT looking for memorization • You don't need to know ports • you can always look these up • RFCs are useful for understanding, but the numbers are not important • Knowing some history will be useful and help answer questions, but no need to memorize dates

  5. NTP & Syslog • Understand NTP Stratums • Stratum 0 is the clock source, etc • Why is clock synchronization important • Use Wikipedia for additional understanding • Syslog • Know about facilities and wildcards • Benefits of logging • Know security vulnerabilities and mitigations

  6. SSH • SSH configuration & key authentication • password and key authentication • password vulnerabilities and mitigation • what the private key does • what file holds the public key (~/.ssh/authorized_keys) • what denyhosts does  • anatomy of the ssh/scp command

  7. DNS • DNS understanding will be most important • Understand zones and tree organization • root servers • Resource records • Question might ask what are some resorce records and what are they used for • Glue records • I want you to understand how these work • Understand how addresses are resolved • Slide graphic • Interpret a dig command • NXDOMAIN or NOERROR • ANSWER SECTION

  8. DNS • DNS security • What are the vulnerabilites • Why use DNSSEC • DNS is used with all other technologies in our lab • Understanding of how DNS works with... • Kerberos • SMTP • MX records

  9. Keberos and LDAP • Difference between authentication and authorization • PAM and PAM stacks • Kerberos process and components •  Client/Auth Server/Service Server •  Ticket granting process • LDAP • Directory stucture (you may need to develop one) • LDAP operations and what they do • LDAP "Usage" slide • What LDAP is used for and good at • What LDAP is not good at

  10. TLS and E-Mail • What does Trasport Layer Security do/provide • Understand Client/Server interaction (chart) • Uses PKI (asymmetric) first - needs CA's • Exchanges a symmetric session key • uses symmetric for speed  • E-mail - SMTP • MX records and mail server priorities • Know what the mail header shows  • MIME and what it is used for • Know security/spam issues and mitigation • security - use TLS • spam - blacklists, whitelists, and greylists

  11. SPF Evaluation • SPF • DNS - SPF records • mechanisms • modifiers • limitations - when it does not work

  12. Networked File Systems • Know what networked file systems are used for • NFS is a networked file system • NFS security issues • trusted client • RPC • Distributed file systems • How are they better than traditional networked file systems? • Clustered file systems • Different from distributed because they provide block level access (ie they look like a disk) • SANS • block level access to multiple servers  • provide fault protection (chart)

More Related