Principles of Information System Security

From the menu on the left, you can access NIST's Guideline on Network Security Testing (SP 800-42).

This Saturday (6 March) we will have a short quiz on the portions of Network Security Testing. For the most part, these sections will correlate with our 'Hands On" activities.

In specific, the quiz will be drawn from the following sections of NIST 800-42.

Executive Summary

1 Introduction
1.1 Purpose and Scope
1.2 Definitions

2 Security Testing and the System Development Life Cycle
2.2 Documenting Security Testing Results

3 Security Testing Techniques
3.4 Password Cracking
3.6 File Integrity Checkers
3.9 Wireless LAN Testing (War Drivers)
3.12 General Information Security Principles

Appendix c Common Testing Tools
C2 Network Sniffers (ethereal)
C3 Password Crackers (John the Ripper)

Executive Summary

My anticipation is that the quiz will be brief (10 to 12 M/C or T/F questions) with the possibility of two or three short answer questions.

Note that each of these links will open a PDF file.