IST323 - Lab 1
This lab will have three main learning objectives. First, we will learn how to use the nmap
program in order to initiate an open port scan against a target server. Second,
we will use nmaps intelligent operating system
Information Technology Experiential Learning Lab
Wireless Security Lab
1 Why is WEP insecure?
WEP is insecure because the initialization vector in WEP is a 24-bit field. The initi
Information Technology Experiential
1. Why did we name the payload firefox_install.exe instead of something like
We named the pa
Session 1: iCloud Security Breach
iCloud is Apple's cloud service that enables its users to store, sync and update data between
Apple devices. Some useful features include Apple's cloud storage, password manager, data
Study online at quizlet.com/_1mbbpi
List the AAA access
Why is it less error-prone?
Appropriate authorizations are
easier to understand for roles
than for individuals.
Study online at quizlet.com/_1ma22u
What are the general
goals for secure
What is the def for
availability for secure
means that authorized users have
IST 323 Midterm
The Threat Environment
The threat environment consists of the types of attackers and attacks that companies face.
Youve got to know the threat to protect against it.
The CIA Triangle
These are the primary secur
Mid Term Study Guide:
The midterm will consist of 80 100 questions. Most of the questions will be
very much like the quizzes, but there may be a few questions that require a written
answer. To best prepare for the quiz:
1) You should be able to
AIS Chapter 1
Study online at quizlet.com/_1jlc2y
Why is it
Until you understand the threats you
face, you cannot defend yourself.
Confidentiality, integrity, availa
-if you arent supposed to see it, you shouldnt
-bad guys cant change data
-who changed information
-if you are supposed to get to it, you should be able to
-system stays up, no DOS
-successful attack, i
Ugh12 hours of
Chris: 50 years old
Alex: 26 years old
Music tastes: !=
(But I was driving so I
a la ool gr
rge ad n
st c w wo
t co king f
com ool gr
pan ad n
y. C ow
of A his o
o Default Deny: Block all packets by default, set specific rules to allow traffic
o Default Allow: Allow all packets by default, set specific rules to deny traffic
o Dangers of Traffic Overload (The good and the bad)
Firewalls can only process
Midterm Study Guide:
1) You should be able to correctly answer any of the quiz questions for chapter 1
2) You should be able to answer any of the discussion questions from the labs
we have had so far.
3) You should have a general understanding of the
o IDS and IPS
Growing processing power made stateful packet inspection
Now, growing processing power is making a new firewall filtering
Intrusion prevention systems (IPSs)
Intrusion Detection Systems (IDSs)
IST 323(M001) Syllabus Spring 2016 Intro to Information Security (V1.0 1/11/2016)
IST 323 (M001)
Machinery Hall 205
Wed: 2:15 3:30 PM
Heavily Referenced: Corporate Computer Security, 4 th Edition
Randall J. Boyle & Raymond R. Panko
Explain why attackers increasingly focus on applications.
List the main steps in securing applications.
The Threat Environment
Based on provided slides for Corporate Computer Security, 4 th Ed
Modified by Chris Croad
Basic Security Terminology
The Threat Environment
The threat environment consists of the types of
attackers and attacks that c
LINUX BOOT CAMP
To teach the basic commands needed to operate in a
Should include most of the commands needed to run the
A Linux distro
specifically for security.
Used by good guys and
INTRODUCTION TO INFORMATION SECURITY
IST 323 M002 Fall 2014
When and where.
Wednesday: 2:15 3:30 Hinds 117 Lecture
Wednesday: 3:45 - 5:05 027 Lab or Lecture
First Day of Class: 1/20/2016
Final Group Project
IST 323 Spring 2016
Assignment OPTION 1
As a group, you will research a particular security tool commonly used in industry today. It can
be an open source or commercial product, but your group is responsible for obtaining it. I
1. a) Why is it important for firms to understand the threat environment?
Until you understand the threats you face, you cannot defend yourself.
b) Name the three common security goals.
Confidentiality, integrity, and availability.
Key Concepts (1 through 6)
Application Proxy Firewall
ARP DoS Attack
Asymmetric Key Encryption
1. Why did we name the payload firefox_install.exe instead of something like payload.exe?
Because Payload is a malware that executes malicious code, so it is impossible for users to
download it. If we name the payload firefox_install.exe, user
Short Assignment #1
Keeping LTE Secure
Cellular technology, while still very young, has gone through several generations
of development. For the last two and a half years many of the major cellular carriers
around the world
Short Assignment #3
ObamaCare.gov Security: A Very Real Concern
There has been much news and debate recently about the politics behind the
ObamaCare act and the trouble with the ObamaCare website. Now that the site is
NAT142: Native American Religion
Issues Inhibiting Native American Religious Freedom in the U.S.
The issues surrounding Native American peoples in the United States are innumerable.
Any one issue or concern typically entails the
Since the establishment of the United States the freedom of religion has been
guaranteed for all citizens, but for Native Americans practice of religion has been continuously
discriminated against. In Huston Smiths A Seat at the Table: struggling for Amer
Lab 04 File and Folder encryption
Arshed Al Dulaimy
Question 1: Where you able to read the file? Why or why not?
No, I was not able to read the file because it's encrypted with Microsoft Bitlocker
Question 2: Where you able to read the file? Why or why no
This lab will teach you about how to use the nmap program in order to do a port scan against systems.
You will also get some insight into its many benefits as well as some of the flaws with it. It will also
require you to learn a few basic
VSPHERE CLIENT NAVIGATION
The vSphere client is a comprehensive tool used for management of virtual infrastructures. While the
client is a management platform for administrators, students will only have the permissions to
manipulate the resources assigned
Question 1: Do any of the LM Hashes values match each other? If so identify what overlaps they share.
User 1 and User 2 has the same LM Hash values. User 3 overlap the LM Hash values
(EAAD3B435B51404EE) with User 1 and User 2.
Question 2: Do any of the
Question 1: What Port/Services is your device running?
Question 2: Copy and paste the information in Kali.txt
Starting Nmap 6.47 ( http:/nmap.org ) at 2015-09-21 00:11 EDT
Nmap scan report for 192.168.10.75