module 1
There were many published attacks on Microsoft Windows in the last two decades. Research online to find any one attack published after 2000 and explain it in detail. The example should not duplicate the ones given in the book.
module 2
Select one of the topics below, research it on the Internet (excluding Wikipedia, which is not considered a valid reference by any regional accrediting body), and write a report of at least two paragraphs on it to the class. Show your references for your classmates to use.
You may not duplicate someone else’s topic, so check before you research. Duplicate topics (determined by date/time posted) will be given a 0 grade. In addition, respond to at least two of your classmates’ postings.
• Access Control List
• Access Controls
• Microsoft Windows Security Features
• Vulnerabilities of Microsoft Windows Operating Systems
• Auditing and Security Policy
• Group Policy
• Microsoft Baseline Security Analyzer (MBSA)
• Security Audit
module 3
| Pick any one cryptographic protocol (e.g., SSL, TLS, IKE, Kerberos, SSH, PPTP, WEP, WPA, TKIP etc.). In your initial discussion post, please explain the working and details of the protocol clearly (no copy+paste). Wikipedia is not acceptable. When responding to someone’s post, please provide any missing details of the protocol that was explained, with particular emphasis on attacks/limitations of the protocol. |
mod 4
| Assume you are all working as the security team in the IT department of a company. The upper-level management is considering the use of an effective approach to back up their systems. From magnetic tapes, CDs, to external hard drives and cloud-based services, there are technological solutions to this. In addition to the technologies, there are other issues to consider such as an effective disaster recovery plan. Using the concepts learned in this module and possibly with the help of online research, post something about a strategy, tool, or issue related to this that can aid the company in coming up with the best backup strategy.’
mod 5
|
|
|
As you may have realized from this module’s contents, almost every application is vulnerable to attacks. Pick an application (e.g., browser, email client), explain the strongest threat for it and any existing solutions to prevent it.
You may not duplicate someone else’s topic, so check before you research. Duplicate topics (determined by date/time posted) will be given a 0 grade. In addition, respond to at least two of your classmates’ postings. |
|
mod 6
| In this module, you have been exposed to hardening security in many aspects of Windows systems. Pick any one aspect (e.g., password policy) and explain why you consider it important to harden it. Please include any realistic threats in that aspect and also possible remedies.
You may not duplicate someone else’s topic, so check before you research. Duplicate topics (determined by date/time posted) will be given a 0 grade. In addition, respond to at least two of your classmates’ postings. |
mod 7
Share with other students your experience or knowledge of a computer forensics case that you found interesting. Make sure to mention as to what constitutes an incident and the evidence in your selected case.
You may not duplicate someone else’s topic, so check before you research. Duplicate topics (determined by date/time posted) will be given a 0 grade. In addition, respond to at least two of your classmates’ postings.
mod 8
Developing secure software in a secure IT infrastructure is an ongoing process. Refer to the Washington School Information Processing Cooperative (WSIPC) case study as described in the text sheet ts_wispc.docx available under “Doc Sharing.” Think of the tools and strategies WSIPC would have applied to reduce their security vulnerabilities. Discuss what other controls may exist in other infrastructure domains to further increase WSIPC’s security. |
