MIS 4477 Exam 3 Notes

MIS 4477 Network and Security Infrastructure
JAKE MESSINGER (jake@uh.edu)

Exam 3 Notes Fall 2017

Last Update: 11/29/2017 @ 10 AM

TEST STRUCTURE:

30 Multiple choice questions, 2.5 points each, 75% of test
Fill in the blank and short answer: 25% of the test
No calcuation or long answers
Questions are pulled from a pool and in random question AND answer order; therefore, no 2 tests are the same.
Testing Method - Online Via Blackboard and password
Test Date/Available: 12/1/2017 @ 9 AM (possibly sooner) to Midnight, Dec 4th, 2017
Time: 3 hours from the time you begin, only 1 attempt allowed.
Content Covered: Notes since last test and Fitzgerald Chapters 10-12. There will also be industry specific questions that pertain to topics and events that occured during the semester, ie. the Equifax Data Breach, the threat of Net Neutrality going away, etc...

RULES:

This is an online test. YOU, the student, should be taking the test. Nobody else is allowed to help you take this test.
You cannot ask any questions of a live person regarding test content before, during or after the test.
You may NOT print, copy or save any part of this test other than submitting it for grading. Blackboard has mechanisms that can track this while you are taking the test.
You may not share any answers to any questions with any other students in the class, even if they have told you they have already taken the test.
You are allowed to use your notes, books, power point presentations, the Internet or any other static information. Again, you cannot ask for help from any other humans.
If it is determined that any of these rules are broken, you may be dropped from the class, receive a failing grade for the class and you may also be subject to academic dishonesty policies at the University.

GRADING:

The test will be initially electronically graded after you press the submit button. This is a raw score and may not be your final test grade. The essay questions must be manually graded so you will not see a score until they are graded by me.
If you feel that there are 2 possible answers, choose the best one, but then submit me your concern and reasoning behind your answer in the comments section. Occasionally there are 1 or 2 questions are dropped from a test if they are determined to be not legitimate or appropriate after the fact. If I determine there are 2 correct answers for a question, or if the question is improperly structured, I will remove it from the test and nobody will receive credit for it. SO, for example, if there were 30 questions, and 1 was determined to be invalid, your score would be the number of correct answers out of 29.
I will make every effort to finalize your test grade including any grade adjustments 72 hours after the test date has passed.

AFTERMATH:

This is the final test so we will not review it in class. If you wish to see your test, email me to schedule a time/place.
If you missed the test, you may make it up ONLY with a valid medical excuse OR if I have given you permission previous to the test day and it must be made up before the final grades must be in. Check the University schedule for specific dates.

TEST CONTENT:
Questions will come from the book, and the Power Point Presentations, as well as my notes on each chapter and any links I e-Mailed you. Pay attention to the SUMMARY and QUESTIONS in the back of each chapter. There will be no SPECIFIC questions from any of the case studies. It may be beneficial for you to earch for some of the items on the Internet on sites such as google.com.

The following datapoints relate to possible questions on the test:

Chapter 10 - The Internet

Know the relationship of Tier 1, Tier 2 and TIer 3 Internet Service Providers
Describe the differences between an IXP, a POP, a NAP and a "Colo."
What is Net Neutrality and how does it relate to Peering?
What is the ICANN and what do they do?
What is the IETF and what do they do?
What is ARIN and what do they control?
What is WIPO and why are they so powerful?
What is a local loop? Last Mile?
What is DocSis and ATM protocols? What network types are each used on.
What is "Internet2"?

Chapter 11 - Network Security

What are the 3 major categories of network security threats?
Give some examples of threats in these major categories
What are the different groupings of unauthorized users?
Define: Threat, Asset and Control and Rule
Who is CERT and what do they do?
Define the 3 classifications of CONTROLS and give examples of different kinds of network controls..
Define "mission critical" with respect to Network Assets.
What is a Colocation Facility and what threats does it mitigate?
Define "Redundancy" and its role in network security and practicality. Give some examples of redundancy, i.e. UPS, RAID..
What is a "DoS" attack?
What is a firewall? Describle a firewall that can be implemented at every level from a door lock to a proxy.
What is Social Engineering? How to hackers use it to gain access to Network Assets?

Chapter 12 - Network Management

What is Firefighting with respect to Network Management?
What are the basic functions of a Network Manager? What do they typically NOT do? Training? Software Support?
Define Performance management and how is it different from Fault management.
What are the roles of the NOC? the Helpdesk? How do they relate to each other? How are they different?
What is a "managed" or "intelligent" network device versus a "dumb" network device?
What is a trouble ticket? Why are they important? How are they used ?
What is the SNMP protocol used for?
Define MTBF - where do you find this information?
Define "SLA" (Service Level Agreement)... what are the 5 9's?
Define the "Total Cost of Ownership"
Which entity in a network environment is typically the most costly to manage?
What is a Charge-Back policy?
How does Colocation affect network mangement? Pro's and Con's.

End of Exam 3 Notes

Thank you for attending my class AND bearing with me and the technical challenges this semester. I hope you gained some knowledge and can use some of what you learned in future endeavors.