MIS 4477
Network and Security Infrastructure
JAKE MESSINGER (jake@uh.edu)
Exam 3 Notes

Spring 2016

Updated 04/27/2016 @ 1 PM

 

LAYOUT:

• 30 Multiple choice questions,  3.33 points each
• NO ESSAY QUESTIONS
• Paper Test Packet - BRING A RED SCANTRON form 88483 (available at the bookstore) and a Pencil
• Content Covered: Notes since last test and Fitzgerald Chapters 10-12

RULES:

• NO BOOKS or electronic devices can be used. You may bring hand written or printed notes as long as it is not the entire body of the book, the chapters, or my published notes or Powerpoint Presentations. Rewrite/retype the notes into new documents and then you can use those. I will inspect your notes and you must thurn them in with the test.
• Eyes on your own Test. This is not a group project. Please, no "excessive" head moving especially side to side.
• Do not remove the test from classroom. Students caught with a copy of one of my tests outside the classroom will be dropped from the class with an "F" and may be subject to academic review.
• No hats or baseball caps, books, electronic translators, or any other extraneous/superfluous/covert items. A non-alchoholic beverage is okay. No food.
• If you have a question, raise your hand but be quiet.
• Check at the front of the class periodically to see the time left and also any corrections/notes regarding questions on the test.
• You have until 5 minutes before the next class period to take the test. If you are not finished, you must turn the test in incomplete.
• You MAY NOT LEAVE during the test so go to the bathroom, feed the meter, put on deodorant or pray to the deity of your choice first.
• When you are finished, bring the test to me along with all your notes you used, and make sure I check you off my test roster.

GRADING:

• You must put your full name and PeopleSoft ID on the test to receive a proper grade.
• If you feel that there are 2 possible answers, choose the best one, but write your justification on the test. Occasionally there are 1 or 2 questions are dropped from a test if they are determined to be not legitimate or appropriate after the fact. If I determine there are 2 correct answers for a question, I will give credit for either answer.
• I will email you your grade and your final grade by Saturday. Please notify me if you do NOT want your grade emailed, although no identifying information is given out, just your grades.

AFTERMATH:

• This is the final test so we will not review it in class. If you wish to see your test, email me to schedule a time/place.
• If you missed the test, you may make it up ONLY with a valid medical excuse OR if I have given you permission previous to the test day and it must be made up before  May 10th, 2016.

TEST CONTENT:
Questions will come from the book, and the Power Point Presentations, as well as my notes on each chapter and any links I e-Mailed you.  Pay attention to the SUMMARY and QUESTIONS in the back of each chapter. There will be no SPECIFIC questions from any of the case studies. It may be beneficial for you to earch for some of the items on the Internet on sites such as whatis.com and google.com.

The following datapoints relate to at least one specific questions on the test:

 

Chapter 10 - The Internet

• Know the relationship of Tier 1, Tier 2 and TIer 3 Internet Service Providers
• Describe the differences between an IXP, a POP, a NAP and a "Colo."
  
• What is Net Neutrality and how does it relate to Peering?
• What is the ICANN and what do they do?
  
• What is the IETF and what do they do?
  
• What is ARIN and what do they control?
  
• What is WIPO and why are they so powerful?
  
• What is a local loop?  Last Mile?
• What is DocSis and ATM protocols? What network types are each used  on.
• What is "Internet2"?

Chapter 11 - Network Security

• What are the 3 major categories of network security threats?
• Give some examples of threats in these major categories
• What are the different groupings of unauthorized users?
• Define: Threat, Asset and Control and Rule
• Who is CERT and what do they do?
• Define the 3 classifications of CONTROLS  and give examples of different kinds of network controls..
• Define "mission critical" with respect to Network Assets. (YES DEFINITELY ON TEST)
• What is a Colocation Facility and what threats does it mitigate?
• Define "Redundancy" and its role in network security and practicality. Give some examples of redundancy, i.e. UPS,  RAID..
• What is a "DoS" attack?
• What is a firewall?  Describle a firewall that can be implemented at  every level from a  door lock to  a proxy.
• What is Social Engineering? How to hackers use it to gain access to Network Assets?

 

Chapter 12 - Network Management

• What is Firefighting with respect to Network Management?
• What are the basic functions of a Network Manager? What do they typically NOT do? Training?  Software Support?
• Define Performance management and how is it different from Fault management.
• What are the roles of the NOC? the Helpdesk? How do they relate to each other? How are they different?
• What is a "managed" or "intelligent" network device versus a "dumb" network device?
• What is a trouble ticket? Why are they important?  How are they used ?
• What is the SNMP protocol used for?
• Define MTBF - where do you find this information?
• Define "SLA" (Service Level Agreement)... what are the 5 9's?
• Define the "Total Cost of Ownership"
• Which entity in a network environment is typically the most costly to manage?
• What is a Charge-Back policy?
• How does Colocation affect network mangement? Pro's and Con's.

End of Exam 3 Notes

Thank you for attending my class AND bearing with me and the weather challenges this semester. I hope you gained some knowledge and can use some of what you learned in future endeavors.

 © 2016 Jake Messinger (all rights reserved)
Dept of Decision and Information Sciences (MIS)
Bauer College of Business
University Of Houston