11.1 List and briefly define three classes of intruders.
11.2 What are two common techniques used to protect a password file?
11.3 What are three benefits that can be provided by an intrusion detection system?
11.4 What is the difference between statistical anomaly detection and rule-based intrusion detection?
11.5 What metrics are useful for profile-based intrusion detection?
11.6 What is the difference between rule-based anomaly detection and rule-based penetration identification?
11.7 What is a honeypot?
11.8 What is a salt in the context of UNIX password management?
11.9 List and briefly define four techniques used to avoid guessable passwords.
12.1 List three design goals for a firewall.
12.2 List four techniques used by firewalls to control access and enforce a security policy.
12.3 What information is used by a typical packet filtering firewall?
12.4 What are some weaknesses of a packet filtering firewall?
12.5 What is the difference between a packet filtering firewall and a stateful inspection firewall?
12.6 What is an application-level gateway?
12.7 What is a circuit-level gateway?
12.9 What are the common characteristics of a bastion host?
12.10 Why is it useful to have host-based firewalls?
12.11 What is a DMZ network and what types of systems would you expect to find on such networks?
12.12 What is the difference between an internal and an external firewall?