You are on page 1of 9

CISSP Guide to Security Essentials, First Edition

Assignment List-1

Assignment List for CIS 237 Information Systems Security II


Summer 2012 (Revised 6/28/12)

Getting Started Module (Orientation) -

Reading Assignment:
Course Syllabus and Assignments List (Getting Started folder on the ANGEL Learning
website under the Lessons tab http://angel.olympic.edu)
Assignment Type: Discussion Board Date Due: July 7, 2012
Points Possible: 20 (Extra Credit) Project Duration: 10 15 minutes
Deliverable Length: 1 - 2 paragraphs
Please provide some information on your background, education, work experience and
personal interests that you would like to share with the rest of the class. Where are you
from? What do you do for a living? What do you hope to get out of this course?
Please indicate how many courses you have taken to-date through Olympic College and
WAOL and if you are taking any additional courses this term. If you have any IT
experience, do not hesitate to reveal it. Please share your expectations for this hybrid
course and the Olympic College program in which you are currently enrolled.
Assignment Type: Survey Due Date: July 7, 2012
Points Possible: 10 *(Extra Credit) Project Duration: 15 minutes
Deliverable Length: N/A
Complete the Angel Pre-Survey found within the Getting Started Assignment folder
under the Getting Started folder under the Lessons tab within your ANGEL Learning
online classroom. Log into http://angel.olympic.edu and complete this survey before the
assignment due date (found above).

Module 1 Reading Assignment:


Revision 1.09 B231 7/6/2012 D:\Users\kblackwell\Google Drive\My Documents\Teaching\Summer
2012\CIS 237 (ARR ARR)\Assignment List for CIS 237.docx

CISSP Guide to Security Essentials, First Edition

Assignment List-2

Ch. 1 (Gregory)
Assignment Type: Discussion Board Date Due: July 14, 2012
Points Possible: 40 Project Duration: 1 - 2 hours
Deliverable Length: 3 - 4 paragraphs
Organizational mission, objectives, and goals
1. What challenges will a security manager face when trying to support an
organizations mission and goals?
2. What are examples of some ethics issues that a security manager will encounter?
Post your answer on the Discussion Board. Be an active participant in the discussion by
responding to at least two of your classmates' posts before the assignment due date.

Assignment Type: Labs Due Date: July 14, 2012


Points Possible: 80 Project Duration: 2 - 4 hours
Deliverable Length: 2 - 3 pages
Complete the Hands-On Project - Project 1-1 from Chapter 1. Submit your report, in a
Word document, for this module.
Complete the following TestOut! LabSims. The grade for this assignment will be
manually entered into the grade book.
Using the TestOut software (Certified Information Systems Security Professional CISSP)
provided in the networking lab (or loaded at home), complete Sections 0.0, 1.1 and 1.2
(including any applicable "Exam Questions"). The completion status of the
assignment, and your scores, will be entered into the grade book (assuming you set up
your LabSim online account according to the instructions provided under the "Getting
Started" module).
Assignment Type: Test Due Date: July 14, 2012
Points Possible: 80 Project Duration: 30 minutes
Deliverable Length: N/A
Finish the Module 1 Quiz found within the Module 1 Assignments folder under the
Lessons tab within your ANGEL Learning online classroom. Log into
http://angel.olympic.edu and complete the quiz before the assignment due date (found
above). This is an open book exam, which must be completed at home.

Revision 1.09 B231 7/6/2012 D:\Users\kblackwell\Google Drive\My Documents\Teaching\Summer


2012\CIS 237 (ARR ARR)\Assignment List for CIS 237.docx

CISSP Guide to Security Essentials, First Edition

Assignment List-3

Module 2 Reading Assignment:


Ch. 2 (Gregory)
Assignment Type: Discussion Board Date Due: July 21, 2012
Points Possible: 40 Project Duration: 1 - 2 hours
Deliverable Length: 3 - 4 paragraphs
Access Control - Centralized Administration & Penetration Testing
1. What are the advantages and disadvantages of centralized authentication?
2. Should an organization hire current or former hackers to perform vulnerability
testing? Why or why not?
Post your answer on the Discussion Board. Be an active participant in the discussion by
responding to at least two of your classmates' posts before the assignment due date.

Assignment Type: Labs Due Date: July 21, 2012


Points Possible: 80 Project Duration: 4 - 6 hours
Deliverable Length: 2 - 3 pages
Complete the Hands-On Project - Project 2-1 through Project 2-4 from Chapter 2.
Submit your report and screenshots of your own work (showing significant steps), in a
Word document, for this module.
Complete the following TestOut! LabSims. The grade for this assignment will be
manually entered into the grade book.
Using the TestOut software (Certified Information Systems Security Professional CISSP)
provided in the networking lab (or loaded at home), complete Sections 5.1, 5.3, 5.4 and
5.5 (including any applicable "Exam Questions"). The completion status of the
assignment, and your scores, will be entered into the grade book (assuming you set up
your LabSim online account according to the instructions provided under the "Getting
Started" module).

Assignment Type: Test Due Date: July 21, 2012


Points Possible: 80 Project Duration: 30 minutes
Deliverable Length: N/A
Finish the Module 2 Quiz found within the Module 2 Assignments folder under the
Lessons tab within your ANGEL Learning online classroom. Log into

Revision 1.09 B231 7/6/2012 D:\Users\kblackwell\Google Drive\My Documents\Teaching\Summer


2012\CIS 237 (ARR ARR)\Assignment List for CIS 237.docx

CISSP Guide to Security Essentials, First Edition

Assignment List-4

http://angel.olympic.edu and complete the quiz before the assignment due date (found
above). This is an open book exam, which must be completed at home.

Module 3 Reading Assignment:


Ch. 3 (Gregory)
Assignment Type: Discussion Board Date Due: July 28, 2012
Points Possible: 40 Project Duration: 1 - 2 hours
Deliverable Length: 3 - 4 paragraphs
The Software Development Life Cycle (SDLC)
1. What more can be done in the software development life cycle to ensure that
software is free of security vulnerabilities?
2. What challenges exist with regards to the need to protect sensitive data stored in
databases?
3. Why should security be a part of the conceptual stage in the software
development life cycle?
Post your answer on the Discussion Board. Be an active participant in the discussion by
responding to at least two of your classmates' posts before the assignment due date.

Assignment Type: Labs Due Date: July 28, 2012


Points Possible: 80 Project Duration: 4 - 6 hours
Deliverable Length: 2 - 3 pages
Complete the Hands-On Project Hands-On Project 3-1 from Chapter 3. Also,
complete the Case Project Case Project 3-1 from Chapter 3. Submit your answers to
the questions posed there, along with screenshots of your work, in a Word document, for
this module.
Complete the following TestOut! LabSims. The grade for this assignment will be
manually entered into the grade book.
Using the TestOut software (Certified Information Systems Security Professional CISSP)
provided in the networking lab (or loaded at home), complete Sections 6.3 and 6.4
(including any applicable "Exam Questions"). The completion status of the
Revision 1.09 B231 7/6/2012 D:\Users\kblackwell\Google Drive\My Documents\Teaching\Summer
2012\CIS 237 (ARR ARR)\Assignment List for CIS 237.docx

CISSP Guide to Security Essentials, First Edition

Assignment List-5

assignment, and your scores, will be entered into the grade book (assuming you set up
your LabSim online account according to the instructions provided under the "Getting
Started" module).

Assignment Type: Test Due Date: July 28, 2012


Points Possible: 80 Project Duration: 30 minutes
Deliverable Length: N/A
Finish the Module 3 Quiz found within the Module 3 Assignments folder under the
Lessons tab within your ANGEL Learning online classroom. Log into
http://angel.olympic.edu and complete the quiz before the assignment due date (found
above). This is an open book exam, which must be completed at home.

Module 4 Reading Assignment:


Ch. 4 (Gregory)
Assignment Type: Discussion Board Date Due: August 4, 2012
Points Possible: 40 Project Duration: 1 - 2 hours
Deliverable Length: 3 - 4 paragraphs
Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
1. Is a separate risk analysis required for a BIA, or can a general purpose risk
analysis suffice? Why or why not?
2. What are the differences and similarities between business continuity planning
and disaster recovery planning?
3. Why is executive support necessary for a disaster recovery and business
continuity plan?
4. What characteristics of the Sept 11, 2001 attacks caused fundamental changes in
disaster recovery and business continuity planning?
5. What are the specific challenges of a pandemic that pose challenges to business
continuity planning?
Post your answer on the Discussion Board. Be an active participant in the discussion by
responding to at least two of your classmates' posts before the assignment due date.

Revision 1.09 B231 7/6/2012 D:\Users\kblackwell\Google Drive\My Documents\Teaching\Summer


2012\CIS 237 (ARR ARR)\Assignment List for CIS 237.docx

CISSP Guide to Security Essentials, First Edition

Assignment List-6

Assignment Type: Labs Due Date: August 4, 2012


Points Possible: 80 Project Duration: 4 - 6 hours
Deliverable Length: 2 - 3 pages
Complete the Hands-On Project - Project 4-2 from Chapter 4. Submit your report, in a
Word document, for this module.
Complete the following TestOut! LabSims. The grade for this assignment will be
manually entered into the grade book.
Using the TestOut software (Certified Information Systems Security Professional CISSP)
provided in the networking lab (or loaded at home), complete Section 1.3 (including any
applicable "Exam Questions"). The completion status of the assignment, and your
scores, will be entered into the grade book (assuming you set up your LabSim online
account according to the instructions provided under the "Getting Started" module).
Assignment Type: Test Due Date: August 4, 2012
Points Possible: 80 Project Duration: 30 minutes
Deliverable Length: N/A
Finish the Module 4 Quiz found within the Module 4 Assignments folder under the
Lessons tab within your ANGEL Learning online classroom. Log into
http://angel.olympic.edu and complete the quiz before the assignment due date (found
above). This is an open book exam, which must be completed at home.

Module 5 Reading Assignment:


Ch. 5 (Gregory)
Assignment Type: Discussion Board Date Due: August 18, 2012
Points Possible: 40 Project Duration: 1 - 2 hours
Deliverable Length: 3 - 4 paragraphs
Practical applications of symmetric and asymmetric encryption
1. What are the principal challenges with symmetric key cryptography?
2. Why are longer encryption keys important in the protection of encrypted
messages? What is the tradeoff in the use of longer encryption keys?

Revision 1.09 B231 7/6/2012 D:\Users\kblackwell\Google Drive\My Documents\Teaching\Summer


2012\CIS 237 (ARR ARR)\Assignment List for CIS 237.docx

CISSP Guide to Security Essentials, First Edition

Assignment List-7

3. What are the pros and cons of full disk encryption for portable devices such as
laptops and PDAs?
4. With public key cryptography, user A sends a message to user B, encrypted with
user Bs public encryption key. Can user A later read the sent message? Why or
why not?
5. Why is e-mail encryption such a difficult problem to solve?
Be an active participant in the discussion by responding to at least two of your
classmates' posts before the assignment due date.

Assignment Type: Labs Due Date: August 18, 2012


Points Possible: 80 Project Duration: 4 - 6 hours
Deliverable Length: 2 - 3 pages
Complete the Hands-On Project - Project 5-1 through Project 5-5 from Chapter 5.
Submit your report and screenshots of your work (showing significant steps), in a Word
document, for this module.
Complete the following TestOut! LabSims. The grade for this assignment will be
manually entered into the grade book.
Using the TestOut software (Certified Information Systems Security Professional CISSP)
provided in the networking lab (or loaded at home), complete Section 4.0 (including any
applicable "Exam Questions"). The completion status of the assignment, and your
scores, will be entered into the grade book (assuming you set up your LabSim online
account according to the instructions provided under the "Getting Started" module).

Assignment Type: Test Due Date: August 18, 2012


Points Possible: 80 Project Duration: 30 minutes
Deliverable Length: N/A
Finish the Module 5 Quiz found within the Module 5 Assignments folder under the
Lessons tab within your ANGEL Learning online classroom. Log into
http://angel.olympic.edu and complete the quiz before the assignment due date (found
above). This is an open book exam, which must be completed at home.

Final Module -

Revision 1.09 B231 7/6/2012 D:\Users\kblackwell\Google Drive\My Documents\Teaching\Summer


2012\CIS 237 (ARR ARR)\Assignment List for CIS 237.docx

CISSP Guide to Security Essentials, First Edition

Assignment List-8

Reading Assignment:
Review Ch. 1 through Ch. 5 (Gregory)
Assignment Type: Hands-On Project Due Date: August 23, 2012
Points Possible: 50* (Extra Credit) Project Duration: 8 hours
Deliverable Length: N/A
Complete the following Hands-On Projects. Submit your report and screenshots of your
work (showing significant steps), in a Word document.
Using the equipment and software that is available in the T-213 Lab, including USB
wireless NICs that can be checked out from any one of the lab technicians, attempt to
"crack" the pre-shared key (PSK) that is associated with the wireless access point that is
attached to the Sandbox network in the T-213 Lab.
Some of the resources that you might consider making use of include VMware
Workstation for Windows version 7.1.3, Windows 7 Professional, Windows 7 Enterprise,
or Windows XP Professional (running in a virtual machine environment), the Aircrack-ng
software utility, the "Live CD" distribution of the Backtrack 4 R2 penetration testing
and forensic data analysis toolset, USB 802.11a/b/g/n network interface cards (NICs),
your personally-owned laptop with its own built-in NIC, your personally-owned laptop
with an optional USB NIC particularly suited for wireless "hacking/cracking," or any
other combination of software and hardware utilities that do not violate local, state,
national, or international law.
Upload a single Word document with the detailed written steps that you took, combined
with a liberal number of screenshots detailing each significant step in the process for a
percentage of the "Extra Credit" points for this assignment. Be sure to include the
"secret" pre-shared key, if any, that you discovered during your analysis. Don't tell any
other student what this quarter's pre-shared key is, if you discover this
information. Use the Module 6 Hands-On Project Drop Box to send your results to
me.
Assignment Type: LabSim Assessment Due Date: August 23, 2012
Points Possible: 25* (Extra Credit) Project Duration: 2 hours
Deliverable Length: N/A
Complete the individual practice exams for the following five domains from your
TestOut! LabSim software.
Domain 1: Access Controls
Domain 3: Security Management
Domain 4: Applications Security
Revision 1.09 B231 7/6/2012 D:\Users\kblackwell\Google Drive\My Documents\Teaching\Summer
2012\CIS 237 (ARR ARR)\Assignment List for CIS 237.docx

CISSP Guide to Security Essentials, First Edition

Assignment List-9

Domain 5: Cryptography
Domain 8: Business Continuity Planning
Upload a single document with the combined screenshots of the results of each of these
practice exams for a percentage of the "Extra Credit" points for this assignment. Use the
Final Module LabSim Drop Box to send your results to me.
Assignment Type: Final Week Survey Due Date: August 23, 2012
Points Possible: 10* (Extra Credit) Project Duration: 30 minutes
Deliverable Length: N/A
Complete the Faculty Assessment form found under the Final Module Assignments
folder within your ANGEL Learning course to earn an extra 10 points towards your final
score in this course.

Revision 1.09 B231 7/6/2012 D:\Users\kblackwell\Google Drive\My Documents\Teaching\Summer


2012\CIS 237 (ARR ARR)\Assignment List for CIS 237.docx