Exercise 3-1 (From Chapter 3, page 123, Real World Exercise 3.1 AND 3.2)
This chapter’s opening scenario illustrates a specific type of incident/disaster. Using a Web browser, search for information related to preparing an organiza- tion against terrorist attacks. Look up information on (a) anthrax or another
biological attack (like smallpox), (b) sarin or another toxic gas, (c) low-level radiological con- tamination attacks.
Exercise 3-2
Using a Web browser, search for available commercial applications that use various forms of RAID technologies, such as RAID 0 through RAID 5. What is the most common implemen- tation? What is the most expensive?
Exercise 4.5: (From Chapter 4, page 156, Real World Exercise 5)
Using a Web browser, search for other methods employed by industry or government to share information on possible incidents.
Exercise 5.2: (From Chapter 5, page 218, Real World Exercise 2)
Using a Web browser, search on the term intrusion prevention systems. What are the characteristics of an IPS? Compare the costs of a typical IPS to an IDPS. Do they differ? What characteristics justify the difference in cost, if any?
Exercise 6.1: ( From Chapter 6, page 257, Real World Exercise 1)
Using a Web browser, search for “incident response training.” Look through the first five results and identify one or two companies that offer such training. Pick one company and look at the course offerings. Locate a course that can train you to create a CSIRT. How many days will that course take?
Exercise 7.1: (From Chapter 7, page 304, Real World Exercise 1)
Using a Web browser, perform some research on a newer malware variant that has been reported by a major malware containment vendor. Using a search engine, go to the vendor’s Web site; this could be Symantec, McAfee, or any of their competitors. Visit one malware prevention software vendor. Search for the newest malware variants and pick one. Note its name and try to understand how it works. Now look for information about that same malware from at least one other vendor. Were you able to see this malware at both vendors? If so, are there any differences in how they are reported between the two vendors?
Exercise 8-4 (From Chapter 8, page 359, Real World Exercise 8.4)
Using a Web search tool, identify cases in which private information was disclosed when computer equipment was discarded. Recent examples have included smartphones (like Black- Berry) that were sold without proper data cleansing and hard drives that were sold without data cleansing after the computers they were originally used in were upgraded.