CONTENTS

CCM: Questions

Lab report.  The lab report for this laboratory should include the following

1. Evaluation reports for PP, ST and TOE.
2. ST for Cisco PIX 501 (basic framework).
3. Answers to the Lab Questionnaire.

Tutorial Questionnaire. 

Question 1: Which users/ groups have access to audit logs?
Question 2: Why are audit policies disabled by default?
Question 3: What is the difference between security logs and system logs?
Question 4: What is the minimum size of the log allowed?
Question 5: Why is the default size very different from the minimum?
Question 6: What size would you choose as the maximum?
Question 7: Which other user can access the even viewer?
Question 8: Why is the audit view limited to specific users only?
Question 9: Does the local policies cover security management functions for administrators also?
Question 10: Can different security functions be created for each user?
Question 11: Which of the above mentioned security management functions can be performed by user other than the administrator group? within the network?
Question 12: Can the user data be situated at a remote machine in a trusted domain within the network?
Question 13: How does the group policy relate to local policy?
Question 14: Why are policies for administrator in user-configuration and computer-configuration different?
Question 15: Which other user other than from the administrator group enable or disable quota management?
Question 16: Is the quota limit applicable to all the users? Is there any user that is not limited by the quota management?
Question 17: What encryption function is used by operating system?
Question 18: Does it provide any information about what the password could be? Or whether even the username was correct?
Question 19: How are all the security-relevant information captured in the displayed information?
Question 20: Can anyone else unlock the computer apart from the user who locked it?
Question 21: What is the difference between the User Ticket and Service Ticket?
Question 22: Do you think it is more important to have a service Ticket timeout than a User Ticket timeout?