Texto del examen de inglés del MAP.

Temas relacionados con el examen de inglés
Cerrado
J
Usuario registrado
Mensajes: 7
Registrado: 26 Jul 2004, 18:28
Agradecido: 0
Agradecimiento recibido: 0

Texto del examen de inglés del MAP.

Mensaje por J »

Hola a tod@s,

Alguien que haya hecho el examen de inglés del MAP, y que haya localizado el texto en Internet, podría por favor poner el enlace?

Muchas gracias.

Emi
Usuario registrado
Mensajes: 129
Registrado: 05 Ago 2004, 10:50
Agradecido: 10 veces
Agradecimiento recibido: 0

RE: Texto del examen de inglés del MAP.

Mensaje por Emi »

Hola:

El examen salió del texto que se encuentra en el siguiente enlace http://www.svetsiti.cz/nas_tip/2005/Int ... aGroup.pdf, (págs. 4 y 5).

Echo en falta alguna frase más que debieron intercalar en el primer párrafo (algo relativo a Sasser).

Bueno, suerte a todos.

jeayuso
Usuario registrado
Mensajes: 5
Registrado: 24 Abr 2005, 17:17
Agradecido: 0
Agradecimiento recibido: 0

RE: Texto del examen de inglés del MAP.

Mensaje por jeayuso »

Hola chicos,

os envío otro enlace porque el otro no consigo abrirlo. Además en este informe sí biene el texto completo.

http://www.checkpoint.com/products/down ... tworks.pdf

Mucha suerte :D

Juan Emilio
Juan Emilio Ayuso

pacogd
Usuario registrado
Mensajes: 17
Registrado: 14 Abr 2005, 23:15
Ubicación: Murcia
Agradecido: 0
Agradecimiento recibido: 0

RE: Texto del examen de inglés del MAP.

Mensaje por pacogd »

Ostras con el texto!!!!!, puff yo lo veo bastante complicado, además desanima bastante al hacerlo por su dificultad.

Por favor, podrias acotar donde empezo y donde termino.

Gracias.

nv
Usuario registrado
Mensajes: 50
Registrado: 23 Jul 2004, 08:44
Agradecido: 0
Agradecimiento recibido: 0

RE: Texto del examen de inglés del MAP.

Mensaje por nv »

Que alguien me corrija si me equivoco que yo no hice el examen y lo pongo de oidas pero creo que es esto:
Application-Layer Exploits

In recent years, application-layer attacks have become dramatically more
common. Worms and blended threats such as Blaster, Bugbear, Slammer, and
SoBig were among the most common and troublesome in 2003. Sasser followed
as a key culprit in 2004. Significantly, the majority of the SANS/FBI top 20
vulnerabilities to Internet security are categorized as application-layer
weaknesses. This is unfortunate, because attacks against these vulnerabilities
more easily evade commonly deployed perimeter controls, which historically have
been focused on the network layer. Notably, such attacks also tend to evade
those few controls that are applied within the internal network, such as antivirus
scanners.

Proliferating Paths

Not so long ago the number of connections into an organization was relatively few,
and the greatest challenge was identifying and eliminating rogue modems.
However, falling prices for communications services and the evolution of various
computing technologies have added dramatically to both the actual and potential
paths into an organization’s network. For example:

- Virtual private networking technology has facilitated a boom in terms of the
number of connections that are maintained between business partners.

- Various pervasive computing technologies have been embraced to
enhance productivity (e.g., wireless LANs, personal digital assistants with
synchronization capabilities).

- Mobile and telecommuter solutions have seen widespread and increasing
deployment on the basis of reducing operational costs and improving
employee "quality of life."

Ongoing issues with mobile and guest users provide a good example that
highlights the scope of the challenge at hand. Specifically, META Group
customers indicate that malware penetrating their perimeter controls is not their
greatest concern. Rather, their computing systems are routinely being "taken
down" after an otherwise mobile user visits a corporate office and connects an
infected machine on the local-area network.

Of course, the potential for malware to penetrate perimeter controls is also real
enough, and should by no means be ignored. On top of this, organizations need to
recognize that internal users are constantly opening holes to "the outside." Indeed,
an employee, just by connecting to an external Web site, is establishing a return
path by which the organization can be infected. Instant messaging and peer-topeer
file-sharing services are similarly problematic.

All these changes should help to crystallize two conclusions:

- First, drawing a distinction between an external threat and an internal threat
is increasingly pointless. The source of a threat has simply become less
relevant as network perimeters have become less well defined. One
implication is that being effective from a security perspective will depend on
establishing new/additional perimeters in closer proximity to the resources
that are being protected. A second implication is that access control and
other measures must be enforced (or at least considered) for all directions
of traffic flow -- not just the traditional "inbound" direction.

- The second conclusion is one that has always been true, but that should
now be even more apparent. Specifically, perimeter-oriented security
strategies, while at one time adequate, are not now and never will be
sufficient.

In either case, the need for internal security is both obvious and growing. Yet, all
too often, it is still being neglected. Our analysis indicates that a very legitimate
and substantial reason for this is that implementing internal security is not a trivial
matter. Unfortunately, it presents some unique challenges that tend to make
achieving an effective "solution" both elusive and costly.

agaribay
PreparaTIC XVI
Mensajes: 29
Registrado: 29 Oct 2004, 15:21
Agradecido: 0
Agradecimiento recibido: 0

Re: RE: Texto del examen de inglés del MAP.

Mensaje por agaribay »

Application-Layer Exploits

In recent years, application-layer attacks have become dramatically more
common. Worms and blended threats such as Blaster, Bugbear, Slammer, and
SoBig were among the most common and troublesome in 2003. Sasser followed
as a key culprit in 2004. Significantly, the majority of the SANS/FBI top 20
vulnerabilities to Internet security are categorized as application-layer
weaknesses. This is unfortunate, because attacks against these vulnerabilities
more easily evade commonly deployed perimeter controls, which historically have
been focused on the network layer. Notably, such attacks also tend to evade
those few controls that are applied within the internal network, such as antivirus
scanners.

Proliferating Paths

Not so long ago the number of connections into an organization was relatively few,
and the greatest challenge was identifying and eliminating rogue modems.
However, falling prices for communications services and the evolution of various
computing technologies have added dramatically to both the actual and potential
paths into an organization’s network. For example:

- Virtual private networking technology has facilitated a boom in terms of the
number of connections that are maintained between business partners.

- Various pervasive computing technologies have been embraced to
enhance productivity (e.g., wireless LANs, personal digital assistants with
synchronization capabilities).

- Mobile and telecommuter solutions have seen widespread and increasing
deployment on the basis of reducing operational costs and improving
employee "quality of life."

Ongoing issues with mobile and guest users provide a good example that
highlights the scope of the challenge at hand. Specifically, META Group
customers indicate that malware penetrating their perimeter controls is not their
greatest concern. Rather, their computing systems are routinely being "taken
down" after an otherwise mobile user visits a corporate office and connects an
infected machine on the local-area network.

Of course, the potential for malware to penetrate perimeter controls is also real
enough, and should by no means be ignored. On top of this, organizations need to
recognize that internal users are constantly opening holes to "the outside." Indeed,
an employee, just by connecting to an external Web site, is establishing a return
path by which the organization can be infected. Instant messaging and peer-topeer
file-sharing services are similarly problematic.

All these changes should help to crystallize two conclusions:

- First, drawing a distinction between an external threat and an internal threat
is increasingly pointless. The source of a threat has simply become less
relevant as network perimeters have become less well defined. One
implication is that being effective from a security perspective will depend on
establishing new/additional perimeters in closer proximity to the resources
that are being protected. A second implication is that access control and
other measures must be enforced (or at least considered) for all directions
of traffic flow -- not just the traditional "inbound" direction.

- The second conclusion is one that has always been true, but that should
now be even more apparent. Specifically, perimeter-oriented security
strategies, while at one time adequate, are not now and never will be
sufficient.

In either case, the need for internal security is both obvious and growing. Yet, all
too often, it is still being neglected. Our analysis indicates that a very legitimate
and substantial reason for this is that implementing internal security is not a trivial
matter. Unfortunately, it presents some unique challenges that tend to make
achieving an effective "solution" both elusive and costly.
Yo no recuerdo estos dos párrafos, ¿alguien más piensa lo mismo o me los salté por alguna extraña razón? (también me resulta raro que hallan cortado parte del texto):

All these changes should help to crystallize two conclusions:

- First, drawing a distinction between an external threat and an internal threat
is increasingly pointless. The source of a threat has simply become less
relevant as network perimeters have become less well defined. One
implication is that being effective from a security perspective will depend on establishing new/additional perimeters in closer proximity to the resources
that are being protected. A second implication is that access control and
other measures must be enforced (or at least considered) for all directions
of traffic flow -- not just the traditional "inbound" direction.

- The second conclusion is one that has always been true, but that should
now be even more apparent. Specifically, perimeter-oriented security
strategies, while at one time adequate, are not now and never will be
sufficient.

Pipa
PreparaTIC XVII
Mensajes: 5
Registrado: 02 Ago 2004, 09:16
Agradecido: 0
Agradecimiento recibido: 0

RE: Texto del examen de inglés del MAP.

Mensaje por Pipa »

Efectivamente, Agaribay, esos dos párrafos no formaban parte del texto.

Avatar de Usuario
raul
PreparaTIC XIII
Mensajes: 147
Registrado: 18 Jul 2004, 10:40
Agradecido: 0
Agradecimiento recibido: 0

RE: Texto del examen de inglés del MAP.

Mensaje por raul »

sabelotodo, debes agradecer a Preparatic XIV su tolerancia. Si esto fuera PreparaTIC XIII, ya habrías sido "baneado".

¡Suerte y animo para los demás!
TIC-SS

preparadorestic
Administrador
Mensajes: 462
Registrado: 17 Jul 2004, 16:01
Agradecido: 0
Agradecimiento recibido: 21 veces

RE: Texto del examen de inglés del MAP.

Mensaje por preparadorestic »

Hola,

Se informa a todos que al usuario "sabelotodo" le ha sido denegado el acceso al foro.

Si bien la política de Preparatic XIV es intervenir lo menos posible, se ha tomado esta decisión al ser ya la segunda vez que faltaba el respeto a un compañero. Sin duda este usuario ha demostrado que no merecía el voto de confianza que se le ha dado, como bien ha indicado "Raul".

Desde Preparatic XIV deseamos dejar claro que NO SE PERMITIRÁ NINGUNA FALTA DE RESPETO EN ESTE FORO.

Un saludo

preparadorestic
Administrador
Mensajes: 462
Registrado: 17 Jul 2004, 16:01
Agradecido: 0
Agradecimiento recibido: 21 veces

RE: Texto del examen de inglés del MAP.

Mensaje por preparadorestic »

En relación al "post" anterior, se informa de que ha sido eliminado el mensaje ofensivo y las posteriores alusiones y respuestas. El objeto de esta acción es que quede el hilo circunscrito a su título y eliminar el ruido que este tipo de intervenciones producen.

¡¡Suerte a todos y a seguir estudiando!!

Cerrado

Volver a “SEGUNDO_EXAMEN_2005”