Puzzle of the Day

An instructor in a computer security class wishes to give her students a structured penetration exercise. 
The students will analyze the system from manuals and through regular use, hypothesis flaws, and test 
them. If the flaw exists, they will then analyze why the flaw occurred, how it might be corrected, and attempt 
to generalize it to find other flaws. Any security flaws will be reported to the manufacturer of the system.

1.	If the exercise were to be run locally (that is, the system is connected to a local area network, and par-
ticipants have physical access, what steps would you suggest to ensure no problems (such as violating 
the departmentēs security policy) arose?

2.	Now suppose the exercise were to be run over the Internet using a geographically remote system. How 
would your answer to the first question change?