Scribd Logo
Upload

Welcome to Scribd!

  • Cse-Viii-Information and Network Security (10cs835) - Question Paper

    Uploaded by

    Tasleem Arif
    1K views4 pages
    na

    Original Title

    Cse-Viii-Information and Network Security [10cs835]-Question Paper

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    na

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    1K views4 pages

    Cse-Viii-Information and Network Security (10cs835) - Question Paper

    Uploaded by

    Tasleem Arif
    na

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Information and network Security

    10CS835

    QUESTION BANK
    UNIT1: Introduction to Information Security
    1. What is security and explain multiple layers of security in an organization with diagram. ?(10
    Marks) (Dec 2012) (June 2013)(Dec 2013)(June 2014)
    2. List critical characteristics of information and explain in brief any five of them. (10 marks)
    (Dec 2012) (June 2013) (8 marks) (Dec 2013) (Dec 2014)
    3. What are the policies present in NSTISSC security model. (8 marks) (Dec 2012) (June 2013)
    (10 marks ) (Dec 2014)
    4. What are approaches to information security implementation? Explain. (top down and bottom
    up approaches) (10 marks) (June 2013) (Dec 2013) ( 5 marks) (Dec 2014)
    5. Explain the Security System Development Life Cycle. (8 marks) (June 2014)
    6. List and briefly explain Information Security Terminologies.(8 marks)( June 2013)(Dec 2013)
    (5 marks) (Dec 2014)
    7. Explain security system development life cycle. (7 marks)(Dec 2014)
    8. Enlist the salient features drawbacks of ISO17799/BS 7799 security model. (6 marks)(June
    2013)(Dec 2013)(Dec 2014)

    UNIT2: Planning for Security


    1. Why shaping an information security policy is difficult?(3 marks)(Dec 2014)
    2. What is policy? How it can and should be used? Explain. (5 marks) (Dec 2012) (June 2013)
    (10 marks ) (June 2014)
    3. With a block diagram, explain how policies, standards, practices, procedures and guidelines
    are related.(7 marks) (Dec 2012) (June 2013) (10 marks ) (June 2014)
    4. Define security policy. Briefly discuss
    2013)(Dec 2013) (5 marks) (Dec 2014)

    three types of security policies.(8 marks)( June

    5. Explain information security blueprint and its major components. (7 marks)(Dec 2014)
    6. Briefly describe management, operational and technical controls and explain when each
    would be applied as part of a security framework? (10 marks) (June 2013) (Dec 2013) ( 5
    marks) (Dec 2014)
    7. Explain information security architecture. (7 marks)(Dec 2014)(10 marks) (June 2014)(Dec
    2013)
    8. Describe the major steps in Plan_do_check_act method of information security management
    system.(10 marks) (Dec 2012) (June 2013) (10 marks ) (June 2014)
    9. Illustrate with diagram how information is under attack from variety of sources with reference
    to the spheres of security. (10 marks) (Dec 2012) (June 2013) (8 marks) (Dec 2013) (Dec
    2014)

    Dept. of CSE, SJBIT

    Page 1

    Information and network Security

    10CS835

    UNIT 3: Security Technology


    1.

    Define and identify the various types of firewalls. (10 marks) (Dec 2012) (June 2013) (8
    marks) (Dec 2013) (Dec 2014)

    2.

    Describe how the various types of firewalls interact with the network traffic at various levels
    of the OSI model. (7 marks) (Dec 2012) (June 2013) (10 marks ) (June 2014)

    3.

    Identify and describe the two categories of intrusion detection systems. (10 marks) (June
    2013) (Dec 2013) ( 5 marks) (Dec 2014)

    4.

    According to the NISTs documentation on industry best practices, what are the six reasons to
    acquire and use IDS? Explain(7 marks) (Dec 2012) (June 2013) (10 marks ) (June 2014)

    5.

    Explain the features of NIDS. List merits and demerits of the same. (3 marks)(Dec 2014) .(7
    marks) (Dec 2012) (June 2013)

    6.

    Explain the features of HIDS. List merits and demerits of the same. (3 marks)(Dec 2014) .(7
    marks) (Dec 2012) (June 2013)

    7.

    Discuss scanning, analysis tools, and content filters. (10 marks) (Dec 2012) (June2013) (8
    marks) (Dec 2013) (Dec 2014)

    8.

    Discuss the process of encryption and define key terms. (10 marks) (Dec 2014)

    UNIT 4:

    Cryptography

    1. What are the fundamental differences between symmetric and asymmetric encryption. (6
    marks) (June 2013)(Dec 2013)
    2. Explain the different categories of attackers on the cryptosystem.(8 marks)( June 2013)(Dec
    2013) (5 marks) (Dec 2014)
    3. Define the following terms i) algorithm ii) Key iii) Plaintext iv) steganography v) Work factor
    vi) key space. (10 marks) (June 2013) (Dec 2013) ( 5 marks) (Dec 2014)
    4. Describe the terms: authentication, integrity, privacy, authorization and non- repudiation. (5
    marks) (Dec 2012) (June 2013) (10 marks ) (June 2014)
    5. Discuss the man-in-the-middle attack. ?(7 marks) (June 2013)(Dec 2013)(10 marks)(Dec
    2014)

    Dept. of CSE, SJBIT

    Page 2

    Information and network Security

    10CS835

    UNIT 5 : Authentication Applications


    1. Discuss active security attacks.(10 marks)(Dec 2012)(7 marks)( Dec2013)
    2. Describe briefly the security attacks and specific security mechanismz covered by X.800. (5
    marks)(Jun 2013)(7 marks) (Dec 2013)
    3. Describe the authentication procedures covered by X.809.(10 marks)(Jun 2014)
    4. Explain the general x. 509 public key certificate.(6 marks)( Dec 2013)(8 marks)(Dec 2014)
    5. Compare active and passive attacks.(5 marks)(Jun 2013)(10 marks)(Jun 2013)(6 marks)(Dec
    2014)
    6. Explain Kerberos version 4 message exchanges.(10 marks) (Dec 2012)(6 marks Dec 2014)
    7. List out differences between Kerberos version 4 and version 5.(10 marks)(Jun 2013)

    UNIT 6 : Electronic Mail Security


    1. Explain the PGP message generation and reception processes. .(5 marks)(Jun 2013)(10
    marks)(Jun 2013) (7 marks)( Dec2013)
    2. Describe the steps involved in providing aythentication and confidentiality by PGP. (10
    marks)(Dec 2012) (6 marks)(Dec 2014)
    3. Discuss limitations of SMTP/RFC 822 and how MIME overcomes these limitations. (6 marks
    Dec 2014)
    4. Explain different MIME content types. (5 marks)(Jun 2013)(7 marks) (Dec 2013) (10 marks)
    (Dec 2012)
    5. Explain S/MIME certificate processing method. (10 marks)(Jun 2013)

    UNIT 7: IP Security
    1. Mention the application of IPsec. (10 marks) (June 2013) (Dec 2013) ( 5 marks) (Dec 2014)
    2. Explain the security association selections that determine a security policy database entry.( 6
    marks)( Dec 2013)(8 marks)(Dec 2014)
    3. Describe SA parameters and SA selectors in detail.(5 marks)( June 2013)(10 marks) (Dec
    2013)(June 2014)
    Dept. of CSE, SJBIT

    Page 3

    Information and network Security

    10CS835

    4. Explain IPsec and ESP format. (5 marks)(Jun 2013)(10 marks) (Dec 2013)
    5. Describe Transport tunnel modes used for IPsec AH authentication bringing out their scope
    relevant to IPV4. (3 marks)(Dec 2014) .(19 marks) (Jun 2012) (June 2013)
    6. Mention important features of Oakley algorithm. (10 marks) (June 2013) (Dec 2013)

    UNIT 8:

    Web Security

    1. Explain the parameters that define session state and connection state in SSL. (7 marks)(
    Dec2013)
    2. Discuss SSL protocol stack. (10 marks)(Dec 2012)
    3. What are the services provided by SSL record protocol?( 10 marks) (Dec 2012)(6 marks Dec
    2014)
    4. Describe the SET participants.(05 Marks)
    5. Explain SSL handshake protocol with a neat diagram. (5 marks)(Jun 2013)(7 marks) (Dec
    2013)
    6. Explain the construction of dual signature in SET. Also show its verification by the merchant
    and the bank. (10 marks)(10)(Jun 2013)
    7. List out the key features of secure electronic transaction and explain in detail. .(5 marks)(Jun
    2013)(10 marks)(Jun 2013)(6 marks)(Dec 2014)

    Dept. of CSE, SJBIT

    Page 4

    You might also like