Reg. No.: leat I Question Paper Code :S1330 M.C.A. DEGREE EXAMINATION, FEBRUARY/MARCH 2016. Elective DMC 1977 — INFORMATION.SECURITY (Regulations 2009) ‘Time : Three hours Maximum : 100 marks 5 10. 1. Answer ALL questions. PART A— (10x 2 = 20 marks) Why is the top-down approach to information security superior to the bottom-up approsich? List out the phases of the security systems development life cycle. What is residual risk? Why is the identification of risks, by listing assets and their vulnerabilities, so important to the risk management process? Differentiate between a policy, a standard, and a practice Mention the pros and cons of VISA International security model. List the five generations of firewall technology. Which generations are still in common use? How does a signature-based IDPS differ from a behavior-based IDPS? What drawbacks to symmetric and asymmetric encryption are resolved by using a hybrid method like Diffie-Hellman? What is the standard for encryption currently recommended by NIST? PART B — (6 x 16 = 80 marks) (@) @ "The value of information comes from the characteristics it possesses". — Discuss on the statement, highlighting the expansion of C.LA. triangle. 8) (i) How to operate an information system that satisfies the user and the security professional by ‘Balancing Information Security and Access. ® Ge eae oe () Summarize the steps performed in both the systems development life cycle and the security systems development life cycle, (16)12. 13. 14. 16. (a) ) (a) (b) @ (b) (a) (b) @ Describe how risk is identified and assessed. - ® (i) Explain the fundamental aspects of documenting risk via the process of risk assessment. ® = Or @ Describe the various risk mitigation strategy options. @ (ii) Recognize the existing conceptual frameworks for evaluating risk controls and formulate a cost benefit analysis. @ Describe what an information security blueprint is, identify its major components, and explain how it supports the information security program. (16) Or Discuss how an organization institutionalizes its policies, standards, and practices using education, training, and awareness programs. (16) Deseribe firewall technology and the various approaches to firewall implementation. (16) Or (i) Identify the various approaches to control remote and dial-up access by means of the authentication and authorization of users. ® (i) List and define the major categories of scanning and analysis tools, and describe the specific tools used within each of these categories. (8) (List and explicate the major protocols used for secure communications. 5 « ) (i) Discuss the nature and execution of the dominant methods of attack used against cryptosystems. (8) Or Alice and Bob wish to share private messages, where each of them of two separate keys generated. What kind of strategy would you suggest to ensure confidentiality, key management and authentication for the conversation between Alico and Bob? Explain the strategy and also highlight the design issues related to the strategy proposed. (16) res: $1330Reg.No.:| | | | Ee] l Question Paper Code : 80330 M.C.A. DEGREE EXAMINATION, AUGUST 2015 Elective DMC 1977 - INFORMATION SECURITY (Regulation 2009) ‘Time : Three hours ‘Maximum ; 100 marks Answer ALL questions. PART A — (10 x 2 = 20 marks) 1, If the C.LA. triangle is incomplete why is it so commonly used in security? 2. Differentiate between attack and threat, 3. _ Write the expression to calculate the single loss expectancy. 4. — Differentiate between Quantatitive with Qualitative Risk Control Practices. 5. State the uses of VISA International model. 6. Whenis the DR plan used? 7. What is RADIUS? What advantage does it have over TACACS? 8. State the functions of Port Scanners. 9. Find the ‘n’ and 4(n) value in RSA if Tand Q=17. 10. List any four physical security devices. PART B — (5 x 16 = 80 marks) 11. (a) (Identify the six components of an information system. Which are most directly affected by the study of computer security? Illustrate with an example. 8) (ii) Why is the top-down approach to information security superior to the bottom-up approach? 8) _ Or12, 13. 14, (b) (a) (a) © (@) @) (@ Has the implementation of networking technology created more or less risk for businesses that use information technology? Why? Explain. © (i) What is intellectual Property (IP)? Is it afforded the same protection in every country of the world? What laws currently protect it in the United States and Europe? ® @ Discuss in detail about the strategies used for controlling the risk. (8) (i) Explain the different planning approaches to mitigate the risk. (8) Or @ How is an incident response plan different from a disaster recovery - plan? ® Gi) What is risk appetite? Explain why risk appetite varies from organization to organization, ® Design the ISO 17799 for an automobile organization. (16) or @ What is contingency planning’? How is it different from routine management planning? What are the components of contingency planning? ®) (i) Discuss the elements of a business impact analysis. ® (Describe how the various types of firewalls interact with the network traffic at various levels of the OSI model. ® (a) How does a false positive alarm differ from a false negative one? From a security perspective, which is least desirable? @) Or @ How does a network-based IDPS differ from a host-based IDPS? (8) Gi) Discuss in detail about any two tools used for seanning and analyzing the assert. ® (@ Which security protocols are predominantly used in Web-based electronic commerce? ® Gi) List and describe the four categories of locks. In which situation is each type of lock preferred? @ Or 2 80330) @ Gi) What is a work breakdown structure (WBS)? Is it the only way to organize a project plan’? Explain. ‘ ® List and describe the options available for the location of the information security functions within the organization. Discuss the advantages and disadvantages of each option. ® 3 ‘ 80330Reg. No.: |, I Question Paper Code : 22332 M.C.A, DEGREE EXAMINATION, FEBRUARY/MARCH 2015. ELECTIVE DMC 1977 — INFORMATION SECURITY (Regulations 2009) ‘Time : Three hours Maximum : 100 marks Answer ALL questions. = PART A — (10 x 2= 20 marks) 1. Write the four important functions performed by Information security for an organization. 2, List out the various components of an information system. 3. Define risk management. 4. Describe residual risk with figure, 5. What are the NIST documents which can assist in the design of a security framework? 6. Prepare a list for security education and training programs and see which category has the most examples. Which do you think would be more cost- effective in terms of both time and money? 7. Illustrate mantraps. 8 Describe the different ways in which smoke detectors are operating. 9. Define steganography. What is the importance in using Steganography tools? 10. List out the internal control strategies with respect to personal security. PART B— (6 x 16 = 80 marks) it: (a) What are the approaches used for information security? Explain in detail the System development life cycle. 6) Or (o) Explain the legal, ethical and professional issues related to information security. (16)12. (a) (b) 13. (@) (b) 14. (a) (b) 15. (a) () Illustrate in detail risk control strategies, (6) Or What are the components of Risk management? Explain each in detail, (16) Describe in detail the designing of new security architecture. 6) Or () Define security blueprint. Explain the necessity of the security framework. i) (i) Deseribe with figure the continuity strategies needed for information security. az) Define firewall. What are its different types? Explain the working of each in detail. : 6) Or Write a note on the following (Honey pots, Honey nets w Gi) Padded cell systems @ (iii) Trap and trace systems @ Gv) Actine intrusion prevention. “ Explain with example the various classical encryption schemes. 16) Or () Perform the encryption and decryption using RSA algorithm for the following data, P=, Q=11, e= ® (ii) Discuss any. three cryptographic tools and their significance in information security. (8) 22332Reg. No. : Question Paper Code : 96330 M.C.A. DEGREE EXAMINATION, FEBRUARY/MARCH 2014. Elective DMC 1977 — INFORMATION SECURITY (Regulations 2009) ‘Time : Three hours Maximum : 100 marks lL Answer ALL questions. PART A — (10 x 2 = 20 marks) “Internetwork security is both fascinating and complex” - Justify the statement. Identify the six components of an information system. List the general categories of unethical and illegal behavior. What are the threats to Information security? Define security policy. Mention the drawbacks of ISO 17799/B5 7799. Define the padded cell in Honey Pot. What are the detection methods used by IDS? Define the two types of locks. What are the controls used in secure facility? PART B — (6 x 16 = 80 marks) (a) Explain why a successful information security program is responsible for both an organization's general management and IT management. _ (16) Or (b) How the same phases used in the traditional SDLC can be adapted to support the implementation of an information security project? Give the detailed analysis. (16)es 13, 14, 16, @) >) (a) (b) (a) b) (a) ) What is risk management? Why is the identification of risks, by listing their assets and their vulnerabilities, so important to the risk management process? (16) Or (Explain the process of vulnerability identification and assessment for different threats faced by an information security system. (10) (i) What value does an automated asset inventory system have for the risk identification process? ©) Describe what an information security blueprint is, identify its major components, and explain how it supports the information security program. (16) Or Explain the major steps in Contingency Planning. 6) What is the significance of audit records in intrusion detection? Explain the various fields of an audit record. (16) Or @ Taking your own packet filtering rule set, explain the working packet-filtering router. (8) (ii) “One way to secure against Trojan horse attacks is the use of a secure, trusted OS". Explain. @) Alice and Bob wish to share private messages, where each of them of two separate keys generated. What kind of strategy would you suggest to ensure confidentiality, key management and authentication for the conversation between Alice and Bob? Explain the strategy and also highlight the design issues related to the strategy proposed. (16) Or Explain clearly with relevant illustration how authentication is addressed in PGP. (16) 2 96330ease sla Fa Question Paper Code 86330 M.C.A. DEGREE EXAMINATION, AUGUST 2013. Elective DMC 1977 — INFORMATION SECURITY (Regulation 2009) ‘Time ; Three hours Maximum : 100 marks 10. lL. Answer ALL questions. PART A — (10 x 2= 20 marks) Explain the basic components of information security. Differentiate between laws and ethics. List some of the asset attributes. What value does an automated asset inventory system have for the risk identification process? Define ISO 17799/BS 7799 standards and their drawbacks. What are the three types of seourity policies? What are the measures that may be used for intrusion detection? How firewalls are categorized by processing mode? List few applications of steganography. List some of the drawbacks in electronic monitoring. PART B— (5 x 16 = 80 marks) (a) Enumerate the phases of security eystems development life cycle. Or (©) “Information security is a major concern for the software industry today ‘as the number of internal threats is nearly 80%” — Discuss, on the statement, highlighting the various security attacks.12. 13. 14, 15. (a) (b) (a) ) (a) (a) ) What is risk management? Why is the identification of risks by listing their assets and their vulnerabilities so important to the risk management process? Explain. Or Identify the existing conceptual frameworks for evaluating risk controls and formulate a cost benefit analysis. What is an information security blueprint? Identify its major components and explain how it supports the information security program. Or Explain VISA international security model in detail. With neat diagrams highlight the differences between screened host firewall single homed bastion and screened host firewall dual homed bastion. Or How scanning and analysis tools are useful in enforcing information security? Explain the different types of the scanning and analysis tools. With suitable sketches, explain the working of DES algorithm. Or What is the contribution of phil Zimmerman towards creation of PGP? Also explain reasons for the popularity of PGP. 2 - 86330Reg. No. : ] Question Paper Code : 86330 M.C.A. DEGREE EXAMINATION, FEBRUARY/MARCH 2013. Elective DMC 1977 — INFORMATION SECURITY (Regulation 2009) ‘Time : Three hours Maximum : 100 marks 10. 1. Answer ALL questions. PART A—(10 x 2= 20 marks) What are the characteristics of information? What is the need for security? What is risk management? What are the types of access controls? Define policy. What are the advantages of VISA international security model? Define firewall. What do you mean by intrusion detection system? What is eryptoanalysis? What are major sources of physical loss? PART B— (6 x 16 = 80 marks) (a) @ Describe the NSTISSC security model. ® Gi) Explain the various phases of security SDLC. ® Or (b) @ Discuss the components of an information systems. ® (i) Describe the various categories of threats to information. @12. 13. 14. @) ) @) ) (a) ) @) (b) @ i) @ Gi) Gi @ Gi) @ w@ @ Gi) @ Gi) @ Gi) Explain the risk identification process in detail. @ Elaborate on risk assessment and the documentation of its results. ® Or Deseribe the asset identification and valuation with example. (8) Explain the risk controlling strategies in detail. ® Explain the different types information security policies. @ Explain the features of NIST security model. @) Or Explain briefly about the ISO 17799/BS7799 model. List its limitations. ® Deseribe the components used in design of security architecture. (8) Discuss the various generations of firewalls. @ Explain the different types of intrusion detection system. ® Or Explain the different types of firewall systems in detail. ® Explain how scanning and analysis tools are useful in enforcing information security. @® Explain the components of cryptology. ® Describe the various methods of power management and conditioning. ® Or Describe the various access control devices. ® Discuss the security considerations for nonemployees. ® 2 86330meno EEE EE Question Paper Code : 76514 M.C.A. DEGREE EXAMINATION, AUGUST 2012. Elective DMC 1635 — INFORMATION SECURITY (Regulation 2007) ‘Time : Three hours ‘Maximum : 100 marks Answer ALL questions. PART A — (10 x 2 = 20 marks) 1. Distinguish between direct attacks and indirect attacks, 2. What is the best method for preventing an illegal or unethical activity? Mention the three conditions that should be present in order to apply this method. 3, Information asset “X” has a value score of 100 and has two vulnerabilities Vulnerability 1 has a likelihood of 0.5 with a current control that addresses 50% of its risk; Vulnerability 2 has a likelihood of 0.1 with no current controls. Assume that assumptions and data are 80% accurate. Calculate the ranked list of risk ratings for the two vulnerabilities. 4, What is risk management? 5, — Mention the limitations of Intrusion Detection Systems (IDS). 6. How does remote journaling differ from electronic vaulting? 7. What are the three types of VPN technologies defined by VPNC? 8. What is a port scanner? 9. Encrypt the text “CHANGE IN PLAN MEET ME AT DAWN” using Caesar cipher. 10. Enumerate the functions of a Chief Information Security Officer (CISO).1. 12. 13, M4. (a) () (a) (b) (a) (b) @) ) (a) (b) PART B — (5 x 16 = 80 marks) (i) Compare and contrast SDLC with SeeSDLC. ® (ii) What is meant by an attack? How does it differ from vulnerability and briefly explain about back doors, Brute Force attacks, DoS and DDoS? ®) Or () List the ten commandments of computer ethies and explain about Association of Computing Machinery. ®) (ii) Define threat. List the general categories of threats with examples and explain about any two types of threats, @) (@® Explain about G-P information classification scheme that helped companies to achieve confidentiality and integrity of information. (8) (ii) Give a brief description about Access Controls. ® or (Give a brief summary about the four basic Risk Control strategies. @) (i) Give a brief account about Cost Benefit Analysis 8) Explain in detail about Incident Response Planning. (16) Or (Enumerate the key technology components of an Information Security Architecture. ® Gi) Briefly explain about NIST models. ® () How can a firewall be categorized based on its processing mode? (8) (i) Write short note on Packet Sniffers, Honey pots and Honey nets. (8) Or Explain in detail about Network based IDS and Host based IDS. (16) () Give a brief account about some of the important employment policies and practices. ®) (ii) List the controls used for enforeing physical security and explain about any four physical security controls. ® Or The values of public key and private key are (N, E) = (33, 3) and (N, D) = (83, 7). Use RSA algorithm to encrypt the word “TECHNOLOGY” and also show how the Word can be decrypted from its encrypted form, 6) 2 76514Reg. No. : “| Tee) Question Paper Code : 87530 M.C.A, DEGREE EXAMINATION, FEBRUARY 2012. Elective DMC 1977- INFORMATION SECURITY (Regulation 2009) ‘Time : Three hours Maximum : 100 marks Answer ALL questions, PART A — (10 x 2 = 20 marks) 1. Name three of the four functions that information security performs for an organization, 2. What are the various types of malware? How does it differ from viruses? 3. What are the three categories of unethical or illegal behaviour? 4, How will you determine the overall lost potential per risk (ALE)? 5. How will you express the residual risk? 6. Name two problems associated with benchmarking. Mention the components of the sphere of security. 8. When does an incident become disaster? 9, What is the role of Proxy server in the information security? 10. What is DMZ? Mention its role in security architecture.u 12, 14. 16. @ (b) f@) (b) @ (b) (@) (b) PART B — (6 x 16 = 80 marks) () Draw the major steps involved in contingency planning. ) (ii) Name the primary functions of IRP, DRP and BCP. “ Gi) What are the five testing strategies in the IR plan? Give a brief description of each. 8 Or Explain the phases in See DLC model. Discuss briefly about salient steps which makes security development life cycle model unique from the software development life cycle model. Discuss each of the major types of attack used against controlled system ‘Among the major attack which are more common attacks in your organization. State tho reason. Or Explain the methods to assess and control the risk. Once the project team for information security development has created the ranked vulnerability worksheet, the team must choose one of four basic strategies to control the risks that result from these vulnerabilities. What are the four strategies? Or As you might expect, the U.S. military classification scheme has a more complex categorization system than required by most corporations, Briefly describe each of the levels of classification. () Which are the most common implementations of firewall architecture? Write short notes on each implementation. ao) Gi) Explain the factors that need to be considered while you configure the firewall for your organization. © Or (i) What is RADIUS? What advantage does it have over TACACS? (6) (ii) Describe about the Intrusion Detection System (IDS) and their spproaches in protecting network and host information assets. (10) (Explain the protocols used to provide secured communication. (8) (ii) Write a short notes on Public Key Infrastructure (PKI). Or What are the four issues that can be addressed when considering access control devices? Give two examples of each area of authentication. 2 87530