Subjecive Question

Cyber Security
1. Write down the art of security breach?
Ans. (a) Mind Set
(b) Serendipity
(c) The Tempest re-written
(d) Mission Possible
(e) The Beast and Beauty
(f) Power is Powerless
(g) Watch Your Traffic
(h) Where Angles Fear to Tread

2. Write down the network security?

Ans. (a) The Kernal
(b) Inside the Firewall
(i) Separation of Duty
(ii) Backup Controls
(iii) User account Controls
(iv) User Training
3. Write down the cycle of security?
Ans. (a) Discovery
(b) Policy
(c) Enforce
(d) Text
(e) Authentication Technologies
(f) Content Security Technologies
(g) Anti Virus Software
(h) Intrusion Detection System

4. Write down the short notes on IDS?

Ans. Intrusion detection system is directly related to anti-virus software is the intrusion
detection software referred to as IDS or NIDS. These systems are typically heavily
automated and sometime make use of neural networks, artificial intelligence and
other technique in an effort to make them more accurate and useful.

5. Write down short notes on Anti virus software?

Ans. Hackers and virus are the bone of modern day network. The most potent source of
spreading virus is through this route. Internet chat room and file down loads are the
measures source. A robust and suitable anti viruses software has to be identify and
installed depending upon the user requirement.

6. Write down the short notes on discovery?

Ans. This involves knowing your risks –mapping the gateways between sub networks and
accessing all the possible loop holes that might exist in the present IT infrastructure.

7. Write down the short notes on Power is Powerless?

Ans. At a lower level the CPU consists of electrical circuits and can only function if the they
get power.
Depending on what circuits are involved, the power consumption varies.

8. Write down the short notes on Backup controls?

Ans. A strict sign out procedure for all backups is a minimum requirement. Except in the
most critical emergency, no single person should be aware to access backup to tapes
with out supervisory.
9. Write down the monkey principle of security?
Ans. (a) See no breaches.
(b) Talk no breaches.
(c) Hear no breaches.
 IT
1. Describe about What you mean by Hyperlink in Ms Frontpage and Dynamic DHTML.
Ans :-
Hyperlink. Hyperlinks are text or graphic hotspots that load other webpage’s when
clicked on. Suppose you want to hyperlink with another page. Follow the steps below. Click
on the new button. You can see a new page is opened in the same document. Make your
nominal roll there. Then save the page in the name of Nominal Roll
click on the tab index.htm
Type Nominal Roll, select the word as shown in the figure.
Insert → hyperlink→ existing web page → Current folder → Nominal Roll.htm→ OK
Dynamic HTML. You can apply Dynamic HTML (DHTML) animation effects to just
about anything on a page- e.g. text, paragraphs, pictures, buttons, marquees and so on and tie
the effect to a trigger event, such as clicking a mouse, pointing a mouse, loading a page and
so on.

First you select the Picture.

Go to Format → Dynamic HTML
You can do setting as per choose.

Q 2. Write a short on Website Aliases.

Ans :- Website Aliases. A website can have aliases and this is the place you
can add them. The most known case is when a website can be referred as its
domain name or with the www prefix.
Example.

(i) www.domain.com

(ii) domain.com

This special case is handled by default in Advanced Web

Ranking so you don't have to add it yourself.

If your website has more than one subdomain (like in the

example below) then you can enter a special alias that contains the
wildcard character (*) to substitute the part that is different in each
entry. Example: *.domain.com

(i) www.domain.com

(ii) sub1. domain.com

(iii) sub2. domain.com

3. What is the procedure used for making web site in ms front page?
4. What are the points born in your mind when backing up website?
5. Write down the facility of CMS.

Feature of CMS.
(a) Empower non-technical staff and facility to write, edit, and manage Web
content.
 (b) Publish information to public-facing Web sites, format information for alternate
viewers such as cell phones and wireless devices.
(c) Dynamically update Web sites.
(d) Provide a centralized set of Web products that everyone can use.
(e) More easily safeguard data.
(f) Achieve a consistent look-and-feel.

6. What is a Learning Management System?

A Learning Management System (LMS) is a web-based application through

which learning content is delivered and managed. An LMS is tied to on-line and
off-line training, administration, and performance management and includes
functionality for course catalogs, launching courses, registering learners,
tracking learner progress and assessments. An LMS combines a front-end for
the learner with a back-end for administrators and instructors. This LMS
seamlessly displays, in a browser interface, real-time information drawn from a
database. It also allows for competency-driven assessment and course
associations. It integrates online quizzing and evaluation processes, permitting
accurate, automated measurement and reporting.

The LMS is designed to guide learners through a simple process intended to

achieve the goal of assessing and maintaining competencies, registering for
recommended courses, and accomplishing training. Below are descriptions of
the pages available to learners in the LMS, and how to use them to achieve
assessment and get trained.
7. What does this Learning Management System (LMS) do?
(a) A web-based application through which learning content is
delivered and managed.
(b) Provides education to public health workforce related to their
roles and needs.
(c) Promotes worker competencies.
(d) Associates competencies to worker roles.
(e) Assesses workers on competencies related to their assigned
Role.
(f) Recommends appropriate courses based on assessments.
(g) Stores competency progress and course history for each learner.
8. Write down the facility of SSL.
(a) Primary function of this cryptographic protocol.
(b) SSL encryption allows for the protection of electronically transmitted
data in what is otherwise an unprotected environment.
(c) Offers innumerable opportunities for unauthorized access and interception
of electronically transmitted information.
(d) SSL encryption is capable of concealing the value of such data from
potential interceptors.
(e) If the data is captured during a secure SSL transmission, it cannot be
read unless it is decrypted with the appropriate encryption key that corresponds
only to that particular session.
(f) Secure https domains take advantage of the SSL encryption method.
(g) Facilitated by an SSL-supported secure server, SSL encryption of
communicated data is automatic once the channel is enabled between the
domains.
(h) SSL encryption is done just as fluidly and with silent communication between
the browser and the domain's server.

9. Write down the network facility of SSL.

(a) Privacy, where data messages are encrypted so that only the two
application endpoints understand the data.
(b) Integrity, where message digests detect if any data was altered in
flight.
(c) Authentication, which verifies the identity of the remote node, application,
or user by using digital certificates.

10. Write down the DNS architecture.

DNS ARCHITECTURE. DNS ARCHITECTURE IS A HIERARCHICAL

DISTRIBUTED DATABASE AND AN ASSOCIATED SET OF PROTOCOLS
THAT DEFINE:

(a) A mechanism for querying and updating the database.

(b) A mechanism for replicating the information in the database among servers.
(c) A schema of the database.

11. What is function of firewall and types of firewall?

(a) Protects the user from unwanted incoming connection attempts.
(b) Alert the user about outgoing connection attempts.
(c) Allows the user to control which programs can and cannot access the local
network and/or Internet.
(d) Monitor applications that are listening for incoming connections.

(e) Monitor and regulate all incoming and outgoing Internet users.

(f) Prevent unwanted network traffic from locally installed applications.

(g) Provide the user with information about an application that makes a
connection attempt.

(h) Provide information about the destination server with which an application is
attempting to communicate.

Types of Firewall

(a) Software firewall

(b) Network firewall

12. Write the short note on installation of e-mail server.

Install the Email Server. You can install the Email Server by using Add or Remove
Windows Components or Manage Your Server. Manage Your Server is a bit easier to use
too, because it will prompt you for the domain you want to use during setup. That will not Add
or Remove Windows Components do, and we have to do everything manually. If it's not open,
start Manage Your Server by clicking Start->Programs->Administrative Tools->Manage
Your Server. Click on Add or remove a role.

13. Write down the configuration of SMTP server.

The Configuration of SMTP server is given under.

(a) Open Computer Management.
(b) Expand Services and Applications, expand Internet Information
Service
(c) Right click Default SMTP Virtual Server and click Properties.
(d) Click the Access tab.
(e) Click the Authentication button and make sure Anonymous Access and
Integrated Windows Authentication is enabled.
(f) Click the Relay button and make sure allow all computers which
successfully.

14. Write down the troubleshooting of WIN 2003 Server.

To configure Windows Server 2003 to generate only a Small Memory Dump file:-
(a) In Control Panel, double-click System, and then click the
Advanced tab.
(b) Under Startup and Recovery, click Settings.
(c) In the Write debugging information list, click Small memory
dump.
(d) Click OK button twice, and then restart the operating system.
15. Write a short note on installation of Win 2008 Server.
Configuration of Web Server 2008. Installing IIS 7 on Windows Server
2008 the IIS web server is not installed by default, the first thing we have to do
is install IIS as a role for the server we are working on.
(a) Click on Start -> Administrative Tools -> Server Manager

(b) In Server Manager scroll down to Roles Summary, and click on Add Roles
(c) The Add Roles Wizard starts at this point and warns you that if you are going to add
a role to make sure:-

(i) The administrator account has a strong password.

(ii) Network settings, such as static IP, are configured.
(iii) The latest security updates from Windows Updates are installed.
(d) Click Next button to go the Add Server Role page. Place a checkmark next to Web
Server (IIS) and then click on the Next button.

(e) The next page will give you some basic information on IIS Web Servers and a few
links with extra information if needed. Click on the Next button to continue.

(f) The next window is the Select Role Services. This very important screen will allow
you to add only the modules necessary for your planned installation of IIS.

(g) Click Next button to get to the Confirm Installation Selections screen to verify your
chosen settings.

(h) Click Install button and installation process will start.

(j) After installation you should see the Installation Results page. Click Close button
to finish the process.

16. What point should important when we install a FTP server?

(a) On the taskbar, click Start, point to Administrative Tools, and then click Server
Manager.
(b) In the Server Manager hierarchy pane, expand Roles, and then click Web
Server (IIS).
(c) In the Web Server (IIS) pane, scroll to the Role Services section, and then click
Add Role Services.
(d) On the Select Role Services page of the Add Role Services Wizard, expand
FTP Server.
(e) Select FTP Service. (Note: To support ASP.NET Membership or IIS Manager
authentication for the FTP service, you will also need to select FTP Extensibility.)
(f) Click Next button.
(g) On the Confirm Installation Selections page, click Install button.
(h) On the Results page, click Close button.
17. Write a short note on Small or stamp type raster.
(i) Power supply voltage output low.
(ii) No regulation in power supply.
(iii) Fault in bridge rectifier circuit.
(iv) Main filter capacitor in power supply dry.
18. When a display shaking then which procedure should be adopted?
(i) Open diode in power supply –bridge rectifier circuit.
(ii) Main filter capacitor dry.
(iii) Power supply regulation not proper.
(iv) Electromagnetic interference.

20. When problem comes on Mouse and Key Board then what point should be adopted?
(i) Make sure that mouse cable is correctly connected to its port.
(ii) Turn your PC’s system unit power off and back on and see if the error
disappears.
(iii) If you have a second mouse available, turn off your PC’s power and connect
the new mouse. Power the PC back on to see if the error disappears.
(iv) Try the mouse on some other system where a mouse of the same type is
known to support the mouse.
(v) Some software do not support mouse.
(vi) Make sure the mouse device driver being used is correct one and is setup
correctly.
(vii) If the mouse is a serial mouse, try using a second serial port. You might
need to update the mouse device driver to use the second serial port.
(viii) If you are using a bus mouse, make sure that the mouse adapter card is
properly seated in its expansion slot.
Key board
(a) When the keyboard of a system is not working then some of the
points that must be checked are.
(b) Some old keyboards have a small switch at their bottom side to select the
operating mode of the keyboard. Using this switch one can select either XT(8088/8086)
or AT (80286) operating mode.

(c) If this switch is in the wrong position then the keyboard will not
function and this will generate a POST error msg during the system
starting time.
(d) Many old computer have a keyboard lock on the front panel. This
lock disable the keyboard. Forgetting to unlock this lock, or not properly
unlocking this could be one reason of the keyboard not working.
21. When a paper jamming in the printer what are the main points would be adopted?
 (a) Paper quality poor. Ensure that the paper you introduce into
your printer meets with the standards of the printer manufacturer and replace if
necessary.
(b) Obstruction along paper path. There might be something caught
along the paper path.
(c) Sensors faulty. Faulty sensors along the paper path will not provide the
printer with the correct information about the paper’s position in the printer and hence the
printer will fall into a false paper jam mode.
(d) Tractors Worn out.
(i) For printers that use tractor fed paper. The tractors may be worn out
and can be out of alignment with one another.
(ii) Observe the tractors as they feed paper. A good way to test this
is to form feed multiple sheets or paper and see what happens.
(iii) If the tractors require replacement, always replace both the
LHS and RHS Tractors at the same time.
(e) Main logic board is faulty.
(i) In some cases, the main logic board could be the cause of
going into a false paper jam alarm mode.
(ii) Repair or replace the main logic board
22. What are the network components and its purpose.
In a network, the communication between two computers occurs in the form of signals. The
data from a source computer is converted into signals and transmitted to the destination
computer. On the destination computer, these signals are converted back to data. To connect
two computers in a network, you need certain hardware and software components. The
components used for networking include:-
(a) Hardware components:-
(i) Network Interface Controller (NIC) card
(ii) Cables
(iii) HUB
(iv) Switch
(v) Router
(vi) Repeater
(vii) Gateway
(viii) Bridge
(ix) Connectors

(b) Software components:-

(i) Network operating system
(ii) Device drivers

23. How many types of cable and short brief of OFC.

Fiber Optic Cable. A fiber optic cable is a network cable that contains strands of
glass fibers inside an insulated casing. These cables are designed for long distance
and very high bandwidth (gigabit speed) network communications.
Fiber optic cables carry communication signals using pulses of light. While
expensive, these cables are increasingly being used instead of traditional copper
cables, because fiber offers more capacity and is less susceptible to electrical
interference. So-called Fiber To The Home (FTTH) installations are becoming more
common as a way to bring ultra-high speed Internet service (100 Mbps and higher) to
residences.

24. Explain what is Hub and Types of HUB.

A hub is a repeater with multiple ports. Hubs operate at physical layer of the OSI reference
model. Hubs are used to connect computers to a server in Networks that use the star topology.
Hubs can also be used to connect multiple segments of the same network, and transfer data
from one segment to another. In a network, a hub acts as a central point for devices such as
computers, printers, and routers.
In above figure, if a node sends data to any one of the other node, hub receives the data and
transmits the signal to all the ports. This increases the Network traffic. Hence, unnecessary
traffic increases the chances of collisions and degrades the Network performance. To
overcome this drawback of hubs, switches are introduced.

Types of HUBS.
(a) Active Hubs. An active hub is usually powered and it amplifies the signal
to its original strength. Active hubs are the most common type of hubs used in
Networks. They are useful when the segments of the networks are not close to one
another and the signal may require amplification.

(b) Passive Hubs. A passive hub is typically unpowered and makes only physical
electrical connections. It does not regenerate or amplify the signal.

(c) Hybrid Hubs. Advanced hubs that will accommodate several different types
of cables are called hybrid hubs.

25. What are the difference between Router and Switch?

Routers. A router is a device used to connect two networks using same or different
protocols. Routers operate at the Network layer of the OSI reference model. It uses the network
addresses for filtering and forwarding information to different networks. A network address is
the address of the computer on a network. Routers store the network addresses of computers
in different networks in a table, called the routing table. In addition to the network addresses,
the routing table also contains information on the path that should be used to transmit data,
and any rules that have been defined for filtering network traffic

Switches. In a network, a switch acts as a central point for various devices such as
computers, printers, and routers. Switch work at the Data link layer of OSI reference model.
When the data frame is sent using a switch, the data frame carries the address of the
destination computer with it. The data frame contains the MAC address of the destination
computer. Switches can read this MAC address, and as a result, data is forwarded only to be
intended computer rather than being forwarded to each computer on the network. As a result,
switch reduces network traffic and therefore enhances the network performance

26. What is WAN and difference between LAN,WAN and Man?

LAN MAN WAN

Connects computer or workstations Interconnect networks in a town or a Connects geographically separate
in office or home. city. LANs.

Covers a local area of 1 km. Covers larger area than LAN but Spans large geographical area more
smaller than WAN with an area of 2 than 100 km.
to 100 km.

Data Transmission Rate – 10/100 Data Transmission Rate – Variable Data Transmission Rate – 64 Kbps
Mbps or 2 Mbps

Uses IEEE 802 standard Uses IEEE 802 standard Uses ITU standard

27. How many types of topology and brief any one?

There are mainly 5 types of topology
(a) bus
(b) tree
(c) star
(d) ring
(e) mesh

Mesh Topology In mesh topology there are at least two paths to and from
every node. Unlike each of the previous topologies, messages sent on a mesh
 network can take any of several possible paths from source to destination. (Recall
that even in a ring, although two cable paths exist, messages can only travel in one
direction.) Some WANs, most notably the Internet, employ mesh routing. A mesh
network in which every device connects to every other device is called a full mesh. As
shown in the illustration below, partial mesh networks can also be setup in which
some devices connect only indirectly to others.

(a) Advantages of Mesh topology is the multiple redundant paths exist between
nodes.
(b) Disadvantages of Mesh topology are; it requires more cable than the other
LAN topologies and its implementation is complicated
28. What you mean by Server based network and Peer to Peer network?
Server-Based Network. In a server-based network, a server controls access to some
resource (such as a hard disk or printer) and serves as a host for the workstations connected
to the server. A workstation requests services, such as access to files or programs on the
hard disk or use of a printer, from a server. Servers run the Network Operating System (NOS)
software; workstations run client software that manages the communication between the
workstation and the network.
Peer to Peer Network In a peer-to-peer network, there are no dedicated servers or
hierarchy among the computers. All of the computers are equal and therefore are known as
peers. Normally, each computer functions as both a client and a server, and there is no one
assigned to be an administrator responsible for the entire network. Peer-to-peer networks are
also called workgroups. The term workgroup implies a small group of people. In a peer-to-
peer network, there are typically fewer than 10 computers in the network. Peer-to-peer
networks are relatively simple. This network can be less expensive than server based
networks.
29. Define disadvantage of Server based network.
Disadvantages of Server Based Network. Server based networks have some
disadvantages as follows:-
(a) Expensive dedicated hardware.
(b) Expensive network operating system software and client licenses.
(c) A dedicated network administrator usually required
30. What is protocol, common network protocol and define any one.
Protocols. A protocol is a set of rules that governs the format & meaning of
frames, packets or messages exchanged by peer entities within a layer. These rules
include guidelines that regulate the following characteristics of a network:-
(a) Access method.
(b) Allowed physical topologies.
(c) Types of cabling.
(d) Speed of data transfer.
Entities use protocols to implement svc definitions.
Common Networking Protocols.
(a) TCP/IP.
(b) NetBEUI.
(c) IPX/SPX.
(d) NW Link.
(e) Apple Talk.
(f) DLC.

Apple Talk
Apple Talk allows your Windows NT server to communicate with Macintoshes on your
network. If you install Services for Macintosh, you will be able to serve Windows NT files and
printers to your Mac users.

31. How many types of IP addressing and define C type addressing?

There are 5 types of IP addressing namely

(a) Class A: NET.HOST.HOST.HOST.

 (b) Class B: NET.NET.HOST.HOST.

(c) Class C: NET.NET.NET.HOST.

(d) Class D: Multicast addressing.

(e) Class E: Reserved for future

IP Addressing – Class C. In address 192.150.12.1 means.

(a) Network # 192.150.12.

(b) Host #1.

(c) Range of class C network IDs: 192.0.1-223.255.254

(d) Number of available hosts, 254.

32. What is modem and define their uses?

A modem is a device that makes it possible for computers to communicate
over a telephone line. Computers cannot simply connect over a telephone line
because the computer communicated in digital pulses (electronic signals) and a
telephone line can only send analog pulses (sound). A digital signal is synonymous with
binary, and the signal can only have a value of 0 or 1. An analog signal is a smooth curve,
which can represent an infinite range of values.
Uses
A modem at the sending end converts the computer’s digital signals into analog and
transmits the analog signals into the telephone line. A modem at the receiving end converts
the incoming analog signals back into digital signals for the receiving computer. In other
words, sending modem MODULATES digital signals into analog signals, and receiving
modem DEMODULATES analog signals back into digital signals.
33. Write briefly how many types of indicator in Modem?
Indicator Lights. External modem features LED indicators on the front panel that
report modem status:-
MR Modem Ready On when power is applied to the modem
TR Terminal Ready On when DTR signal is active
SD Transmit Data On when modem is transmitting data to
remote modem
RD Receive Data On when modem is received data from the
remote modem
OH Off Hook On when modem is off hook
CD Carrier Detect On when remote carrier has been detected
CS Clear to Send On when CTS signal is active
34. Write down setting up Routing and Remote Access Service(RAS) Win 2003.

By default, the Routing and Remote Access service (RAS) is installed automatically
during the Windows Server 2003 installation.
(a) To Enable the Routing and Remote Access Service :-

(i) Click Start, >Administrative Tools, and then click RAS.

(ii) Right-click the server, and then click Configure and Enable RAS to
start the RAS Setup Wizard. Click Next.

(iii) Click Remote access (dial-up or Virtual Private Network (VPN) to

permit remote computers to dial in or connect to this network through the
Internet. Click Next.
 (iv) Click VPN for virtual private access, or click Dial-up for dial-up access,
depending on the role you want to assign to this server.

(v) On the VPN Connection page, click the network interface that is
connected to the Internet, and then click Next.

(b) The wizard opens the Address Range Assignment page.

(i) Click New.

(ii) In the Start IP address box, type the first IP address in the range of
addresses that you want to use.

(iii) In the End IP address box, type the last IP address in the range.
Windows calculates the number of addresses automatically.

(iv) Click OK to return to the Address Range Assignment page.

(v) Click Next.

(vi) Accept the default setting of No, use RAS to authenticate connection
requests, and then click Next.

(vi) Click Finish to enable the Routing and Remote Access service and to
configure the remote access server.

35. Draw a diagram of architecture of Army internet and short brief on feature of army
internet.
Architecture of Army Intranet. Architecture of Army Intranet is shown in the figure below.
Di
v
Corp
s
Di Corp W
Btn/un v s C
it CC
Di NC
v
Btn/un
it Corp AHQ
(a) s
(b)
(c)
(d) TC EC
(e)
(f)
SW
(g)
C
(h) The main server is at Army HQ which is maintained by Army HQ Computer
Centre.
(i) All lower formations servers are connected to their respective higher formation
server and so on to the Army HQ server.
(j) The Army HQ web site IP address is 131.1.11.41 and its domain name is
http://portal.army.mil
(k) Same as Army web site, all web sites down to unit level have addresses.
(l) All commands web sites are linked to the Army web site, and Corps web sites
are linked to their command web and so on down to unit’s web sites. In addition,
important web sites links are also given in each formations web site.

36. What is the security objective in information Security?

 (a) Availability. The on-going availability of systems addresses the
processes, policies, and controls used to ensure authorized users have
prompt access to information. This objective protects against intentional
or accidental attempts to deny legitimate users access to information or
systems.

(b) Integrity of Data or Systems. System and data integrity

relate to the processes, policies, and controls used to ensure information
has not been altered in an unauthorized manner and that systems are
free from unauthorized manipulation that will compromise accuracy,
completeness, and reliability.

(c) Confidentiality of Data or Systems. Confidentiality covers

the processes, policies, and controls employed to protect information of
customers and the institution against unauthorized access or use.

(d) Accountability. Clear accountability involves the processes,

policies, and controls necessary to trace actions to their source.
Accountability directly supports non-repudiation, deterrence, intrusion
prevention, security monitoring, recovery, and legal admissibility of
records.

(e) Assurance. Assurance addresses the processes, policies, and

controls used to develop confidence that technical and operational
security measures work as intended. Assurance levels are part of the
system design and include availability, integrity, confidentiality, and
accountability. Assurance highlights the notion that secure systems
provide the intended functionality while preventing undesired actions.
37. What you mean by Cyber Security?

(a) Cyber security involves protecting that information by preventing, detecting,

and responding to attacks.

(b) The problem of security of a computer and the data or information it may
contain, has received much publicity since it became apparent that a computer can
play a major role in processing and storing secret, private or proprietary information.
They can, therefore, possess tremendous capability for effective dissemination, and
thus sharing, or useful facts.

(c) Cyber security is concern about the computer, server, PC or any type
of data or information store which should be secure from virus, hacker, cracker, your
personal info about the particular subject. The cost of computer crimes totals about 500
billion rupees over the past five years.

38. What is virus and Types of Virus?

(a) A computer virus is a software program designed to function in a

manner diametrically opposed to legitimate software.

(b) It will load and run without a request. To meet the minimum criteria for
computer virus design, a program must be executable, be capable of cloning
itself and converting other executable objects into viral clones. Hence, it may be a
simple DOS batch file.
 Type of Computer viruses:
(a) Boot Sector Infectors (BSI)
(b) Command Processor Infectors (CPI)
(c) General Purpose Infectors (GPI)
(d) Multipurpose Infectors (MPI)
(e) File specific Infectors (FSI)
(f) Memory Resident Infectors (MRI).

39. When a Cyber auditor audits the PC which point should be important?
(a) Audit Criteria. Set of policies, procedures or requirement. Used as a ref
against which audit evidence is compared.
(b) Audit Evidence. Records, systematic of facts, or other info which are
relevant to audit criteria and is verifiable.
(c) Audit Findings. Result of evaluation of the collected audit
evidence against audit criteria.
(d) Audit Conclusions. Outcome of an audit provided by an audit
team after consideration of audit objectives and audit findings.
(e) Auditee. Organise being audited.
(f) Auditor. Pers with competence to conduct an audit.
(g) Audit scope. Extent and body of an audit general involves laying down
physical location, organize units, activities and processes as well as time
period covered.

40. What are the Types of Cyber Security audits and explain any one.

What is Cyber Security Audit?

Audit plays a critical role in monitoring implementation of cyber

security policies and standards. Cyber Security Audit implies checking
of all IT assets like desktop computers, laptops, servers, switches,
routers, hardware firewalls, UTMs, storage media, printers, scanners or
any other device dealing with information, for vulnerabilities and threats
to official information or infrastructure.

Types of Cyber Security Audits.

(a) Internal Audit. Evaluating the Cyber Security posture of

own establishment is termed as Internal Audit.

(b) External Audit. External Audit is conducted by one-up

formation to verify host as well as perimeter defence of the respective
networks.

(c) Third Party Audit. Ordered in special cases, wherein, cyber

security cells of two-up formation will conduct audit of the fmn in
question. Third party audit cannot be under any circumstances
be out-sourced to any civilian/commercial agency.
41. What do you mean by Password Policy?
 Enforce password history 24 passwords rememberedl
Maximum password age 15 days. 7 days for classified systems
Minimum password age 1 day
Minimum password length 8 characters. For classified systems 12 characters
Passwords must meet complexity requirements Enabled
Store password using reversible encryption for Disabled
all users in the domain

42. Write a Short note on IDS, Types of IDS and Brief about IPS?
it Is a device or software application that monitors network and/or
system activities for malicious activities or policy violations and produces reports to a
Management Station. Some systems may attempt to stop an intrusion attempt but this is neither
required nor expected of a monitoring system. Intrusion detection and prevention systems
(IDPS) are primarily focused on identifying possible incidents, logging information about them,
and reporting attempts. In addition, organizations use IDPSes for other purposes, such as
identifying problems with security policies, documenting existing threats, and deterring
individuals from violating security policies. IDPSes have become a necessary addition to the
security infrastructure of nearly every organization.

There are two main types of IDS:-

(a) Network Intrusion Detection System (NIDS)
(b) Host-Based Intrusion Detection System (HIDS)

About IPS

IPS also known as Intrusion Detection and Prevention Systems (IDPS), are
network security appliances that monitor network and/or system activities for
malicious activity. The main functions of intrusion prevention systems are to
identify malicious activity, log information about said activity, attempt to
block/stop activity, and report activity.

43. What is the procedure used when we installing the Antivirus server?

Create a custom.msi installation using the components and options specific to

Symantec Anti Virus installation packages. To install a Symantec Anti Virus server locally do
one of the following:-

(a) For installation on a 32-bit computer, in the root of the CD, run Setup.exe.

(b) In the Symantec Anti Virus panel, click Install button Symantec
AntiVirus>InstallSymantec Anti Virus.

(c) Installing Symantec Anti Virus servers 11 Installing Symantec Anti Virus
servers locally

(d) In the welcome panel, click Next button. In the License Agreement panel,
click I accept the terms in the license agreement, and then click Next button.

(e) In the Client Server Options panel, click Server, and then click Next button.

(f) In the Setup Type panel, select one of the following:

(i) Complete: To install all of the components that are included

with the default installation.
 (ii) Custom: To exclude components from the installation or to
change the Installation location.

(g) Click Next button.

44. Draw a diagram the Org of ACSE.