Scribd Logo
Upload

Welcome to Scribd!

  • Information Security

    Uploaded by

    Thanos
    15 views45 pages
    Previous Year Questions for Information Security

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Previous Year Questions for Information Security

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    15 views45 pages

    Information Security

    Uploaded by

    Thanos
    Previous Year Questions for Information Security

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    of 45
    STEP TOWARDS SUCCESS Guru couind mee Indra Prastha = University Series SOLVED PAPERS (PREVIOUS YI S SOLVED QUESTION PAPERS] [B.Tech] SEVENTH SEMESTER | Information Security (ETCS-401) SYLLABUS [Academic Session: 2016-17] INFORMATION SECURITY [ETCS-401] Instructions to Paper Setters: 1. Question No. 1 should be compulsory and cover the entire syllabus. This question should have objective or short answer type questions. It should be of 25 marks. 2. Apart from Question No. 1, rest of the paper shall consist of four units as per the syllabus. Every unit should have two questions. However, student may be asked to attempt only 1 ‘question from each unit, Each question should be of 12.5 marks. UNIT-I INFORMATION AND SECURITY Information Systems: Recent History, Distributed Information System and its Importance, Role of Internet and Web Services, Threats and attacks, Classification of Threats and Assessing Damages Security in Mobile and Wireless Computing- Security Challenges in Mobile Devices, authentication Service Security, Security Implication for organizations, Laptops Security. Basic Principles of Information Security, Confidentiality, Integrity Availability and other terms in Information Security, Information Classification and their Roles, Privacy of Data. IT1, T2][No. of hrs. 12} UNIT: NETWORKS AND E-SECURITY Concepts in Internet and World Wide Web: Brief review of Internet Protocols-TCP/IP, IPV4, IPV6. Functions of various networking components: Routers, bridges, switches, hub, gateway and Modulation Techniques. Need for security,Legal, Ethical and Professional Issues in Information Security, Risk Management, 11 Security Threats to 8-Commerce, Virtual Organization, Business Transactions on Web, E Governance and EDI, Concepts in Electronics payment systems, E Cash, Credit/Debit Cards. Digital forensics including digital evidence handling: Media forensics, Cyber forensics, Software forensics, Mobile forensics. (11, T2}(No. of hrs. 11] UNIT PHYSICAL SECURITY AND BIO-METRICSAS SECURITY Physical Security: Needs, Disaster and Controls, Basic Tenets of Physical Security and Physical Entry Controls, Access Control- Biometrics, Factors in Biometrics Systems, Benefits, Criteria for selection of biometrics, Design Issues in Biometric Systems, Interoperability Issues, Economic,gnd Social Aspects, Legal Challenges Framework for Information Security, Security Metrics, Information Security Vs Privacy. (11, T2]No. of hrs. 11] UNITIV NETWORK CRYPTOGRAPHY Model of Cryptographic Systems, Issues in Documents Security, System of Keys, Public Key Cryptography, Digital Signature, Requirement of Digital Signature System, Finger Prints, Firewalls, Design and Implementation Issues, = Policies Network Security: Basic Concepts, Dimensions, Perimeter for Network Protection, Network Attacks, Need of Intrusion Monitoring and Detection, Intrusion Detection Virtual Private Networks- Need, Use of Tunnelling with VPN, Authentication Mechanisms, ‘Types of VPNs and their Usage, Security Concerns in VPN. _[T1, T2](No. of hrs. 10] MODEL PAPER-I FIRST TERM EXAMINATION SEVENTH SEMESTER (B.TECH) INFORMATION SECURITY [ETCS-401] Time : 1% hrs. MLM. : 30 Note: Ques no.1 is compulsory and attempt any two from the rest. In all attempt 3 questions. a (a) Describe Goal of Information Security. Ans. Information security follows three overarching principles: Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals or systems. Breaches of confidentiality take many forms. Permitting someone to look over your shoulder at your computer screen while you have confidential data displayed on it could be a breach of confidentiality. Ifa laptop computer containing sensitive information about a company’s employees is stolen or sold, it could result in a breach of confidentiality. Giving out’confidential information over the telephone is a breach of confidentiality if the caller is not authorized to have the information. Integrity: In information security, integrity means that data cannot be modified without authorization. This is not the same thing as referential integrity in databases. Integrity is violated when an employee accidentally or with malicious intent deletes important data files, when a computer virus infects a computer, when an employee is able to modify his own salary in a payroll database, when an unauthorized user vandalizes a web site, when someone is able to cast a very large number of votes in an online poll, and soon. Availability: For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the ‘communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial -of- service attacks. Q.1. (6) What are various mobile device attacks? Ans. Mobile Security has become a crucial aspect of protecting sensitive data and information. Malicious attacks once focused on PC’s have now shifted to mobile phones and applications. Mobile makers are aware of this fact and are investing heavily in security. Mobile device attacks can be split into 4 main categories: OS Attacks: Loopholes in operating systems create vulnerabilities that are open to attack. Vendors try to solve these with patches. Mobile App Attacks: Poor coding and improper development creates loopholes and compromises security. i Communication Network Attacks: Communications such as Bluetooth and Wi- Fi connections make devices vulnerable. Malware Attacks: There has been a constant rise in malware for mobile devices. The focus is on deleting files and creating chaos. erent Someta, Inrmaton Susy Sader oft Leaman erecta nly ean decree Ga code + Digital Signature: Digital signa ‘A igital signature is a e-signature atbent pessword ate: Scary crete unique gal id uted to verify Conti idual website oF UE. ‘What are the advantages and di faadvantages of Electronic Payment 1 become widespread, the urvey, Bankrate pee Redaced Transaction Corte: Whletherare 0 i cere ar ational charges or makings cash payment, tps tothe store pial cost mone, and Os seer SN a areca ToeTs he lng fom epigment ld tre peeing cut ath nis nd sn Eopeyment Disadvantages: ‘Security Concerns Alovgh {he person who performed the nd ecevoa refund. transaction, tough ican be di jty-(B-Tech)-Akash Books toms come with an ineroased need to 1 payment methods with the help of bank-to-bank transaction) bought or services availed cash hi Sretcash is ensured by digital signature providers involved, The ered "The creditcard transact crodit card number and expiration date while ies thatthe consums placing an order. This information has sean! atv precincts toring ae he ena ernest Confidential orton to wt siete uauthorized person Ans. In order for one to produce a secure system, itis important toclassify threats. | proper encryption, ‘The classification of threats could be: bank, credit eard andi ee —— : Se ecammengeserneaet = eons —— ik ahh es vers whether Malicious misuse. Pysical Threat: Physical threat oa computer system could be as a result of loss the whole computer system, damage of hardware, damage tothe computer soteere, ES SI eR ae hs ee Aecientalerror Thies snmp cay ne vgneseys eco spe hd aor tars ei comptr et ‘em Aare on ey ain cean enya k ‘seventh Semester, Information Security gers at mobi MODEL PAPER-1 SECOND TERM EXAMINATION SEVENTH SEMESTER (B.TECH) INFORMATION SECURITY [ETCS-401] ew Feature: Newly ade features and updates a ime example ss we are becoming increasingly dependent on our mabile devices, as the appropriate use of data. When companies m that is provided or entrusted to them, the data | Sechtuaenontins tei aie et acs ottecsaane Sirantaatesrntuaeltomentanerpae anergy pea (at swe seth See brain Sr shat amen yeaah? oo a ty cerdetng ages a2 Kip hte mene si pags hea noo ‘Sno eclent ofthe esse : a ious characteristics of biometric? acteristics may be captured in the first ph LP, University-(B-Teeh)-Akash Books MP9 1s, and some vacy by logging their usage and mal thout their consent, or make money by selling the user's bandwidth to athe The attribute mt ees the charactristilati on accident or rate ove ong period of time faorenehacedon age ether episodic 1, Universal: Every pert must be one thet ie universal and seldom invariance of properties: They sh ‘The attribute should not be eubjet to signif shuld te capable bing reduced tof earensanc: The abuts sold eee ul ens bigheeibilty and Ment late te privacy ofthe person. debut toa state that ake eaigially the purpose of protecting personal But some Interet ite beck asa ia known VPN to prevent ‘The VPN security model provides: + Confidentiality such that even ifthe network’ (see network sniffer and Deep packet inspection), data | + Sender authentication to prevent unauthorized users from accessing the VEN | __-+ Message integrity to detect any instances of tampering with transmitted gather the attribute data passively. 4. Singularity: Each expression of the attribute must be unique tothe individual, ‘The characteristics should have sufficient unique propertos to distinguish one person from any other. Height, weight, hair and eye exlor are all attribute assuming a particularly precise measure, but do not offer enough points to be useful for more than eategorizing. ttacker would only see encrypted 11 Reliability and tamper-resistance: The attribute should be impractical to mack ormanipulate. The process should ensure high reliability and reproducibility '& Privacy: The process should not vilate the privacy ofthe person. ‘should be able to reduce the attribute to a state that makes it 3, The less probabilisti the matching involved, the more device o application wed to inspect sowork trafic and alert the user or administrator when there has been unauthorized tempts or access, The two primary methods of monitoring are signature-based and ‘onthe device or application sed, the IDS ean ether simply aoaify the acces control list onthe gateway initrator for appropriate action. MODEL PAPER-I END TERM EXAMINATION | SEVENTH SEMESTER (B.TECH) INFORMATION SECURITY [ETCS-401] MM.:75, ,pulsry and attempt any two from the rest. In altattempt 3 questions | company heedquartered i Data Security Standard ‘Approved Scanning Ve | ‘make EDI happen, four elements of infrastructure must exist: | format standards are required to facilitate automated processing by all users: | (@)transtation software is required to translate from a user’s proprietary format | forinternal at storage into the generic external format and beck gan: | value-added networks are very helpfalin volving the technical problems of sending | information between computers; and inexpensive microcomputers are required to bring al potential wsere—even small cones-into the market. It has only been in the past several years that all of these ure Electronie Transaction (SET) a system for ensuring the security of ‘supported initially by Mastercard, Visa, financial transactions on the Internet. It — Se Laer Seventh Semester, Information Soounty 1MP ny th ‘Secure Sockets Layer (SSL), Micromats Secure Tre Hipertest Tranfer Protocol ‘Ans, Security Protocols in Internet " ‘atoning ar he poplar proteas used over the ilernt which ensures security of tranaactions made over the ints ‘Secure Socket Layer (SSL): Itis the mest com used across the indusiy Iemeets following security requirements * Authentication + Boeryption Integrity + Non-eputability tips ist be used for HTTP urls with SSL, where as HPP urle without SSL Secure Hypertext Transfer Protocol (SHTTP): SHTTP extends the HTTP internet proto! with publickey encryption, authentication and digital signature over theimernet Secure ITFTP supports multiple security mechanism providing security to ‘nd users, SHTTP works by negotiating encryption scheme types used between cient secure protocol developed by MasterCard the beet secunty protocol. Ithas following monly wsed protocol and is widely https isto be used for components” Card Holder's Digital Wallet Software: Digital Wallet allows cardholder to ‘make secure purchases online via point and dick interface Journey, so youl have to test and analyse and change your plans 7, Build a trusted brand. Today’ online thoppers are pretty savy’ Just as you wall tsar signed and en en sen ets. The payments are signed and encrypted, th rough the merchant bane | wouldn't buy fish and chips from a run-down, dirty old van because you dont trust that (6) Site to Site VPN: Intranet bared: Ths type of VPN can be used Remote locations are present and can be made to join toa single net | 7. Hybrid VPN: A few companies have managed to combine features of SSL and [Sec & also other types of VPN types. Hybrid VPN servers ae able to accept connections fom multiple typesof VPN clients The offer higher eability at bth clienbt and server levels and bound to be expensive for suspicious traffic by analyzing wireless networking protocols 3. Network behavior analysis (NBA): examines network trafic to identify threats that generate unusual traffe flows, such as distributed denial of eervice (DDoS) attacks, certain forms of malware and palicyvslations i Security toforatin semester, 1e-MP seventh (HIPS): an installed sotyan, package which monitors ing os owed ta net iat is known tothe sender. The sender inputs the thm along withthe plaintext in oder ta compute penetration. Tis implies that use ofa trusteg io that is known tothe receiver The decryption keys ‘The firewall tsefis immune tj 3. always identical tot The receiver inputs the cpecenin cue omnes cacompone ant Joyoumeanty expen! Wha sr oon a componente ofa rypeonien nha heparin cn nlemesiaton frptegraphi techniques and the tt apee naranog ear sevice. ACEPLyaen {SS tered oar sober on. paae Teas cunt singe ol af crpagtem that provides the frat eng rate Ts el i pied inthe rlated tothe encryption decryption ey into the dcrytin alert lng wth the ihe text inorder oops the plaintext ‘Types of Cryptosystems: Fundamentally, ther are tw type of eyptorystene ‘aged the manner in which enrypton decryption seared out inthe sate (=) Gon) | + Symmetrie Key Eneryption &) ae | QA. Describe public key cryptography. ey cryptography, we donot find historical ure of public key tively new concept ; | tion system analyzing event “onus ttesionprvention 2 iy hy anal : i 'of@ Cryptonystem: The various components ofa basic eryptosyst@™ + Plaintent: Its the data tobe protected during transmissio iy sed in the protcted net ra1Paddress whenthe user attempt to going network traffic based on ween a trusted, eecure internal network and another netw ity er, Information Se ‘Seventh Semester, 20-MP nin ec FIRST TERM EXAMINATION [SEPT, 2016] epee a SEVENTH SEMESTER [B.TECH] INFORMATION SECURITY [ETCS-401] hoa sen iy mse chm tha selects pia) orth te algorithm oUt? omplusory. Attempt ny two more questions from the empt all parts ofthe following: = chara venga ‘ What do you mean by Computer cris sither ase eae e ? ‘Two main properties are rei arty without knowing ication mechanioa th iy threat occurs when someone outside your network creates a etwark. A inte Seventh Semester, Information Soeur packets securely through the vice and converts th 42018 ‘sing Pecan Salty routes te encrypted [At the remote ite, another VoIP router decodes twaan analog signal fr delivery to the phate [ANGIP VPN can also run within an IPin TP cunvel oF 0 Sees eae ed ee ce Ans. Attacks and Threats: threat isan event that can take advantage of ‘uloeablity andes a negneinpect onthe nor: Potent reat tthe eon 2-Ter Architecture Database Ter f y Tigi 2-Tier Architecture of IS seventh Semester I son diferent Client & Database ir END TERM EXAMINATION (DEC. 2016] SEVENTH SEMESTER [B.TECH] INFORMATION SECURITY (ETCS-401] ‘Ans. principle whichis core eg ‘Mow, and wwe main objectives of tot ie everig. or si dct of acesing may mea si rane me Sona of entities through login sion numbers (PING), biometric ans that informations only being sen or used by people the erplologcal meaning and appl that provide proof ofthe intagnty and origin of data, An authentication that ean fsserted tobe gensne with high assurance in general, isa fraudulent communication i sent from an unknown source di receiver. Spoofing is most prevalent in communi ih level of ccurty. 204 to add security mein and the ndamet VR taser to conneet toa py sanccton between te + Consequences. + Attack based en SMS and MOS. + Attacks based on communication networks. + dice Jacking () Explain how the digi - F Eaplain ow the gia Siptataresheps to improve the 10-2016 another aries over time. More + Acceptability relates to how wel individuals in the relevant population accept the technology such that they are willing to have their biometric trait captured and ‘Proper biometric use is very aplication dependent. Certain biometrics willbe better than others based on the required level of eonvenience and secuits No single biometric Design isues: Biometric data contains information acquired from individuals, which ‘entity them. This raises issues of privacy and data protection. Ifthe tabase, privacy concerns may be higher than. only ona card retained by the individual ‘Tequite a central database for their basic necessary to understand privacy issues in regard to biometric data ns and to apply to protective safeguards inthe deployment ofthese viduals. Biometric identifiers are often categorized as pb ‘characteristics. Physiological characteritice are related tote! seventh Soret, nrmation Ssury iversity-(B-Tech)-Akash Books 201613 formation Security 14-2016 er, ner text C «+ Returning agai Q5. What is 1DSdntrusion Detect Hloring and detection. Explain nt Tina typical network scenario, a firewalls ust cout While ante-viras(AV) software detects and stops oot i take eae of acces-contol, ete. Ths, most people IT managemes ‘Tonder,“Why do need an IDS?” ‘are in how an IDS works. fire network services, which causes abormal ‘vith traffic uti a shutdown occurs because sad'read network packets. Ifthe packets are not I view af the data inside the packet, Ben encapsulated communications occu gained access traffic. When an att 2-140 Differentiate between activeand passive attacks. Name some active Seren ag: tino pineratintonthrhiththehne gy and ove tacks @ 0 Dumpster! Ha ‘or priviledged information. it iallow the attacker et ses oF PONE data to getinformationsy [ Basic for Comparino Browsing Signing re gid en anion fatty would ag restr on Ty line a wns times principle of security (@..00) Why confidentiality is ani the ways of achieving it? ‘Ans. All nformation security measure try to address at east one of three Avery key component of protctng information confidentiality would be Encryption ensures that only the right people (people who knows the key) can read! messa information. A very prominent example will be SSL/TLS, a security proto] messa ‘communications over the internet that hasbeen used in conjunction with a large 8 Wao of internet proves to ensure security. } j j 1 = LP. University-(B.Tech}-Akash Books 3087-5 Q.2.(iv) Steganography an fae Sogagreay th en metering dn mane ‘that no one, apart from the sender and intended pie, ump inet NS merng nome ymca mone ne {ewes et rat gn end manent li tn ear oF make Use informa Peek mods Hegunee meting -rvred or prosct andpapbn mening WN “toga mees agent ere ana wheat Basic Steganography Model B cantyeeateee _ (vw) WWW and Internet | fan noe. erm september 2018 (pg. 20631 | Qa What ar the thre pillarofscurt? Dene he following terms: (10) ‘Dorth 1 “Ans. Refer Q.4. First term september-2016 (page no. - 6-2016] T observe Pater of anaye Salling: : ‘Sniffing involves capturing, decoding, inspecting and interpreting the information — [ from Bob to All - f eee chet on a TCP/IP network The purpote i to steal informatio, si net Pactoworde, network deals, crit card number, ot. Sniffing is Intra o Terre oan a-pevsive ype of aac wherein the atacker can bese! erally rl a je f ical to detect, and hence itis a dangerous tb visible on the network. This makes it Qs 7 of attack. wn By ite very nature, the TCPAP protacalis only meant for ensuring that packet is ‘nstructed, mounted on an Ethernet packs frame, abd relibly delivered from the Fig. Traffic analysis ‘ender tothe receiver across networks. LP. University-{BTech- Akash Books aor eer DIPassword Sniting QA.tD Snooping _ gguTLS Session Sniffing roi and ETP Sting “16 Session Sniffing, UDP: SRE ARE]. - p-port Snitting “=. MAG ARP Sniffing ner tha sniig ean range from Layer 1 through ag oun # person who may be an employee ofthat einer LAN an ran abo dreiy cates 4. gy ‘Ans, Refer Q4. First term september-2016 [page no, -6-2016) 4 of socal engineering attack often used to steal wes tom myuniversiszed is mase-distibuidieO™ ser’ password is about to expire. Insts renewal renew their pasword within 24 ee [ATION (DEC. 2017) EXAMINER (B-TECH.] END TERM NTH ‘SEME! Se MATION SECURITY [ETCS-401] INF 4 7 : ining Quench #cOMPUIOT | : ing questions betel cen threat, vulnerability and righ, jot ually antes threat : jnclude financially motivated criminals ( Se (ack titre eareleasemglen) bank realized that he had accidentally overdrawn his checking {tment in the bank's counting system so that his account service charge assessed. As soon as he deposited funds + Cross-site Scripting (SSS) + SQLInjection ‘+ Cleartext transmission of sensitive data + Failure to check authorization ta sensitive resources Risks are usually confused with threats, however, there is anuanced| —a risk refers to combination ofa threat’s probability and oss/impact (usually inmonetary terms, however, it should be noted that a is translates to the following. jor security concerns in VPN? Cy rate Network is a method used to add security and Fiore, like WiFY Hotapots and the Internet. VPNs are protect sensitive data ‘Theroforea skis sent seunanesov bo + to result from that scenario, The following is a 2 of how ask be constructed. mings hypothetical example of how + SQLiinjectionis vulnerability, + Sensitive dat thet sont the ber treats SQL injection em Financially motivated attackers are one of the threat actors; J + The impact of sensitive data ting stolen will bar a t ‘cost (financial and reputational eat ace bear a significant | Security +, fort | int seat Semen sation can| niversity {8.7 s Jo how authentic Be Rching Aa Books re sty with areal ime =A * sector J toknow exact yar env ed 2 ye sa anecient needs okI0™ Ut UN ay Nevertheless we dont : wan tov p the abrtraction hat we aes access system that is running under a single authority. ne Patt ede Pinan] Institution Examination a Sorvies (MFS) including: a setheriation. Financial institutions oumelyon twofactor or mult Produce o they know exady who their purchasers ae, (Q.2 (a) Eaplain Distributed information System fits importance, (9 Ans, Distributed Information Systems: Central Imformation system computer network opin sapien ‘Communication Network nett This doseoat ee eternation yates had always been ued 7 ‘sums yay fundamental problems inadition to thote¥ nls node: ning system is centralized, i.e. runnin€ Peerage: Ca ae te aa i ‘Physical Distribution: Distribution i ‘Sharing Data: Tere is in the environment where user atone esorcee of ata — support ute of distri nay beable to acess the data residing at other sites. rove rc ae eo itstnd ——a ee semester. nt we-2017 Seventh a of ata stb sur tonamy Bean ig a pare rd SA . + nt ited aystem there is # global strat Te ditibted ote eet Ha Mo each ste. Depending iversity-{B:Toch}-Akash Books 2017-15 t the benefits which EDI offers to a business ‘organization? Explain the various components of EDI. How electronic payment System is neficial in comparison to traditional payment system? (12.8) pen, four elements of infrastructure must exis: iat standards are required to facilitate automated processing by all users; ) translation software is required to translate from a users propriotary ate from a user's proprietary format nal data storage into the generic external format and back agein; ued nator avery bf in ecvng thence fending ‘between computers; and eee “ the entire system. Apart of talocal data base administrator "pensive microcomputers are required to bring all potential users—even small me-into the market. It has only been inthe past several years that all af these ta place, ata interchange (EDD isthe electronic transmission of structured data ge standards from one computer system to another without human system for exchanging business document with external entities, EDI refors toa family of standards and does ot specify tranaston methods, which are rely agreed upon by the trading partners ‘EDI inthe busines world fciitates efficiency and eott ‘is used in such diverse business busines relatonshie as + Interchanges between health are providers and insurers +Travel and hotel bookings + Education + Supply chain management + Administration + Texreporting [BENEFITS OF EDE + ‘There have many benefits of dectronic data interchange much a + SPEED - Data an move dizety out ofone computer yer and into another vith ite ono delay. 2 saa + ACCURACY--Errors are seduce beaut datas not being rye Errore trom entering dtu arebetneen 52° On lange voles of raneactons the posbity forthe introduction of error is enero «SIMPLICITY - EDI standards specify how data wile formatted and whereit canbe ound SECURITY. J kel to lote information transmitted through EDI ci Mae eptente ured ony by atbredweryanhen cannot be easily changed by Refer Q'5, End Term Paper (page no 14.2016) 3. How biometric system help in securing the information? What are! ‘various eriteria's biometric selection and also explain, how the desiga i biometric systems can be handled taking acase study of any biometric: youhave used? Electronic payment systems have a range of pros in comparison to traditional ‘Ans. Refer Q.3. End Term Paper dec-2016 page no 10-2016, banking services: ‘LP. University(B.Taeh}-Akash Books ‘There are (wo types of tunneling: + Voluntary tunneling + Compulsory tunneling ‘Voluntary Tunneling 2017-19 ‘Auror or client computer an eve, eth coe ee tue VPN rues configure and rete onlay Ute is «tunnel endpoint and sets a the tunnel Fora LAN attached cnt computer thes tren : thr irony a onnsion tothe ‘hat vie otingot reaped anata La nl serv Ta ‘ould bethecve oa ent at is using alway brentband Internat connection, ‘network technology that enables the encapsulation of one typ4 hun the datagram of diferent protoea. For example, Windows Pree basta use Point-to-Point Tunneling rotacal (PPTP) packets to enca cp eead private network traffic, such as TCP/IP traffic over a public network s 7 ‘ ta Laieoet ‘To carry outits function, the FEP must have the appropriate tunneling protocol installed ‘For PPTP and Layer Two Tunneling Protocol (L2TP), tunnel is similar to and must be capable of establishing the tunnel when the client computer connects Bothof the tunnel endpoints mrt agreeto the tunnel and must negotiat saribles, suchas adress assignment, encryption, or compression red acrost the tunnel is sent using a datagram: ystem that deals with internal and external attacks and monitors network activity in real-time ‘There are two types of IDS: Host-Based Intrusion Detection System (HIDS) 1 Thinis a Hostbased Sensor that needs software application as agents installed on workstations, HIDS are the ones who monitored these agents. The agents monitor {clivities and logs files ofa certain operating system where the agents are installed 10. Unioers * Univerniy 8 Tch)-Abash Books oxr-21 Intrusion Detection System eee ae They can deoct attacks that travela the network by the packets’ content at + Drop malicious packets + Can block packets from the source address istinguish between Symmetric and Asymmetric key cryptography. Which type of erytography is more secure and why? Explain the Diftre- Hellman key Exchange algorithm for symmetric key cryptography. (12.6) LP. University 4B, Tech Aka eventh Sets, Inoraton SHY step by step Explanation obats 2orT23 w-2017 b Kay generate =x mod P achanee of geeraed keys ake piace ‘Step 9: Alice and Bab compute publi values Alice: 9% mod 23) = (6661 mod 28)=6 Bob: y = (9°2 mod Step 6: Alice and Bob compute symmetric keys Alice: ‘Certainly with symmetric eneryption ou have to worry about secure key bt as far as can tell there's na inherent reason why one must be more secure thi other Expecially piven thatthe anymmetric part is often just used forthe key ex and then the actual data is encrypted with «symmetric algorithm. Diffie Hellman algorithm ‘The Diffie-Hellman algorithm is being used to establish a shared secret 1, PCI Compliance: Payment Card Industry (PCI compliant. The Payment Card Industry Socurity Standards Council was formed in 2006 to regulate major payment ‘brands and help merchants keep their customers financial data safe. ts their prerogative ‘+ For the sake of simplicity and practical implementation will consider only 4 variables one prime P and G(a primitive root of values a and, Private values «and b and they generate a key and exchange it publily, the orf ‘T#tking passwords 'Q.8:(b) Legal challenges framework for Information Security, ‘Ans. There are various legal challenges framework for info ‘are neede to improved. The exsting legal framework needs to be im 1 Legislation - adopting relevant laws, setting out standards and ar Security, as well a8 functions of some institutions {ions - responsible for tasks relating to verification spplication, devices and systems, R&D and oversight of the CERT - Computer Emergency Response Team. FIRST TERM EXamin, INFORMATION se, to Q. 1. (e) First Term Sept: Q.2. Write short notes on any two 1A) SEVENTH Sempre ree oer 2018) TER [B.TECH] URITY (ETCS-401} (@ LDAP Server (ii) Authentication Service Security (ii) Pull and push as attack on mobile devices ‘Ans. Refer to Q. 2. First Term Sept 2016 Q.3. Define and differentiate between. (Any 4) pillars of sect ‘Ans. Refer to Q. 4. First Term Sept 2016. ‘Denial-of Service (i) No-repudation (iv) Spoofing. | NATION ov. DEC 2018} MESTER IB- URITY [ETCS-401] wl] Gg. twhic computor Sele ng END TERM EXAM! SEVENTH SEI INFORMATION SEC twtr program conan ei ital Por example it say replace other executable ies Reet lie el sean ee Serer alte iron cant Some viruses are programmed to damage the computer by dam deleting files, or reformatting the harddisk Others are not designed to do 90), dae co renicatethemaclves and make ther or ideo, end audio messagen = = ashe hema ‘Medithe ability to present 8 afi er va 8 behind the various tr pe LP. Universit SA Aba Boke Peasy mss wrote tN SPN Serve ic cndenter utero eeceece hen tn nathenticain i wad TONE. Neotel ten communication stare _ ‘+ Intranet based VPN: When several offices of the same company | conneeted sf ita pari onde "Tae om analog to digital Shedd ued carrer wa * rach thatthe signal, Apter Plt empice mala meson ay Oe Pras ates oe itor rt te nt hr 05K) ‘Oat me say (OPS EZ — rene en eee peeeeneee BE worn

    You might also like