Scribd
Upload
163 views4 pages

NIS Exam Notes

The document provides exam-ready notes on Network and Information Security, covering key concepts such as the CIA triad, various types of attacks, and definitions of viruses and security measures. It also discusses user authentication methods, access control policies, and the role of firewalls and intrusion detection systems. Additionally, it touches on cyber laws, compliance, and email security techniques.

Uploaded by

Pranav Shingne
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
163 views4 pages

NIS Exam Notes

The document provides exam-ready notes on Network and Information Security, covering key concepts such as the CIA triad, various types of attacks, and definitions of viruses and security measures. It also discusses user authentication methods, access control policies, and the role of firewalls and intrusion detection systems. Additionally, it touches on cyber laws, compliance, and email security techniques.

Uploaded by

Pranav Shingne
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Network and Information Security -

Exam Ready Notes


Unit 1: Network & Information Security

Q1. What is CIA of security? (4M)


- Confidentiality: Prevent unauthorized access
- Integrity: Ensure data accuracy and trust
- Availability: Ensure access for authorized users

Q2. Describe the following attacks: i) Sniffing ii) Spoofing (4M)


- Sniffing: Capture network packets (Active/Passive)
- Spoofing: Fake identity to access information

Q3. What is virus? Describe various phases. (4M)


- Dormant: Idle phase
- Propagation: Self-replication
- Trigger: Activated
- Execution: Runs payload

Q4. Difference between worm and virus. (4M)


- Virus needs host; Worm does not
- Virus modifies data; Worm eats resources
- Virus is more harmful

Q5. Explain Man-in-middle and TCP/IP Hacking attacks. (4M)


- MITM: Attacker intercepts communication
- TCP/IP Hijacking: Bypass session to steal access

Q6. Define computer security. Explain the need. (2M)


- Prevent unauthorized use, protect data, identity, and systems

Q7. What is Risk? How it can be analyzed? (2M)


- Identify → Analyze → Estimate impact → Manage risk

Q8. Define Virus and logic bomb. (2M)


- Virus: Replicates, needs host
- Logic Bomb: Code triggers on condition
Q9. Difference between Passive and Active attacks. (4M)
- Passive: No data change, breaks confidentiality
- Active: Modifies data, harms integrity/availability

Q10. Explain Intruders and Insiders. (4M)


- Intruders: External attackers
- Insiders: Misuse internal access

Q11. Describe Hotfix. (2M)


- Urgent fix for bugs/security issues

Q12. Define attack. Explain steps in attack. (4M)


- Steps: Recon → Scanning → Access → Backdoor → Cover tracks

Unit 2: User Authentication and Access Control

Q1. Enlist types of biometric. Explain any one. (4M)


- Types: Fingerprint, Iris, Retina, Face, Voice
- Fingerprint: Unique ridges used for identity

Q2. Describe piggybacking and shoulder surfing. (4M)


- Piggybacking: Delay ACK and attach data
- Shoulder Surfing: Spy over shoulder for info

Q3. Explain access control policies. (4M)


- DAC: Owner controls access
- MAC: Sensitivity-based
- RBAC: Role-based access

Q4. What is dumpster diving? (2M)


- Retrieving sensitive data from trash

Q5. State any four advantages of biometrics. (2M)


- High security, Fast, Non-transferable, Spoof-proof

Q6. Explain criteria for password selection. (2M)


- Use mix of cases, symbols, no names, 12+ chars

Q7. Explain fingerprint and retina pattern. (4M)


- Fingerprint: Scan & match ridge pattern
- Retina: Infrared eye scan, highly secure
Q8. Explain fingerprint mechanism and limitations. (4M)
- Scan → Match template → Access
- Limitations: Skin condition, hygiene issues

Unit 4: Firewall and Intrusion Detection System

Q1. State any four limitation of firewall. (2M)


- Can’t block modem use, enforce passwords, stop social engineering, or harmful websites

Q2. Describe the term DMZ with diagram. (2M)


- DMZ: Subnet between LAN and Internet, hosts public servers

Q3. Describe term IDS. (2M)


- IDS: Detects suspicious activity
- NIDS: Network-based
- HIDS: Host-based

Q4. Application of firewall and limitations. (4M)


- Controls app traffic
- Can’t block all viruses or malicious sites

Q6. Explain characteristics and type of firewall. (4M)


- All traffic via firewall, enforce policy
- Types: Packet Filter, Circuit-Level, Proxy

Q7. Describe packet Filter router firewall. (4M)


- Filters packets using IP, Port, Protocol
- Actions: ACCEPT/DROP based on rules

Unit 5: Network Security, Cyber Laws and Compliance

Q1. Explain the concept of Kerberos. (2M)


- Auth protocol using tickets
- 3 Parts: Client, Server, KDC

Q2. Describe IP Security architecture. (2M)


- IPSec: Secures IPv4/6
- Provides: Confidentiality, Integrity, Auth

Q3. Explain e-mail security technique (PGP). (4M)


- Combines hashing, symmetric + public key
- Ensures: Privacy, Integrity, Auth, Non-repudiation
Q4. What is software piracy? (4M)
- Illegal use/distribution of software
- Types: Softlifting, Counterfeiting, etc.

You might also like