Information and Network Security UNIT-I PLANNING FOR SECURITY

Transcription

1 UNIT-I PLANNING FOR SECURITY 1 a Discuss the system specific security policy.how managerial guidelines and technical specification can be used in SysSP? (December 2010) 1 b. Who is responsible for policy management? How a policy is managed. Explain? Responsible individual.(december 2010) 1 a. Explain issue-specific Security policy?(jun-2012) 1 b. Draw a systematic diagram showing the major steps in contingency Planning. Explain in Detail. Business impact analysis.(jun-2012) 1 a. Explain the Pipkin s three categories of incident indicators. (JUNE 2010) (12 Marks) 1 b. Explain the ISO/IEC : 2005 plan-do-check-act cycle. (JUNE 2010) (8 Marks) 1 a. Define policy and explain issue specific security policy. (JUNE 2011) 1 b. Explain the importance of incident response planning strategy. (JUNE 2011) 1 a. Define the terms: Policy, Standards and practices in the context of information security. Draw a schematic diagram depicting the inter-relationship between the above. (Dec 2011) (6 Marks) 1 b. What are the policies that must be defined by the management (of organizations) as per NIST SP ? Describe briefly the specific areas covered by any two of these policies. (Dec 2011) (7 Marks) 1 c. What are the components of contingency planning? Describe briefly the important steps involved in the recovery process after the extent of damage caused by an incident has been assessed. (Dec 2011) (7 Marks) Dept of ISE,SJBIT Page 1

2 UNIT 2 SECURITY TECHNOLOGY: FIREWALLS AND VPNS 2 a Explain the major steps specified in BSS7799:2 document. How these steps help in security planning (December 2010) 2 b What is firewall? Show the working of screened host and dual homed firewall? (December 2010) 2a Explain the FIREWALL RULES.( June-2012) 2 b what is VPN and explain the different techniques used to implement the VPN Virtual Private Network (VPNs) (JUNE-2012) 2 a. Explain the firewall rules.(june 2010) 2 b. Explain the screened subnet firewall.(june 2010) 2 a. What is firewall? Explain categories of firewalls based on processing mode. (JUNE 2011) 2 b. What are virtual private networks? Explain different techniques to implement a VPN. (JUNE 2011) 2 a. Explain the firewall rules.(dec 2011) 2 b What is firewall? Show the working of screened host and dual homed firewall? (December 2011) Dept of ISE,SJBIT Page 2

3 UNIT 3 SECURITY TECHNOLOGY 2 3 a How a firewall can be configured and managed?give example. (December 2010) 3 b What is VPN? Explain the two modes of VPN. (December 2010) 3 a Differentiate between network based IDS and Host Based IDS emphasizing on their advantages and disadvantages. (June 2012) (8 marks) 3 b with the help of schematic diagram explain the centralized control strategy implementation of IDS. (June 2012). (6 marks) 3 c Enumerates the advantages and disadvantages of using honey pots. (June 2012) (6 marks) 3 a. How does a signature-based IDPs differ from a behavior based IDPs? (JUNE 2010) 3 b. Explain the venerability scanners.(june 2010) 3 a. Explain network based intrusion detection and prevention system (JUNE 2011) 3 b. Describe the need of operating system detection tools. (JUNE 2011) 3 a. Define the following terms related to IDS : i. Alert ii. False attack stimulus iii. False negative iv. False positive v. True attack stimulus (Dec 2011) (5 Marks) 3 b. Discuss the reasons for acquisition and use of IDSs by organizations. (Dec 2011)(6 Marks) Dept of ISE,SJBIT Page 3

4 UNIT 4 CRYPTOGRAPHY 4 a What is an intrusion? Briefly write about eight IDPS terminologies. (December 2010) 4 b what is an encryption? Discuss the asymmetric and symmetric methods. (December 2010) 4 a what are the fundamental differences between asymmetric and symmetric encryption (June 2012) (6 marks) 4 b Explain the different categories of attacks on cryptosystem. (June 2012) (8 marks) 4 c Define the following with relation to cryptography June 2012 (6 marks) 4 a. What are the difference between digital signature and digital certificate? (JUNE 2010) 4 b. Explain the two methods of encrypting plaintext.(june 2010) Cipher Methods 4 a. List out the elements of cryptosystems and explain transposition cipher technique (July 2011) (10Marks) 4 b. Who can attack cryptosystems? Discuss different categories of attacks on cryptosystems (July 2011) 4 a Define the following with relation to cryptography (Dec 2011) (6 marks) 4 b what is an encryption? Discuss the asymmetric and symmetric methods Dept of ISE,SJBIT Page 4

5 PART B UNIT 5 INTRODUCTION TO NETWORK SECURITY, AUTHENTICATION APPLICATIONS 5 a what is meant by information secutiry? Discuss the three aspects of information security.(december 2010) 5 b Briefly explain the four types of security attacks? That are normally encountered. also distinguish between active and passive attacks. (December 2010) 5 a Discuss Active security attack.(june 2012) 5 b with the help of neat diagram explain the general format of a X.509 public key certificate. (June 2012) 5 a. What are the difference between active and passive security attacks? (June/July 2010) 5 b. Explain the different authentication procedures in X.509 certificate. (June 2010) (9 Marks) 5 c. Write the summary of Kerberos version five message exchange. (June 2010) (6 Marks) 5 a. With a neat diagram, explain network security model ( June 2011) (07 Marks) 5 b. List out the difference between Kerberos version 4 and version 5. (July 2011) (8 Marks) 5 a. Describe the various security attacks and specific mechanisms covered by X.800 (Dec 2011) (14 Marks) 5 b Explain the different authentication procedures in X.509 certificate.(dec 2011) Dept of ISE,SJBIT Page 5

6 UNIT 6 ELECTRONIC MAIL SECURITY 6 a With a systematic diagram explain Kerberos Ver-4 authentication dialogue clearly mention different steps.(december 2010 ) 6 b With a flowchart explain the process of transmission and reception of PGP message. (December 2010 ) (10 marks ) 6 a Explain the PGP message generation and reception process.(june 2012) 6 b Explain the different MIME Content types.(june 2012). 6a. With a neat diagram, explain the digital signature service provided by PGP (June 2010) 6b. Explain the different MIME content types.(june 2010) (10Marks) 6a. Explain PGP message generation and PGP message reception techniques. (July 2011) 6b.Describe S/MIME Functionality.(July 2011) (5 Marks) 6c.Explain S/MIME certificate processing method. (July 2011) (5 Marks) 6a. Describe the steps involved in providing authentication and confidentiality by PGP, with suitable illusions.(dec 2011) 6b.Discuss the limitations of SMTP and how MIME overcomes these Limitation (Dec 2011) Dept of ISE,SJBIT Page 6

7 UNIT 7 IP SECURITY 7 a Give a general structure of IPSEC Authentication header. Describe how anti reply service is supported. December b With a neat diagram explain the basic combination of security association. December marks 7 a Mention the application of IPSEC. (June 2012) (4 marks) 7 b Explain the security association selector that determine the security policy database entry. (June 2012) (6marks) 7 c Draw a neat diagram IPSEC ESP format and explain. (June 201) (5 marks) 7 d Mention the important features of OAKLEY algorithm. (June 2012) (6 marks) 7a. Explain the format of an ESP packet in IP security.(june 2010) (07 Marks) 7 b. Why does ESP include a padding field?(june 2010) (3 Marks) 7 c. Give an example of an aggressive Oakley key.(june 2010) 7 a. Describe SA parameters and SA selectors in detail.(july 2011) 7 a. Describe the benefits of IPSec.(Dec 2011) (5 Marks) 7 c. Describe the transport and tunnel modes used for IPSec AH authentication bringing out their scope relevant to IPV4.(Dec 2011) Dept of ISE,SJBIT Page 7

8 UNIT 8 WEB SECURITY 8 a What is SET? Discuss the requirements and key features of SET. (December 2010) 8 b write short notes on SSL handshake protocol. (December 2010) 8 a Explain the parameter that define the session state and connection state in SSL.(June 2012) 8 b Describe the SET participants. (June 2012 ) (5 marks) 8 c Explain the construction of Dual signature in SET with neat diagram. Also show its verification with merchant and the bank. (June 2012) (5 marks) 8a. Explain the dual signature in SET protocol. What is its purpose? (June2010) (10Marks) 8 b. Explain the different alert codes of TLS protocols.(june 2010) 8 a. Expalin SSL handshake protocol with a neat diagram.(june 2011) (10Marks) 8b. List out the key features of secure transaction and explain in detail. (June 2011) 8 a. Discuss the SSL protocol stack.(dec 2011) (5 Marks) 8 b. What are the service provided by SSL record protocol? Describe the operation of this protocol.(dec 2011) ( 08 Marks) Dept of ISE,SJBIT Page 8