KINGS IT2042 INFORMATION SECURITY. Batch : Staff Name : NALAYINI P & AMBIKA J. Academic Year. Page 1. Kings College of Engineering

Transcription

1 KINGS COLLEGE OF ENGINEERING DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING QUESTION BANK IT2042 INFORMATION SECURITY Branch / Year / Sem : B.E / IV /VIII Batch : Staff Name : NALAYINI P & AMBIKA J Academic Year : (Even) Kings College of Engineering Page 1

2 SYLLABUS UNIT I FUNDAMENTALS 9 History, What is Information Security?, Critical Characteristics of Information, NSTISSC Security Model, Components of an Information System, Securing the Components, Balancing Security and Access, The SDLC, The Security SDLC UNIT II SECURITY INVESTIGATION 9 Need for Security, Business Needs, Threats, Attacks, Legal, Ethical and Professional Issues UNIT III SECURITY ANALYSIS 9 Risk Management: Identifying and Assessing Risk, Assessing and Controlling Risk UNIT IV LOGICAL DESIGN 9 Blueprint for Security, Information Security Poicy, Standards and Practices, ISO 17799/BS 7799, NIST Models, VISA International Security Model, Design of Security Architecture, Planning for Continuity UNIT V PHYSICAL DESIGN 9 Security Technology, IDS, Scanning and Analysis Tools, Cryptography, Access Control Devices, Physical Security, Security and Personnel TOTAL: 45 PERIODS TEXT BOOK: 1. Michael E Whitman and Herbert J Mattord, Principles of Information Security, Vikas Publishing House, New Delhi, 2003 REFERENCES: 1. Micki Krause, Harold F. Tipton, Handbook of Information Security Management, Vol 1-3 CRC Press LLC, Stuart Mc Clure, Joel Scrambray, George Kurtz, Hacking Exposed, Tata McGraw- Hill, Matt Bishop, Computer Security Art and Science, Pearson/PHI, Kings College of Engineering Page 2

3 Unit 1 2 Marks 1. What is information security? 2. What is C.I.A? 3. Write a note on the history of information security 4. What is Rand Report R-609? 5. What is the scope of computer security? 6. What is Security? 7. Define Physical security 8. Define Personal Security 9. Define Operations security 10. Define Communications security 11. Define Network security 12. Define Information security 13. What are the critical characteristics of information? 14. What is NSTISSC Security model? 15. What are the components of an information system? 16. What is meant by balancing Security and Access? 17. What are the approaches used for implementing information security? 18. What is SDLC? 19. Explain different phases of SDLC 20. What is Security SDLC? 21. How information security is viewed as a social science? 22. What are the information security roles to be played by various professionals in a typical organization? Kings College of Engineering Page 3

4 23. What are the three types of data ownwership and their responsibilities? 24. What is the difference between a threat agent and a threat? 25. What is the difference between vulnerability and exposure? 26. What is attack? 27. What is hacking? 28. What is security blue print? 29. What is MULTICS? 30.What is ARPANET? 31.Define spoofing 16 Marks 1) Explain the four important functions, the information security performs in an organization 2) What are dual homed host firewalls? Explain 3) What are deliberate acts of Espionage or tresspass. Give examples. 4) What deliberate software attacks? 5) Explain in detail the different types of cryptanalytic attacks 6) Enumerate different types of attacks on computer based systems. 7) What are different US laws and International laws on computer based crimes? 8) Explain in detail the Legal, Ethical and Professional issues during the security investigation 9) What are threats? Explain the different categories of threat 10) What is the code of ethics to be adhered to by the information security personnel stipulated by different professional organizations? 11) What is Intellectual property? How it can be protected? 12) Who are Hackers? Explain its levels 13) Explain the attack replication vectors 14) Discuss in detail the forces of Nature affecting information security Kings College of Engineering Page 4

5 15) Explain deliberate software attacks Unit 2 2 Marks 1) What are the four important functions, the information security performs in an organization? 2) What are threats? 3) What are the different categories of threat? Give Examples. 4) What are different acts of Human error or failure? 5) How human error can be prevented? 6) What is Intellectual property? 7) How Intellectual property can be protected? 8) What is deliberate acts of espionage or trespass? 9) Who are Hackers? What are the two hacker levels? 10) What is information extortion? 11) What is deliberate acts of sabotage and vandalism? 12) What is Cyber terrorism? 13) What are the deliberate acts of theft? 14) What are deliberate software attacks? 15) What are the forces of Nature affecting information security? 16) What are technical hardware failures or errors? 17) What are technical software failures or errors? 18) What is technological obsolescence? 19) What is an attack? 20) What is a malicious code? 21) Define Virus Kings College of Engineering Page 5

6 22) Define Hoaxes 23) What is Distributed Denial-of-service (DDoS)? 24) What is Back Door? 25) Define Dictionary attack 26) What are the various forms of attacks. 27) What are the attack replication vectors? 28) What is Denial-of-service (DoS)? 29) Define Spoofing 30) Define Man-in-the-Middle 16 Marks 1) Explain the four important functions, the information security performs in an organization 2) What are dual homed host firewalls? Explain 3) What are deliberate acts of Espionage or tresspass. Give examples. 4) What deliberate software attacks? 5) Explain in detail the different types of cryptanalytic attacks 6) Enumerate different types of attacks on computer based systems. 7) What are different US laws and International laws on computer based crimes? 8) Explain in detail the Legal, Ethical and Professional issues during the security investigation 9) What are threats? Explain the different categories of threat 10) What is the code of ethics to be adhered to by the information security personnel stipulated by different professional organizations? 11) What is Intellectual property? How it can be protected? 12) Who are Hackers? Explain its levels 13) Explain the attack replication vectors 14) Discuss in detail the forces of Nature affecting information security Kings College of Engineering Page 6

7 15) Explain deliberate software attacks Unit 3 2 Marks 1. What is risk management? 2. What the roles to be played by the communities of interest to manage the risks an organization encounters? Information Technology 3. What is the process of Risk Identification? 4. What are asset identification and valuation. 5. What is Asset Information for People? 6. What are Hardware, Software, and Network Asset Identification? 7. What are Asset Information for Procedures? 8. What are the Asset Information for Data? 9. How information assets are classified? 10. Define the process of Information asset valuation. 11. What are the Questions to assist in developing the criteria to be used for asset valuation? 12. Define data classification and management. 13. What are security clearances? 14. Explain the process of threat identification? 15. How to identify and Prioritize Threats? 18. What is Risk assessment? 16. What are the different threats faced by an information system in an Organization? 17. What is Vulnerability Identification? 19. Mention the Risk Identification Estimate Factors Kings College of Engineering Page 7

8 20. Give an example of Risk determination. 21. What is residual risk? 22. What is access control? 23. What are the different types of Access Controls? 24. What is the goal of documenting results of the risk assessment? 25. Mention the strategies to control the vulnerable risks. 26. What are the different risk control strategies? 27. Write short notes on Incidence Response Plan 28. Define Disaster Recovery Plan 29. Define Business Continuity Plan 30. What are different categories of controls? 16 Marks 1. What is risk management? State the methods of identifying and assessing risk management 2. Discuss in detail the process of assessing and controlling risk management issues 3. What is risk management? Why is the identification of risks by listing assets and vulnerabilities is so important in the risk management process? 4. Explain in detail different risk control strategies 5. Explain asset identification and valuation 6. Explain in detail the three types of Security policies (EISP,ISSP and syssp). 7. What is Information Security Blue print? Explain its salient features. 8. Explain the roles to be played by the communities of interest to manage the risks an organization encounters 9. Explain the process of Risk assessment 10. Explain briefly the plans adopted for mitigation of risks 11. Explain how the risk controls are effectively maintained in an organization Kings College of Engineering Page 8

9 13) Write short notes on a) Incidence Response Plan b)disaster Recovery Plan c)business continuity plan 12. Explain in detail the process of asset identification for different categories 13. Explain the process of Information asset valuation 14. Discuss briefly data classification and management 15. Explain the process of threat identification? 16. Explain the process of vulnerability identification and assessment for different threats faced by an information security system Unit 4 2 Marks 1. What is a policy? 2. What are the three types of security policies? 3. What is Security Program Policy? 4. Define Issue-Specific Security Policy (ISSP) 5. What are ACL Policies? 6. What is Information Security Blueprint? 7. Define ISO 17799/BS 7799 Standards and their drawbacks 8. Mention the Drawbacks of ISO 17799/BS What are the objectives of ISO 17799? 10. What is the alternate Security Models available other than ISO 17799/BS 7799? 11. List the management controls of NIST SP Mention the Operational Controls of NIST SP What are the Technical Controls of NIST ? 14. What is Sphere of protection? 15. What is Defense in Depth? Kings College of Engineering Page 9

10 16. What is Security perimeter? 17. What are the key technological components used for security implementation? 18. What is Systems-Specific Policy (SysSP)? 19. What is the importance of blueprint? 20. What are the approaches of ISSP? 16 Marks 1. What are ISO 7799 and BS7799? Explain their different sections and salient features. 2. Explain salient features of NIST security models. 3. Explain with diagrams the design of security architecture. 4. Explain how information security policy is implemented as procedure 5. What are the three types of security policies? Explain 6. Compare and contrast the ISO wit BS 7799 NIST security model 7. Explain the NIST security model 8. List the styles of security architecture models. Discuss them in detail 9. Explain NIST SP Explain Sphere of protection with a neat sketch 11. Explain the key technological components used for security implementation 12. Write short notes on i. Defense in depth ii. Security perimeter 13. Write short notes on i. Incident Response plan(irp) ii. Disaster Recovery Plan iii. Business Continuity Plan 14. What is Business Impact Analysis? Explain different stages of BIA in detail. 15. Explain Key technology component Kings College of Engineering Page 10

11 Unit 5 2 Marks 1. What are firewalls? 2. Explain different generations of firewalls. 3. Mention the functions of first generation firewall 4. What are the restrictions of first generation firewall? 5. What is the advantage of Second Generation firewalls? 6. Define stateful inspection firewall 7. What is the disadvantage of third generation firewalls? 8. What is the function of Fifth Generation firewall? 9. How firewalls are categorized by processing mode? 10. What is the drawback of packet-filtering router? 11. What are Screened-Host Firewall Systems 12. What is the use of an Application proxy? 13. What are dual homed host firewalls? 14. What is the use of NAT? 15. What are Screened-Subnet Firewalls? 16. What are the factors to be considered while selecting a right firewall? 17. What are Sock Servers? 18. What are the recommended practices in designing firewalls? 19. What are intrusion detection systems(ids)? 20. What are different types of IDSs? 21. Define NIDS 22. What is HIDS? Kings College of Engineering Page 11

12 23. What is the use of HIDS? 24. What is Application-based IDS? 25. What is Signature-based IDS? 26. What is LFM? 27. What are Honey Pots? 29. What are Honey Nets? 30. What are Padded Cell Systems? 31. What are the advantages and disadvantages of using honey pot or padded cell approach? 32. What are foot printing and finger printing? 33. What are Vulnerability Scanners? 34. Define Packet Sniffers 35. What is Cryptography?. 36. What is Cryptoanalysis? 37. Define Encryption 38. Define Decryption 39. What is Public Key Infrastructure (PKI)? 40. What are the PKI Benefits 41. How systems are secured? 42. What are the seven major sources of physical loss? 43. What is a Secure Facility? 44. What are the controls used in a Secure Facility? 45. What are the functions of Chief Information Security officer? 16 Marks 1. Explain in detail Kings College of Engineering Page 12

13 i. Firewalls categorized by processing mode ii. Different generations of firewall 2. Explain in detail different firewall architectures (OR) Write short notes on iii. Packet filtering Routers iv. Screened Host fire wall v. Screened subnet firewalls (with DMZ) 3. What are the factors to be considered in selecting a right firewall? 4. Explain how firewalls are configured and managed? 5. Outline some of the best practices for firewall use. 6. What are fire wall rules? Explain different fire wall rule sets. 7. What is intrusion Detection System(IDS)? Explain different reasons for using IDS and different terminologies associated with IDS. 8. What are different types of Intrusion Detection Systems available? Explain with diagrams 9. Write short notes on vi. Network-based IDS vii. Host-based IDS viii. Application-based IDS ix. Signature-based IDS 10. What are Honey pots,honey Nets and Padded cell systems? Explain each. 11. What is Attacking Protocol? Explain a) Foot printing and b) Finger printing. 12. What are the purposes of Scanning and Analysis tools? Who will be using these tools? Explain the functioning of few of these tools. 13. What is cryptography? Define various encryption terms used. 14. What is RSA algorithm? Explain different steps> 15. What are different possible attacks on crypto systems? Kings College of Engineering Page 13

14 16. List and describe four categories of locks? 17. Explain with a diagram different positions in Information security. 18. What are the functions of a)ciso,b) Information Security Manager, and c)security Technician 19. How the credentials of Information Security Personnels are assessed? 20. What are the certifications the Information Security Personnels should aquire for fitting into their roles? UNITWISE IMPORTANT QUESTIONS UNIT I 1. Explain in detail about software development life cycle process 2. What is SDLC? Illustrate the security of SDLC 3. Explain in detail about components of information system. 4. Discuss in detail NSTISSC security model UNIT II 1. Discuss in detail the Legal, Ethical and Professionalism issues during security investigation 2. Explain in detail the different types of cryptanalytic attacks. 3. Explain in detail about different type of threats 4. Explain in detail about legal issues during security investigation? UNIT III 1. Explain in detail about Risk Control strategy 2. What is risk Management?.State the methods of identifying and assessing risk management 3. Explain in detail about Risk Control Cycle 4. Explain in detail about Risk handling decision points 5. Explain in detail Cost Benefit Analysis and Exposure Factor UNIT IV 1. List the styles of architecture security models.discuss them in detail 2. Briefly explain the NIST SECURITY MODEL 3. Explain in detail about designing of security architecture Kings College of Engineering Page 14

15 4. Explain in detail about planning for continuity. UNIT V 1. Explain in detail about IDS and its types. 2. Write short notes on scanning and analysis tools used during design 3. Write notes on the control devices used in security design 4. What is cryptography?.discuss the authentication models used in cryptography. 5. What is intrusion detection system?.explain its types in detail. UNIVERSITY QUESTION PAPERS B.E/B.Tech DEGREE EXAMINATION,NOVEMBER/DECEMBER 2007 Seventh Semester Computer Science and Engineering CS INFORMATION SECURITY (Regulation 2004) Time :Three hours 1. State the critical Characteristics of information. 2. List the components used in security models. 3. Name the counter measure on threats. 4. Differentiate between threats and attacks. 5. Mention the benefits of risk management. 6. State the roles involved in risk management. 7. Name the people affected in security policies. Answer ALL questions PART A-(10*2=20) 8. State the pros of VISA international security model. 9. List any two IDS. Mention its category of classification. 10. What are the basic functions of access control devices? Maximum:100 Marks. Kings College of Engineering Page 15

16 PART B-(5*16=80) 11 (a) Discuss in detail the NSTISSC security model. (16) Or (b) What is SDLC? Illustrate the security of SDLC. (16) 12 (a) Explain in detail the different types of cryptanalytic attacks. (16) Or (b) Discuss in detail the Legal, Ethical and Professional issues during the security investigation. (16) 13 (a) What is risk management? State the methods of identifying and assessing risk management. (16) Or (b) Discuss in detail the process of assessing and controlling risk management issues. (16) 14 (a) (i) Compare and contrast the ISO with BS 7799 NIST security models. (10) (ii) Briefly explain the NIST security model. (6) Or (b) List the styles of architecture security models. Discuss them in detail. (16) 15 (a) (i) What is intrusion detection system? Explain its types in detail. (10) (ii) Write short notes on scanning and analysis tools used during the security design. (6) Or (b) (i) What is cryptography? Discuss the authentication models used in cryptography. (10) (ii) Write short notes on the control devices used in security design. (6) ****************************************************************************************************** B.E/B.Tech DEGREE EXAMINATION,NOVEMBER/DECEMBER 2008 Seventh Semester Computer Science and Engineering CS INFORMATION SECURITY (Regulation 2004) Time :Three hours Maximum:100 Marks. Answer ALL questions PART A (10 x 2 =20 marks) 1. Mention the components of Information security. 2.How is the top-down approach to information Security superior to the bottom-up approach? 3.What are the types of password attacks? 4. What is the difference between Criminal law and Civil law? 5.Why do networking components need more examination from an Information Security perspective than from a Systems development perspective? Kings College of Engineering Page 16

17 6.What is a cost-benefit analysis? 7.What is a policy? How does it different from a law? 8.When do we call attacks as incidents? 9.Differentiate Symmetric encryption and Asymmetric encryption. 10. What is a honey pot? PART B (5 x 16 = 80) 11. (a) (i) How has Computer Security evolved into modern Information security? Explain. (8) (ii) Why is a methodology important in the implementation of Information Security? How does a methodology improve the process? Explain. (8) (or) (b) What are the phases in the Security Systems development life cycle? Explain in detail. 16) 12. (a) (i) Describe the three general categories of unethical and illegal behaviour. (8) (ii) What can be done to deter someone from committing a crime? Explain. (8) (or) (b)(i) What is a buffer overflow? How is it used against a web server? Explain. (12) (ii) How do worms differ from viruses? (4) 13.(a) Describe Risk mitigation. Explain the planning approaches to mitigate risks. (16) (b) Define risk management, risk identification and risk control. Illustrate it with a real time application. (16) (or) 14. (a) Classify each of the following occurrences as an incident or disaster. If an occurrence is a disaster, determine whether business continuity plans would be called into play. (i) A hacker gets into the network and deletes files from a server. (ii) A fire breaks out in the storeroom and sets off sprinklers on that floor. Some computers a are damaged, but the fire is controlled. (iii) Employees go on strike, and the company could be without critical workers for weeks. (iv) A disgruntled employee takes a critical server home, sneaking it out after hours. For each of the scenarios above, describe the steps necessary to restore operations. Indicate whether law enforcement would be involved. ( ) (or) (b) What is Contingency planning? Describe its components. How is it different from routine management planning? Explain. (16). 15. (a) (i) How do the security considerations for temporary or contract employees differ from those Kings College of Engineering Page 17

18 of regular full-time employees? Explain. (8) (ii) What is Collusion? How does the separation of duties influence collusion? Explain. (8) (b) Describe the categories and operating models of Intrusion Detection Systems (IDS) in detail. (16) (or) **************************************************************************************************************************************** Answer ALL questions PART A (10 2 = 20 marks) B.E./B.Tech. DEGREE EXAMINATION, NOVEMBER/DECEMBER Seventh Semester IT 2042 INFORMATION SECURITY (Regulation 2008) 1. What is information security? 2. Why is a methodology important in implementing the information security? 3. Why is information security a management problem? 4. Distinguish between DoS and DDoS. 5. What is risk management? 6. What is the difference between benchmark and baseline? 7. What is information security policy? 8. What are the inherent problems with ISO 17799? 9. Distinguish between symmetric and asymmetric encryption. 10. What are the credentials of information security professionals? PART B (5 16 = 80 marks) 11. (a) (i) Describe the critical characteristics of information. How are they used in the study of computer security? (8) (ii) Explain the security system development life cycle in detail. (8) Or 2webworld 2webworld (b) (i) Explain the NSTISSC security model and the top-down approach to security implementation.(8) (ii) Briefly explain the components of an information system and their security. (8) 12. (a) (i) Explain the various groups of threats faced by an organization. (8) (ii) Discuss the ethical concepts in information security and the prevention to illegal and unethical behavior. (8) Or 2 (b) (i) Explain the four important functions of information security in an organization. (8) Kings College of Engineering Page 18

19 (ii) Describe the attack replication vectors and the major types of attacks. (8) 13. (a) (i) Describe the process of risk identification in detail. (8) (ii) Discuss the risk control strategies that guide an organization. (8) Or 2 We b) (i) Discuss the risk assessment and the documentation of its results. (8) (ii) Explain the various feasibility studies considered for a project of information security controls and safeguards. (8) 14. (a) (i) Explain the different types of information security policies. (8) (ii) Discuss the features of VISA international security model. (8) Or 2webworld 2webworld (b) (i) Explain the NIST Security model in detail. (8) (ii) Explain the various components used in designing the security architecture. (8) 15. (a) (i) Discuss the different types of intrusion detection systems. (8) (ii) Describe the access controls used for providing physical security. (8) Or 2webworld 2webworld (b) (i) Write notes on scanning and analysis tools used during design.(8) (ii) Discuss the cryptographic tools used for providing the security.(8) ****************************************************************************************************** Kings College of Engineering Page 19