is important questions
TRANSCRIPT
-
7/26/2019 Is Important Questions
1/64
Anna University Syllabus Materials and
Question Papers
Wednesday, 15 May 2013
CS922 !"#$%MA&!$" S'CU%!&( A)) U"!& QU'S&!$"S A"*
A"SW'%S +!MP$%&A"&
INFORMATION SECURITY ALL UNIT QUESTIONS AND ANSWERS (IMPORTANT)
CS922
UNIT I - INTRODUCTION TO INFORMATION SECURITY
PART A (2 MARKS)
1. What is information security?
2. What are the types of attack? Compare.
3. What is meant by top-down approach to security implementation? Give its
advantaes.
!. What is meant by bottom-up approach to security implementation? Give its
disadvantaes.
". What type of security was dominant in the early years of computin?
#. What are the three components of C.$.%. trianle? What are they used for?
&. What is security blue print?
'. What is the difference between a threat aent and a threat?
(. What is vulnerability?
1). Who is involved in the security development life cycle?
11. When can a computer be a sub*ect and an ob*ect of an attack respectively?
PART- B
1. +escribe the critical characteristics of information. ,ow are they used in the study of
computer security? 1#
2. /riefly e0plain the components of an information system and their security. ,ow will
you balance security and access? 1#
http://questionsearch.blogspot.in/http://questionsearch.blogspot.in/http://questionsearch.blogspot.in/http://questionsearch.blogspot.in/ -
7/26/2019 Is Important Questions
2/64
3. a +escribe the system development life cycle? !
b 0plain the security system development life cycle? 12
!. What is $nformation security? 0plain the 4$C security model and the top-down
approach to security implementation. 1#
UNIT II SECURITY INVESTIGATION
PART A (2 MARKS)
1. Why is information security a manaement problem?
2. Why is data the most important asset an orani5ation possesses?
3. ,ow can a ervice 6evel %reement 6% provide a safeuard for $nternet or web
hostin
services?
!. What is software piracy? ame two orani5ations that investiate alleations of
software abuse.
". ame the two cateories of hackers and differentiate between them.
#. Who is a cyberactivist?
&. Who is a cyberterrorist?
'. ,ow does a threat to information security differ from an attack?
(. What is a threat?
1). +efine malware. Give e0amples.11. $n what way does the ++o differ from the +o attack?
12. ,ow do worms differ from viruses?
13. What is spoofin?
1!. What are the types of password attack?
1". What is the difference between criminal law 7 civil law?
1#. What is tort law?
1&. What are the primary e0amples of public l aw?
1'. What is a policy? ,ow does it differ from law?
1(. ,ow does civil law differ from criminal law?
2). ,ow does tort law differ from public law?
21. Which law amended the computer 8raud and %buse %ct of 1('#9 and what did it
chane?
-
7/26/2019 Is Important Questions
3/64
22. What are the three eneral cateories of unethical and illeal behaviour?
23. +efine +:C%.
2!. What does C$; stands for?
PART-B
1. a0plain the four important functions of information security in an
-
7/26/2019 Is Important Questions
4/64
12. What is annual loss e0pectancy?
13. What is cost benefit analysis?
1!. What is the definition of sinle loss e0pectancy?
1". What is the difference between benchmarkin and baselinin?
1#. What are vulnerabilities?
1&. What is risk assessment?
1'. What is a hot site? ,ow is this useful in risk mitiation?
1(. Compare and contrast preventive and detective controls.
2). +efine risk appetite.
21. What is a +elphi techni=ue?
PART-B
1. a. What are the four basic steps in risk manaement? +escribe. '
b. What are access controls and e0plain their types? '
2. laborate on
a %sset $dentification 7 >aluation '
b +ata Classification 7 :anaement '
3. +escribe in detail the process of risk identification. 1#!. laborate on risk assessment and the documentation of its results. 1#
". What are the risk control strateies that uide an orani5ation? laborate. 1#
#. 0plain the components of asset valuation? 1#
&. 0plain the various feasibility studies considered for a pro*ect of information security
controls
and safeuards? 1#
UNIT IV - LOGICAL DESIGN
PART-A (2 MARKS)
1. +ifferentiate between a mission 7 vision of an orani5ation.
2. What is information security policy?
3. What is information security blueprint framework?
-
7/26/2019 Is Important Questions
5/64
!. What is the difference between a policy9 standard and procedure?
". What are the differences amon the $;9 +; 7 /C;?
#. What is crisis manaement?
&. What are the inherent problems with $< 1&&((9 and why hasn@t the A.. adopted it?
'. What are the two ma*or components of the sphere of security?
(. What are the levels of testin strateies involved in incident response plan?
1). :ention ;ipkin@s three cateories of incident indicators.
11. When does an incident become a disaster?
12. Write short notes on a mutual areement.
13. tate the options for
-
7/26/2019 Is Important Questions
6/64
2. 0plain the relationship between plainte0t and cipher te0t.
3. What is %+$A? What advantae does it have over 4%C%C?
!. What is network finerprintin?
". What is +:?
#. What are the main components of cryptoloy?
&. What is physical security?
'. +efine a secure facility.
(. Write short notes on %pplication-6evel 8irewall.
1). What is a creened ubnet 8irewall?
11. +efine %4.
12. What is a host based $+?
13. ,ow does false re*ect rate differ from false accept rate?
1!. What are the two protocols desined to enable secure communications across the
internet?
1". tate the main components of cryptoloy.
1#. $n what ways the sophisticated heat sensor operates in the thermal detection
systems?
1&. What are the two basic types of 8ire detection systems?
1'. What is %+$A? What advantaes does it have over 4%C%A?;%4-/
1. +iscuss the eneration of firewalls? 1#
2. +escribe the structure of firewall architecture? 1#
3. 0plain the various types of $ntrusion +etection ystems. 1#
!. 0plain in detail the cryptoraphy and encryption based solutions. 1#
". 0plain the key difference between symmetric and asymmetric encryption with
suitable
e0amples. 1#
#. /riefly e0plain the components of cryptoloy. 1#
&. +iscuss some of the popular cryptoraphic alorithms. 1#
'. Write short notes on the various access controls used for providin physical security.
1#
-
7/26/2019 Is Important Questions
7/64
(. +escribe the various methods of power manaement 7 conditionin. 1#
CS1014-INFORMATION SECURITY
TWO MARKS
1. Define Information Se!rit".
It i# a $e%%-informe& #en#e of a##!rane t'at t'e information ri#(# an&
ontro%# are in )a%ane.
*. W'at i# Se!rit"+
Se!rit" i# ,t'e !a%it" or #tateof bein secure-to be free from
danerD.
3. What are the multiple layers of ecurity?
E ;hysical ecurity
E ;ersonal ecurity
E
-
7/26/2019 Is Important Questions
8/64
$t is the process of sendin an e-mail with a modified field.
&. What is A+; ;acket poofin?
Aser +ata ;rotocol A+; ;acket poofin enables the attacker to et
unauthori5ed access to data stored on computin systems.
'. What are the measures to protect the confidentiality of information?
E $nformation Classification
E ecure document storae
E %pplication of eneral ecurity ;olicies.
E ducation of information end-users
(. What is Atility of information?
Atility of information is the =uality or state of havin value for some
purpose or end.
1). What are the components of information system?
E oftware
E ,ardware
E +ata
E ;eople
E ;rocedures
E etworks.11. What are the functions of 6ocks 7 Feys?
6ocks 7 Feys are the traditional tools of physical security9 which
restricts access to9 and interaction with the hardware components of
an information system.
12. What is etwork ecurity?
$t is the implementation of alarm and intrusion systems to make
system owners aware of onoin compromises.
13. +ifferentiate +irect and $ndirect attacks.
+irect %ttack $ndirect %ttack
$t is when a hacker uses
his personal computer to
break into the system
-
7/26/2019 Is Important Questions
9/64
$t is when a system is
compromised and used to
attack other systems9
such as in a distributed
deniel of service attack.
-
7/26/2019 Is Important Questions
10/64
risk facin the orani5ation.
1(. What are the functions of $nformation ecurity?
E ;rotects the orani5ation@s ability to function
E nables the safe operation of applications implemented on the
orani5ations $4 systems.
E ;rotects the data the orani5ation collects and uses.
E afeuards the technoloy assets in use at the orani5ation.
2). What is ;F$?
;ublic Fey $nfrastructure is an interated system of software9
encryption methodoloies and leal areements that can be used to
support the entire information infrastructure of an orani5ation.
21. What is the use of +iital Certificates?
+iital Certificates are used to ensure the confidentiality of $nternet
Communications and transactions.
22. What is 8irewall?
8irewall is a device that keeps certain kinds of network traffic out of a
private network.
23. What are cachin network appliances?
Cachin network appliances are devices that store leal copies of$nternet contents such as Web;aes that are fre=uently referred to by
employees.
2!. What are appliances?
%ppliances display the cached paes to users rather than accessin
paes from the server each time.
2". What is a threat?
4hreat is an ob*ect9 person or other entity that represents a constant
daner to an asset.
2#. What are ,ackers?
,ackers are people who use and create computer software for en*oyment
or to ain access to information illeally.
2&. What are the levels of hackers?
-
7/26/2019 Is Important Questions
11/64
E 0pert ,acker
+evelops software codes
E Anskilled ,acker
Ases the codes developed by the e0perts
2'. What are script kiddies?
4hese are hackers of limited skills who e0pertly written software to e0ploit a
system but not fully understand or appreciate the systems they hack.
2(. What is a ;hreaker?
% ;hreaker hacks the public telephone network to make free calls.
3). What is :alicious code?
4hese are prorams9 which are desined to damae9 destroy9 or deny service
to the taret system
31. What are the types of virus?
E :acro virus
E /oot virus
32. What are tro*an horses?
4hey are software prorams that hide their true nature and reveal their
desined behavior only when activated.
33. What is a polymorphic threat?$t is one that chanes its apparent shape over time.
3!. What is intellectual propery?
$t is the ownership of ideas and control over the tanible or virtual
representation of those ideas.
3". What is an attack?
$t is a deliberate act that e0ploits vulnerability.
3#. What vulnerability?
$t is an identified weakness of a controlled system with controls that are not
present or no loner effective.
3&. What are the attack replication vectors?
E $p scan and attack
E Web browsin
-
7/26/2019 Is Important Questions
12/64
E >irus
E hares
E :ass mail
E :;
3'. What is a brute force attack?
4ryin every possible combination of options of password.
3(. What are sniffers?
niffers are prorams or device that can monitor data travelin over an
network.
!). What is social enineerin?
$t is the process of usin social skills to convince people to reveal access
credentials to the attackers.
!1. What are the types of 6aws?
E Civil 6aw
E Criminal 6aw
E 4ort 6aw
!2. +ifferentiate ;rivate 7 ;ublic 6aws.
;rivate 6awsH
E 4his 6aw reulates the relationship between the individual and theorani5ation.
E H 8amily 6aw9 Commercial 6aw9 6abor 6aw
;ublic 6awH
E 4his 6aw reulates the structure and administration of overnment
aencies and their relationship with the citi5ens9 employees and other
overnments.
E H Criminal 6aw9 %dministrative 6aw9 Constitutional 6aw.
!3. What are the fundamental principles of ,$;%%.
1. Consumer control of medical information.
2. /oundaries on the use of medical information.
3. %ccountability for the privacy of private information.
!. ecurity of health information.
-
7/26/2019 Is Important Questions
13/64
!!. What are the eneral cateories of unethical and illeal behaviour?
E $norance
E %ccident
E $ntent
!". What is deterrence?
E $t is the best method for preventin illeal or unethical activity.
E 0amples are laws9 ;olicies and technical controls.
!#. What is isk :anaement?
isk $dentification is conducted within the larer process of identifyin and
*ustifyin risk control known as risk manaement.
!&. What are the communities of interest?
E $nformation ecurity
E :anaement and users
E $nformation 4echnoloy
!'. What are the responsibilities of the communities of interests?
E valuatin the risk controls
E +eterminin which control options are cost effective for the orani5ation
E %c=uirin or installin the needed controls.
E
-
7/26/2019 Is Important Questions
14/64
$t is the process of assessin the relative risk for each of the vulnerabilities.
"3. What is 6ikelihood?
6ikelihood is the overall ratin of the probability that a specific vulnerability
within an orani5ation will be successfully attacked.
"!. What is esidual isk?
$t is the risk that remains to the information asset even after the e0istin
control has been applied.
"". What are ;olicies?
;olicies are documents that specify an orani5ation@s approach to security.
"#.What are the types of security policies?
E General ecurity ;olicy
E ;roram ecurity ;olicy
E $ssue-pecific ;olicies
"&. What are the types of access controls?
E :andatory %ccess Controls:%Cs
E ondiscretionary controls
E +iscretionary Controls+%C
"'. What are the isk Control trateies?
E %voidance I $t is the risk control stratey that attempts to prevent thee0ploitation of the vulnerability.
E 4ransference I $t is the control approach that attempts to shift the risk to
other assets9other processes 9or other orani5ations.
E :itiation I $t is the control approach that attempts to reduce the impact
caused by the e0ploitation of vulnerability throuh plannin and
preparation.
E %cceptance. I $t is the choice to do nothinto protect vulnerability and to
accept the outcome of an e0ploited vulnerability.
"(. What are the common methods for isk %voidance?
E %voidance throuh %pplication of ;olicy
E %voidance throuh %pplication of trainin and education
E %voidance throuh %pplication of technoloy
-
7/26/2019 Is Important Questions
15/64
#). What are the types of plans in :itiation stratey?
E 4he +isaster ecovery ;lan+;
E $ncident esponse ;lan$;
E /usiness Continuity ;lan/C;
#1. What is a hot site?
E $t is also known as business recovery site.
E $t is a remote location with systems identical or similar to the home site.
#2. What are the ways to cateori5e the controls?
E Control function
E %rchitectural 6ayer
E tratey 6ayer
E $nformation ecurity ;rinciple.
#3. +ifferentiate ;reventive and +etective controls.
;reventive Controls +etective Controls
1. top attempts to e0ploit
vulnerability by implementin a
security principle9 such as
authentication or confidentiality
1. $t warn orani5ations of violationsof security principles9 orani5ational
policies or attempts to e0ploit
vulnerability.
2. $t uses the technical procedure
such as encryption or combination of
technical means and enforcement
methods.
2. $t use techni=ues such as audit
trials9intrusion detection and
confiuration monitorin.
#!. What are the commonly accepted information security ;rinciples?
E confidentiality
-
7/26/2019 Is Important Questions
16/64
E $nterity
E %vailability
E %uthentication
E %uthori5ation
E %ccountability
E ;rivacy.
#". What is benefit?
$t is the value that the orani5ation reconi5es by usin controls to prevent
loses associated with a specific vulnerability.
##. What is asset valuation?
$t is the process of assinin financial value or worth to each information
asset.
##. What is a ;olicy?
$t is a plan or course of action9 as of a overnment9 political party9 intended
to influence and determine decisions9 actions and other matters.
#&. +ifferentiate mission 7 >ision.
:issionH :ission of an orani5ation is a written statement of an
orani5ation@s purpose.
>isionH >ision of an orani5ation is a written statement of an orani5ation@soals.
#'. What is trateic ;lannin?
$t is the process of movin the orani5ation towards its vision by
accomplishin its mission.
#(. What are the eneral roups of ystem-pecific ;olicy?
E %ccess Control 6ists
E Confiuration ules.
&). What is a Capability table?
E $t is a list associated with users and roups
E pecifies which sub*ects and ob*ects a user or roup can access.
E 4hese are fre=uently comple0 matrices rather than simplJe lists or tables.
&1. What is K%reed Apon ;roceduresD?
-
7/26/2019 Is Important Questions
17/64
$t is a document that outlines the policies and technoloies necessary
to security systems that carry the sensitive cardholder information to and from
from >$% systems.
&2. What is redundancy?
$mplementin multiple types of technoloy and thereby preventin
failure of one system from compromisin the security of the information is
referred to as redundancy.
&3. What is a 8irewall?
$t is a device that selectively discriminates aainst information flowin
into or out of the orani5ation.
&!. What is 8irewall ubnet?
$t consists of multiple firewalls creatin a buffer between the outside
and inside networks.
&". What is +:s?
E % buffer aainst outside attack is referred to as +emilitari5ed one.
E $t is a no-man@s-land between the inside and outside networks where
some orani5ations place Web ervers.
E 4he servers provide access to orani5ational Web paes without allowin
Web re=uests to enter the interior networks.. What are the 2 versions of $+?
E ,ot-based $+
E etwork-based $+
&&. What is Continency ;lannin?
$t is the entire plannin conducted by the orani5ation to prepare for9
react to9 and recover from events that threaten the security of information and
information assets in the orani5ation.
&'. Who are the members of the continency team?
E Champion
E ;ro*ect :anaer
E 4eam :embers.
&(. What are the staes in the /usiness $mpact %nalysis tepL?
-
7/26/2019 Is Important Questions
18/64
E 4hreat attack identification
E /usiness unit analysis
E %ttack success scenarios
E ;otential damae assessment
E ubordinate plan classification
'). What is an attack profile?
$t is a detailed description of activities that occur durin an attack.
'1. What is an incident?
$t is any clearly identified attack on the orani5ation@s information assets
that would threaten the asset@s confidentiality9 interity9 or availability.
'2. What are the phases of $ncident esponse?
E ;lannin
E +etection
E eaction
E ecovery.
'3. What are the " testin strateies of $ncident ;lannin?
E Checklist
E tructured walk-throuh
E imulationE ;arallel
E 8ull interruption
'!. What is an alert roster?
$t is a document containin contact information for individuals to be notified
in the event of an incident.
'". What are the 2 ways to activate an alert roster?
E e=uential roster I $t is activated as a contact person calls each person on
the roster.
E ,ierarchical roster I $t is activated as the first person calls a few other
people on the roster9 who in turn call a few people.
'#. What is computer forensics?
$t is the process of collectin9 analy5in and preservin computer
-
7/26/2019 Is Important Questions
19/64
related evidence.
'&. What are ,oney pots?
4hese are computer servers confiured to reassemble production
systems9 containin rich information *ust bein to be hacked.
''. What is enticement?
$t is the process of attractin attention to a system by placin
tantali5in bits of information in key locations.
'(. What is entrapment?
$t is the action of lurin an individual into committin a crime to et a
conviction.
(). What is :utual areement?
$t is a contract between two or more orani5ation@s that specifies how
each to assist the other in the event of a disaster.
(1. What is intrusion?
%n intrusion is a type of attack on information assets in which the
instiator attempts to ain entry into a system or disrupt the normal operations
of a system with9 almost always9 the intent to do malicious harm.
(2. What is $+?
$+ stands for $ntrusion +etection ystems. $t works like a burlaralarm in that it detects a violation of its confiuration and activates and alarm.
4his alarm can be audible andBor visual or it can be silent.
(3. What is inature based $+s?
inature based $+s9 also known as knowlede based $+s9 e0amine
data traffic for patterns that match sinatures9 which are pre-confiured9
predetermined attack patterns.
(!. What are ,oney pots?
,oney pots are decoy systems9 which means they are desined to lure
potential attackers away from critical systems.
$n the security industry9 these systems are also known as decoys9 lures9 or flytraps.
(". What is the use of cannin and analysis tools?
cannin and analysis tools are used to pinpoint vulnerabilities in
-
7/26/2019 Is Important Questions
20/64
systems9 holes in security components9 and unsecured aspects of the network.
%lthouh these tools are used by attackers9 they can also be used by an
administrator not only to learn more about hisBher own system but also identify
and repair system weaknesses before they result in losses.
(#. What are the factors of authentication?
E What a supplicant knows
E What a supplicant has
E Who a supplicant is
E What a supplicant produces
(&. What is ,ash function?
,ash functions are mathematical alorithms that enerate a messae
summary or diest that can be used to confirm the identity of a specific messae
and to confirm that the messae has not been altered.
('. What is ;F$?
;F$ I ;ublic Fey $nfrastructure
$t is an interated system of software9 encryption methodoloies9
protocols9 leal areements and third party services that enables users to
communicate securely. $t includes diital certificates and certificate authorities.
((. What is teanoraphy?teanoraphy is the process of hidin information9 and while it is not
properly a form of cryptoraphy9 it is related to cryptoraphy in that both are
ways of transmittin information without allowin it to be revealed in transit.
1)). What are the protocols used in ecure $nternet Communication?
E -,44;ecure ,yperte0t 4ransfer ;rotocol
E 6ecure ocket 6ayer
E 6 ecord ;rotocol
E tandard ,44;
1)1. What is ;hysical security?
;hysical security addresses the desin9 implementation9 and
maintenance of countermeasures that protect the physical resources of an
orani5ation. 4his means the physical protection of the people9 the hardware9
-
7/26/2019 Is Important Questions
21/64
and the supportin system elements and resources associated with the control of
information in all its statesH transmission9 storae and processin.
1)2. What are the controls of protectin the ecure 8acility?
E Walls9 8encin9 Gates
E Guards
E +os
E $+ Cards and /ades
E 6ocks and keys
E :antraps
E lectronic :onitorin
E %larms and %larm ystems
E Computer ooms and Wirin Closets
E $nterior Walls and +oors
1)3. What are the basic types of 8ire +etection ystems?
E 4hermal +etection
E moke +etection
E 8lame +etection
1)!. What is 4:;4?
4:;4 is a technoloy that prevents the loss of data that mayresult from the emissions of electromanetic radiation.
1)". What is A;? What are the types of A;?
A;- Aninterruptible ;ower upply
$t is a electrical device that serves as a battery backup to detect the
interruption of power to the power e=uipment.
4he basic confiurations are9
E tandby or offline A;
E 8erroresonant tandby A;
E 6ine-interactive A;
E 4rue online A;
1)#. What are the relevant terms for electrical power influence?
E 8aultH :omentory $nterruption in power
-
7/26/2019 Is Important Questions
22/64
E /lackoutH ;roloned $nterruption in power
E aH :omentary drop in power voltae levels
E /rown outH ;roloned drop in power voltae levels
E pikeH :omentory increase in power voltae levels
E ureH ;roloned increase in power voltae levels
1)&. What is fail-safe lock?
$t is usually used on an e0it9where it is essential for human safety in
the event of a fire.$t is used when human safety is not a factor.
1)'. What are the conditions cotrolled by ,>%C ystems?
E 4emperature
E 8iltration
E ,umidity
E tatic lectricity.
1#-:%F
1.0plain the Critical Characteristics of $nformation
E %vailability
E %ccuracy
E %uthenticity
E ConfidentialityE $nterity
E Atility
E ;ossession
2. 0plain the Components of an $nformation ystem
E oftware
E ,ardware
E ;eople
E +ata
E ;rocedures
E etworks
3. 0plain +6C in detail.
E :ethodoloy
-
7/26/2019 Is Important Questions
23/64
E ;hases
E ;hases
E $nvestiation
E %nalysis
E 6oical +esin
E ;hysical +esin
E $mplementation
E :aintenance and chane
!. 0plain ec+6C in detail
E $nvestiation
E %nalysis
E 6oical +esin
E ;hysical +esin
E $mplementation
E :aintenance and chane
". 0plain the functions of an $nformation security orani5ation
E ;rotects the orani5ation@s ability to function
E nablin safe operation of applications
E ;rotectin data that orani5ations collect and useE afeuardin technoloy assets in orani5ations
#. 0plain the cateories of 4hreat in detail.
E %cts of human error or failure
E +eviations in M
-
7/26/2019 Is Important Questions
24/64
E :alicious code
E ,oa0es
E /ack +oors
E ;assword Crack
E /rute 8orce
E +ictionary
'. 0plain General Computer Crime 6aws.
E Computer 8raud 7 abuse %ct )f 1('#
E A% ;atriot %ct of 2))1
E Communications +ecency %ct
E Computer ecurity %ct of 1('&
(. 0plain thical Concepts in $nformation ecurity.
E Cultural +ifferences in thical Concepts
E oftware 6icense $nfrinement
E $llicit use
E :isuse of corporate resources
1). 0plain isk :anaement in detail.
E Fnow Nourself
E Fnow Nour nemyE %ll Communities of $nterest
11. 0plain isk $dentification in detail
E %sset $dentification 7 >aluation
E %utomated isk :anaement tools
E $nformation %sset Classification
E $nformation %sset >aluation
E 6istin %ssets in order of importance
E +ata Classification 7 :anaement
E 4hreat $dentification
12. 0plain isk assessment in detail.
E $ntroduction
E 6ikelihood
-
7/26/2019 Is Important Questions
25/64
E >aluation of $nformation %ssets
E ;ercentae of isk :itiated by Controls
E %ccess Controls
13. 0plain isk Control strateies in detail
E %voidance
E :itiation
E %cceptance
E 4ransference
1!. 0plain isk :itiation stratey election
E valuation9 %ssessment and :aintenance of isk controls
E Cateories of controls
E %rchitectural 6ayer
E tratey 6ayer
E
1". 0plain the types of ;olicies in detail.
E General security ;olicy
E $ssue-pecific ;olicy
E ystem-specific ;olicy
1#. 0plain $4 ecurity :odels in detail.E $4 pecial ;ublication ; '))-12
E $4 pecial ;ublication ; '))-1!
E $4 pecial ;ublication ; '))-1'
1&. 0plain >$% $nternational ecurity :odel in detail.
E /aselinin and best /usiness ;ractises
1'. 0plain the desin of ecurity %rchitecture in detail.
E +efense in +epth
E ecurity ;erimeter
E Fey 4echnoloy Components
1(. 0plain the :a*or teps in Continency ;lannin.
E /usiness $mpact %nalysis
E $ncident esponse ;lannin
-
7/26/2019 Is Important Questions
26/64
E +isaster ecovery ;lannin
E /usiness Continuity ;lannin.
2).0plain $nformation ecurity ;olicy9 tandards and ;ractices in detail.
E +efinitions
E ecurity ;roram ;olicy;;
E $ssue-pecific ecurity ;olicy$;
E ystems-pecific ;olicyys;
E %C6 ;olicies
E ;olicy :anaement
21. 0plain protocols for ecure communication in detail.
E -,44; 7 6
E ecureB:ultipurpose $nternet :ail 0tensionB:$:
E $nternet ;rotocol ecurity$;ec
22. 0plain taffin the security in detail.
E Mualifications and e=uirements
E ntry into the ecurity ;rofession
E $nformation ecurity ;ositions
23. 0plain the fire safety in ;hysical security.
E 8ire +etection 7 esponseE 8ire +etection
E 8ire uppression
E Gaseous mission ystems
2!. 0plain the Cryptoraphic alorithms in detail.
E +ata ncryption tandards+
E ;ublic Fey $nfrastructure;F$
E +iital inatures
E ;retty Good ;rivacy;G;
2". 0plain $+ in detail
E ,ost-based $ds
E etwork-based $+
E inature-based $+
-
7/26/2019 Is Important Questions
27/64
E tatistical %nomaly-based $+
2#. 0plain the type of encryptionBdecryption method.
Conventional :ethodsH
E Character-6evel ncryptionH ubstitutional 7 4ranspositional
E /it-6evel ncryptionH ncodinB+ecodin9 ;ermutation9 ubstitution9
;roduct9 0clusive-
-
7/26/2019 Is Important Questions
28/64
Anna University Syllabus Materials and
Question Papers
Wednesday, 15 May 2013
CS922 !"#$%MA&!$" S'CU%!&( U"!-'%S!&( QU'S&!$"S W!&.
A"SW'%S
CS922 !"#$%MA&!$" S'CU%!&(
ANSWER KEYPART-A
1. Li! "#! !$% %'i! %'i&%.4he three security servicesOconfidentiality9 interity9 and availabilityOcounter
threats to the security of a system. hirey divides threats into four broad classesH
disclosure9 or unauthori5ed access to informationJ deception9 or acceptance of
false dataJ disruption9 or interruption or prevention of correct operationJ and
usurpation9 or unauthori5ed control of some part of a system. 4hese four broad
classes encompass many common threats.
2. D%*i+% !$% +"",i+ +/ ,""*i+.
noopin9 the unauthori5ed interception of information9 is a form of disclosure. $t
is passive9 suestin simply that some entity is listenin to or readin
communications or browsin throuh files or system information.
:as=ueradin or spoofin9 an impersonation of one entity by another9 is a form of
both deception and usurpation.
0. W'i!% !$% &',!"',$i& &$% *#+&!i"+ ,'",%'!i%.
% cryptoraphic checksum function also called a stron hash function or a stron
one-way function hH % / is a function that has the followin properties.
8or any 0 %9 h0 is easy to compute.
8or any y /9 it is computationally infeasible to find 0 % such that h0 P y.
http://questionsearch.blogspot.in/http://questionsearch.blogspot.in/http://questionsearch.blogspot.in/http://questionsearch.blogspot.in/ -
7/26/2019 Is Important Questions
29/64
$t is computationally infeasible to find 09 0Q %9 such that 0 0Q and h0 P h0Q.
uch a pair is called a collision.
4he third re=uirement is often stated asH
Given any 0 %9 it is computationally infeasible to find another 0Q % such that 0 0Q
and h0Q P h0.
3. W$! i S%i"+ +/ I+!%'&$+% K%4
%n interchane key is a cryptoraphic key associated with a principal to a
communication.
% session key is a cryptoraphic key associated with the communication itself.
5. Di!i+#i$ 6%!7%%+ ,'i+&i,8% "* 8%! ,'ii8%% +/ ,'i+&i,8% "* *i8-*%
/%*#8!.
4he principle of least privilee states that a sub*ect should be iven only those
privilees that it needs in order to complete its task.
4he principle of fail-safe defaults states that9 unless a sub*ect is iven e0plicit
access to an ob*ect9 it should be denied access to that ob*ect.
9. D%*i+% C%'!i*i&!i"+ #!$"'i!i% i#+&% ,"8i& +/ &"+*i+%%+! ,'"68%.
%ccess control affects the function of the server in two ways.
4he server must ensure that the resources it accesses on behalf of the client
include only those resources that the client is authori5ed to access.
4he server must ensure that it does not reveal the clientQs data to any other entity
not authori5ed to see the clientQs data.
:. W$! i M8i&i"# 8"i& +/ T'";+ $"'%4
:alicious loic is a set of instructions that cause a siteQs security policy to be
violated.
% 4ro*an horse is a proram with an overt documented or known effect and a
covert undocumented or une0pected effect.
-
7/26/2019 Is Important Questions
30/64
performs some possibly null action.
% boot sector infector is a virus that inserts itself into the boot sector of a disk.
=. W'i!% !$% "8 "* !$% D'i6> %'i! ,"8i&.
4he oals of the +ribQs security policy are to be as follows.
+ata related to company plans is to be kept secret. $n particular9 sensitive
corporate data9 such as data involved in developin potential products9 is to be
available only to those who need to know.
When a customer provides data such as a credit card number to the +rib as
part of a purchase9 the data9 and all information about the customer9 are to be
available only to those who fill the order. Company analysts may obtain statistics
about a number of orders for plannnin purposes.
eleasin sensitive data re=uires the consent of the companyQs officials and
lawyers.1?. S$"'! +"!% "+ A+!i&i,!i+ A!!&.
$n spite of the measures outlined above9 the +rib security officers reali5e
that their network and systems miht be compromised throuh unanticipated
means. 4hey have taken steps to prepare for9 and handle9 such attacks.
PART-B
11 W'i!% + "%'i%7 "* C",#!%' S%'i! 7i!$ +%! %@,8%.C"+*i/%+!i8i!
Confidentiality is the concealment of information or resources.
I+!%'i!
$nterity refers to the trustworthiness of data or resources9 and it is usually
phrased in terms of preventin improper or unauthori5ed chane.
Ai86i8i!
%vailability refers to the ability to use the information or resource desired.
12. E@,8i+ !$% *"88"7i+) C8i&8 C',!"!%.
Classical cryptosystems also called sinle-key or symmetric cryptosystems are
cryptosystems that use the same key for encipherment and decipherment. $n
these systems9 for all k C and k F9 there is a +k + such that +k P kI1.
-
7/26/2019 Is Important Questions
31/64
T'+,"i!i"+ Ci,$%'
% transposition cipher rearranes the characters in the plainte0t to form the
cipherte0t. 4he letters are not chaned.
S#6!i!#!i"+ Ci,$%'
% substitution cipher chanes characters in the plainte0t to produce the
cipherte0t.
Vi%+'% Ci,$%'
% loner key miht obscure the statistics.
6) P#68i& K% C',!"',$.
/ecause one key is public9 and its complementary key must remain secret9 a
public key cryptosystem must meet the followin three conditions.
$t must be computationally easy to encipher or decipher a messae iven the
appropriate key. $t must be computationally infeasible to derive the private key from the public key.
$t must be computationally infeasible to determine the private key from a chosen
plainte0t attack.
4he first cipher to meet these re=uirements enerates a shared session key. 4he
second one provides both secrecy and authentication.
(OR)
W'i!% 6"#! !$% S!'% +/ B8"& Ci,$%' +/ N%!7"' +/ C',!"',$
6et be an encipherment alorithm9 and let kb be the encipherment of
messae b with key k. 6et a messae m P b1b2 R9 where each bi is of a fi0ed
lenth. 4hen a block cipher is a cipher for which km P kb1kb2 R.
%n n-stae linear feedback shift reister 68 consists of an n-bit reister r P
r)RrnI1 and an n-bit tap se=uence t P t)RtnI1. 4o obtain a key bit9 r) is used9
the reister is shifted one bit to the riht9 and the new bit r)t)RrnI1tnI1 is
inserted.
10. W'i!% 6"#! !$% D%i+ P'i+&i,8% 7i!$ DVD % 8"#! %@,8%.
4he principle of open desin states that the security of a mechanism should not
depend on the secrecy of its desin or implementation.
4he principle of separation of privilee states that a system should not rant
-
7/26/2019 Is Important Questions
32/64
permission based on a sinle condition.
4he principle of least common mechanism states that mechanisms used to
access resources should not be shared.
4he principle of psycholoical acceptability states that security mechanisms
should not make the resource more difficult to access than if the security
mechanisms were not present.
(OR)
W'i!% 6"#! !$% *"88"7i+ A&&% C"+!'"8 M%&$+i.
) A&&% C"+!'"8 Li!.6et be the set of sub*ects9 and the set of rihts9 of a system. %n access
control list %C6 l is a set of pairs l P S s9 r H s 9 r T. 6et acl be a function that
determines the access control list l associated with a particular ob*ect o. 4he
interpretation of the access control list aclo P S si9 ri H 1 i n T is that sub*ect si
may access o usin any riht in ri.
6) L"& +/ K%.
4he locks and keys techni=ue combines features of access control lists and
capabilities. % piece of information the lock is associated with the ob*ect and a
second piece of information the key is associated with those sub*ects authori5ed
to access the ob*ect and the manner in which they are allowed to access the
ob*ect. When a sub*ect tries to access an ob*ect9 the sub*ectQs set of keys is
checked. $f the sub*ect has a key correspondin to any of the ob*ectQs locks9
-
7/26/2019 Is Important Questions
33/64
access of the appropriate type is ranted.T,% C$%&i+- 4ype checkin restricts access on the basis of the types of the
sub*ect and ob*ect. $t is a form of locks and keys access control9 the pieces of
information bein the type. ystems use type checkin in areas other than
security.S$'i+ S%&'%!- % t9 n-threshhold scheme is a cryptoraphic scheme in which
a datum is divided into n parts9 any t of which are sufficient to determine the
oriinal datum. 4he n parts are called shadows.13. W$! i &",#!%' i'# +/ %@,8i+ 6"#! 88 !$% !,% "* &",#!%' i'#%.
% 6""! %&!"' i+*%&!"'is a virus that inserts itself into the boot sector of a disk.
%n %@%!68% i+*%&!"'is a virus that infects e0ecutable prorams.
% #8!i,'!i!% i'#is one that can infect either boot sectors or applications.
% !%'i+!% +/ ! '%i/%+! (TSR)virus is one that stays active resident in
memory after the application or bootstrappin9 or disk mountin has terminated.
S!%8!$ i'#%are viruses that conceal the infection of files.
% ,"8"',$i& i'#is a virus that chanes its form each time it inserts itself
into another proram.
(OR)
W'i!% !$% *"88"7i+ #/i!i+.
) D%i+i+ + A#/i!i+ S!%.
6oin is the recordin of events or statistics to provide information about
system use and performance.
%uditin is the analysis of lo records to present information about the system in
a clear and understandable manner.
6oer
6oin mechanisms record information. 4he type and =uantity of information are
dictated by system or proram confiuration parameters. 4he mechanisms may
record information in binary or human-readable form or transmit it directly to an
analysis mechanism.
%naly5er
%n analy5er takes a lo as input and analy5es it. 4he results of the analysis may
lead to chanes in the data bein recorded9 to detection of some event or
problem9 or both.
-
7/26/2019 Is Important Questions
34/64
otifier
4he analy5er passes the results of the analysis to the notifier. 4he notifier informs
the analyst9 and other entities9 of the results of the audit. 4he entities may take
some action in response to these results.
%n anonymi5in saniti5er deletes information in such a way that it cannot be
reconstructed by either the recipient or the oriinator of the data in the lo. %
pseudonymi5in saniti5er deletes information in such a way that the oriinator of
the lo can reconstruct the deleted information.
% state-based loin mechanism records information about a systemQs state. %
state-based auditin mechanism determines whether or not a state of the system
is unauthori5ed.
% transition-based loin mechanism records information about an action on a
system. % transition-based auditin mechanism e0amines the current state of the
system and the proposed transition command to determine if the result will place
the system in an unauthori5ed state.
15. W'i!% 6"#! !$% #%' %'i! +/ %@,8i+ 7i!$ Fi8% +/ D%i&%.Fi8%
Asers must protect confidentiality and interity of the files to satisfy policy
component A2. 4o this end9 they use the protection capabilities of the system to
constrain access. Complicatin the situation are the interpretation of permissions
on the containin directories.
% direct alias is a directory entry that points to names the file. %n indirect alias is
a directory entry that points to a special file containin the name of the taret file.
4he operatin system interprets the indirect alias by substitutin the contents of
the special file for the name of the indirect alias file.
%'! !%'i+8provides built-in mechanisms for performin special functions.(OR)E@,8i+ !$% *"88"7i+ !% %'i!.
) A#!$%+!i&!i"+%uthentication binds the identity of the user to processes. $ncorrect or
compromised authentication leads to security problems. $n this section9 we
consider the authentication techni=ues used in the two systems.
-
7/26/2019 Is Important Questions
35/64
6) R%!'",%&!i%
T$% W%6 S%'%' S!% i+ !$% DM
4he Web server on the +: Web server system runs a minimal set of services. $t
keeps everythin possible on unalterable media.
T$% D%%8",%+! S!%
4he development system also runs a minimal set of prorams and services.
ANSWERKEY
PART-A
1. Li! "#! !$% G"8 "* S%'i!
;revention means that an attack will fail.
+etection is most useful when an attack cannot be prevented9 but it can also
indicate the effectiveness of preventative measures.
ecovery has two forms.
2. D'7 !$% %'i! 8i*% &&8%.
0. W$! i HMAC (H$ M%% A#!$%+!i&!i"+ C"/%)4 ,:%C is a eneric term for an alorithm that uses a keyless hash function
and a cryptoraphic key to produce a keyed hash function. 4his mechanism
-
7/26/2019 Is Important Questions
36/64
enables %lice to validate that data /ob sent to her is unchaned in transit. Without
the key9 anyone could chane the data and recompute the messae
authentication code9 and %lice would be none the wiser.
3. S$"'! +"!% "+ P'%&",#!i+ !$% P"i68% M%% immons discusses the use of a Uforward searchU to decipher messaes
enciphered for confidentiality usin a public key cryptosystem. ,is approach is to
focus on the entropy uncertainty in the messae.
5. S!!% !$% ,'i+&i,8% "* %&"+" "* %&$+i 7i!$ %@,8%.
-
7/26/2019 Is Important Questions
37/64
entry for the ne0t N packet is created. Ander a N flood9 the data structure is
kept full of entries that never move to the connected state.1?. Li! "#! !$% &","+%+! "* #%'> ,"8i&i%.
4he components of usersQ policies that we focus on are as follows.
A1.
-
7/26/2019 Is Important Questions
38/64
4he principle of tran=uility states that sub*ects and ob*ects may not chane
their security levels once they have been instantiated. uppose that security levels
of ob*ects can be chaned9 and consider the effects on a system with one cateory
and two security clearances9 ,$G, and 6
-
7/26/2019 Is Important Questions
39/64
a pair is called a collision.
4he third re=uirement is often stated asH
Given any 0 %9 it is computationally infeasible to find another 0Q % such that 0 0Q
and h0Q P h0.
10
.
W'i!% 6"#! !$% *"88"7i+ A&&% C"+!'"8 M%&$+i
) A&&% C"+!'"8 Li!.6et be the set of sub*ects9 and the set of rihts9 of a system. %n access control
list %C6 l is a set of pairs l P S s9 r H s 9 r T. 6et acl be a function that
determines the access control list l associated with a particular ob*ect o. 4he
interpretation of the access control list aclo P S si9 ri H 1 i n T is that sub*ect si
may access o usin any riht in ri.6) L"& +/ K%.
4he locks and keys techni=ue combines features of access control lists and
capabilities. % piece of information the lock is associated with the ob*ect and a
second piece of information the key is associated with those sub*ects authori5ed
to access the ob*ect and the manner in which they are allowed to access the
ob*ect. When a sub*ect tries to access an ob*ect9 the sub*ectQs set of keys is
checked. $f the sub*ect has a key correspondin to any of the ob*ectQs locks9 access
of the appropriate type is ranted.T,% C$%&i+- 4ype checkin restricts access on the basis of the types of the
sub*ect and ob*ect. $t is a form of locks and keys access control9 the pieces of
information bein the type. ystems use type checkin in areas other than security.
S$'i+ S%&'%!- % t9 n-threshhold scheme is a cryptoraphic scheme in which
a datum is divided into n parts9 any t of which are sufficient to determine the
oriinal datum. 4he n parts are called shadows.
(OR)
W'i!% 6"#! !$% D%i+ P'i+&i,8% 7i!$ DVD % 8"#! %@,8%.
4he principle of open desin states that the security of a mechanism should not
depend on the secrecy of its desin or implementation.
-
7/26/2019 Is Important Questions
40/64
4he principle of separation of privilee states that a system should not rant
permission based on a sinle condition.
4he principle of least common mechanism states that mechanisms used to access
resources should not be shared.
4he principle of psycholoical acceptability states that security mechanisms
should not make the resource more difficult to access than if the security
mechanisms were not present.
13
.
E@,8i+ !$% *"88"7i+
) T$%"' "* M8i&i"# L"i& (1?)
4he types of malicious loic discussed so far are not distinct. Computer viruses
are a form of 4ro*an horses. Computer viruses may contain loic bombs9 as miht
computer worms. ome worms and viruses are bacteria because they absorb all
the resources of some type.
6et 4 be a 4urin machine and let > be a se=uence of symbols on the machine
tape. 6et sv be a distinuished state of 4. 8or every v >9 when 4 lies at the
beinnin of v in tape s=uare k9 suppose that after some number of instructions are
e0ecuted9 a se=uence vQ > lies on the tape beinnin at location kQ9 where either k
X YvY kQ or kQX YvY k. 4hen 49 > is a viral set and the elements of > are computer
viruses.
$t is undecidable whether an arbitrary proram contains malicious loic.
-
7/26/2019 Is Important Questions
41/64
6) C",#!%' 7"' (9)
% computer worm is a proram that copies itself from one computer to another.
4he 8ather Christmas worm was interestin because it was a form of macro worm.
(OR)W'i!% !$% %@,8+!i"+ 6"#! !$% P%+%!'!i"+ S!#/i% 7i!$ %@,8% "*
C",'"i% "* B#''"#$ S!%
6oin is the recordin of events or statistics to provide information about system
use and performance.
% penetration study is a test for evaluatin the strenths of all security controls on
the computer system. 4he oal of the study is to violate the site security policy. %
penetration study also called a tier team attack or red team attack is not a
replacement for careful desin and implementation with structured testin. $t
provides a methodoloy for testin the system in toto9 once it is in place. Anlike
other testin and verification technoloies9 it e0amines procedural and operational
controls as well as technoloical controls.
G"8
% penetration test is an authori5ed attempt to violate specific constraints stated in
the form of a security or interity policy. 4his formulation implies a metric for
determinin whether the study has succeeded.
L%'i+ "* T%!
0ternal attacker with no knowlede of the system.
0ternal attacker with access to the system.
$nternal attacker with access to the system.
15. E@,8i+ !$% *"88"7i+)E8%&!'"+i& C"#+i&!i"+ (9)
lectronic communications deserves discussion to emphasi5e the importance of users
understandin basic security precautions.
-%utomated lectronic :ail ;rocessin
-8ailure to Check Certificates
-endin Ane0pected Content
6)C""+ S%'i!-R%8!%/ P'"'i+ P'"68% (1?)
tructure the process so that all sections re=uirin e0tra privilees are modules. 4he
-
7/26/2019 Is Important Questions
42/64
modules should be as small as possible and should perform only those tasks that re=uire
those privilees.
Check that the process privilees are set properly.
4he proram that is e0ecuted to create the process9 and all associated control files9 must
be protected from unauthori5ed use and modification. %ny such modification must be
detected.
nsure that any assumptions in the proram are validated. $f this is not possible9 document
them for the installers and maintainers9 so they know the assumptions that attackers will
try to invalidate.
(OR)
W'i!% 6"#! !$% ,'"' %'i! +/ %@,8i+ 7i!$ T%!i+ Mi+!%++&% +/ O,%'!i"+
T%!i+
4he results of testin a proram are most useful if the tests are conducted in the environment in which the
proram will be used the production environment. o9 the first step in testin a proram is to construct an
environment that matches the production environment. 4his re=uires the testers to know the intended
production environment. $f there are a rane of environments9 the testers must test the prorams in all of
them.
-
7/26/2019 Is Important Questions
43/64
T%!i+ !$% P'"'
-
7/26/2019 Is Important Questions
44/64
Write about the %utonomous %entsH %%8$+
;%4 - /
Write about the computer security basic components.
What are operational issues and e0plain each steps.
0plain about the access control matri0 model.
/rief the confidentiality policies
/rief the $nterity policies with Clark-Wilson $nterity :odel.
Write about the Clinical $nformation ystems ecurity ;olicy in ,ybrid ;olicies.
Write the overview of Classical Cryptosystems.
0plain about the Fey :anaement and Cryptoraphic Fey $nfrastructures.
/rief the torin and evokin Feys
Write about the public key sinatures.
-
7/26/2019 Is Important Questions
45/64
$nterity mechanisms fall into two classesH prevention m
2. Di**%'%+!i!% D%+i8 "* '%&%i,! +/ D%+i8 "* %'i&%.
D%+i8 "* '%&%i,!9 a false denial that an entity received
D%+i8 "* %'i&%9 a lon-term inhibition of service9 is a
0. W'i!% !$% !'#!i+ !$! %&$+i 7"' '%#i'% %%'8
4rustin that mechanisms work re=uires several assumptions.
ach mechanism is desined to implement one or more parts
4he union of the mechanisms implements all aspects of the se
4he mechanisms are implemented correctly.
4he mechanisms are installed and administered correctly.
3. S$"'! +"!% "+ P'"!%&!i"+ S!!%.
4he state of a system is the collection of the current va
5. W'i!% 6"#! P'i+&i,8% "* A!!%+#!i"+ "* P'ii8%%.
;rinciple of %ttenuation of ;rivilee. % sub*ect may not
9. W'i!% !$% !,% "* S%'i! P"8i&i%.
% military security policy also called a overnmental se
% commercial security policy is a security policy develop
% confidentiality policy is a security policy dealin only w
%n interity policy is a security policy dealin only with in
:. Li! "#! !$% T,% "* A&&% C"+!'"8.
-
7/26/2019 Is Important Questions
46/64
$f an individual user can set an access control mechanis
When a system mechanism controls access to an ob*ec
%n "'ii+!"' &"+!'"88%/ &&% &"+!'"8 (ORCON "' O
-
7/26/2019 Is Important Questions
47/64
Confidentiality is the concealment of information or re
$nterity refers to the trustworthiness of data or resou
%vailability refers to the ability to use the information
-
7/26/2019 Is Important Questions
48/64
3. s1 can e0ecute s2 if and only if is2
Li,+%'> U% "* !$% B%88-LP/#8 M"/%8
6ipner provides two security levels9 in the followin order
%udit :anaer %:H system audit and manaeme
ystem 6ow 6H any process can read informatio
,e similarly defined five cateoriesH
+evelopment +H production prorams under deve
;roduction Code ;CH production processes and p
;roduction +ata ;+H data covered by the interity
ystem +evelopment +H system prorams unde
oftware 4ools 4H prorams provided on the prod
=. W'i!% 6"#! !$% K% E@&$+% +/ % %+%'!i"+.
4he oal of key e0chane is to enable %lice to communica
1. 4he key that %lice and /ob are to share cannot be transm
2. %lice and /ob may decide to trust a third party called UCa
3. 4he cryptosystems and protocols are publicly known. 4he
Fey Generation
4he secrecy that cryptosystems provide resides in the sele
% se=uence of cryptoraphically random numbers
% se=uence of cryptoraphically pseudorandom nu
% stron mi0in function is a function of two or mor
-
7/26/2019 Is Important Questions
49/64
1?. E@,8i+ !$% *"88"7i+
a. K% G%+%'!i"+.
Fey Generation
4he secrecy that cryptosystems provide resides in the sele
% se=uence of cryptoraphically random numbers
% se=uence of cryptoraphically pseudorandom nu
% stron mi0in function is a function of two or more inputs
b.S%i"+ +/ I+!%'&$+% K%.
%n interchane key is a cryptoraphic key associated wit
% session key is a cryptoraphic key associated with the
PART-A
1. Li! "#! !$% #!$%+!i&!i"+ !% &"+i!i+ "* *i% &","+%
1. 4he set % of authentication information is the set of specific inform
2. 4he set C of complementary information is the set of information t
3. 4he set 8 of complementation functions that enerate the comple
!. 4he set 6 of authentication functions that verify identity. 4hat is9 fo
-
7/26/2019 Is Important Questions
50/64
5. 4he set of selection functions that enable an entity to create or
2. W$! i ,'"&!i% ,7"'/ &$%&%'4
% proactive password checker is software that enforces specific re
0. Di!i+#i$ 6%!7%%+ !$% #!$%+!i&!i"+ ,"8i& +/ i#+&% ,
% C% authentication policy describes the level of authentication r
% C% issuance policy describes the principals to whom the C% w
3. D%*i+% !$% S!!% +/ C""i%
% messae iven to a Web browserby aWeb server. 4he bro
5. E@,8i"+ 6"#! !$% 8"& +/ % !%&$+i#%.
4he locks and keys techni=ue combines features of access contro
9. W'i!% 6"#! !$% C"+*i+%%+! F8"7 M"/%8
4he confinement flow model is a !-tuple $9
-
7/26/2019 Is Important Questions
51/64
4he ability to copy capabilities implies the ability to ive rihts. 4o
PART-A (0 @ 1? 0? MARKS)
ANSWER THE ANY THREE
:. B'i%* !$% Bi"%!'i& &""+ &$'%&!%'i!i&.
/iometrics is the automated measurement of bioloica
Fingerprints - Finer/rint# an )e #anne& o/tia%%" )!t t
Voices -A!t'entiation )" oie a%#o a%%e& #/ea(er er
Eyes -A!t'entiation )" e"e 'arateri#ti# !#e# t'e iri#
Faces - Fae reonition on#i#t# of #eera% #te/#. Fir#t t
K%!'"% - Feystroke dynamics re=uires a sinature ba
Caution - 6ea!#e )iometri# mea#!re# 'arateri#ti# of
-
7/26/2019 Is Important Questions
52/64
1. % hash value computed on a canonical representation of t
2. 4he C%Qs public key in the certificate
3. 4he +istinuished ame of the ;C%
$dentity on the Web - Certificates are not ubi=uitous on the
=. O%'i%7 !$% I+*"'!i"+ F8"7.
%lthouh access controls can constrain the rihts of
E+!'",-B%/ A+8i -4he command se=uence c ca
%n implicit flow of information occurs when informat
4he confinement flow model is a !-tuple $9
-
7/26/2019 Is Important Questions
53/64
lub019 ...9 0n y
$f the condition is true9 the assinment proceeds. $f not9 it fa
$mplicit flows complicate checkin.
1?. B'i%* !$% C",i8%'-B%/ M%&$+i.
Compiler-based mechanisms check that information flows
% set of statements is certified with respect to an informati
We opt for a more liberal approach9 in which the lanuae
0H inteer class S %9 / T
states that 0 is an inteer variable and that data from secu
%ssinment tatements
%n assinment statement has the form
y HP f019 ...9 0n
Compound tatements
% compound statement has the form
bein
1J
...
nJ
endJ
where each of the iQs is a statement. $f the information flo
1secure
...
nsecure
% basic block is a se=uence of statements in a proram th
wait0H if 0 P ) then block until 0 L )J 0 HP 0 - 1J
sinal0H 0 HP 0 X 1J
-
7/26/2019 Is Important Questions
54/64
ANSWER KEY
PART-A
1. E@,8i+ 6"#! S!!% +/ C""i%
% messae iven to aWeb browserby a Web server. 4h
2. W$! i %'i! ,i,%8i+% i+!%'*&% (SPI)4
,offman and +avis propose addin a processor9 called
Fi#'% U% "* + SPI !" &$%& *"' &"''#,!%/ *i8%.
0. W'i!% 6"#! '#8% "* !'+i!i% &"+*i+%%+! +/ i'!#8 &$
% virtual machine is a proram that simulates the hardw
3. Di**%'%+!i!% 6%!7%%+ &"%'! !"'% &$++%8 +/ +"i%8%
http://www.webopedia.com/TERM/B/browser.htmlhttp://www.webopedia.com/TERM/B/browser.htmlhttp://www.webopedia.com/TERM/B/browser.htmlhttp://www.webopedia.com/TERM/W/Web_server.htmlhttp://www.webopedia.com/TERM/B/browser.htmlhttp://www.webopedia.com/TERM/W/Web_server.html -
7/26/2019 Is Important Questions
55/64
% covert storae channel uses an attribute of the shared resou
% noiseless covert channel is a covert channel that uses a res
5. D'7 !$% S%'% N%!7"' S%'%' Mi8 G#'/ /i'.
9. W$! '% !$% !,% "* &",#!%' i'#%.
% 6""! %&!"' i+*%&!"'is a virus that inserts itself into the boo
%n %@%!68% i+*%&!"'is a virus that infects e0ecutable pro
% #8!i,'!i!% i'#is one that can infect either boot sectors
% !%'i+!% +/ ! '%i/%+! (TSR)virus is one that stays a
S!%8!$ i'#%are viruses that conceal the infection of files.
% ,"8"',$i& i'#is a virus that chanes its form each tim
:. D%*i+% M8i&i"# 8"i&
:alicious loic is a set of instructions that cause a siteQs
-
7/26/2019 Is Important Questions
56/64
% 6""! %&!"' i+*%&!"'is a virus that inserts itself into the boo
1?. Li! "#! !$% *"#' !%, *"' F87 H,"!$%i M%!$"/"8".
1. $nformation atherin. $n this step9 the testers become familiar w
2. 8law hypothesis. +rawin on the knowlede ained in the first s
3. 8law testin. 4he testers test their hypothesi5ed flaws. $f a flaw
3. 8law enerali5ation.
-
7/26/2019 Is Important Questions
57/64
/oth the sendin and receivin processes must have acc
4he sendin process must be able to modify that attribut
4he receivin process must be able to reference that attr
% mechanism for initiatin both processes9 and properly
4he re=uirements for covert timin channels are similar t
/oth the sendin and receivin processes must have acc
/oth the sendin and receivin processes must have acc
4he sendin process must be able to control the timin o
% mechanism for initiatin both processes9 and properly
T$% ,%&i*i& &'i!%'i '% *"88"7.
4he value of a variable is obtained from a system call.
% callin process can detect at least two different states
=. E@,8i+ 6"#! !$% #8+%'6i8i! *'%7"' 7i!$ +%! %
4he oals of a framework dictate the frameworkQs structure
4he investiators classified flaws into seven eneral class
$ncomplete parameter validation
$nconsistent parameter validation
$mplicit sharin of privileedBconfidential data
%synchronous validationBinade=uate seriali5ation
$nade=uate identificationBauthenticationBauthori5ation
>iolable prohibitionBlimit
0ploitable loic error
-
7/26/2019 Is Important Questions
58/64
T$% F87 C8% -
$ncomplete parameter validation occurs when a paramet
$nconsistent parameter validation is a desin flaw in whic
$nade=uate identificationBauthori5ationBauthentication flaw
0ploitable loic error flaws encompass problems not fal
A8> M"/%8
-4he 8law Classes
-6eacy
C",'i"+ +/ A+8i
-4he 0term 6o 8ile 8law
-4he finerd /uffer
-
7/26/2019 Is Important Questions
59/64
ANSWER KEY
PART-A
1. Di**%'%+!i!% 6%!7%%+ #!$%+!i&!i"+ ,"8i& +/ i#+&% ,
% C% authentication policy describes the level of authenticatio
% C% issuance policy describes the principals to whom the C%
2. W$! i !$'%$$"8/ &$%%4
% t9 n-threshhold scheme is a cryptoraphic scheme in
0. W'i!% 6"#! &"+*i+%%+! ,'"68% +/ &"%'! &$++%8.
%ccess control affects the function of the server in two ways.
4he server must ensure that the resources it accesses on beh
4he server must ensure that it does not reveal the clientQs data
% covert channel is a path of communication that was not desi
3. W$! i +/6"@4
% sandbo0 is an environment in which the actions of a process
5. W'i!% !$% &"+&%,! "* F%+!"+> D! M' M&$i+%.
-
7/26/2019 Is Important Questions
60/64
8enton created an abstract machine called the +ata :ark :a
8enton defined five instructions. 4he relationships between e0
4he increment instruction
0 HP 0 X 1
is e=uivalent to
if ;C 0 then 0 HP 0 X 1J else skip
9. Di**%'%+!i!% 6%!7%%+ T'";+ $"'% +/ ,'",!i+ T'";+
% 4ro*an horse is a proram with an overt documented or kno
% propaatin 4ro*an horse also called a replicatin 4ro*an ho
:. D%*i+% !$% 8"i+ +/ #/i!i+.
6oin is the recordin of events or statistics to provide infor
%uditin is the analysis of lo records to present information a
-
7/26/2019 Is Important Questions
61/64
0ternal attacker with access to the system. %t this level9 the t
$nternal attacker with access to the system. %t this level9 the te
PART-B
:. O%'i%7 6"#! !$% ,'i+&i,8% "* %'% /%i+ 7'i!%
4he principle of least privilee states that a sub*ect shoul
4he principle of fail-safe defaults states that9 unless a su
4he principle of economy of mechanism states that secu
4he principle of complete mediation re=uires that all acce
4he principle of open desin states that the security of a
4he principle of separation of privilee states that a syste
4he principle of least common mechanism states that me
4he principle of psycholoical acceptability states that se
-
7/26/2019 Is Important Questions
62/64
Conditional statements
$terative statements
Goto statements
;rocedure calls
8unction calls
$nputBoutput statements.
Ai+%+! S!!%%+!
%n assinment statement has the form
y HP f019 ...9 0n
where y and 019 ...9 0n are variables and f is some function
lubS019 ...9 0nT y
C","#+/ S!!%%+!
% compound statement has the form
bein
1J
...
nJ
endJ
=. W'i!% 6"#! !$% &",#!%' i'#% +/ %%'8 !,% "*
% &",#!%' i'#is a proram that inserts itself i
% 6""! %&!"' i+*%&!"'is a virus that inserts itself
-
7/26/2019 Is Important Questions
63/64
E %n %@%!68% i+*%&!"'is a virus that infects e0ec
E % #8!i,'!i!% i'#is one that can infect either bo
E % !%'i+!% +/ ! '%i/%+! (TSR)virus is one
E S!%8!$ i'#%are viruses that conceal the infect
E % ,"8"',$i& i'#is a virus that chanes its fo
1?. E@,8i+ !$% *"88"7i+
) A+!" "* + A#/i!i+ S!%. (5)
6oin is the recordin of events or statistics to provide
%uditin is the analysis of lo records to present informa
6oer 6oin mechanisms record information. 4he type and =
%naly5er
%n analy5er takes a lo as input and analy5es it. 4he res
otifier
4he analy5er passes the results of the analysis to the no
%n anonymi5in saniti5er deletes information in such a w
% state-based loin mechanism records information ab
% transition-based loin mechanism records informatio
6) I+!'#i"+ /%!%&!i"+ '&$i!%&!#'%. (5)
A'&$i!%&!#'% "* + i+!'#i"+ /%!%&!i"+ !%.
-
7/26/2019 Is Important Questions
64/64
A%+!
%n aent obtains information from a data source
H"!-B%/ I+*"'!i"+ G!$%'i+
,ost-based aents usually use system and ap
C"6i+i+ S"#'&%
4he oal of an aent is to provide the director w
Di'%&!"'
4he director itself reduces the incomin lo ent
N"!i*i%'
4he notifier accepts information from the direc