MANAKULA VINAYAGAR INSTITUTE OF TECHNOLOGY

DEPARTMENT OF INFORMATION TECHNOLOGY

PART-A QUESTION BANK

BATCH: 2010 – 2014 YEAR: III SEM VI

INFORMATION SECURITY

UNIT-1

1. Define Information Security?

Information Security is the protection of information and its critical elements, including the systems and hardware that use, store and transmit that information. The various forms are,

Internet Security Computer Security Network Security

2. Define Threat?

A potential for violation of security, which exists when there is a circumstances, capability, action or event that could breach security and cause harm. That is a possible danger that might exploit vulnerability.

3. Define Attack?

An assault on system security that derives from an intelligent threat that is an intelligent act and a deliberate attempt to evade security services and violate the security policy of a system.

4. List the types of Attack?

Passive Attack Active Attack

5. List the type of Passive Attack?

Release of message content Traffic Analysis

6. List the type of Active Attack?

Masquerade Replay

Modification of message Denial of service

7. Define Replay?

Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.

8. Define Denial of service?

The Denial of service prevents or inhibits the normal use or management of communication facilities. This attack may suppress all messages directed to a particular destination .Eg. Security audit service

9. Define data integrity?

A variety of mechanism used to assure integrity of a data unit or stream of data unit.

10. Define digital signature?

Data appended to or a cryptographic transformation of a data unit that allows a recipient of a data unit to prove source and integrity of data unit and protect against forgery example by recipient.

11. Define laws and ethics?

Laws are rule that mandate or prohibit certain behaviour in society .Ethics defines socially acceptable behaviour.

12. List type of laws in information security?

Private law Public law

13. Define policies?

Policies are a body of expectation that describe acceptable and unacceptable employee behaviour in workplace.

14. List type of unethical and illegal behaviour?

Ignorance

Accident Intent

15. Define deterrence?

Deterrence is best method for preventing an illegal or unethical activity. Laws policies and technical control are examples of deterrence. Laws and policies and associated penalties only deter if three conditions are present

1. Fear of penalty 2. Probability of being caught3. Probability of penalty being administered

16. Define liability?

Liability is the legal obligation of an entity that extends beyond criminal or contract law.

17. Define due diligence?

Due diligence requires that an organisation make a valid effort to protect others and continually maintain this level of effort.

18. Define SDLC?

SDLC is methodology for design and implementation of an information system in an organisation.

19. Define due care?

Due care has been taken when an organisation make sure that every employees knows what is acceptable or unacceptable behaviour and knows the consequence of illegal or unethical actions.

20. What are phases in SDLC?

Investigation Analysis Logical design Physical design Implementation Maintenance

21. Define methodology

A methodology is a formal approach to solving a problem based on structured sequence of procedure.

UNIT-2

1. Define Risk Management?

The formal process of identifying and controlling the risks facing an organisation is called risk management.

2. What is Risk Identification?

Risk Identification, is the process of examining and documenting the security posture of an organisation’s information technology and the risk it faces.

3. What is Risk Assessment?

Risk Assessment is the documentation of the results of the risk identification.

4. Define Risk Control?

Risk control is the process of applying controls to reduce the risks to an organisation’s data and information system.

5. What are the components of an Information System?

People Procedures Data Software Hardware

6. Define Likelihood?

Likelihood is the probability that a specific vulnerability within an organisation will be successfully attacked.

7. What is meant by Residual Risk?

Residual Risk is the risk remains to the information asset even after the existing control has been applied.

8. Define Risk.

Risk is the likelihood of the occurrence of a vulnerability multiplied by the value of the information asset minus the percentage of risk mitigated by current controls plus the uncertainty of current knowledge of the vulnerability.

9. What are the Risk Control Strategies?

Avoidance Transference Mitigation Acceptance

10. What is meant by Avoidance?

Avoidance is the risk control strategy that attempts to prevent the exploitation of the vulnerability.

11. Define Transference?

Transference is the control approach that attempts to shift the risk to other assets, other processes or other organisations.

12. Define Mitigation?

Mitigation is the control approach that attempts to reduce caused by the exploitation of vulnerability through planning and preparation .This approach induces three types of plans

Incident Response Plan(IRP) Disaster Recovery Plan(DRP) Business Continuity Plan(BCP)

13. Define Acceptance?

Acceptance of risk is the choice to do nothing to protect vulnerability and to accept the outcome of its exploitation

14. What is meant by Benefit?

Benefit is the value that an organisation realizes by using controls to prevent losses associated with specific vulnerabilities.

15. What is Asset Valuation?

Asset Valuation is the process of assigning financial value or worth to each information asset.

16. Define Bench Marking?

Bench marking is the process of seeking out and studying the practises used in the organisation that produces results you would like to duplicate in your organisation.

17. What are categories of Bench Marks?

Two categories of Bench Marks used are

Standard of due care and due diligence Best practise

18. Define a Policy?

A policy is a plan or course of action used by an organisation to convey instructions from its senior most management to those who make decisions, take actions, and perform other duties on behalf of the organisations.

19. Define a Standard?

Standard are more detailed statements of what must be done to comply with policy.

The level of acceptance of standards may be informed , as in de facto standard

The standards may be published ,and ratified by a group , as informed or de jure standards

20. What is information security policy?

An information security policy provides rules for the protection of the information assets of the organisation

General or security program policies Issue-specific security policies

21. What is security Blueprint?

The security Blueprint is the basis for the design, selection, and implementation of all security policies, education and training programs, and technological controls.

22. What is security Framework?

The security framework is an outline of the overall information security strategy for the organisation and a road map for planned changes to the information security environment of the organisation.

23. Define IDSs?

Intrusion Detection System (IDSs) is implemented to detect unauthorized activity within the inner network or individual machines of an organisation.

24. List the types of IDSs?

Host-Based IDSs: They are usually on the machines they protect to monitor the status of various files stored on those machines.

Network-Based IDSs: It looks at patterns of network traffic and attempt to detect unusual activity based on previous baselines.

25. What is security perimeter?

A security perimeter defines the edges between the outer limit of an organisation’s security and the beginning of outside world.

26. What is firewall?

A firewall is a device that selectively discriminate against information flowing into or out of the organisation .A firewall is usually a computing device, or a specially configured computer that allows or a prevents information from entering or existing the defined area based on a set of predefined rules.

UNIT-3

1. Define IDSs?Intrusion Detection System (IDSs) is implemented to detect unauthorized activity within the inner network or individual machines of an organisation.

The types of IDSs are

Host-Based IDSs: They are usually on the machines they protect to monitor the status of various files stored on those machines.

Network-Based IDSs: It looks at patterns of network traffic and attempt to detect unusual activity based on previous baselines.

2. List three classes of intruders? Masquerade Misfeasor Clandestine user

3. List the two approaches of intruders?

Statistical anomaly detection Rule-based detection

4. Define Statistical anomaly detection?

It involves the collection of data relating to the behaviour of legitimate uses over a period of time. Then statistical test are applied to observed behaviour to determine with the high level of confidence whether that behaviour is not legitimate user behaviour.

5. Define rule based detection?

It involves the attempt to define the set of rules that can be used to decide that given behaviour is that of an intruder.

6. Define audit record and it types?

A fundamental tool for intrusion detection is the audit record and its types are

Native audit records. Detection-specific audit records.

7. Define honey pots?

A relatively recent innovation in intrusion detection technology is the honeypot. Honeypots are decoy system that is designed to lure a potential attacker away from critical system.

8. Define malicious program?

Malicious software is the software that intentionally included or inserted in a system for harmful purpose.

9. Define logic bomb?

One of the oldest types of program threat, predating viruses and worms is the logic bomb. The logic bomb is code embedded in some legitimate program that is set to explode when certain conditions are met.

10. Define Trojan horses?

A Trojan horses is useful or apparently useful, program or command procedure containing hidden code that, when invoked, perform some unwanted or harmful function.

11. Define viruses and mention its phases?

A virus is a piece of software that can “infect” other programs by modifying them; the modification includes the copy of a virus program which can then go on to infect other programs. A typical virus goes through the four phases,

Dormant phase Propagation phase Triggering phase Execution phase

12. Define firewalls.

A firewall is a device that selectively discriminate against information flowing into or out of the organisation .A firewall is usually a computing device, or a specially configured computer that allows or a

prevents information from entering or existing the defined area based on a set of predefined rules.

13. List the types of viruses.

Parasitic virus Memory-resident virus Boot sector virus Stealth virus. Polymorphic virus Metamorphic virus

14. Define denial of service.

Denial of service attack is an attempt to prevent legitimate users of a service from using that service.

15. List the types of firewalls.

Packet-filtering router. Application-level gateway. Circuit level gateway.

16. What do you mean by Content filter?

A Content Filter is a software filter that allows a administrator to restricts access to content within a network. It is also known as reverse firewalls.

17. What are Port scanners?

Port Scanners are tools used by attackers and defenders to identify the computers that are active on a network, ports and services active on those computers.

18. Define a packet sniffer.

A packet sniffer is a network tool that collects and copies of packets from the network and analyzes them

19. What is Active and Passive Vulnerability scanners?

Active Vulnerability scanners initiates’ traffic on the network in order to determine security holes. It scans networks for highly detailed information.

A passive vulnerability scanner is one that listens in on the network and determines vulnerable versions of both server and client software.

UNIT-4

1. Define AES?

AES is a block cipher intended to replace DES for commercial application. It uses a 128-bit block size and key size of 128,192 or 256 bits

2. What is Public key Crypto- system?

A Public key encryption has the following components

Plain text Encryption algorithm Public and Private key Cipher text Decryption algorithm

3. Difference between conventional encryption and public key encryption?

CONVENTIONAL ENCRYPTION PUBLIC KEY ENCRYPTION1. The sender and receiver must

share the algorithm and key2. The key must be kept secret

1.The sender and receiver must each have one of the matched pair of keys2.One of two keys must be kept secret

4. What are the applications for public key cryptosystem?

1. Encryption or decryption

2. Digital signature

3. Key exchange

5. Define RSA algorithm?

The RSA scheme is block cipher in which the plaintext and ciphertext are integer between 0 and n-1 for some n.

6. Define message authentication?

It is a mechanism or services used to verify the integrity of the message .It assures that the data received are exactly as send by and that the purported identity of sender is valid

7. Define MAC?

A MAC is an algorithm that requires the use of a secret key. A MAC takes a variable length message under secret key is input and produces a fixed length authentication code which serves as authenticator.

MAC = Ck (M)

8. Define hash function?

A public function that maps a message of any length into a fixed length hash value, which serves as authenticator.

h = H (M)

9. Define digital signature?

A digital signature is an authentication mechanism that enables the creator of a message to attach a code that act as a signature.

10. What are Public key certificates?

Public key certificates are used by the participants to exchange keys without contacting a public Key authority.

11. What are the types of digital Signatures?

Direct digital Signatures Arbitrated digital Signatures

12. Mention the various authentication functions.

Message Encryption Message Authentication Code Hash function

13. State the properties of digital Signatures.

It must be a bit pattern that depends on the message being sent It uses unique information to the sender. Eg. Time Stamp

Unit – V – Biometrics

1. What is Biometrics?Biometrics refers to automated methods of authentication based on physical or behavioural characteristics of an individual.

2. What are the advantages of Biometrics? Convenient Authentication Decreased Costs. Risk is reduced.

3. Mention the elements of Biometric system. Data acquisition Transmission channel Signal processing Decision policy Enrollment

4. What are the various types of biometrics? Fingerprint and Hand geometry Facial and voice recognition. Eye Biometrics – Iris and Retina scanning Signature Recognition and Key stroke Dynamics

5. Define minutia.A friction ridge characteristic that are used to individualize the finger print is known as minutia.

6. Define Robustness.Robustness refers to the ability of a particular biometric to be repeatedly presented over time to the biometric system for successful automated measurement.

7. What is distinctiveness?Distinctiveness refers to the ability of a person’s particular biometric to be different from others and the difference can be measured.

8. What are the three levels of finger print matching? Galton level – Overall appearance of the finger print Friction ridge detail and path Individual ridge details

9. What is Segmentation?Segmentation is the process of separating relevant biometric data from background information.

10. Define Enrollment.Enrollment is the procedure in which a data subject presents one or more biometric samples for processing into an acceptable template for future matching.

11. What do you mean by Fingerprint biometrics?Fingerprint biometrics is the impressions of the papillary or friction edges on the surfaces of the hand.

12.Mention the Applications of hand geometry. Access control Time and Attendance Metering Resource use

13.How do you recognise Iris?Iris recognition uses a near infra red light and is designed to operate with cooperative subjects at close range.

14.What is Retina biometrics?Retina biometrics distinguishes individuals by using the patterns of veins occurring in the back of the eye.

15.What is Signature verification? Signature verification uses a digitizing tablet to record signatures electronically including a full trace of how the signature was produced.

16.What is Vein pattern biometrics?Vein pattern biometrics relies on measurement of the vascular pattern made by blood vessels on the back of the hand.

17.Define Facial thermography.Facial thermography refers to the patterns of facial heat caused by the distinction flow of blood under the skin.

18.What is DNA?DNA, Deoxyribonucleic acid carries the genetic information of a cell and encodes the information to form proteins.

19. What is Hand grip biometric? Hand grip biometric is premised on the notion that each individual has a distinctive grip.

20. Define gait.A person’s gait derives from his or her physical build and body weight and a distinctive walk.