Reg. No.

Question Paper Code : BS2330

M.C.A. DEGREE EXAMINATION, AUGUST/SEPTEMBER 2017.

Elective

DMC 1977 — INFORMATION SECURITY

(Regulations 2009)

Time : Three hours Maximum : 100 marks

Answer ALL questions.

PART A — (10  2 = 20 marks)

1. What are the characteristics of information?

2. What is the need for information security?

3. What is risk?

4. What are the deliverables of risk assessment?

5. What is information security policy?

6. What are the constraints of ISO 17799?

7. What are the approaches of implementing firewall?

8. What is the need of IDS?

9. Define Cipher text.

10. What are the positions of security personnel in information security hierarchy?

PART B — (5  16 = 80 marks)

11. (a) (i) Explain the components of information system. (8)

(ii) Discuss the legal and ethical issues associated with the information
security. (8)

Or
 (b) (i) Explain the phases of security SDLC. (8)
(ii) Discuss the various types of threats to information. (8)

12. (a) Describe the process of risk identification and assessment of risks. (16)

Or
(b) Discuss the risk controlling strategies in detail. (16)

13. (a) (i) Discuss the various types of security policies. (8)
(ii) Describe the NIST models. (8)

Or
(b) (i) Briefly discuss the ISO 17799/BS7799. (8)
(ii) Explain the business continue planning. (8)

14. (a) Explain the various types of IDS. (16)

Or
(b) (i) Discuss the different types of firewall systems. (8)
(ii) Discuss the scanning and analysis tools. (8)

15. (a) (i) Explain the concept of digital signature. (8)

(ii) Describe the components of fire detection and response. (8)

Or
(b) (i) Explain the various access control devices. (8)
(ii) Discuss the criteria used for hiring the security personnel. (8)

––––––––––––––––––––––

2 BS2330