Académique Documents
Professionnel Documents
Culture Documents
1. What is security?
In general, security is defined as “the quality or state of being secure—to be free from
danger.” Security is often achieved by means of several strategies usually undertaken
simultaneously or used in combination with one another.
4. Define Confidentiality.
Confidentiality of information ensures that only those with sufficient privileges may access
certain information. When unauthorized individuals or systems can access information,
confidentiality is breached. To protect the confidentiality of information, a number of measures
are being used.
5. Define Integrity
Integrity is the quality or state of being whole, complete, and uncorrupted. The integrity of
information is threatened when it is exposed to corruption, damage, destruction, or other disruption
of its authentic state.
6. Define Availability
Availability is the characteristic of information that enables user access to information
without interference or obstruction and in a required format. A user in this definition may be either
a person or another computer system. Availability does not imply that the information is accessible
to any user; rather, it means availability to authorized users.
7. Define Privacy
The information that is collected, used, and stored by an organization is to be used only for
the purposes stated to the data owner at the time it was collected. This definition of privacy does
focus on freedom from observation (the meaning usually associated with the word), but rather
means that information will be used only in ways known to the person providing it.
8. Define Identification
An information system possesses the characteristic of identification when it is able to
recognize individual users. Identification and authentication are essential to establishing the level
of access or authorization that an individual is granted.
9. Define Authentication
Authentication occurs when a control provides proof that a user possesses the identity that
he or she claims.
1. Define Threats.
A threat is an object, person, or other entity, that represents a constant danger to an asset.
To protect an organization’s information, you must
1. Know yourself: (i.e) be familiar with the information to be protected, and the
systems that store, transport and process it.
2. Know the threats you face: To make sound decisions about information security,
management must be informed about the various threats facing the organization, its application,
data and information systems.
3. Define Virus.
Segments of code that performs malicious actions. Virus transmission is at the opening of
Email attachment files.
Macro virus: Embedded in automatically executing macrocode common in word
processors, spreadsheets and database applications.
Boot Virus: infects the key operating files located in the computer’s boot sector.
4. Define Worms.
A worm is a malicious program that replicates itself constantly, without requiring another
program to provide a safe environment for replication. Worms can continue replicating themselves
until they completely fill available resources, such as memory, hard drive space, and network
bandwidth. Eg: MS-Blaster, MyDoom, Netsky, are multifaceted attack worms.
5. Define Trojan Horses.
Are software programs that hide their true nature and reveal their designed behavior when
activated.
7. Define Polymorphism.
A Polymorphic threat is one that changes its apparent shape over time, making it
undetectable by techniques that look for preconfigured signatures. These viruses and Worms
actually evolve, changing their size, and appearance to elude detection by antivirus software
programs.
7. Define Transference.
Transference is the control approach that attempts to shift the risk to other assets, other
processes, or other organizations.
8. Define Mitigation.
It is the control approach that attempts to reduce the impact caused by the exploitation of
vulnerability through planning & preparation. Mitigation begins with the early detection that an
attack is in progress and the ability of the organization to respond quickly, efficiently and
effectively. Includes 3 types of plans.
Incident response plan (IRP) -Actions to take while incident is in progress
Disaster recovery plan (DRP) - Most common mitigation procedure.
Business continuity plan (BCP) - Continuation of business activities if
catastrophic event occurs.
1. Define policy?
The course of action used by organization to convey instructions from management to those
who perform duties. Policies are organizational laws. For a policy to be effective, it must be
properly disseminated, read, understood, and agreed to by all members of organization and
uniformly enforced.
17. What are the primary functions of various plans in continuity strategies?
IRP focuses on immediate response; if attack escalates or is disastrous, process changes to
disaster recovery and BCP. DRP typically focuses on restoring systems after disasters occur; as
such, is closely associated with BCP. BCP occurs concurrently with DRP when damage is major
or long term, requiring more than simple restoration of information and information resources.
1. What is IDS?
An intrusion detection system (IDS) is a type of security software designed to automatically
alert administrators when someone or something is trying to compromise information system
through malicious activities or through security policy violations.
1. What is Stack?
Stack is a linear and static data structure. Stack is an ordered collection of elements in
which insertion and deletion of elements is performed at only one end called Top. Initial condition
of the stack Top=-1. It is otherwise called as LIFO (Last In First Out).
5. What are the conditions that should be satisfied in the matching of nested parenthesis?
Matching of nested parenthesis should satisfy the following two conditions:
i. Number of opening parenthesis should be equal to the number of closing
parenthesis.
ii. The closing parenthesis should be preceded by the matching opening parenthesis.
8. Define degree?
The degree of a node is referred as the number of sub-trees of a particular node. Example:
Degree of A, B, C, D are 2. Degree of F and G is 1 and Degree of H, I, E, J, K are 0.
9. Define height of the node and tree?
The height of a node is the length of the longest downward path between the node and a
leaf. The height of a tree is the length of the longest downward path between the root and a leaf.
4. Which data structures are applied when dealing with a recursive function?
Recursion, is a function that calls itself based on a terminating condition, makes use of the
stack. Using LIFO, a call to a recursive function saves the return address so that it knows how to
return to the calling function after the call terminates.
14. What are the various operations that can be performed on different Data Structures?
Insertion: Add a new data item in the given collection of data items.
Deletion: Delete an existing data item from the given collection of data items.
Traversal: Access each data item exactly once so that it can be processed.
Searching: Find out the location of the data item if it exists in the given collection of
data items.
Sorting: Arranging the data items in some order i.e. in ascending or descending order
in case of numerical data and in dictionary order in case of alphanumeric data.
15. How is an Array different from Linked List?
The size of the arrays is fixed, Linked Lists are Dynamic in size.
Inserting and deleting a new element in an array of elements is expensive, whereas both
insertion and deletion can easily be done in Linked Lists.
Random access is not allowed in Linked Listed.
Applications of Stack:
Infix to Postfix Conversion using Stack
Evaluation of Postfix Expression
Reverse a String using Stack
.19. What are the two main classification of sorting based on the source of data?
According to the source of data sorting is classified into, a. External sorting b. Internal
sorting
16. How can you create minimum spanning tree using prim’s algorithm?
In Prim’s algorithm, for creating minimum spanning tree, start with any node and include
the other node in the spanning tree, on the basis of its weight of their edges connected to that node,
and move on until it includes all the n vertices are connected by n-1 edges. The resulting tree
contains all the vertices present in the given graph, such that the weight of the edges in the resulting
tree is minimum. The tree produced by the above algorithm, is the minimum spanning tree.
17. How can you create minimum spanning tree using Kruskal’s algorithm?
In Kruskal’s algorithm, for creating minimum spanning tree, sort the edges in the graph on
increasing order by its weight. Take the first edge from the ordered list and add the source vertex
to form a tree. Check whether the destination vertex to the tree. If it already exists, move to the
next edge in the ordered list. Repeat the steps until the tree contains all the n vertices. The tree
produced by the above algorithm, is the minimum spanning tree.
9. Define a record.
It is a collection of related fields that can be treated as a unit from an applications point of
view. For example,: A university could use a student‟s record with the fields, university enrolment
no., name, major subjects.