INFORMATION SECURITY (241207) QUESTION BANK

UNIT I 2 MARKS
1. What are the basic components of computer security? 2. Differentiate data and origin integrity. 3. Define masquerading and snooping. 4. What is denial of service? 5. Differentiate security policy and security mechanism. 6. How trust is measured? 7. What is the protection state of a system? 8. What are the two methods of providing access control? 9. Differentiate copy and own right. 10. What is the principle of attenuation of privilege? 11. What is secure system? 12. Define commercial security policy. 13. Define IBAC. 14. How access constraints are provided by the high level policy languages? 15. What is the condition for two distinct protection mechanisms to be precise? 16. What is simple security condition? 17. What is * - property? 18. Define the relation dom. 19. What is information transfer path? 20. What is ring policy? 21. What are the different categories available in Lipners full model? 22. Define allowed relations. 23. Compare Clark-Wilson integrity model with Biba model. 24. Define COI. 25. Compare Bell-LaPadula and Chinese wall models. 26. What is confinement pricinple? 27. What is aggregation principle? 28. What is ORCON? 29. Define RBAC. 30. Define rule of role authorization.

8 MARKS AND 16 MARKS

1. 2. 3. 4. 5. 6. 7. 8. How Cost-Benefit analysis is done? Write short notes on access control matrix. What are the policy languages? Explain. Explain Bell-LaPadula model with an example. Explain Lipners method of applying integrity policies. Describe Clark-Wilson integrity model. Explain the different principles followed by CISS. Explain Chinese wall model formally.

UNIT II 2 MARKS
1. What is cryptography? 2. Differentiate transposition and substitution ciphers. 3. What is one-time pad? 4. What is the size of the key in DES? 5. What is differential cryptanalysis? 6. What is self-healing property? 7. What are the conditions to be satisfied by public key cryptosystem? 8. What is strong hash function? 9. What is pigeonhole principle? 10. Define HMAC. 11. Differentiate session key and interchange key. 12. Define ticket. 13. How random numbers are generated? 14. What is strong mixing function? 15. Define certificate. 16. What is cross-certification. Give example. 17. What is key escrow system? 18. What is certificate revocation list? 19. State the different public key signatures. 20. What is digital signature? 21. Differentiate stream and block ciphers. 22. What are self-synchronous stream ciphers? 23. State the use of multiple encryptions. 24. What is SSL record protocol? 25. Define SA bundle.

8 MARKS AND 16 MARKS

1. 2. 3. 4. 5. 6. 7. 8. Explain DES with neat diagrams. Explain Diffie-Hellman key exchange. How key exchange is made using Kerberos protocol? What are the different cryptographic key infrastructures? Explain. Explain key escrow system in detail. Write short notes on digital signatures. Explain stream and block ciphers with an example. Explain how security is achieved at the transport layer?

UNIT III 2 MARKS

1. What is principle of complete mediation? 2. Define principle of separation of privilege. 3. Define principle of psychological acceptability. 4. How files objects are represented? 5. Define CA issuance policy. 6. Expand IPRA. 7. What are the conflicts in naming certificates? 8. What is the difference between static and dynamic identifiers? 9. What is cookie? 10. Define pseudo-anonymous remailer? 11. What is the drawback of anonymity on the web? 12. Define abbreviations of ACLs. 13. Define ACLs. 14. Define Capability lists. 15. Do the ACLs apply to privileged users? 16. How rights are revocated? 17. What is the default permission of ACL? 18. What are the limits of capabilities? 19. Compare ACL and capabilities. 20. How type checking is done? 21. Define (t,n) - threshold scheme. 22. What is PACL? 23. What is confinement flow model? 24. Define quasi-ordered set. 25. What is transitive information flow policy? 26. What are certified statements?

27. What is the syntax of conditional statements? 28. Define virtual machine. 29. What is sandbox? 30. Differentiate noiseless and noisy covert channel. 31. Define covert flow tree.

8 MARKS AND 16 MARKS

1. 2. 3. 4. 5. 6. Explain the design principles of security mechanisms. Write short notes on anonymity on the web. Explain how conflicts are resolved in naming certificates? Explain. Explain how ACLs are maintained? Write short notes on capabilities. Describe the compiler based mechanisms and demonstrate how the information flows? 7. Explain the methodologies to detect covert channels.

UNIT IV 2 MARKS
1. What is malicious logic? 2. Define Trojan horse. 3. What is computer virus? 4. What is boot sector infector? 5. Define executable infectors. 6. What are encrypted viruses? 7. Differentiate computer virus and computer worm. 8. How malicious logic assumes the identity of the user? 9. What is PCC? 10. Define exploitation of vulnerability. 11. How flaw testing is done? 12. What are the two security flaws? 13. Expand RISOS. 14. When incomplete parameter validation occurs? 15. Differentiate coding faults and emergent faults. 16. Define logging and auditing. 17. What is transition-based logging mechanism? 18. What is anomaly detection? 19. What is system trace? 20. What is the use of DIDS? 21. What are decoy servers?

8 MARKS AND 16 MARKS

1. 2. 3. 4. 5. 6. 7. 8. Explain the different types of computer viruses. Describe flaw hypothesis methodologies in detail. Describe how Windows NT System can be penetrated? Describe protection analysis model in detail. Explain about the design and implementation issues of auditing system. Describe the logging and auditing file system in detail. Describe the architecture of IDS in detail with neat diagrams. How IDS can be organized and how it can be handled?

UNIT V 2 MARKS
1. What is DMZ? 2. What is the difference between firewall and proxy? 3. What procedural mechanisms should be in place to hinder the execution of computer worms and viruses that are not caught by the antivirus filters? 4. Define shoulder surfing. 5. Define carrier drop. 6. What is the advantage and disadvantage of group access? 7. What is direct alias? 8. Define smart terminal. 9. Define search path. 10. What are the requirements of program security? 11. Define overlaying. 12. How will you check for valid and invalid data? 13. What are defined as boundary data tests? 14. Define random tests data? 15. What are called error handling tests?

8 MARKS AND 16 MARKS

1. 2. 3. 4. Explain the organization of networks in detail. Write short notes on DMZ. Describe System security in detail. How access is protected to the user accounts? Explain.

5. How programs can be secured efficiently? Explain in detail