Académique Documents
Professionnel Documents
Culture Documents
UNIT I 2 MARKS
1. What are the basic components of computer security? 2. Differentiate data and origin integrity. 3. Define masquerading and snooping. 4. What is denial of service? 5. Differentiate security policy and security mechanism. 6. How trust is measured? 7. What is the protection state of a system? 8. What are the two methods of providing access control? 9. Differentiate copy and own right. 10. What is the principle of attenuation of privilege? 11. What is secure system? 12. Define commercial security policy. 13. Define IBAC. 14. How access constraints are provided by the high level policy languages? 15. What is the condition for two distinct protection mechanisms to be precise? 16. What is simple security condition? 17. What is * - property? 18. Define the relation dom. 19. What is information transfer path? 20. What is ring policy? 21. What are the different categories available in Lipners full model? 22. Define allowed relations. 23. Compare Clark-Wilson integrity model with Biba model. 24. Define COI. 25. Compare Bell-LaPadula and Chinese wall models. 26. What is confinement pricinple? 27. What is aggregation principle? 28. What is ORCON? 29. Define RBAC. 30. Define rule of role authorization.
UNIT II 2 MARKS
1. What is cryptography? 2. Differentiate transposition and substitution ciphers. 3. What is one-time pad? 4. What is the size of the key in DES? 5. What is differential cryptanalysis? 6. What is self-healing property? 7. What are the conditions to be satisfied by public key cryptosystem? 8. What is strong hash function? 9. What is pigeonhole principle? 10. Define HMAC. 11. Differentiate session key and interchange key. 12. Define ticket. 13. How random numbers are generated? 14. What is strong mixing function? 15. Define certificate. 16. What is cross-certification. Give example. 17. What is key escrow system? 18. What is certificate revocation list? 19. State the different public key signatures. 20. What is digital signature? 21. Differentiate stream and block ciphers. 22. What are self-synchronous stream ciphers? 23. State the use of multiple encryptions. 24. What is SSL record protocol? 25. Define SA bundle.
27. What is the syntax of conditional statements? 28. Define virtual machine. 29. What is sandbox? 30. Differentiate noiseless and noisy covert channel. 31. Define covert flow tree.
UNIT IV 2 MARKS
1. What is malicious logic? 2. Define Trojan horse. 3. What is computer virus? 4. What is boot sector infector? 5. Define executable infectors. 6. What are encrypted viruses? 7. Differentiate computer virus and computer worm. 8. How malicious logic assumes the identity of the user? 9. What is PCC? 10. Define exploitation of vulnerability. 11. How flaw testing is done? 12. What are the two security flaws? 13. Expand RISOS. 14. When incomplete parameter validation occurs? 15. Differentiate coding faults and emergent faults. 16. Define logging and auditing. 17. What is transition-based logging mechanism? 18. What is anomaly detection? 19. What is system trace? 20. What is the use of DIDS? 21. What are decoy servers?
UNIT V 2 MARKS
1. What is DMZ? 2. What is the difference between firewall and proxy? 3. What procedural mechanisms should be in place to hinder the execution of computer worms and viruses that are not caught by the antivirus filters? 4. Define shoulder surfing. 5. Define carrier drop. 6. What is the advantage and disadvantage of group access? 7. What is direct alias? 8. Define smart terminal. 9. Define search path. 10. What are the requirements of program security? 11. Define overlaying. 12. How will you check for valid and invalid data? 13. What are defined as boundary data tests? 14. Define random tests data? 15. What are called error handling tests?