INFORMATION SECURITY END TERM EXAM 2018

 













Q Describe the main principles of information security.

Confidentiality: protecting information from unauthorized access.
Integrity: safeguarding the accuracy and completeness of information.
Availability: ensuring timely and reliable access to information.
Authenticity: verifying the identity of users and the validity of information.
Non-repudiation: preventing users from denying responsibility for their actions.


Q What is SET? How SET makes our transactions secure?
SET (Secure Electronic Transaction) is a protocol that ensures secure online credit and debit card transactions by authenticating cardholders and merchants, and providing secure channels for data transfer.
Q Differentiate among Worms, Viruses and Trojan Horses.

Worms, viruses, and Trojan horses are malicious software: Worms spread through networks and exploit vulnerabilities Viruses infect files and spread through downloads or sharing Trojan horses masquerade as legitimate software to deceive users and gain access to systems


Q Differentiate between data security and privacy.

Data security protects data from unauthorized access, while privacy protects personal information and regulates its collection, use, and disclosure.


Q ) List the four elements of an EDI. What is digital media forensics? Enlist various criteria for selection of Biometrics.

Four elements of EDI: Transmission protocol Message standards Translation software Data mapping and transformation
Digital media forensics is the process of collecting, analyzing, and preserving electronic evidence.

Criteria for biometric selection include accuracy, usability, acceptability, and resistance to fraud.


Q Types of VPNs


Remote Access VPN: Accessing a private network from a remote location via the internet.
Site-to-Site VPN: Connecting two or more different networks securely over the internet.
Cloud VPN: Cloud-based VPN services that provide secure connections to cloud resources.

MPLS VPN: VPN using Multiprotocol Label Switching to create virtual private networks over a shared infrastructure.



Q Discuss various modulation techniques. 

AM (Amplitude Modulation): Varying amplitude of the carrier wave with the signal. FM (Frequency Modulation): Varying frequency of the carrier wave with the signal. PM (Phase Modulation): Varying phase of the carrier wave with the signal.


Q Discuss functionality of TCP/IP layers.

 TCP/IP layers functionality:

Application layer: handles communication between applications.

Transport layer: provides reliable end-to-end data delivery, e.g., TCP and UDP protocols.

Network layer: manages the movement of data packets between devices, e.g., IP protocol.

Data link layer: organizes data bits into frames for transmission over physical networks, e.g., Ethernet protocol.

Physical layer: handles the physical transmission of data over the network medium.





Q Among the fundamental challenges in information security, discuss following

i) Define each of these terms: confidentiality, integrity, availability.


i) Confidentiality refers to keeping sensitive information protected and private from unauthorized access. Integrity refers to maintaining the accuracy and consistency of data over its entire lifecycle. Availability refers to ensuring that authorized users have access to information and resources when needed.

ii) Give a concrete example where confidentiality is more important than integrity.

A concrete example where confidentiality is more important than integrity could be protecting personal information such as social security numbers, credit card information, or medical records. While the information itself may not be altered, unauthorized access or disclosure could lead to identity theft or other harmful consequences.


iii) Give a concrete example where integrity is more important than confidentiality.

A concrete example where integrity is more important than confidentiality could be in financial transactions or accounting records. If data integrity is compromised, it could result in financial losses or inaccurate reporting, which could harm the organization's reputation.



iv) Give a concrete example where availability is the overriding concern.  

  A concrete example where availability is the overriding concern could be in emergency response systems or critical infrastructure systems, such as power grids. Ensuring that these systems are always available is critical to public safety and national security.




Q How do you classify information security risks across an organization?

Information security risks can be classified across an organization by conducting a risk assessment that identifies potential threats, vulnerabilities, and potential impacts. The risks can then be categorized based on the likelihood and potential impact of the risk, and then prioritized for mitigation efforts. Some common categories of information security risks include physical security, network security, data security, and human factors.


Q Discuss the various type of deliberate software attacks designed to damage, destroy or deny service to target systems?

Types of deliberate software attacks designed to damage, destroy, or deny service to target systems include: Denial of Service (DoS) attacks - Overwhelming target system with traffic to deny service to legitimate users
Distributed Denial of Service (DDoS) attacks - Attackers use a network of compromised computers to launch a coordinated attack on a target system
Malware attacks - Delivery of malicious software onto a system to compromise its security or damage its functionality
Password attacks - Attempts to guess or steal passwords to gain unauthorized access to a system
SQL injection attacks - Exploiting vulnerabilities in web applications to inject malicious SQL statements into a database



Q What are the various essential challenges in mobile security?

Essential challenges in mobile security include: Device theft or loss - Unsecured devices may result in data breaches and unauthorized access
Malware attacks - As mobile devices become increasingly popular, they are increasingly targeted by cybercriminals for malware attacks
Network security - Mobile devices are vulnerable to man-in-the-middle attacks when connecting to public Wi-Fi networks
App security - Malicious apps may be downloaded and installed on a device, compromising the device's security
Data protection - Personal and sensitive data can be accessed by unauthorized users if not protected properly.




Q What is Cyber forensics? Is ethical hacking part of the hacking? Justify your answer.
Cyber forensics is the process of collecting, analyzing and preserving electronic evidence in order to investigate and prevent cybercrime.

Ethical hacking is a type of hacking that is performed with the permission of the target organization to identify vulnerabilities and improve security. While ethical hacking involves some of the same techniques as hacking for malicious purposes, the intent is different and the goal is to improve security rather than cause harm.




Q Explain the various types of firewalls. Also discuss the design and implementation issues of firewall.


Firewalls are security devices that control traffic between networks by enforcing a set of rules. There are several types of firewalls, including packet filtering firewalls, stateful inspection firewalls, application firewalls, and next-generation firewalls. Design and implementation issues of firewalls include: Placement: Firewalls can be deployed at different locations in a network, such as at the perimeter or inside the network. The placement can affect the effectiveness of the firewall and the types of threats it can detect and block.
Rule configuration: Firewalls are configured with rules that determine what traffic is allowed or blocked. It is important to ensure that the rules are properly configured to avoid blocking legitimate traffic or allowing unauthorized access.
Performance: Firewalls can affect the performance of the network, especially when dealing with high volumes of traffic or complex rules. It is important to choose a firewall that can handle the expected traffic and provide adequate performance.
Management: Firewalls need to be managed to ensure they are up-to-date with the latest security patches and to monitor their effectiveness. This can involve monitoring logs, analyzing traffic, and updating rules.





Q Suppose that you have a message consisting of 1024 bits. Design a method that will extend a key that is 64 bits long into a string of 1024 bits, so that the resulting 1024 bits can be XORed with the message, just like a one-time pad. Is the resulting cipher as secure as a one-time pad? Is it possible for any such cipher to be as secure as a one-time pad?

To extend a 64-bit key into a 1024-bit key, we can use a key expansion function that repeatedly hashes the original key with a cryptographic hash function, such as SHA-256. The process can be repeated until a 1024-bit key is generated. The resulting 1024-bit key can then be XORed with the message to produce the cipher. However, the resulting cipher is not as secure as a one-time pad, as the one-time pad is theoretically unbreakable. Even if the key is random, expanding the key through a hash function introduces a potential weakness, as the hash function could be vulnerable to certain types of attacks. In general, any cipher that is not truly random and does not meet the requirements of a one-time pad will not be as secure.'



Q Explain the needs and various components of an IDs system.

An intrusion detection system (IDS) is an essential security measure that monitors network traffic and alerts administrators to any suspicious activities. The main needs of an IDS system are to detect and respond to threats, reduce the risk of data breaches, and ensure compliance with security regulations.

The components of an IDS system include:

Sensors: These are the devices that capture network traffic and other information, such as system logs and audit trails.

Analyzers: These are the software applications that analyze the captured information to identify potential security threats.

Alerting and Reporting: This component notifies the security team of potential security threats and generates reports on security events.

Central Management Console: This is the interface that provides administrators with a single point of control for managing and configuring the IDS system.

Response Mechanism: The IDS system should also have a response mechanism that can take immediate actions to mitigate any identified security threats.




Q What is an IDS? Why is intrusion monitoring and detection necessary? Explain three basic network attacks. IDS (Intrusion Detection System) is a security system that monitors and analyzes network traffic to identify signs of a potential security breach or attack. It can be classified into two types: Signature-based IDS and Anomaly-based IDS.
Intrusion monitoring and detection are necessary to identify and respond to security breaches or attacks, which can lead to data theft, system malfunction, or other harmful outcomes. Three basic network attacks are:
Denial of Service (DoS): An attack that overwhelms a system or network with traffic to make it unavailable.
Man-in-the-Middle (MitM): An attack where an attacker intercepts and alters communication between two parties to gain access to sensitive information.
Distributed Denial of Service (DDoS): An attack where multiple systems or networks are used to overwhelm a target system or network.


Q Differentiate between Routers, Switches, Bridges, and Gateways in terms of their functionality. Router: Connects multiple networks and routes data packets between them based on the network addresses in the packets.
Switch: Connects devices on a local network and forwards data packets to their destination based on the Media Access Control (MAC) address in the packets.
Bridge: Connects two network segments and forwards data packets between them based on the MAC address in the packets.
Gateway: Connects two networks that use different protocols or data formats and translates the data between them.




Q What is a biometric system? Explain its role in information security. A biometric system is a security system that uses biological characteristics such as fingerprints, facial recognition, iris or retina scanning, or voice recognition to verify the identity of an individual. The role of biometric systems in information security is to provide a more secure and convenient method of authentication than traditional methods such as passwords or PINs. Biometric systems can be used to control access to sensitive data or physical locations, and can be more difficult to forge or steal than traditional methods.



Q2. What is E-commerce? Discuss various concepts in the electronic payment system. E-commerce is the buying and selling of goods or services over the internet. Electronic payment systems allow customers to pay for goods or services online. There are several concepts in electronic payment systems, including:
Credit cards: Payment is made using a credit card and payment gateway. Debit cards: Payment is made using a debit card and payment gateway. E-wallets: Customers can store funds in a digital wallet and use it for online payments. Digital currencies: Payment is made using digital currencies such as Bitcoin or Ethereum. Mobile payments: Payment is made using a mobile device and mobile payment apps.




Q. Differentiate between public and private key cryptography. Explain the working of RSA and DES. Explain which of them is more secure and why?

Public key cryptography and private key cryptography are two encryption techniques used to secure data communication over the internet. Public key cryptography, also known as asymmetric cryptography, uses two keys- a public key for encryption and a private key for decryption. Private key cryptography, also known as symmetric cryptography, uses the same key for both encryption and decryption. RSA and DES are two popular cryptographic algorithms. RSA is an asymmetric key algorithm used for encryption and digital signature. It is based on the difficulty of factoring large prime numbers. The working of RSA involves generating two large prime numbers and computing their product. The product is made public and is used as the modulus for encryption. The public key is derived from the modulus and an encryption exponent, and the private key is derived from the prime factors of the modulus. DES is a symmetric key algorithm used for encryption. It uses a 56-bit key and a block cipher to encrypt data. The working of DES involves dividing the data into 64-bit blocks and encrypting each block using a 56-bit key. The key is used to encrypt and decrypt the data. RSA is considered more secure than DES because it uses an asymmetric key algorithm that is difficult to crack, whereas DES uses a symmetric key algorithm that is vulnerable to attacks. RSA is also used for digital signature and is widely used for secure communication over the internet. However, DES is still used for legacy systems and is considered secure if used with longer keys.



Q Write short note on: a) Design issues in Biometrics

Biometric systems can be prone to false positives (when an unauthorized user is incorrectly identified as authorized) or false negatives (when an authorized user is incorrectly identified as unauthorized). Other design issues include the need for user acceptance, the cost of implementation, and the accuracy and reliability of the biometric system b) Use of tunneling in VPN.

Tunneling is a technique used in VPN to encapsulate and encrypt data in a secure "tunnel" over an unsecured network such as the Internet.
Tunneling provides confidentiality, integrity and authenticity for the data being transmitted over the VPN.
Examples of tunneling protocols used in VPN include PPTP, L2TP, and OpenVPN.
c) Information security metrics.

Information security metrics are used to measure and evaluate the effectiveness of an organization's security program. Metrics can include things like number of security incidents, cost of security incidents, time to resolve security incidents, and level of compliance with security policies and standards. The selection of appropriate metrics should be driven by business objectives and should be aligned with the organization's overall risk management strategy.


Comments

Post a Comment

Popular posts from this blog

Wireless Communication MID TERM 2022

Image
 Note : questions may repeat from mid term examination so be prepared list various design issues for wireless network Wireless networks can have a number of design issues, including: Interference: Interference from other wireless networks and electronic devices can negatively impact the performance of a wireless network. Range: The range of a wireless network is limited and can be impacted by obstacles such as walls and furniture. Bandwidth: Wireless networks must share bandwidth with other devices on the same frequency, which can lead to congestion and slow speeds. Security: Wireless networks are inherently less secure than wired networks, as wireless signals can be intercepted more easily. Power Management: Wireless devices rely on batteries and need to be designed with power management in mind to conserve energy and extend battery life. Roaming: Roaming from one access point to another can cause connection issues and interruptions in network coverage. Handoff: The process...
Read more

Wireless Communication Important Notes

Image
  NOTE : Click on the image to see clear ! (Get Set Study) Wireless Communication Q. Evolution of mobile radio communication?                                    Q. FDMA, TDMA, CDMA Call Hand off Process Fading and its types GSM Architecture                               Communcation System Advatanges
Read more

Mobile Computing | Unit 3 & 4

Image
 GGSIPU | B.TECH | 8th Semester | Mobile Computing | Unit 3 & 4 Unit 3 a) Discuss Mobile IP. What are modifications in TCP for Mobile environment? Mobile IP is a protocol that allows mobile devices to maintain connectivity while moving across different networks. It enables seamless mobility by assigning a unique IP address to the mobile device, which remains constant regardless of its location within the network. Mobile IP consists of three main entities: the mobile node (MN), the home agent (HA), and the foreign agent (FA). The MN is the mobile device itself, while the HA and FA are network entities responsible for managing the movement of the MN. The HA acts as the anchor point for the MN and is responsible for maintaining its permanent IP address, known as the home address. Whenever the MN moves to a foreign network, it registers its temporary care-of address with the FA in that network. The FA then forwards packets destined for the MN to its current care-of address. Now,...
Read more