Scribd
Upload
8 views3 pages

qb

The document is a question bank for the Cryptography and Information Security course at B.N.M. Institute of Technology, covering various topics related to information systems, security protocols, and risk assessment. It includes questions on components of information systems, types of attacks, password security, social engineering, due care and diligence, firewalls, and biometric authentication. The questions aim to assess students' understanding of security measures and practices in technology applications.

Uploaded by

nimithbe
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views3 pages

qb

The document is a question bank for the Cryptography and Information Security course at B.N.M. Institute of Technology, covering various topics related to information systems, security protocols, and risk assessment. It includes questions on components of information systems, types of attacks, password security, social engineering, due care and diligence, firewalls, and biometric authentication. The questions aim to assess students' understanding of security measures and practices in technology applications.

Uploaded by

nimithbe
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

B.N.M.

Institute of Technology
An Autonomous Institution under VTU
DEPARTMENT: Information Science & Engineering

Question Bank Module 4

Semester: VI
Course Name: Cryptography and Information Security (21ISE161)

1. Enumerate and explain the various components of an Information System.


2. Briefly describe the Security System Development Life Cycle
3. Your team has developed a e-commerce application for the XYZ company selling shoes.
Identify the various attacks possible on this application
4. Discuss each of the major types of attacks used against controlled systems.
5. What are the types of password attacks? What can a systems administrator do to protect
against them?
6. Discuss the various social engineering attacks
7. Discuss some software development problems that result in software that is difficult or
impossible to deploy in a secure fashion have been identified as “deadly sins in software
security.”
8. What are the five essential criteria that a policy must meet to become enforceable?
9. What are the various types of force majeure? Which type might be of greatest concern to
an organization in Bangalore? Chennai? Mumbai? Kolkata?
10. What is the difference between law and ethics?
11. What are the primary examples of public law?
12. What are the five essential criteria that a policy must meet to become enforceable?
13. What is due care? Why should an organization make sure to exercise due care in its
usual course of operations?
14. How is due diligence different from due care? Why are both important?
15. What is a policy? How is it different from a law?
16. What are the three general categories of unethical and illegal behavior?
17. What is the best method for preventing an illegal or unethical activity?
18. What is intellectual property (IP)? Is it afforded the same protection in every country of
the world? What laws currently protect it in India
19. Of the information security organizations listed that have codes of ethics, which has
been established for the longest time? When was it founded?
20. Of the organizations listed that have codes of ethics, which is focused on auditing and
control?
B.N.M. Institute of Technology
An Autonomous Institution under VTU
DEPARTMENT: Information Science & Engineering

Question Bank Module 5

Semester: VI
Course Name: Cryptography and Information Security (21ISE161)

1. Explain the various threats that must be examined to assess its potential to endanger the
organization.
2. Briefly explain the risk assessment process.
3. What is access control, and what are the commonly used mechanisms for implementing
it?
4. Chalk out the process of deciding how to proceed with one of the five strategies.
5. How is an application layer firewall different from a packet-filtering firewall? Why is
an application layer firewall sometimes called a proxy server?
6. How is static filtering different from dynamic filtering of packets? Which is perceived
to offer improved security?
7. What is stateful inspection? How is state information maintained during a network
connection or transaction?
8. What is a circuit gateway, and how does it differ from the other forms of firewalls?
9. What special function does a cache server perform?
10. Explain the four common architectural implementations
11. Discuss the best practices for Firewalls
12. List the five generations of firewall technology. Which generations are still in common
use?
13. You are asked to develop an online university examination application, Identify the
various risk components.
14. With an example explain the various rule sets applied in firewalls.
15. What is a content filter? Where is it placed in the network to gain the best result for the
organization?
16. Enumerate and explain the different generations of firewall technology, and mention
which of these generations are still widely used today.
17. How can the effectiveness of different firewall rule sets be evaluated in terms of their
ability to balance security, performance, and user experience within varying network
environments? Explain with an example
18. What is a honeypot? How is it different from a honeynet?
19. How does a padded cell system differ from a honeypot?
20. What is network footprinting? What is network fingerprinting? How are they related?
21. What is a vulnerability scanner? Describe the types of vulnerability scanner
22. What kind of data and information can be found using a packet sniffer?
23. What is biometric authentication? What does the term biometric mean?
24. Discuss how vulnerability scanners and packet sniffers are used by network
administrators
25. Define biometric authentication and explain the different technologies used in
biometric authentication.
26. You are asked to develop an online university examination application, Identify the
various risk components.

You might also like