Scribd Logo
Hochladen

Willkommen bei Scribd!

  • IS Paper 3

    Hochgeladen von

    Nikhil Bagayatkar
    75 Ansichten1 Seite
    List the control against program threats. Explain Developmental and administrative control in detail. List the characteristics of a good firewall implementation. What can possibly prevent DOS attacks?

    Originalbeschreibung:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    List the control against program threats. Explain Developmental and administrative control in detail. List the characteristics of a good firewall implementation. What can possibly prevent DOS attacks?

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    75 Ansichten1 Seite

    IS Paper 3

    Hochgeladen von

    Nikhil Bagayatkar
    List the control against program threats. Explain Developmental and administrative control in detail. List the characteristics of a good firewall implementation. What can possibly prevent DOS attacks?

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 1

    (3 J10urs)

    Oues:ion ~~o.1 :s compulsory.


    AttemD! any four questions out of remaining.

    Q. i \a) .t:xpiain how every covert timing.channel can b~ transformed into an 10


    equivalent covert Storage channei. .
    (b) List the control against program threats. Explain Developmental and 10'
    administrative control in detail.
    .Q '2 (2) Discuss the similarities and differences between signature based IDS 10
    a.nd heuristic based IDS. What are the limitations of IDS?
    (b) .LisI major security threats dealt with eac.h level of OSI protocol 10

    :QJ (2.\ Lis! 2I1d explain various statistical inference attacks that are possible 1.0
    Of! Qztabases.
    Co) Discuss the design of multilevel secure databaseS":'" 10
    Q.4 (a) Explain in detail the steps in risk analysis. 10
    (b) Discuss any two techniques of memory ar.d address protection. 10
    Q.5 (a) What is the denial of service (DOS) attack? What is the meaning of 10
    the term 'Service' in DOS? What can possibly prevent DOS attacks?
    (b) Compare copper wire, microwave, optical fibre, infrared and radio 10
    frequeilcy wireless in their resistance to"passive and active
    wiretapping.
    Q.6 (a) List the characteristics of a good firewall implementation. What are 10
    the limitations of firewalls?
    (b) (i) Compare copyright, patent and Trade Secret Protection. 05
    (ii) Distinguish among Vu!nerability, threat and control. 05
    Q.7(a) What are the characteristics of a good security policy? 10
    (b) Patty workers as a programmer in a Corporation. David, her 10
    Supervisor, tells her to write a program to allow people to post
    entries directly to company's accoun~ing files. Patty knows that
    ordinarily programs that affect the accounting files involve several
    steps, all of which have to balance. Patty realizes that with the new
    program, it will be possible for one person to make changes to
    crucial 801ounts, and there will be no way to trace who made these
    changes, \vith what justification, or when. Patty raises these
    concerns to David, who tells her not to be concerned, that her job is
    simply to write the programs as he specifies. He says that he is
    aware of the potential misuse of these programs, but the justifies his
    request by noting that periodically a figure is mistakenly entered in
    the accounting files and the company needs a way to correct the
    inaccurate figure. This is an example where a person is asked to do
    fraudulent things. Discliss the ethical issues inv.olved in this case.
    l-,

    ~-

    Das könnte Ihnen auch gefallen