DOEACC Society

CERTIFICATION SCHEME IN INFORMATION SECURITY (LEVEL-1)

CERTIFIED SYSTEM SECURITY ANALYST (CSSA) December 2010 Examination

Model Question paper 1
Note
1. 2. There are two parts in this paper. PART ONE is objective and PART TWO is descriptive type. MAXIMUM MARKS: 100 (PART ONE-50; PART TWO-50) PART-ONE (OBJECTIVE TYPE) Answer all Questions in part one Q.1 Fill in the Blanks (1 mark x 10) 1) _________________ means a person who is intended by the originator to receive the electronic record but does not includes any intermediary. 2) __________________ means a person who has been granted a license to issue a digital signature under section 24 of the I.T. Act. 3) __________________ means an algorithm mapping or transformation of one sequence of bits into another. 4) The control government shall by notification, establish one or more appellate tribunal to be known as the__________________________. 5) According to the national research councils computers at RISK, published in 1991, the three security related need are___________________________. 6) Risk management involves assessing IT resources in terms of potential threats & _______. 7) A_____________________ is some one who hack code. 8) ___________is the term that truly defines the mischievous & some time destructive person. 9) ______________________firewall works at the packet level. 10) _______________________servers allow indirect internet access through the firewall. Q.2 State True or False, Write Correct answer (T/F) in Bracket [ ] only (1 mark x 10) 1) Exercising supervision over the activities of the certifying authorities is a function of controller. [] 2) There is no penalty as per the IT ACT 2000 to person who disrupts or causes disruption of any computer, computer system or computer network. [] 3) Indian evidence ACT 1872 is amended due to the IT ACT 2000. [] 4) RSA is one of the cryptography algorithms. [] 5) The program level policy should establish individual Employee accountability. [] 6) Proxy Server does not always allow internet sharing in an intranet. [] 7) IP or filtering firewalls can block all but selected network traffic. [] 8) The Passwd file can be created with a utility called htpasswd. [] 9) The NCSA servers can be configured for password authentication on a directory basis only. [] 10) The general feeling in the security community is that the larger the program, the less likely to leave bugs [] Q.3 Match the followings with best possible matches. Write the matching Sr. No of column A in bracket [ ] of column B only: (1 markX10)

TOTAL TIME: 3Hours

a) b) c) d) e) f) g) i) j) k)

Column A IP Address Counter SNMP Baud Rate Network Monitoring Device Microsoft tool for network Firewall Router RMON SNMP Data type

Column B [ ] the number of octet received at network [ ] Net watcher [ ] Protocol Analyzer [ ] Expressed as four octet [ ] Network Management Protocol [ ] Network Security Monitoring [ ] ASN 1 [ ] Modem speed [ ] Remote Monitoring Tool [ ] WAN (1 mark x 10)

Q.4 Multiple Choice Questions; Tick the best answer 1. Components of program level policy a) Purpose b) Scope c) Goal d) All of above Which of the following might be an SNMP network agent? a) Workstation b) router c) Hub d) all of the above e) Only b and c

2.

3.

A SNMP network agent gathers information to store in a) Buffers b) a Management Information Base(MIB) c) a cache d) an SQL Server database defined by the network manager You want to determine the number of broadcasts from networked servers and workstations on a Microsoft-based network. Which of the following tools would give that information? a) Microsoft Network Monitor b) Cable scanner c) Time domain reflectometer d) all of the above e) Only a and c What software is necessary to enable a Microsoft NT Workstation to gather data about TCP/IP traffic on a network? a) Performance Monitor b) SNMP service c) IPX Agent d) SNMP Monitor You manage three networks in three neighboring cities and want to monitor performance on all three networks from one location. Which of the following would you use? a) Intranet monitor b) Net Watcher c) Common Management Interface Protocol (CMIP) d)Remote Networking Monitoring(RMON) Ethereal is a a) Firewall c) Sniffer

4.

5.

6.

7.

b) Protocol Analyzer d) Anti virus

8.

Once installed Network Monitor Agent enables network data to be gathered: a) Through a NIC b) Through the Session layer of the OSI model c) By sending repeated tracer signals throughout the network. d) Through a customized network cable attachment interface Bastille is a a) Sniffer c) Protocol

9.

b) Firewall d) Hardening tool

10.

The performance monitor runs from which of the following: a) Windows NT Workstation b) Windows NT Server c) Windows 95 d) All of the above e) Only a and b (1 mark x 10)

Q.5 Multiple Choice Questions; Tick the best answer 1.

A workstation in a ______________domain can access servers and printers in a different domain. a) Trusted b) trusting c) Reciprocal d) reciprocating Which of following is not an NT Server administrative wizard? a) Add Printer b) Install New Modem c) License Compliance d) Network Protocol Configuration Filters are used to help a) Install software c) Capture network events

2.

3.

b) set up initialization files. d) build GUI representations of networks

4.

Internet Information Server can limit access to a Web site by a)IP address b) subnet mask c) Workstation location d) all of the above e) only a and b Which tool would you use to remotely run a users workstation to diagnose a problem? a) Network Monitor b) System Management Server c) Client Administration Wizard d) User Manager for Domains Microsoft domain management a) Always centralizes network management b) Enables centralized or decentralized network management c) Always decentralizes network management d) Does not affect network management techniques Which network tool can inventory how many workstations have word processing software? a) Network Monitor b) System Management Server c) Event Viewer d) protocol analyzer What tool would you use to add a new NT server to an existing Microsoft Domain? a)Open View b) User Manager for Domains c) Server Manager d) Domain Wizard Where might you find out if a server is running low on disk space? a) Network Monitor b) Event Viewer c) Server Manager d) all of the above e) Only a and b Microsofts remote administration can be run from a)MS-DOS b) Windows for Workgroups c) Windows NT d) all of the above e)only b and c PART-II: SUBJECTIVE TYPE

5.

7.

8.

9.

10

Q6

Answer the following: (3+3+4 marks) a) In IT Act 2000, what are the major offenses defined and penalty clause? b) What are three key properties of hash function? c) What is certificate? Briefly explain X.509 standard for certificates?

Q7.

Answer the following: (3+3+4 marks) a) What are the essential components of a corporate security policy? b) Distinguish between a Trojan and a worm? c) Describe briefly about choosing good password & how system can help to improve? Answer the following: (5 marks x 2) a) What are the various steps in generating digital signature? b) What are the advantages or disadvantages of symmetric & asymmetric cryptography? Answer the following (5 marks x 2) a) What are the different biometric techniques for authentication? Explain what false accept and false reject terms are for an authentication? b) A company has a security policy that says only employees who are Manager are permitted to send e-mails through the internet. All employees can send the e-mails within company. What type of firewalls could you use to enforce this policy?

Q8

Q9

Q10

Answer the following a) Describe briefly the Bell-La padula model & its limitations? b) What are the four stages of typical virus?

(5 marks x 2)