POKH AR A UNIVERSITY

Level: Bachelor Semester – Fall Year : 2017

Programme: BCIS Full Marks: 100
Course: Information System Security Pass Marks: 45
Time : 3hrs.
Candidates are required to give their answers in their own words as far
as practicable.
The figures in the margin indicate full marks.

Section "A"
Very Short Answer Questions
Attempt all the questions. 10×2
1. What do you mean by deviation in QoS?
2. What are the components of PKI?
3. Compare private key cryptography with public key cryptography?
4. Write brief note on DES.
5. What are different processing modes of Firewall?
6. Why VPN is important?
7. What are different techniques of Authentication?
8. What do you mean by Information Security Audit?
9. Introduce Digital Forensic.
10. Write brief note on Vulnerability Scanning?
Section "B" 6×10
Descriptive Answer Questions
Attempt any six questions
11. What do you mean by information security risk? Explain different risk
control strategies
12. Define IDS and IPS. Compare host based and network based IDS/IPS
with their implementation approach, advantages and disadvantages.
13. What are characteristics of Information? Explain NSTISCC information
security model.
14. Define Attack. Explain any four types of Attacks.
15. Explain signing and verification process of digital signature.
16. Explain PDCA cycle of ISMS based on ISO 27000..
17. What do you mean by continuity planning? Explain IRP, BCP, and DRP
Section "C" 2×10
Case Analysis
18. Explain major provisions of Electronic Transaction Act, 2063 of Nepal.
19. "There is always tradeoff between security and access" explain this
statement with at least three different example cases.
1
2