Beruflich Dokumente
Kultur Dokumente
UNIT-2(1st portion) , 3, 4
1. Full Backups
A full backup stores a copy of all files and typically occurs automatically according to a pre-set schedule.
Files are usually compressed to save space, however, even when compressed full backups may
consume a lot of storage. Additionally, full backups cause heavy access to the backup disk, which
shorten disk life and consume network bandwidth.
The advantage of full backups is the ease of restoration. Restoring a file requires only the file name,
location, and date from which to restore the data. Restoration is relatively straightforward as long as the
backup files from that date or time are available.
Although full backups are certainly comprehensive, they may be more robust than many businesses
require. It is important to consider that only a small percentage of files change from one backup to
another. Consequently, performing full backups will yield multiple identical copies of files and consume
valuable storage space on the backup medium.
2. Incremental Backups
Incremental backups save space by backing up only the files that have been created or changed since
the last backup. The advantage of incremental backups is that the volume of data backed up at each
iteration is much smaller, which in turn saves space on the backup medium and uses less network
bandwidth.
However, incremental backups increase computing overhead, because each source file must be
compared with the last full backup as well as the incremental iterations to determine whether data is new
or changed. Additionally, it is more complex to locate a specific file to restore as it may require searching
several iterations. To completely restore all files requires merging all iterations while taking care to keep
only the most recent version of each file.
Many enterprise backup strategies include a combination of full backups and incremental backups. For
example, running a full backup once per week—on weekends when network and computing resource
demands are lower—and scheduling incremental backups on weekdays. Backing up files with this
combination enables a restoration that does not require looking through or merging more than a week’s
worth of iterations.
Some strategies limit the impact on disk backup storage by copying older full backups from disk to tapes,
which are then stored off-site. Although this approach is more secure than storing both the file system
and backup media at the same location, the manual work to change tapes, label them and transport them
is time-consuming. Additionally, it creates a difference between the finished backups that are stored off-
site and the current state of the live file system. In the event of a disaster, any data changes that occurred
since copying the last full backup to tape may be lost.
3. Differential Backups
Differential backups are similar to incremental backups, except that each backup operation stores the
new and updated files since the last full backup. For example, if a full backup was performed on Sunday
and a file changed on Monday, that file will be part of every differential backup until the next full backup is
run.
Using differential backups simplifies recovery because only the last full backup and the last differential
backup is needed to create a complete restoration. As with incremental backups, differential backups
need to compare current and already-backed-up files to identify any changes. However, differential
backups require more space and network bandwidth compared with incremental backups.
5.
8. What is the need of Firewall? Explain different types of firewall security Architecture.
A firewall is a piece of software or hardware that filters all network traffic between
yourcomputer, home network, or company network and the Internet. It is our position that
everyone who uses the Internet needs some kind of firewall protection.
One of the major challenges that companies face when trying to secure their sensitive
data is finding the right tools for the job. Even for a common tool such as a firewall, many
businesses might not have a clear idea of how to find the right firewall (or firewalls) for
their needs, how to configure those firewalls, or why such firewalls might be necessary.
The first step in finding the right firewalls to protect your company’s data is to know
what kind of firewalls there are. Right now, there are five different types of firewall
architectures, broadly speaking:
Packet-filtering firewalls
Stateful inspection firewalls
Circuit-level gateways
Application-level gateways (a.k.a. proxy firewalls)
Next-gen firewalls
How do these firewalls work? And, which ones are the best for your business’
cybersecurity needs?
Packet-Filtering Firewalls
As the most “basic” and oldest type of firewall architecture, packet-filtering firewalls
basically create a checkpoint at a traffic router or switch. The firewall performs a simple
check of the data packets coming through the router—inspecting information such as the
destination and origination IP address, packet type, port number, and other surface-level
information without opening up the packet to inspect its contents.
The good thing about these firewalls is that they aren’t very resource-intensive. This
means they don’t have a huge impact on system performance and are relatively simple.
However, they’re also relatively easy to bypass compared to firewalls with more robust
inspection capabilities.
Circuit-Level Gateways
As another simplistic firewall type that is meant to quickly and easily approve or deny
traffic without consuming significant computing resources, circuit-level gateways work
by verifying the transmission control protocol (TCP) handshake. This TCP handshake
check is designed to make sure that the session the packet is from is legitimate.
While extremely resource-efficient, these firewalls do not check the packet itself. So, if a
packet held malware, but had the right TCP handshake, it would pass right through. This
is why circuit-level gateways are not enough to protect your business by themselves.
These firewalls combine both packet inspection technology and TCP handshake
verification to create a level of protection greater than either of the previous two
architectures could provide alone.
However, these firewalls do put more of a strain on computing resources as well. This
may slow down the transfer of legitimate packets compared to the other solutions.
Proxy firewalls operate at the application layer to filter incoming traffic between your
network and the traffic source—hence, the name “application-level gateway.” Rather
than letting traffic connect directly, the proxy firewall first establishes a connection to
the source of the traffic and inspects the incoming data packet.
This check is similar to the stateful inspection firewall in that it looks at both the packet
and at the TCP handshake protocol. However, proxy firewalls may also perform deep-
layer packet inspections, checking the actual contents of the information packet to verify
that it contains no malware.
Once the check is complete, and the packet is approved to connect to the destination,
the proxy sends it off. This creates an extra layer of separation between the “client” (the
system where the packet originated) and the individual devices on your network—
obscuring them to create additional anonymity and protection for your network.
If there’s one drawback to proxy firewalls, it’s that they can create significant slowdown
because of the extra steps in the data packet transferal process.
Next-Generation Firewalls
Many of the most recently-released firewall products are being touted as “next-
generation” architectures. However, there is not as much consensus on what makes a
firewall truly next-gen.
The issue is that there is no one definition of a next-generation firewall, so it’s important
to verify what specific capabilities such firewalls have before investing in one.
9. What is Intrusion Detection & Prevention System? Explain its types with the help of diagram.
10. An Intrusion Prevention System (IPS) is a network security/threat preventiontechnology
that examines network traffic flows to detect and prevent vulnerability exploits.
Types of IDS
For the purpose of dealing with IT, there are four main types of IDS:
11.
Application security is one of several levels of security that companies use to protect systems.
Others include operating system security, network security and end-point or mobile security.
All of these types of security are aimed at protecting clients and users of software from of hacking
and malicious intent. In addition, application security is critical for mobile app stores, where hackers
try to attach various kinds of malware to less vetted mobile apps.
14.
15. What is the need to review the policy? Explain Policy Review Process with the help of a
diagram.
16. The purpose of a comprehensive review is to take an in depth look at existing administrative policies to: 1)
determine if a policy is still needed or if it should be combined with another administrative policy; 2) determine
whether the purpose and goal of the policy is still being met; 3) determine if changes are required to improve the
effectiveness or clarity of the policy and procedures; and 4) to ensure that appropriate education, monitoring and
ongoing review of the policy is occurring.
17.
organization's firewall. Applications, storage and other services are accessed via the Web. The services are delivered and
used over the Internet and are paid for by the cloud customer on an as-needed or pay-per-use business model.
19.
20. Why we need Cryptography in Security? Explain Digital Signature algorithm with the help of
a neat diagram.
Cryptography is a method of storing and transmitting data in a particular form so that only
those for whom it is intended can read and process it. Cryptography is closely related to the
disciplines of cryptology and cryptanalysis.
A digital signature is a mathematical technique used to validate the authenticity and
integrity of a message, software or digital document. The digital equivalent of a
handwritten signature or stamped seal, a digital signature offers far more inherent
security, and it is intended to solve the problem of tampering and impersonation in
digital communications.
Digital signatures can provide the added assurances of evidence of origin, identity and
status of an electronic document, transaction or message and can acknowledge informed
consent by the signer.
In many countries, including the United States, digital signatures are considered legally
binding in the same way as traditional document signatures. The United States
Government Publishing Office publishes electronic versions of the budget, public and
private laws, and congressional bills with digital signatures.
21. What do you understand by Information Security Governance & Risk Management? Explain.
22. Information Security Governance and Risk Management involves the identification of an
organization's information assets and the development, documentation, and implementation
of policies, standards, procedures and guidelines that ensure confidentiality, integrity, and
availability.
23. What do you mean by Virtual Private Networks? Discuss authentication mechanism
used in VPN.
A virtual private network (VPN) is a technology that creates a safe and encrypted
connection over a less secure network, such as the internet. VPN technology was developed
as a way to allow remote users and branch offices to securely access corporate applications
and other resources.
Reining In Crime: CCTV is a very efficient tool to rein in crime because the
recorded footage is substantial evidence against the criminal. A recent survey reports
51% depreciation in crime in parking lots and a 23% decrease in crime on roads
where CCTV Video Surveillance was used.
Traffic Monitoring: Many cities monitor daily traffic through CCTV surveillance. This
enables the authority to keep a check on traffic jams, accidents, etc.
26.
27. What is Electronic cash? How does cash based transaction system differ from credit
card based transactions?
Electronic cash was until 2007 the debit card system of the German Banking Industry
Committee, the association which represents the top German financial interest groups.
Usually paired with a Transaction account or Current Account, cards with an Electronic
Cash logo were only handed out by proper credit institutions.
In this system, each user has an encryption key that is publicly known and a private key that
is known only to that user
MESSAGE FROM B TO A
A has its public key Kp and private key Kt,A will share his public key(Kp) to B .
B will use Kp of A to encrypt the message from B and send it across the channel
29.