Download JNTU-Hyderabad MBA 2nd Sem R15 2018 Jan 721CV Principles Of Information Security Question Paper

Code No: 721CV

R15

JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD

--- Content provided by FirstRanker.com ---

MBA II Semester Examinations, January-2018

PRINCIPLES OF INFORMATION SECURITY

Time: 3hrs

Max.Marks:75

Note: This question paper contains two parts A and B.

--- Content provided by FirstRanker.com ---

Part A is compulsory which carries 25 marks. Answer all questions in Part A.

Part B consists of 5 Units. Answer any one full question from each unit. Each question carries 10 marks and may have a, b, c as sub questions.

PART - A

5×5 marks = 25

1. 1. What are the three components of the C.I.A. triangle? What are they for? Explain. [5]

   --- Content provided by FirstRanker.com ---

   2. How is due diligence different from due care? Why are both important? [5]
   3. Describe how outsourcing can be for risk transference. [5]
   4. Which kind of attack on cryptosystem involves using a collection of pre identified terms? [5]
   5. Explain the special requirements needed for the privacy of personnel data. [5]

--- Content provided by FirstRanker.com ---

PART – B

5 × 10 marks = 50

1. 1. List and explain the components of information system.
   2. Why is the top-down approach to information security superior to the bottom-up approach? Explain. [5+5]

--- Content provided by FirstRanker.com ---

2. 1. Identify the six components of an information system. Which are most directly affected by the study of computer security? Which are most commonly associated with its study?
   2. Why do employees constitute one of the greatest threats to information security? Discuss. [5+5]
3. What is intellectual property (IP)? Does it afforded the same protection in every country of the world? What laws currently protect it in the United States and Europe? [10]

   OR

--- Content provided by FirstRanker.com ---

4. 1. What can be done to deter someone from committing a crime? Explain
   2. Give a brief note on Information Security Policy, Standards, and Practices. [5+5]
5. Write the basic terminology that makes residential/SOHO firewall appliances effective in protecting a local network. Why is this usually adequate for protection? [10]

   OR

--- Content provided by FirstRanker.com ---

6. Explain the following terms:
   1. Intrusion Detection and Prevention Systems
   2. Firewalls and VPNs [5+5]
7. 1. Why is it important to exchange keys “out of band” in symmetric encryption?
   2. How to implement nontechnical aspects of information security? Discuss. [5+5]

   --- Content provided by FirstRanker.com ---

   OR

8. Write the average key size of a “strong encryption” system in use today. Explain in detail. [10]
9. 1. How an organization's employment policies and practices can support the information security effort?
   2. With the help of neat diagram, explain the Vulnerability Assessment and Remediation. [5+5]

   --- Content provided by FirstRanker.com ---

   OR

10. List and explain the Issues and concerns about staffing information security. [10]

---00000---

Get more at: FirstRanker.com

--- Content provided by FirstRanker.com ---