Download JNTUH (Jawaharlal Nehru Technological University Hyderabad) MBA (Master of Business Administration) 2nd Semester (Second Semester) R15 2018 July 721CV Principles Of Information Security Previous Question Paper
JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
MBA II Semester Examinations, June/July-2018
PRINCIPLES OF INFORMATION SECURITY
Time: 3 hours Max.Marks:75
Note: This question paper contains two parts A and B.
Part A is compulsory which carries 25 marks. Answer all questions in Part A.
Part B consists of 5 Units. Answer any one full question from each unit. Each
question carries 10 marks and may have a, b, c as sub questions.
PART - A 5 ? 5 Marks = 25
1.a) How does the practice of information security qualify as both an art and a science? [5]
b) How does due diligence differ from due care? Why are both important? [5]
c) In risk management strategies, why must periodic review be a part of the process? [5]
d) What is the difference between digital signatures and digital certificates? [5]
e) What is collusion? How does the separation of duties impact collusion? [5]
PART - B 5 ? 10 Marks = 50
2. Identify the five components of an information system. Which are most directly impacted
by the study computer security? Which are most commonly associated with its study?
[10]
OR
3. What is the difference between a denial-of-service attack and a distributed denial-of-
service attack? Which is potentially more dangerous and devastating? Why? [10]
4. What is intellectual property (IP)? Is it afforded the same problem in every country of the
world? What laws currently protect it in the United States and Europe? [10]
OR
5. What is the other name for the Kennedy-Kassebaum Act (1996) and why is it important to
organizations that are not in the health-care industry? [10]
6. Briefly describe management, operational, and technical controls, and explain when each
would be applied as a part of a security framework? [10]
OR
7.a) What is RADIUS? What advantage does it have over TACAS?
b) What is VPN? What are some reasons it is widely popular in many organizations? [10]
8. List and describe the four primary types of UPS systems? Which is the most effective and
most expensive, and why? [10]
OR
9. List and describe the four basic conversion strategies that are when converting to a
new system? Under which circumstances is each of these the best approach? [10]
10. What is the primary goal of the vulnerability assessment and remediation domain of the
maintenance model? Is this important to an organization with an Internet presence? Why?
[10]
OR
11. What functions does the CISO perform, and what are the key qualifications and
requirements for the position? [10]
---ooOoo---
R15
FirstRanker.com - FirstRanker's Choice
This post was last modified on 23 October 2020