Download JNTUH (Jawaharlal Nehru Technological University Hyderabad) MBA (Master of Business Administration) 2nd Semester (Second Semester) R15 2018 Dec 721CV Principles Of Information Security Previous Question Paper
JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
MBA II Semester Examinations, December-2018
PRINCIPLES OF INFORMATION SECURITY
Time: 3hrs Max.Marks:75
Note: This question paper contains two parts A and B.
Part A is compulsory which carries 25 marks. Answer all questions in Part A. Part B
consists of 5 Units. Answer any one full question from each unit. Each question
carries 10 marks and may have a, b, c as sub questions.
PART - A 5 ? 5 Marks = 25
1.a) Define key terms and critical concepts of information security? [5]
b) Discuss the components of issue specific security policy? [5]
c) Define risk management, risk identification, and risk control? [5]
d) Discuss the relationship between information security and physical security? [5]
e) Describe where and how the information security function should be positioned
within organizations? [5]
PART - B 5 ? 10 Marks = 50
2. Enumerate the phases of the security systems development life cycle. [10]
OR
3. Describe how the information security performs four important functions for an
organization. [10]
4. Explain the role of culture as it applies to ethics in information security. [10]
OR
5. Define management?s role in the development, maintenance, and enforcement of
information security policy, standards, practices, procedures and guidelines? [10]
6. Explain the fundamental aspects of documenting risk via the process of risk
assessment. [10]
OR
7. Describe firewall technology and the various approaches to firewall implementation.
[10]
8. Describe key physical security considerations, including fire control and surveillance
systems. [10]
OR
9. Describe the operating principles of the most popular cryptographic tools. [10]
10. Illustrate how an organization?s employment policies and practices can support the
information security effort. [10]
OR
11. Describe the process of acquiring, analyzing, and maintaining potential evidentiary
material. [10]
---ooOoo---
R15
FirstRanker.com - FirstRanker's Choice
This post was last modified on 23 October 2020