4. Security Policy Design
January-2004 [10]
1.
b) Explain what is challenge response
system? [4]
3.
c) What are the
essential components of a corporate security policy? [6]
July-2004 [7]
1.
c) A Data entry
firm experiences on an average a loss of 10 files of 1000 bytes each per day
due to power failures. The loss probability is 0.9. The cost of keying in a
character is Rs. 0.005. At what cost burden the firm should consider putting in
a loss prevention mechanism? [4]
2.
b) What is the basic purpose of a security
model for computer systems? [3]
January-2005 [0]
July-2005 [0]
January-2006 [10]
1.
d)
State four primary functions
of CERT. [4]
7. Write short notes on any three:
iii)
Risk Assessment (RA) [6]
July-2006 [10]
1.
g) What are
main services provided by Computer security incident response teams?
[4]
5.
b) What are the
procedures involved in Quantitative Risk Assessment? How is the Annualized Loss
Expectancy (ALE) calculated? [6]
January-2007 [12]
1.
b) Why is the Domain
Security policy required? How is it different from local security policy? [4]
3.
b) How
does User Based Security Model provide integrity protection with or without
delay detection and privacy protection? [8]
July-2007 [21]
3.
c) When
management chooses to mitigate a risk in the design and implementation of
security policy, what is the different security controls used? [6]
4.
a) How
does User Based Security Model provide integrity protection with or without
delay detection and privacy protection? [6]
b) What
are the procedures involved in Quantitative Risk Management? How is the
Annualized Loss Expectancy (ALE) calculated? [6]
7.
b) What
is audit trail with respect to information or communication security? [3]
January-2008 [10]
1.
g) Explain
a method to secure the windows registry? [4]
6.
a) What
are the possible sources of threats in an enterprise network? Also identify the
various types of threats and its targets in enterprise network? [6]
July-2008 [22]
1.
f) What do you understand by audit
trail with respect to information security? [4]
5.
a) When
management chooses to mitigate a risk in the design and implementation of
security policy, what are the different security controls used? [6]
b) What are the procedures involved
in Quantitative Risk Management? How is the
Annualized Loss Expectancy (ALE)
calculated? [6]
6.
c) How
does User Based Security Model provide integrity protection with or without
delay detection and privacy protection? [6]
January-2009 [6]
7. Write
short notes on any three of the following:
e) CERT [6]
July-2009 [0]
January-2010 [9]
6.
b) What
is the Annualized Loss Expectancy (ALE)? How can it be directly useful in cost
benefit analysis? [9]
July-2010 [9]
5.
a) What
is Annualized Loss Expectancy (ALE)? How can it be directly useful in cost
benefit analysis? [9]
No comments:
Post a Comment