http://vustudents.ning.

com/
NAive eNiGmA ..
CS 507
CS 507 subjective
1
Question No: 1 ( Ma!s: " # $hat ae the basic components o% &SS'
(hee ae t)o majo components
* &SS data base + is a co,,ection o% cuent and histoica, data %om intena, e-tena,
souces. .t
can be a massive data )aehouse.
* &ecision Suppot So%t)ae s/stem + is the set o% so%t)ae too,s used %o data
ana,/sis.
Question No:" vu0s ( Ma!s: " # &e1ne the %o,,o)ing:
a# 2thics
2thics ae moa, choice made b/ individua, in e,ation to the est o% the communit/3
u,es o%
govening membes and standads o% acceptab,e behaviou.
b# Code o% ethics
Code o% ethics is co,,ection o% u,es as guide %o the membes o% the ogani0ation.
Question No: 4 ( Ma!s: " # $hat is Stand 5,one 6ocessing'
Se,% contained is a mico compute that is not connected to a net)o!. 6ocessing
on this
compute is ca,,ed stand a,one pocessing.
Question No: 7 ( Ma!s: " # &e1ne intusion detection'
.ntusion &etection is a pocess that identi1es the attempts to penetate the s/stem
and gain
unauthoi0ed access.
http://vustudents.ning.com/
Question No: 5 ( Ma!s: 4 # 8o) can )e ma!e ou pass)od secue'
1: 9eep secet
": &on:t )ite an/)hee
4: 5,)a/s use the pass)od )ith combination o% ,ettes3 numbes3 uppe and
,o)e cases
7: change pass)od egu,a basis
Question No: ;( Ma!s: 4 # $hat ae some o% the things /ou shou,d !eep in mind
)hen
identi%/ing is!s'
(he net)o! attac!es ae getting smate eve/ da/. <gani0ations and peop,e
)ant thei data to
be potected. =usinesses must opeate )ithin a simi,a is! management cu,tue. 5
compehensive is! based appoach stating %om identi%/ing is!s ma/ be a bette
so,ution.
Question No:7 ( Ma!s: 4 # $hat is &ata &iven &ecision Suppot S/stem'
&ata diven &SS use ,age poo, o% data in majo ogani0ationa, s/stems. (he/ he,p
to e-tact
in%omation %om ,age >uantities o% data stoed. (hese s/stems e,/ on &ata
$aehouses ceated
%om (ansaction 6ocessing s/stems.
(he/ use %o,,o)ing techni>ues %o data ana,/sis
* <n,ine ana,/tica, pocessing3 and
* &ata mining
Question No: ? ( Ma!s: 4 # &e1ne @eAengineeing'
@e engineeing is the %undamenta, ethin!ing and edesigning o% business pocess
to achieve
damatic impovement in citica,3 contempoa/ measues o% pe%omance3 such as
cost3 >ua,it/3
sevice and speed.
http://vustudents.ning.com/
Question No: B ( Ma!s: 5 # Cist an/ 1ve easons that attact ogani0ations to 2@6'
5ns)e:
1. 6,anning the opeations
". .ntegated custome e,ated in%omation + ode tac!ing )ith custome database3
invento/
and shipment at diDeent ,ocations.
4. Standadi0ed 8@ in%omation + 5 compan/ )ith mu,tip,e business units )i,,
e>uie a
compehensive and a,,Aencompassing method o% ,ocating emp,o/ees and
communicating )ith
them.
7. .ntegated 1nancia, in%omation and ana,/sis. CS 507
CS 507 subjective Compose b/ saha and sumea
"
5. Monitoing the opeations inc,uding those o% subAvendos and manu%actues
Question No: 10 vu0s ( Ma!s: 4 # 8o) vius and )oms can be tansmitted into
computes' .denti%/ an/ thee souces'
5ns)e:
Eius o )oms ae tansmitted easi,/ %om the intenet b/ do)n,oading 1,es to
computes )eb
bo)ses. <the methods o% in%ection occu %om 1,es eceived though on,ine
sevices3 compute
bu,,etin boad s/stems3 ,oca, aea net)o!s. Eiuses can be p,aced in vaious
pogams3 %o
instance
1. Fee So%t)ae + so%t)ae do)n,oaded %om the net
". 6iated so%t)ae + cheape than oigina, vesions
4. Games so%t)ae + )ide appea, and high chances
7. 2mai, attachments + >uic! to spead
http://vustudents.ning.com/
5. 6otab,e had and Hash dives + emp,o/ees ta!e dis!s home and ma/ )o! on
thei o)n
pesona, 6C3 )hich have not been c,eaned o have suitab,e antiAviuses insta,,ed on
them.
Question No: 11( Ma!s: 4 #8o) the in%omation is !ept in the puchase s/stem'
5 simp,e e-amp,e can be given o% a puchase and sa,es s/stem. .n a t/pica,
puchase s/stem
in%omation e,ated to puchase o% mateia,s is !ept3 %o instance3
* <des %o the puchase o% vaious mateia,s
* Status o% de,iveies eceived against speci1c odes
* Changes in the ode >uantit/3 time3 da/ o othe in%omation
* Qua,it/ inspection epots and )hethe the/ need to be communicated to the
supp,ie
* Ipdated status epot o% stoc!
* .ssues made out o% the stoc!
Question No: 1" ( Ma!s: " #$hat is in%omation Qua,it/ Chec!,ist'
5ns)e: (he in%omation can a,so be an!ed in accodance )ith the >ua,ities it has
in it. (he
e-pets have devised cetain citeia to eva,uate the >ua,it/ o% in%omation. (hose
some points
)hich ae used to eva,uate the >ua,it/ ae !no)n as >ua,it/ chec!s.
Question No: 14 ( Ma!s: " # $hat ae 5ctive monitos' &e1ne.
5ns)e: (his so%t)ae seves the concuent monitoing as the s/stem is being
used. (he/ act as
a guad against viuses )hi,e the opeating s/stem is pe%oming vaious %unctions
e.g connected
to intenet3 tans%eing data3 etc.
Question No: 17 (Ma!s: 4 =ieH/ descibe .ncementa, Mode,.
5ns)e: .n incementa, mode,s3 so%t)ae is bui,t not )itten. So%t)ae is constucted
step b/
http://vustudents.ning.com/
step in the same )a/ a bui,ding is constucted. (he poduct is designed3
imp,emented3 integated
and tested as a seies o% incementa, bui,ds3 )hee a bui,d consists o% code pieces
%om vaious
modu,es inteacting togethe to povide a speci1c %unctiona, capabi,it/ and testab,e
as a )ho,e.
Question No: 15 ( Ma!s: 4 # .n%omation s/stem secuit/ association o% IS5 has
,isted
man/ ethica, cha,,enges3 identi%/ an/ thee o% them'
5ns)e:
1. Misepesentation o% ceti1cations3 s!i,,s
". 5buse o% pivi,eges
4. .nappopiate monitoing
Question No: 1; ( Ma!s: 5 # $hat do /ou thin! )hat ae the !e/ bene1ts o%
2commece to ogani0ations'
5ns)e: 5dvantages o% 2ACommece to the <n,ine =usiness
*2ACommece he,ps to .ncease the sa,es evenue to the business
* =usiness peop,e can spend ,ess mone/ and ean high po1ts )ith eAcommece
CS 507
CS 507 subjective Compose b/ saha and sumea
4
* 2asi,/ )e can tac! the segment o% customes )ho ae happ/ )ith puchasing
goods though
on,ine
* .nstantaneous g,oba, sa,es pesence in >uic! time
* $e can <peate the business in "7 J7 basis
* 2asi,/ )e can incease ou business customes
* $e set up shop an/)hee in the )o,d3 se,%Agovening o% geogaphica, ,ocations
* .ne-pensive )a/ to tun /ou $eb site into a evenue cente
http://vustudents.ning.com/
* @educe Custome Suppot costs via eAmai, ma!eting K customa/ ne)s,ettes
* $e can ceate customi0ed mai,ing ,ist
* 2asi,/ )e can dive %ee taLc to the )ebsite
* $e can easi,/ pomote ou business )ebsite b/ using vaious pomotiona,
activities such as
Seach 2ngine <ptimi0ation3 6a/ 6e C,ic! Management3 2mai, Ma!eting3 Socia,
Media
<ptimi0ation3 <n,ine =anne 5dvetisement3 <n,ine =anding and 5L,iate
Management.
Question No: 17 ( Ma!s: 5 # $hat do /ou undestand b/ &isaste @ecove/
6,anning'
5 disaste ecove/ p,an is a compehensive statement o% consistent actions to be
ta!en be%oe3
duing and a%te a disaste. (he p,an shou,d be documented and tested to ensue
the continuit/ o%
opeations and avai,abi,it/ o% citica, esouces in the event o% a disaste.
(his t/pica,,/ detai,s the pocess .( pesonne, )i,, use to estoe the compute
s/stems. &isaste
ecove/ p,ans ma/ be inc,uded in the business continuit/ p,an o as a sepaate
document a,,
togethe. =usiness continuit/ p,an ma/ not be compehensive,/ avai,ab,e in a nonA
citica,
envionment but &isaste @ecove/ 6,an shou,d be thee at ,east to manage and
he,p ogani0ation
to ecove %om disastes. 5 subcomponent o% business continuit/ p,an is the .(
disaste ecove/
p,an. .S pocessing is one opeation o% man/ that
!eep the ogani0ation not on,/ a,ive but a,so success%u,3 )hich ma!es it o% stategic
impotance.
Question No: 1? ( Ma!s: " # Cist in%omation @e>uiements %o Medium si0es
ogani0ations.
http://vustudents.ning.com/
5ns)e:
6,anning %o e>uied .n%omation
Monitoing o% in%omation o% p,anning.
Question No: 1B ( Ma!s: " # $h/ )e need to secue in%omation s/stems'
Sound secuit/ is %undamenta, to achieving this assuance. Futhemoe3 thee is a
need %o
ogani0ations to potect themse,ves against the is!s inheent )ith the use o%
in%omation s/stems
)hi,e simu,taneous,/ ecogni0ing the bene1ts that can accue %om having secue
in%omation
s/stems. (hus3 as dependence on in%omation s/stems inceases3 secuit/ is
univesa,,/
ecogni0ed as a pevasive3 citica,,/ needed3 >ua,it/.
Question No: "0 ( Ma!s: 4 # $hat is access conto,' Give e-amp,e
5ns)e: 5ccess Conto,s
(hese conto,s estab,ish the inte%ace bet)een the )ou,dAbe use o% the compute
s/stem and the
compute itse,%. (hese conto,s monito the initia, handsha!ing pocedue o% the
use )ith the
opeating s/stem. Fo e-amp,e )hen a custome ente the cad and the pin code in
an automatic
te,,e machine (5(M#3 the access conto,s ae e-ecised b/ the s/stem to b,oc!
un)anted o
i,,egitimate access.
Question No: "1 ( Ma!s: 4 #
@is! mitigation is a pocess that ta!es p,ace a%te the pocess o% is! assessment
has been
comp,eted. &iscuss bieH/ vaious is! mitigation options'
5ns)e:
http://vustudents.ning.com/
* @is! assumption: (o accept the potentia, is! and continue opeating the .( s/stem
o to
imp,ement conto,s to ,o)e the is! to an acceptab,e ,eve,. CS 507
CS 507 subjective Compose b/ saha and sumea
7
* @is! 5voidance: (o avoid the is! b/ e,iminating the is! cause and e.g. %ogo
cetain
%unctions o% the s/stem o shut do)n the s/stem )hen is!s ae identi1ed.
* @is! Cimitation: (o ,imit the is! b/ imp,ementing conto,s that minimi0e the
advese impact
o% a theat:s e-ecising a vu,neabi,it/ e.g. use o% suppoting peventive and
detective conto,s.
* @is! 6,anning: (o manage is! b/ deve,oping a is! mitigation p,ant that pedicts
imp,ements
and maintains conto,s.
* @eseach and ac!no),edgement: (o ,o)e the is! o% ,oss b/ ac!no),edging
vu,neabi,it/ o
Ha) and eseaching conto,s to coect the vu,neabi,it/.
* @is! (ans%eence: (o tans%e the is! b/ using othe options to compensate ,oss
such as
puchasing insuance.
Question No:"" ( Ma!s: 4 # &iDeentiate C@M %om 2@6 '
5ns)e: 2@6 K C@M
Custome has become o% citica, impotance in the moden da/ business. 2a,/ on3
ogani0ations
used to %ocus moe on ho) much has been so,d )hat has been poduced. =ut no)
the %ocus is
>uite diDeent. Focus has been p,aced on the e>uiements o% the custome3
poviding >ua,it/
sevice and >uic!ness o% esponse to custome >ueies. 5na,/sis o% the custome
data %om thei
http://vustudents.ning.com/
pesona, habits to spending one:s have become a cucia, e,ement o% doing a
success%u, business.
2@6 has this uni>ue potentia, to impove the >ua,it/ o% custome hand,ing.
Question No: "1 ( Ma!s: 5 # &iDeentiate .mpact ana,/sis %om @is!
detemination'
(his phase e,ates to ana,/0ing ho) much the in%omation assets ae e-posed to
vaious theats
identi1ed and thus >uanti%/ing the ,oss caused to the asset though this theat.
(his phase e,ates to ana,/sis o% both ph/sica, and ,ogica, theats. .t measues ,eve,
o% is! is to
detemine the advese impact esu,ting into a success%u, e-ecise o% vu,neabi,it/.
(he
in%omation can be obtained %om e-isting ogani0ationa, documentation3 such as
the mission
impact ana,/sis epot o asset citica,it/ assessment epot. 5 business impact
ana,/sis epot o
asset citica,it/ assessment epot. (he advese impact o% a secuit/ event can be
descibed in
tems o% ,oss o de,a/ o% an/ o a,, o% the thee secuit/ goa,s. Con1dentia,it/3
integit/3
avai,abi,it/.
Question No: "" ( Ma!s: " # $hat ae the ph/sica, theats %o .n%omation
S/stem.
5ns)e: 6h/sica, theats
(he is!s o% ph/sica, damage ende the compute had)ae becomes use,ess due
to the damage
caused to it b/ natua, disastes (Fie3 eath >ua!e3 Hood#3 po,,utionA&ust3 eneg/
Eaiations.
@easonab,e measues shou,d be ta!en to avoid undesiab,e conse>uences.
Question No: "4 ( Ma!s: " # Cist an/ t)o t/pes o% in%omation that can be used as
input
http://vustudents.ning.com/
%o vu,neabi,it/. Fo,,o)ing in%omation is used as an input
". 5n/ audit comments
4. Secuit/ e>uiements
Question No: "7 ( Ma!s: " # Cist do)n diDeent t/pes o% SI66CM C85.N.
(/pes o% Supp,/ Chains
Supp,/ chain ma/ e-ist in vaious %oms depending on the need o% the business:
1. Made to Stoe
". Continuous @ep,enishment
4. =ui,t to ode
Question No: "5 ( Ma!s: 4# $hat do u !no) about 9e/ sto!e Monitoing' (4#
5ns)e : 5 ecod o% eve/ !e/sto!eAAAA o%ten ca,,ed !e/sto!e monitoing.
9e/sto!e
monitoing is the pocess used to vie) o ecod both the !e/sto!es enteed b/ a
compute use
and the computeNs esponse duing an inteactive session. 9e/sto!e monitoing is
usua,,/
consideed a specia, case o% audit tai,s. CS 507
CS 507 subjective Compose b/ saha and sumea
5
Question No: "; ( Ma!s: 4 # .denti%/ o,es and esponsibi,ities o% an/ thee
po%essiona,s in an ogani0ation.
5ns)e: 1A&ata <)nes O esponsib,e %o detemining sensitivit/ o c,assi1cation
,eve,s o% the
data as )e,, as maintaining accuac/ and integit/ o% the data esident on the
in%omation s/stemP
"A6ocess <)nes O esponsib,e %o ensuing that appopiate secuit/3 consistent
)ith the
ogani0ation:s secuit/ po,ic/3 is embedded in thei in%omation s/stemsP
http://vustudents.ning.com/
4A(echno,og/ povides O esponsib,e %o assisting )ith the imp,ementation o%
in%omation
secuit/
Question No: "7 C,assi%/ 2ACommece into diDeent c,asses. (5#
(he most peva,ent o% 2ACommece mode,s can be c,assi1ed as unde:
1. =usiness to Consume (="C#
". =usiness to =usiness (="=#3
4. =usiness to 2mp,o/ee (="2#3
7. Consume to Consume (C"C# and
5. 2AGovenment
* Govenment to Citi0ens/Customes (G"C#
* Govenment to =usiness (G"=#
* Govenment to Govenment (G"G
Question No: "? ( Ma!s: 5 # .ncopoate @is! management S&CC' identi%/ its
phases'
Fo each phase o% S&CC3 the pocess o% is! management is no diDeent. @athe it is
iteative
pocess )hich can be pe%omed at each majo phase. 2ve/ step o% deve,opment
has its o)n
is!s )hich need to be hand,ed and addessed sepaate,/. 8ence managing is! in
S&CC means
managing is! o% each phase o% ,i%e c/c,e.
6hases o% @is! Management
Fo,,o)ing ae vaious phases o% S&CC
* S/stem Chaactei0ation
* (heat .denti1cation
* Eu,neabi,it/ .denti1cation
* Conto, 5na,/sis
http://vustudents.ning.com/
* Ci!e,ihood &etemination
* .mpact 5na,/sis
* @is! .denti1cation
* Conto, @ecommendation
* @esu,ts &ocumentation
* .mp,ementation
* Monitoing
Question No: "B ( Ma!s: " # $hat do /ou undestand b/ <C56'
<n,ine 5na,/tica, 6ocessing &ecision suppot so%t)ae that a,,o)s the use to
>uic!,/ ana,/0e
in%omation that has been summai0ed into mu,tidimensiona, vie)s and hieachies.
(he tem
on,ine e%es to the inteactive >ue/ing %aci,it/ povided to the use to minimi0e
esponse time
Question No: 40 ( Ma!s: " # 8o) theats ae identi1ed'
(heats can be identi1ed on the basis o% natue o% (heat )hich can eithe be
accidenta,Anatua,
occuences/%oce majo3 o de,ibeateAintentiona, act o% ham o on the basis o%
souces o% theat
)hich can eithe be intena,Atheat caused )ithin the ogani0ation3 o e-tena,A
theat %om some
one outside the ogani0ation.
Question No: 41 ( Ma!s: " # Cist do)n the inputs to @is! &etemination phase '
Ci!e,ihood o% theat e-p,oitation
Magnitude o% impact CS 507
CS 507 subjective Compose b/ saha and sumea
;
5de>uac/ o% p,anned and cuent conto,s
Question No: 4" ( Ma!s: " # .denti%/ components o% .ntusion detection s/stem '
http://vustudents.ning.com/
Sensos that ae esponsib,e %o co,,ecting data. (he data can be in the %om o%
net)o!
pac!ets3 ,og 1,es3 s/stem ca,,3 taces3 etc. 5na,/0es that eceive input %om sensos
and
detemine intusive activit/ 5n administative conso,e + it contains intusion
de1nitions app,ied
b/ the ana,/0es.5 use inte%ace
Question No: 44 ( Ma!s: 4 #
$hat ae the cha,,enges to ogani0ations %o ,aunching 2commece' .denti%/ an/
thee.
Secuit/ is the biggest cha,,enge to %o ,aunching 2commece (hee is a consensus
that the issue
o% compute and data secuit/ is the biggest hud,e in the go)th o% ecommece.
$eb seves
a,so %ace this secuit/ theat. Some othe pob,ems )ith ,aunching eAcommece
business is ,ac!
o% tust o% customes3 cu,tue and ,anguages pob,ems.
,ength/ pocedue o% pa/ment and eceipt o% poducts o sevices.
Question No: 47 ( Ma!s: 4 #
&esigning 1,e o database is a majo component o% s/stem designing. .denti%/ its
basic
puposes.
&esigning 1,e o database has the %o,,o)ing puposes.
1. &ata convenience is ensued to the use as and )hen it is e>uied.
". &ata updates in maste 1,e )i,, mechanica,,/ !eep posted the data in the )ho,e
s/stem.
4. &ata is po%essiona,,/ pocessed K stoed.
7. &ata e,iabi,it/ that is Coectness o% data is ensued.
Question No: 45 ( Ma!s: 4 #$hat is the esponsibi,it/ o% the management o% the
ogani0ation to ensue the secuit/ o% in%omation s/stems'
http://vustudents.ning.com/
2-ecutive o senio management ta!e the esponsibi,it/ to povide sa%e and secue
in%omation
s/stem envionment to thei emp,o/ees and use o% in%omation s/stem. &ue to it
emp,o/ees )i,,
%ee, no ham o %ea and can easi,/ do the )o! )ith secue in%omation s/stem o%
an
ogani0ation.
Question No: 4; ( Ma!s: 4 #
&iscuss vaious steps in theat identi1cation ' Give an/ e-amp,e o% theat souces
and
theat actions .
Fo,,o)ing ae steps in theat identi1cation.
1. (heat souce identi1cation
". Motivation and theat actions
Fo e-amp,e a hac!e can hac! a s/stem and can de,ete o get an/ pesona, data o
in%omation.
Question No: 47 ( Ma!s: 5 # Can /ou c,assi%/ 2ACommece into diDeent c,asses'
.deti%/
an/ 1ve.
2ACommece mode,s can be c,assi1ed as
=usiness to =usiness (="=#3
=usiness to Consume (="C#
Consume to Consume (C"C#
=usiness to 2mp,o/ee (="2#3
2AGovenment
Question No: 4? ( Ma!s: 5 # 8o) 5udit tai,s ae technica, mechanism that he,ps
manages to maintain individua, accountabi,it/'
.n 5udit tai,s ae technica, mechanism Ises ae ecogni0ed b/ the ecod being
etain. Ises
http://vustudents.ning.com/
ae in%omed o% )hat the pass)od a,,o)s them to do and )h/ it shou,d be !ept
secue and
con1dentia,. 5udit tai,s a,so he,p to give a,tenative %om noma, behavio )hich
can guide to
i,,ega, usage o% esouces. CS 507
CS 507 subjective Compose b/ saha and sumea
7
5udit tai,s can be used togethe )ith access conto,s to identi%/ and povide
in%omation about
uses a,,eged o% inappopiate modi1cation o% data.
Question No: 4B ( Ma!s: " #
$hat is the basic pupose o% setting up s/stems and pocedues. Give /ou o)n
opinion.
5ns)e: (he basic pupose o% setting up s/stem and pocedues is to ma!e avai,ab,e
in%omation
)hen it is e>uied.
Question No: 70 ( Ma!s: " # &e1ne theat and identi%/ its t/pes.
5ns)e: (heat is an act o event )hich can cause ,oss. (heats ae o% t)o t/pes
,ogica, theats
and ph/sica, theats.
Question No: 71 ( Ma!s: " #
Cist an/ t)o t/pes o% in%omation that can be used as input %o vu,neabi,it/'
5ns)e:
1A 5n/ audit comments
"A Secuit/ e>uiements
Question No: 7" ( Ma!s: " # .denti%/ ,eading 2@6 so%t)ae vendos '
5ns)e:
1AS56
"A<aca,e
http://vustudents.ning.com/
4AQ5&
7A6eop,eSo%t
5ASag
Question No: 74 ( Ma!s: 4 # &e1ne @is! &etemination. .denti%/ its inputs and
outputs.
5ns)e: @is! detemination phase assesses the is! and ,eve, o% is! to .( s/stem.
(he inputs o% to this phase ae
1. Ci!e,ihood o% theat e-p,oitation
". Magnitude o% impact
4. 5de>uac/ o% p,anned and cuent conto,s
(he output is the detemination o% is! and associated is! ,eve,s.
Question No: 77 ( Ma!s: 4 # $hat ae the t/pes o% theats'
5ns)e: (hee ae thee t/pes o% theats.
1A6h/sica, theats: .t e%es to damage caused to the ph/sica, in%astuctue o%
in%omation
s/stem. Fo e-amp,e:
1AFie
"A$ate
4A.ntusion
7A2neg/ vaiation
5A6o,,ution
;AStuctua, damage
"ACogica, (heat: .t e%es to damage caused to the in%omation s/stem )ithout an/
ph/sica,
pesence.
1A$oms and viuses
"ACogica, intusion
http://vustudents.ning.com/
Question No: 75 ( Ma!s: 4 #
&iDeentiate bet)een .ncementa, and iteative mode,s )ith the he,p o% one
e-amp,e each.
5ns)e: .ncementa, vs. .teative
(hese sound simi,a3 and sometimes ae e>uated but thee is a subt,e diDeence:
* .ncementa,: add to the poduct at each phase
* .teative: eAdo the poduct at each phase CS 507
CS 507 subjective Compose b/ saha and sumea
?
2-amp,e:
=ui,ding a 8ouse
* .ncementa,: Stats )ith a modest house3 !eep adding ooms and upgades to it.
* .teative: (he design/constuction map.
Question No:7; ( Ma!s: 4 #
.denti%/ an/ si- %actos that shou,d be consideed in ode %o change to be
success%u,'
5ns)e:
Fo,,o)ing %actos shou,d be consideed in ode %o change to be success%u,:
* $hat ae the imp,ications and baies to success%u, imp,ementation'
* $hat pocesses )i,, )e need to change/intoduce'
* $ho )i,, %ee, theatened b/ the change'
* 8o) do )e change peop,eNs behavio'
* 8o) )i,, success be measued and )hat va,ue )i,, success
8ave %o the business and individua,'
*.s the poposed change a,igned )ith the stategic p,an'
Question No: 77 ( Ma!s: 5 #
&e1ne the %o,,o)ing:
http://vustudents.ning.com/
a# 2C (2 commece#
2,ectonic Commece (eAcommece o 2C# descibes the bu/ing3 se,,ing3 and
e-changing o%
poducts3 sevices3 and in%omation via compute net)o!3 pimai,/ the intenet.
Some peop,e
vie) the tem commece as descibing tansactions conducted bet)een business
patnes.
b# 2= (2 business#
2Abusiness means using the intenet and on,ine techno,ogies to ceate opeating
eLciencies3 and
thee%oe incease va,ue to the custome. .t is intena,,/ %ocused. 5,, eAcommece is
pat o% ebusiness. Not a,, eAbusiness is eAcommece.
Question No: 7? ( Ma!s: 5 #
.denti%/ and de1ne the t/pes o% active attac!s '
5ns)e: 5%te getting pope in%omation about s/stem in passive attac!s intude
)i,, obtain
unauthoi0ed access to modi%/ data o pogams3 causing a denia, o% sevice3
esca,ating
pivi,eges3 accessing othe s/stems. (he/ aDect the integit/3 avai,abi,it/ and
authentication
attibutes o% net)o! secuit/.
(/pes o% 5ctive attac!s
Common %om o% active attac!s ma/ inc,ude the %o,,o)ing:
* Mas>ueading + invo,ves ca/ing out unauthoi0ed activit/ b/ impesonating a
,egitimate
use o% the s/stem.
* 6igg/bac!ing + invo,ves intecepting communications bet)een the opeating
s/stem and the
use and modi%/ing them o substituting ne) messages.
* Spoo1ng + 5 penetato %oo,s uses into thin!ing the/ ae inteacting )ith the
opeating
http://vustudents.ning.com/
s/stem. 8e dup,icates ,ogon pocedue and captues pass )od.
* =ac!doos/tapdoos + it a,,o)s use to emp,o/ the %aci,ities o% the opeating
s/stem )ithout
being subject to the noma, conto,s.(vu0s#
* (ojan 8ose + Ises e-ecute the pogam )itten b/ the penetato. (he pogam
undeta!es
unauthoi0ed activities e.g. a cop/ o% the sensitive data
Question No: 7B ( Ma!s: " #
$hat ae the in%omation e>uiements o% the sevice secto'
5ns)e:
.n%omation e>uiements o% Sevice Secto
* Qua,it/ o% sevice povided. CS 507
CS 507 subjective Compose b/ saha and sumea
B
* Mode o% de,ive/
* Custome Satis%action
* (ime Schedu,ing
* @esouce Management
Question No: 50 ( Ma!s: " #
&e1ne =usiness Continuit/ 6,anning (=C6# '
5ns)e: =usiness Continuit/ 6,anning (=C6# is a methodo,og/ used to ceate a p,an
%o ho) an
ogani0ation )i,, esume patia,,/ o comp,ete,/ inteupted citica, %unctions )ithin
a
pedetemined time a%te a disaste o disuption.Q
Question No: 51 ( Ma!s: " #
.denti%/ diDeent t/pes o% .n%omation assets '
1A Secuit/ 6o,ic/
http://vustudents.ning.com/
"A Secuit/ 6ogam
Question No: 5" ( Ma!s: " #
.denti%/ components o% .ntusion detection s/stem '
5ns)e: Components o% .&S
5n .&S compises on the %o,,o)ing:
* Sensos that ae esponsib,e %o co,,ecting data. (he data can be in the %om o%
net)o! pac!ets3
,og 1,es3 s/stem ca,, taces3 etc.
* 5na,/0es that eceive input %om sensos and detemines intusive activit/.
* 5n administation
Question No: 54 ( Ma!s: 4 #
$hat is the necessa/ in%omation needed to begin impact ana,/sis'
5ns)e: =e%oe beginning the impact ana,/sis3 it is necessa/ to obtain the %o,,o)ing
necessa/
in%omation.
* S/stem mission
* S/stem and data citica,it/
* S/stem and data sensitivit/
http://vu0s.net/
Question No: 57 ( Ma!s: 4 # &e1ne 5ctive attac!s'
5ns)e: 5ctive attac!s ma/ inc,ude obtaining unauthoi0ed access to modi%/ data o
pogams3
causing a denia, o% sevice3 esca,ating pivi,eges3 accessing othe s/stems. (he/
aDect the
integit/3 avai,abi,it/ and authentication attibutes o% net)o! secuit/.
Question No: 55 ( Ma!s: 4 #
$h/ is it needed %o 5ccounting in%omation s/stem (5.S# to be ,in!ed )ith a,, othe
in%omation s/stems in an ogani0ation'
http://vustudents.ning.com/
5ns)e: 5ccounting in%omation s/stem (5.S# is ,in!ed to a,, the in%omation s/stems
in an
ogani0ation. (his is impotant because the data e>uied %o pope boo! !eeping
and geneation
o% tansactiona, epots is e-tacted %om a,, ove the ogani0ation. Fo instance
sa,es in%omation
can be sought on,/ %om ma!eting in%omation s/stem and stoc! in%omation is
avai,ab,e in
manu%actuing in%omation s/stem.
Question No: 5; ( Ma!s: 4 #
.denti%/ an/ si- %actos that shou,d be consideed in ode %o change to be
success%u,'
5ns)e:
Fo,,o)ing %actos shou,d be consideed in ode %o change to be success%u,:
* $hat ae the imp,ications and baies to success%u, imp,ementation'
* $hat pocesses )i,, )e need to change/intoduce'
* $ho )i,, %ee, theatened b/ the change' CS 507
CS 507 subjective Compose b/ saha and sumea
10
* 8o) do )e change peop,eNs behavio'
* 8o) )i,, success be measued and )hat va,ue )i,, success
8ave %o the business and individua,'
*.s the poposed change a,igned )ith the stategic p,an'
Question No: 57 ( Ma!s: 5 #
$hat do /ou undestand b/ 6ivac/' 8o) can pivac/ be potected' Cist theats to
6ivac/.
5ns)e:
6ivac/ means the >ua,it/ o condition o% being sec,uded %om the pesence o vie)
o% othes3 the
http://vustudents.ning.com/
state o% being %ee %om unsanctioned intusion: a pesonNs ight to pivac/3 the
state o% being
concea,edP secec/. 6ivac/ is >uite a subjective/e,ative concept.
6otecting 6ivac/
(he ights o% pivac/ must be ba,anced against the needs o% the societ/. 2ve/
societ/ has to
decide some)hee on the ga/ aea bet)een hiding a,, and !no)ing a,, e-temes.
6ub,ic:s ights
to !no) is supeio to the individua,:s ights o% pivac/. Isua,,/ pub,ic and
individua,:s ights
stand in conHict )ith each othe. Since govenment agencies have thei concens in
pioit/ e.g.
cimina, investigation3 undesiab,e socia, activities. Eaious aspects can be seen as
a theat to
pivac/.
(heats to 6ivac/
* 2,ectonic suvei,,ance
* &ata 6o1,ing
* <n,ine 6ivac/
* $o!p,ace monitoing
* Cocation tac!ing
* =ac!gound chec!s
* Financia, pivac/
* Medica, ecod and genetic po1,ing
* &igita, ight
* .nte,,ectua, popet/ ights
* (a-ation .ssues
Question No: 5? ( Ma!s: 5 #
http://vustudents.ning.com/
Give an/ t)o e-amp,es to pove that 5udit tai,s he,p to povide vaiants %om
noma,
behavio )hich ma/ ,ead to unauthoi0ed usage o% esouces.
5ns)e: 5udit tai,s he,p to povide vaiants %om noma, behavio )hich ma/ ,ead
to
unauthoi0ed usage o% esouces. Fo e-amp,e
* 5udit tai,s can be used togethe )ith access conto,s to identi%/ and povide
in%omation about
uses suspected o% impope modi1cation o% data (e.g.3 intoducing
eos into a database#.
* 5n audit tai, ma/ ecod Rbe%oeR and Ra%teR images3 a,so ca,,ed snapshots o%
ecods.
Question No: 5B ( Ma!s: 4 # $hat ae hac!es'
5ns)e:
5 hac!e is a peson )ho attempts to invade the pivac/ o% the s/stem. .n %act he
attempts to gain
unauthoi0ed ent/ to a compute s/stem b/ cicumventing the s/stem:s access
conto,s. 8ac!es
ae noma,,/ s!i,,ed pogammes3 and have been !no)n to cac! s/stem
pass)ods3 )ith >uite
an ease. .nitia,,/ hac!es used to aim at simp,/ cop/ing the desied in%omation %om
the s/stem.
=ut no) the tend has been to coupt the desied in%omation.
Question No: ;0 ( Ma!s: 1 # &e1ne @is! Mitigation. CS 507
CS 507 subjective Compose b/ saha and sumea
11
5ns)e: @is! mitigation is a pocess that ta!es p,ace a%te the pocess o% is!
assessment has
been comp,eted. S/stematic eduction in the e-tent o% e-posue to a is! and/o the
,i!e,ihood o%
http://vustudents.ning.com/
its occuence. 5,so ca,,ed is! eduction.
Question No: ;1 ( Ma!s: 1 # $hat ae the va,ue sets'
5ns)e: 2ach attibute has a Ea,ue Set (domain# i.e. de1ned paametes o the
ange in )hich
va,ue o% the attibute ma/ %a,,.
Question No: ;" ( Ma!s: " # $hat ae the puposes o% the <bjects'
5ns)e: 5n object can be de1ned as S5 concept3 abstaction3 o thing )ith cisp
boundaies and
meaning o% the pob,em at hand. <bjects seve t)o puposes3 the/ pomote
undestanding o% the
ea, )o,d and povide a pactica, basis %o compute imp,ementation.Q
Question No: ;4 ( Ma!s: 1 # $hat is the pupose o% ,ine s/mbo, in the 2ntit/
@e,ationship
&iagam'
5ns)e: Cines ,in! attibutes to entit/ sets3 entit/ sets to e,ationship sets (a,so
epesent o,es#.
Question No: ;7 ( Ma!s: 1 # $hat ae the ,ogica, theats to the in%omation
s/stems'
5ns)e: (his e%es to damage caused to the so%t)ae and data )ithout ph/sica,
pesence.
2-amp,es ae viuses and )oms3 ,ogica, intusion common,/ e%eed to as hac!ing
Question No: ;5 ( Ma!s: " # $hat is c/ptogaph/'
5ns)e:
.n tuth%u, conditions3 c/ptogaph/ means science o% coded )iting. .t is a secuit/
de%end to
ma!e in%omation incompehensib,e i% un,a)%u, pesons cut oD the tansmission.
$hen the
in%omation is to be used3 it can be decoded. S(he e-change o% data into a secet
code %o the
secue tansmission ove a pub,ic net)o! is ca,,ed c/ptogaph/.Q
http://vustudents.ning.com/
Question No: ;; ( Ma!s: " #
$hat do /ou undestand b/ .ntusion &etection S/stems'
5ns)e:
5nothe e,ement to secuing net)o!s is an intusion detection s/stem (.&S#. .&S is
used in
ba,ance to 1e)a,,s. 5n .&S )o!s in combination )ith outes and 1e)a,,s and it
monito
net)o! that ho) much it used and .t potects a compan/:s in%omation s/stems
esouces %om
e-tena, as )e,, as intena, misteatment.
Question No: ;7 ( Ma!s: " #
Cist in%omation @e>uiements %o Medium si0es ogani0ations.
5ns)e:
6,anning %o e>uied
.n%omation
Monitoing o% in%omation o% p,anning.
Question No: ;? ( Ma!s: " #
&e1ne &oppe and (ojan hose '
5ns)e:
(ojan hose is ,i!e it e-ecutes b/ use the pogam )itten b/ the penetate. (he
pogam
undeta!es i,,ega, actions e.g. a cop/ o% the sensitive data and 1,es.
5 doppe is a pogam not a vius. .t insta,,s a vius on the 6C )hi,e pe%oming
anothe
%unction.
Question No: ;B ( Ma!s: 4 #
&esigning 1,e o database is a majo component o% s/stem designing. .denti%/ its
basic
puposes.
http://vustudents.ning.com/
5ns)e: 6uposes o% &esigning 1,e o database
&ata is )e,, pocessed
&ata is stoes cae%u,,/ CS 507
CS 507 subjective Compose b/ saha and sumea
1"
&ata bing up to date cae%u,,/ as it update in maste 1,e3 maste 1,e automatica,,/
update )ho,e
data &ata accessibi,it/ is ensued )hen a custome o use need data
&ata integit/ is con1med.
Question No:70 ( Ma!s: 4 #
$hat is the esponsibi,it/ o% the management o% the ogani0ation to ensue the
secuit/ o%
in%omation s/stems'
5ns)e:
(he esponsibi,it/ o% the management o% the ogani0ation to ensue the secuit/ o%
in%omation
s/stem that Secuit/ must be sponsoed b/ senio management. Management has
a
esponsibi,it/ to ensue that the ogani0ation povides a,, secue in%omation
s/stems
envionment %o uses o customes. (his )i,, ma!e uses o% in%omation s/stems
that ae the/
%ee, secue and the impotance o% secue in%omation envionment.
Question No: 71 ( Ma!s: 4 #
.denti%/ the in%omation that is e>uied be%oe conducting an impact ana,/sis'
5ns)e:
.n%omation that is e>uied be%oe conduction an impact ana,/sis ae that 5na,/0e
the Mission o%
http://vustudents.ning.com/
the s/stem ana,/0e the S/stem and data citica,it/ ana,/0e S/stem and data
sensitivit/.
Question No: 7" ( Ma!s: 4 # &e1ne @eengineeing'
5ns)e:
(his is !no)n as compan/ tans%omation o business tans%omation. .t
is the moe essentia, %om o% change management3 since it )o!s %o a,, the
e,ements o%
6ocesses o stuctues that have evo,ved ove time.
Question No: 7" ( Ma!s: 5 #
=ieH/ discuss @is! &etemination '
5ns)e: @is! &etemination:
@is! detemination means that phase o% ana,/0ing ho) much the in%omation assets
ae
uncoveed to vaious theats !no)n and thus count the ,oss cause to the asset
though this theat.
(his phase e,ates to ana,/sis o% both ph/sica, and ,ogica, theats and compises o%
%ou steps.
Fou steps ae usua,,/ %o,,o)ed )hi,e ana,/0ing the e-posue.
(he main eason o% this step is to assess the ,eve, o% is! to the .( s/stem. (he
detemination o%
e-acting theat can be spo!en as a meaning o%
1 (he ,i!e,ihood o% a given theatAsouce:s attempting to e-ecise a given )ea!ness.
". (he magnitude o% the impact shou,d a theat souce success%u,,/ e-ecise a
susceptibi,it/
4. (he competence o% p,anned o e-isting secuit/ conto,s %o educing o
minimi0ing is!.
Question No: 74 ( Ma!s: 5 #
&iscuss (echnica, Cimitations o% 2commece in compaison )ith NonA(echnica,
Cimitations in ogani0ations '
http://vustudents.ning.com/
5ns)e:
(echnica, Cimitations o% 2commece in compaison )ith NonA(echnica, ,imitation in
ogani0ation ae that moe cost to use %o so%t)aes and techno,og/3e,iabi,it/ %o
cetain
pocesses.in suLcient communications the eason is that peop,e don:t !no) about
it. So%t)ae
too,s ae not 1-ed and used in egu,a manne.peop,e has No enough access o%
intenet and the/
have diLcu,t/ to adopt eAcommece in%astuctue instead o% ogani0ationa, s/stems
Question No: 77 ( Ma!s: 1 #
Give a bie% de1nition o% 2@6.
5ns)e: S2@6 (entepise esouce p,anning# is an indust/ tem %o the boad set o%
activities
suppoted b/ mu,tiAmodu,e app,ication so%t)ae that he,ps a manu%actue o othe
business
manage the impotant pats o% its business3 inc,uding poduct p,anning3 pats
puchasing3 CS 507
CS 507 subjective Compose b/ saha and sumea
14
maintaining inventoies3 inteacting )ith supp,ies3 poviding custome sevice3 and
tac!ing
odes.Q
Question No: 75 ( Ma!s: 1 #
$h/ is a Ris! mati-R necessa/'
5ns)e: 5 pob,em )hen /ou have a numbe o% possib,e is!s is to decide )hich
ones ae
)oth/ o% %uthe attention. (he @is! Mati- is a simp,e too, to he,p pioiti0e is!s.
Question No: 7; ( Ma!s: " #
&e1ne theat and identi%/ its t/pes.
http://vustudents.ning.com/
5ns)e: S5 theat is some action o event that can ,ead to a ,oss.Q
(hee ae " t/pes o% theats.
1A6h/sica, theat
"ACogica, (heat
Question No: 77 ( Ma!s: " # &e1ne Fie)a,,.
5ns)e: Fie)a,,
Fie)a,, is the pima/ method %o !eeping a compute secue %om intudes. 5
1e)a,, a,,o)s
o b,oc!s taLc into and out o% a pivate net)o! o the useNs compute.
Question No: 7? ( Ma!s: 4 #
.n accounting and 1nance tems3 audit is a pocess )hich inc,udes an e-amination
o%
ecods o 1nancia, accounts to chec! thei accuac/3 an adjustment o coection o%
accounts an e-amined and vei1ed account.&iscuss the concept o% 5udit in .S'
5ns)e: 5n in%omation techno,og/ (.(# audit o in%omation s/stems (.S# audit is an
e-amination o% the conto,s )ithin an entit/Ns .n%omation techno,og/ in%astuctue.
.S audit
%ocuses moe on e-amining the integit/ o% conto,s and ensuing )hethe the/ ae
pope,/
)o!ing.<btained evidence eva,uation can ensue )hethe the ogani0ationNs
in%omation
s/stems sa%eguad assets3 maintains data integit/3 and is opeating eDective,/ and
eLcient,/ to
achieve the ogani0ationNs goa,s o objectives.
Question No: 7B ( Ma!s: 5 # &iDeentiate object %om c,ass.
5n object is an instance o% some c,ass. 5,, objects ae instances o% some c,ass.
.nstance a,so
caies connotations o% the c,ass to )hich the object be,ongs. Fo e-amp,e3
computes ae the
http://vustudents.ning.com/
domain/C,ass )hich can be divided into %o,,o)ing subAc,asses:
* Captop compute
* &es!top compute
* 6a,mtop
Question No: ?0 ( Ma!s: 1 #
&e1ne @is! Mitigation.
5ns)e: @is! mitigation is a pocess that ta!es p,ace a%te the pocess o% is!
assessment has
been comp,eted. S/stematic eduction in the e-tent o% e-posue to a is! and/o the
,i!e,ihood o%
its occuence. 5,so ca,,ed is! eduction.
Question No: ?1 ( Ma!s: 1 #
&e1ne @is! Mitigation.
5ns)e: @is! mitigation is a pocess that ta!es p,ace a%te the pocess o% is!
assessment has
been comp,eted. S/stematic eduction in the e-tent o% e-posue to a is! and/o the
,i!e,ihood o%
its occuence. 5,so ca,,ed is! eduction.
Question No: ?" ( Ma!s: 1 # .denti%/ t/pes o% change management.
5ns)e:
(/pes o% change management:
1A <gani0ationa, &eve,opment:
"A @eAengineeing CS 507
CS 507 subjective Compose b/ saha and sumea
17
Question No: ?4 ( Ma!s: " #
.denti%/ )hat in%omation is needed be%oe conducting an .mpact ana,/sis'
http://vustudents.ning.com/
5ns)e: =e%oe beginning the impact ana,/sis3 it is necessa/ to obtain the %o,,o)ing
necessa/
in%omation.
* S/stem mission
* S/stem and data citica,it/
* S/stem and data sensitivit/
Question No:?7 ( Ma!s: " #
$h/ pocess s/mbo, is used in the F,o) chats'
5ns)e:
6ocess s/mbo, is used to indicate an activit/ undeta!en o action done.
Question No: ?5( Ma!s: 4 #
$hat ae the objective/puposes o% the &F&s'
5ns)e: (he pupose o% data Ho) diagams is to povide a ,in!ing bidge bet)een
uses and
s/stems deve,opes. &ata Ho) diagams %aci,itate uses to undestand ho) the
s/stem opeate.
&F&:s a,so he,p deve,opes to
bette undestand the s/stem )hich he,ps in avoiding de,a/s in pope designing3
deve,opment3
etc. o% pojects.
Question No:?; ( Ma!s: 4 # $hat ae hac!es'
5ns)e:
5 hac!e is a peson )ho attempts to invade the pivac/ o% the s/stem. .n %act he
attempts to gain
un authoi0ed ent/ to a compute s/stem b/ cicumventing the s/stem:s access
conto,s.
8ac!es ae noma,,/ s!i,,ed pogammes3 and have been !no)n to cac! s/stem
pass)ods3
)ith >uite an ease.
http://vustudents.ning.com/
Question No: ?7 ( Ma!s: 1 # $hat ae the va,ue sets'
5ns)e: 2ach attibute has a Ea,ue Set (domain# i.e. de1ned paametes o the
ange in )hich
va,ue o% the attibute ma/ %a,,.
Question No: ??( Ma!s: " # $hat ae the puposes o% the <bjects'
5ns)e: 5n object can be de1ned as S5 concept3 abstaction3 o thing )ith cisp
boundaies and
meaning o% the pob,em at hand. <bjects seve t)o puposes3 the/ pomote
undestanding o% the
ea, )o,d and povide a pactica, basis %o compute imp,ementation.Q
Question No:?B ( Ma!s: " # $hat do /ou undestand b/ .ntusion &etection
S/stems'
5ns)e: 5n e,ement to secuing net)o!s is an intusion detection s/stem (.&S#. .&S
is used in
comp,ement to 1e)a,,s. 5n .&S )o!s in conjunction )ith outes and 1e)a,,s b/
monitoing
net)o! usage anoma,ies. .t potects a compan/:s in%omation s/stems esouces
%om e-tena,
as )e,, as intena, misuse
Question No: B0 ( Ma!s: 4 # $hat is the pupose o% decision s/mbo, in the Ho)
chat'
5ns)e:
* (he s/mbo, is used )hen a choice can be made bet)een the options avai,ab,e.
* Such options ae mutua,,/ e-c,usive.
* <n,/ one Ho) ,ine shou,d ente a decision s/mbo,3 but t)o o thee Ho) ,ines3 one
%o
each possib,e ans)e3 shou,d ,eave the decision s/mbo,.
Question No: B1 ( Ma!s: 1 # &e1ne @is! Mitigation.
5ns)e: @is! mitigation is a pocess that ta!es p,ace a%te the pocess o% is!
assessment has
http://vustudents.ning.com/
been comp,eted.
Question No: B" ( Ma!s: 1 # .denti%/ t/pes o% change management.
5ns)e:
(/pes o% change management: CS 507
CS 507 subjective Compose b/ saha and sumea
15
1A <gani0ationa, &eve,opment:
"A @eengineeing
Question No: B4 ( Ma!s: " # .denti%/ )hat in%omation is needed be%oe conducting
an
.mpact ana,/sis'
5ns)e: =e%oe beginning the impact ana,/sis3 it is necessa/ to obtain the %o,,o)ing
necessa/ in%omation.
* S/stem mission
* S/stem and data citica,it/
* S/stem and data sensitivit/
Question No: B7 ( Ma!s: " # $h/ pocess s/mbo, is used in the F,o) chats'
5ns)e:
6ocess s/mbo, is used to indicate a activit/ undeta!en o action done.
Question No: B5 ( Ma!s: 4 # $hat ae the objective/puposes o% the &F&s'
5ns)e: (he pupose o% data Ho) diagams is to povide a ,in!ing bidge bet)een
uses and
s/stems deve,opes. &ata Ho) diagams %aci,itate uses to undestand ho) the
s/stem opeate.
&F&:s a,so he,p deve,opes to
bette undestand the s/stem )hich he,ps in avoiding de,a/s in pope designing3
deve,opment3
etc. o% pojects.
http://vustudents.ning.com/
Question No: B; ( Ma!s: 4 # $hat ae hac!es'
5ns)e:
5 hac!e is a peson )ho attempts to invade the pivac/ o% the s/stem. .n %act he
attempts to gain
un authoi0ed ent/ to a compute s/stem b/ cicumventing the s/stem:s access
conto,s.
8ac!es ae noma,,/ s!i,,ed pogammes3 and have been !no)n to cac! s/stem
pass)ods3
)ith >uite an ease.
'Question No: B7 ( Ma!s: " # $hat is an entit/..
5ns)e: 5n entit/ is an object that e-ists and is distinguishab,e %om othe objects.
5n entit/ is
descibed using a set o% attibutes. Fo e-amp,e speci1c peson3 compan/3 event3
p,ant3 cop3
depatment3 section3 cost cente.
Question No: B? ( Ma!s: " # &e1ne C@M.
5ns)e: C@M Ises poven methodo,ogies and eAbusiness techno,ogies to he,p
companies to
identi%/3 se,ect3 ac>uie3 deve,op3 and etain po1tab,e customes3 bui,ding the
,asting
e,ationships that ae !e/ to ,ongAtem 1nancia, success.
Question No: BB( Ma!s: 4 # .denti%/ basic steps to imp,ement =6@2.
5ns)e: Fo,,o)ing steps shou,d be %o,,o)ed to imp,ement =6@.
* =ea! do)n the CSF:s into the !e/ o citica, business pocesses and gain
pocess o)neship.
* =ea! do)n the citica, pocesses into subApocesses3 activities and tas! and
%om the teams aound these.
* @eAdesign3 monito and adjust the pocessAa,ignment in esponse to diLcu,ties
in the change pocess.
http://vustudents.ning.com/
Question No: 100 ( Ma!s: 4 #
&e1ne @is! &etemination. .denti%/ its inputs and outputs.
5ns)e: (his phase e,ates to ana,/0ing ho) much the in%omation assets ae
e-posed to vaious
theats identi1ed and thus >uanti%/ing the ,oss caused to the asset though this
theat.
(he inputs o% to this phase ae
1. Ci!e,ihood o% theat e-p,oitation
". Magnitude o% impact
4. 5de>uac/ o% p,anned and cuent conto,s CS 507
CS 507 subjective Compose b/ saha and sumea
1;
(he output is the detemination o% is! and associated is! ,eve,s.
@is! &etemination
(he pupose o% this step is to assess the ,eve, o% is! to the .( s/stem. (he
detemination o%
paticu,a theat can be e-pessed as a %unction o%
1. (he ,i!e,ihood o% a given theatAsouce:s attempting to e-ecise a given
vu,neabi,it/
(s/stem Ha)#
". (he magnitude o% the impact shou,d a theat souce success%u,,/ e-ecise a
vu,neabi,it/
4. (he ade>uac/ o% p,anned o e-isting secuit/ conto,s %o educing o e,iminating
is!.
(his phase a,so pesumes the de1nition o% is! ,eve,s in ode to c,assi%/ the is!s.
(he is moe o%
a discetiona/ act on pat o% the management. Ceve,s can be de1ned as high
medium ,o) and
a,,ocating vaious pobabi,it/ anges. @is! ,eve,s ae made to compae them )ith
the anges o%
http://vustudents.ning.com/
impact.
Question No: 10" ( Ma!s: 4 # &iDeentiate C@M %om 2@6
5ns)e: (he diDeence bet)een C@M and 2@6 is that the %ome is out)adA,oo!ing3
)hi,e the
,atte is in)adA,oo!ing.
Question No: 10" ( Ma!s: 5 # 8o) the ,i!e,ihood is detemined' 2n,ist the %actos.
Ci!e,ihood &etemination
* (his phase detemines that a potentia, vu,neabi,it/ cou,d be e-ecised b/ a given
theatAsouce. Fo,,o)ing tab,e )i,, he,p us to de1ne and undestand the ,i!e,ihood
de1nitions. (he input to this phase is
* (heat souce motivation
* (heat capacit/
* Natue o% vu,neabi,it/
* Cuent Conto,s
(he output to this phase is a ,i!e,ihood ating to be used %uthe in the is!
assessment pocess.
.mpact 5na,/sis
(his phase detemines the advese impact esu,ting %om a success%u, theat
e-ecise o%
vu,neabi,it/. Fo,,o)ing in%omation is e>uied be%oe conducting an impact
ana,/sis.
1. S/stem mission e.g. the pocess pe%omed b/ .( s/stem.
". S/stem and data citica,it/ e.g. the s/stem:s va,ue o impotance to an
ogani0ation
4. S/stem and data sensitivit/
Question No:104 ( Ma!s: 10 # 8o) )i,, /ou compae .ntegated S/stems to 2@6'
.ntegating s/stems
Cet:s ta!e a ,oo! )hat an integated in%omation s/stem ,oo!s ,i!e. 5s seen in the
above pictue
http://vustudents.ning.com/
a,, s/stems ae inte%aced )ith one anothe3 the input in one s/stem automatica,,/
updating the
data in the othe e,evant s/stem. $e thus obseve simu,taneous &ata shaing
bet)een vaious
s/stems and simu,taneous e-ecution o% diDeent business pocesses. Fo 2-amp,e3 a
con1med
sa,es ode eceived b/ the sa,es depatment %om the custome )i,, once enteed
into the sa,es
s/stem automatica,,/ povide data input to stoes/pac!ing/ shipping and possib,/
the poduction
s/stems. (hus ensuing that a,, e,evant depatments ae noti1ed o% ead/ %o
necessa/ action
simu,taneous,/.
Question No: 107 ( Ma!s: 1 # $hat indicates the s/mbo, 5o) in the Ho) chats'
5ns)e: 5o) in a Ho) chat sho)s the diection o% Ho) o% pocedue o s/stem.
Question No: 105 ( Ma!s: 1 # &e1ne In%ee0ing c,ass o% Change.
5ns)e: .n this phase o% change management3 a situation %o ne-t phase is pepaed
b/
discon1ming e-istent attitudes and behavios.
Question No:10; ( Ma!s: " # $hat ae the ph/sica, theats to the in%omation
s/stems' CS 507
CS 507 subjective Compose b/ saha and sumea
17
5ns)e: (his e%es to the damage caused to the ph/sica, in%astuctue o% the
in%omation
s/stems. 2-amp,es ae natua, disastes (Fie3 eath >ua!e3 Hood#3 po,,ution3 eneg/
vaiations
and ph/sica, .ntusion.
Question No: 107 ( Ma!s: " # $hat is c/ptogaph/'
5ns)e: .n ,itea, tems3 c/ptogaph/ means science o% coded )iting. .t is a
secuit/ sa%eguad
http://vustudents.ning.com/
to ende in%omation uninte,,igib,e i% unauthoi0ed individua,s intecept the
tansmission. $hen
the in%omation is to be used3 it can be decoded. S(he convesion o% data into a
secet code %o
the secue tansmission ove a pub,ic net)o! is ca,,ed c/ptogaph/.Q
Question No: 10? ( Ma!s: 4 # $hat is oDApage connecto'
5ns)e: .% the Ho)chat becomes comp,e-3 it is bette to use connecto s/mbo,s to
educe the
numbe o% Ho) ,ines. <DA6age Connecto is used to connect emote Ho)chat
potion on
diDeent pages. <ne Ho) ,ine entes o e-its.
Question No: 10B ( Ma!s: 4 # $hat is access conto,' Give e-amp,e
5ns)e: (hese conto,s estab,ish the inte%ace bet)een the )ou,dAbe use o% the
compute
s/stem and the compute itse,%. (hese conto,s monito the initia, handsha!ing
pocedue o% the
use )ith the opeating s/stem. Fo e-amp,e )hen a custome entes the cad and
the pin code in
an automatic te,,e machine (5(M#3 the access conto,s ae e-ecised b/ the s/stem
to b,oc!
un)anted o i,,egitimate access.
Question No: 110 ( Ma!s: 4 # Cist an/ thee ethica, cha,,enges given b/ .S secuit/
association o% IS5 '
2thica, Cha,,enges
.n%omation s/stem secuit/ association o% IS5 has ,isted do)n %o,,o)ing ethica,
cha,,enges
1. Misepesentation o% ceti1cations3 s!i,,s
". 5buse o% pivi,eges
4. .nappopiate monitoing
7. $ithho,ding in%omation
http://vustudents.ning.com/
5. &ivu,ging in%omation inappopiate,/
;. <vestating issues
7. ConHicts o% inteest
?. Management / emp,o/ee / c,ient issues
Question No: 111( Ma!s: 5 # &iDeentiate the %o,,o)ing (.ntusion &etection vs
Eaiance
&etection
.ntusion detection
.ntusion detection e%es to the pocess o% identi%/ing attempts to penetate a
s/stem and gain
unauthoi0ed access. .% audit tai,s have been designed and imp,emented to ecod
appopiate
in%omation3 the/ can assist in intusion detection. .ntusion detection s/stem can
be made pat o%
the egu,a secuit/ s/stem to eDective,/ detect intusion. @ea, time intusion
detection is
technica, and comp,e- to achieve but easonab,e e-tent can be attained. @ea,Atime
intusion
detection is pimai,/ aimed at outsides attempting to gain unauthoi0ed access to
the s/stem.
Eaiance detection and audit tai,s
(ends/vaianceAdetection too,s ,oo! %o anoma,ies in use o s/stem behavio. .t is
possib,e to
monito usage tends and detect majo vaiations. (he ,og can be detected and
ana,/0ed to detect
the iegu,ait/. Fo e-amp,e3 i% a use t/pica,,/ ,ogs in at B a.m.3 but appeas at 7:40
a.m. one
moning3 this ma/ indicate eithe a secuit/ pob,em o a ma,%unctioning o% the
s/stem c,oc!3
that ma/ need to be investigated. (he ,og can be soted/1,teed %o a,, ,og ins be%o
B a.m. %om
http://vustudents.ning.com/
that paticu,a temina,
Question No: 11" ( Ma!s: 5 # $hat ae the souces o% citica, success %acto' CS
507
CS 507 subjective Compose b/ saha and sumea
1?
Citica, Success Factos have to be ana,/0ed and estab,ished. CSF:s ma/ be
deve,oped %om
vaious souces.
Genea,,/ %ou majo souces o% identi%/ing CSF:s ae
* .ndust/ CSFs esu,ting %om speci1c indust/ chaacteisticsP
* CSF:s esu,ting %om the chosen competitive stateg/ o% the business e.g. >uic!
and time,/
de,ive/
ma/ be citica, to couie sevice business
* 2nvionmenta, CSFs esu,ting %om economic o techno,ogica, changesP and
* (empoa, CSFs esu,ting %om intena, ogani0ationa, needs and changes.
Question No: 114 ( Ma!s: 10 # $hat is eusab,e so%t)ae'
@eusab,e So%t)ae + (he so%t)ae deve,oped using object oiented appoach can be
easi,/ eused
due to independence/uni>ueness o% the objects i.e. an independent accounting
modu,e bui,t in
object oiented envionment can be made a pat o% a comp,ete 2@6 so,ution )ithout
deve,oping
it again %om scatch %o 2@6.
Question No:117 ( Ma!s: 10 #
&iscuss S/stem Chaactei0ation ' $hat in%omation ma/ he,p to chaactei0e the
s/stem '
S/stem Chaactei0ation
http://vustudents.ning.com/
.n assessing is!s %o an .( s/stem3 the 1st step is to de1ne the scope o% the eDot.
(he
esouces and in%omation that constitute the s/stem ae identi1ed. (he s/stem
e,ated
in%omation is documented )hich inc,udes.
1. 8ad)ae
". So%t)ae
4. S/stem .nte%ace
7. &ata K .n%omation
5. 6eop,e ($ho suppot and use .(#
;. S/stems Mission (6ocesses pe%omed b/ .( s/stem#
5dditiona, in%omation that ma/ he,p in chaactei0ing the s/stem ae:
1. Functiona, e>uiements o% .( s/stem
". Ises o% s/stem (technica, suppot and app,ication uses#
4. S/stem Secuit/ 6o,ic/
7. S/stem Secuit/ 5chitectue
Question No: 115 ( Ma!s: " #
$hat shou,d be the basic objective o% an ogani0ation in /ou opinion'
(he basic objective o% an ogani0ation is to ma!e a po1t and get a sustainab,e
competenc/.
Question No: 11; ( Ma!s: " # &e1ne intusion detection '
.ntusion detection e%es to the pocess o% identi%/ing attempts to penetate a
s/stem and gain
unauthoi0ed access. .% audit tai,s have been designed and imp,emented to ecod
appopiate
in%omation3 the/ can assist in intusion detection. .ntusion detection s/stem can
be made pat o%
the egu,a secuit/ s/stem to eDective,/ detect intusion. @ea, time intusion
detection is
http://vustudents.ning.com/
technica, and comp,e- to achieve but easonab,e e-tent can be attained. @ea,Atime
intusion
detection is pimai,/ aimed at outsides attempting to gain unauthoi0ed access to
the s/stem.
(/pes o% Eiuses
5,though viuses ae o% man/ t/pes3 ho)eve boad categoies have been identi1ed
in accodance
)ith the damage the/ cause. Some o% these categoies have been stated be,o) CS
507
CS 507 subjective Compose b/ saha and sumea
1B
* =oot Secto Eiuses
* <ve)iting viuses
* &oppe
* (ojans
=oot secto Eius
(he boot secto is pat o% compute )hich he,ps it to stat up. .% the boot secto is
in%ected3 the
vius can be tans%eed to the opeating s/stem and app,ication so%t)ae.
<ve)iting Eiuses
5s the name imp,ies3 it ove)ites eve/ pogam/so%t)ae/1,e it in%ects )ith itse,%.
8ence the
in%ected 1,e no ,onge %unctions.
&oppe
5 doppe is a pogam not a vius. .t insta,,s a vius on the 6C )hi,e pe%oming
anothe %unction.
(ojan hose
.n%omation S/stem (CS507# EI
T Cop/ight Eitua, Inivesit/ o% 6a!istan 171
http://vustudents.ning.com/
5 (ojan hose is a ma,icious pogam that is disguised as o embedded )ithin
,egitimate so%t)ae.
(he/ ma/ ,oo! use%u, o inteesting (o at the ve/ ,east ham,ess# to an
unsuspecting use3 but ae
actua,,/ ham%u, )hen e-ecuted. 2-amp,es ae
* Cogic bomb + (ojan hoses ae tiggeed on cetain event3 e.g. )hen disc c,ean up
eaches a
cetain ,eve, o% pecentage
* (ime bomb + (ojan hose is tiggeed on a cetain date.
6ossib,e pepetatos inc,ude:
* 8ac!es
* 8ac!tivists
* Cac!es
8ac!es
5 hac!e is a peson )ho attempts to invade the pivac/ o% the s/stem. .n %act he
attempts to gain
un authoi0ed ent/ to a compute s/stem b/ cicumventing the s/stem:s access
conto,s. 8ac!es
ae noma,,/ s!i,,ed pogammes3 and have been !no)n to cac! s/stem
pass)ods3 )ith >uite an
ease. .nitia,,/ hac!es used to aim at simp,/ cop/ing the desied in%omation %om
the s/stem. =ut
no) the tend has been to coupt the desied in%omation.
8ac!tivsts
(his e%es to individua,s using thei s!i,,s to %o)ad a po,itica, agenda3 possib,/
bea!ing the ,a)
in the pocess3 but justi%/ing thei actions %o po,itica, easons.
Cac!es
(hee ae hac!es )ho ae moe ma,icious in natue )hose pima/ pupose o
intent is to commit
http://vustudents.ning.com/
a cime though thei actions %o some ,eve, o% pesona, gain o satis%action. (he
tems hac! and
cac! ae o%ten used intechangeab,/.
.ts ve/ common %o hac!es to misuse pass)ods and 6esona, identi1cation
numbe3 in ode to
gain unauthoi0ed access.
6ass)ods
S6ass)od is the secet chaacte sting that is e>uied to ,og onto a compute
s/stem3 thus
peventing unauthoi0ed pesons %om obtaining access to the compute. Compute
uses ma/
pass)odApotect thei 1,es in some s/stems.Q
Misuse o% pass)ods CS 507
CS 507 subjective Compose b/ saha and sumea
"0
5 ve/ simp,e %om o% hac!ing occus )hen the pass)od o% the temina, unde the
use o% a
paticu,a emp,o/ee is e-posed o become common,/ !no)n. .n such a situation
access to the
entie in%omation s/stem can be made though that temina, b/ using the
pass)od. (he e-tent o%
access avai,ab,e to an intude in this case depends on the pivi,ege ights avai,ab,e
to the use.
Question No: 47 ( Ma!s: " #
$hat is the use o% &e%au,t !e/)od in s)itch stuctue'
Question No: 4; ( Ma!s: 4 #
$hee R$hi,eR ,oop is moe pe%eab,e than RFoR ,oop and vice vesa' 3 e-p,ain )ith
the he,p o%
e-amp,e.
$hee R$hi,eR ,oop is moe pe%eab,e than RFoR ,oop and vice vesa'
http://vustudents.ning.com/
ans:
(he go,den u,e in iteation: eve/thing done )ith a %o ,oop can be done )ith a
)hi,e ,oop3 =I(
not a,, )hi,e ,oops can be imp,emented )ith a %o ,oop.
%oA,oops ae just a shotAcut )a/ %o )iting a )hi,e ,oop3 )hi,e an initia,i0ation
statement3
conto, statement ()hen to stop#3 and a iteation statement ()hat to do )ith the
conto,,ing %acto
a%te each iteation#.