BHARATH INSTITUTE OF SCIENCE AND TECHNOLOGY

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

QUESTION BANK
Department: Computer Science and Engineering
Program Name/ Code:
Course Name/Code: DATA SECURITY /U20CSCT03
Submitted By (Course Coordinator): Dr Upendra Babu K
Q. No Questions Weightage CO Bloom's Level
UNIT - I
PART - A

1 Clarify Information Security 2 CO1 2

2 Describe Security 2 CO1 2

3 Describe E-mail Spoofing 2 CO1 2

4 List the components of information system 2 CO1 2

5 Paraphrase Network Security 2 CO1 2

6 Interpret SDLC 2 CO1 2

7 List the phases of SDLC Waterfall method 2 CO1 2

8 Explain Risk Management 2 CO1 2

9 Paraphrase Firewall? 2 CO1 2

10 Articulate Security Blueprint 2 CO1 2

PART - B

1 Classify the multiple layers of Security 4 CO1 2

2 Summarize the characteristics of CIA triangle 4 CO1 2

3 Summarize the characteristics of Information Security 4 CO1 2

 4 Discuss the measures to protect the confidentiality of information 4 CO1 2

5 Differentiate Direct and Indirect attacks 4 CO1 2

6 Describe the use of Digital Certificates 4 CO1 2

7 Paraphrase E-mail Spoofing 4 CO1 2

8 Interpret Network Security? 4 CO1 2

9 Describe the functions of Information Security? 4 CO1 2

10 Articulate the enterprise Information Security Policy? 4 CO1 2

PART - C

What is Security? Discuss the security layers, a successful

1 12 CO1 2
organization should have?

2 Summarize the functions of Information Security 12 CO1 2

3 list and explain the characteristics of Information Security 12 CO1 2

Discuss the measures to protect the confidentiality of

4 12 CO1 2
information?

5 List and explain the components of information system? 12 CO1 2

6 Demonstrate the phases of SDLC Waterfall method? 12 CO1 2

7 Explain SDLC for security 12 CO1 2

Bharath Institute of Higher Education and Research (BIHER) IQAC/ACAD/008

Q. No Questions Weightage CO Bloom's Level
UNIT - II
PART - A
1 Describe about threat 2 CO2 2

2 Explain Hackers 2 CO2 2

3 Summarize Malicious code 2 CO2 2

4 List the types of virus? 2 CO2 2

5 Interpret the meaning of intellectual propery? 2 CO2 2

6 Describe Subject and Object 2 CO2 2

7 Explain why access matrix is not used 2 CO2 2

8 Illustrate the Types of Access Control 2 CO2 2

9 Summarize the goals of Confidentiality Policies 2 CO2 2

10 Identify the main entities in Clinical Information Systems security model2 CO2 2

PART - B

1 Distinguish the levels of hackers? 4 CO2 2

2 Discuss the types of virusus? 4 CO2 2

3 Explain "polymorphic threat" 4 CO2 2

4 Illustrate attack replication vectors? 4 CO2 2

5 Explain sniffers? 4 CO2 2

6 Differentiate between Computer Protection Vs Assurance 4 CO2 2

 7 Explain Access Control Matrix Model 4 CO2 2

8 Compare Access Control Lists and C-Lists 4 CO2 2

9 Illustrate The Bell-LaPadula Model 4 CO2 2

10 Generalize the Chinese Wall Model 4 CO2 2

PART - C

1 Summarize the types of Laws 12 CO2 2

2 Compare the types of virusus? 12 CO2 2

3 Classify and explain about threat 12 CO2 2

4 Interpret the attack replication vectors 12 CO2 2

5 Discuss about computer security 12 CO2 2

6 Describe about Integrity Policies 12 CO2 2

7 Discuss the Clinical Information Systems security model 12 CO2 2

Bharath Institute of Higher Education and Research (BIHER) IQAC/ACAD/008

UNIT - III
PART - A

1 Interpret risk assessment 2 3

2 Write about Discretionary Controls(DAC) 2 3

3 Explain what is Likelihood? 2 3

4 Illustrate Residual Risk? 2 3

5 Explain what are Policies? 2 3

6 Illustrate General Security Policy 2 3

7 Illustrate Program Security Policy 2 3

8 Illustrate Issue-Specific Policies 2 3

9 Describe The Disaster Recovery Plan(DRP) 2 3

10 Describe about Business Continuity Plan(BCP) 2 3

PART - B

1 Examine the responsibilities of the communities of interests? 4 3

2 Explain Cost Benefit Analysis (CBA) 4 3

3 Examine and explain Risk Management? 4 3

4 Illustrate in detail communities of interest? 4 3

5 Determine Public key infrastructure certificate authority? 4 3

6 Examine Clean desk policy? 4 3

7 Illustrate the types of security policies? 4 3

8 Illustrate the types of access controls? 4 3

9 Write about hot site? 4 3

10 Establish the goals of documenting results of risk assessment 4 3

PART - C

1 Differentiate Preventive and Detective controls 12 3

2 Write about MAC 12 3

3 Examine the Risk Control Strategies 12 3

4 Examine the common methods for Risk Avoidance 12 3

5 Illustrate and explain the types of plans in Mitigation strategy? 12 3

6 Establish the ways to categorize the controls 12 3

7 Illustrate and explain the types of risk control strategies 12 3