Sor Unit 1. Write a short note on Network-Layer Arrack. (Apr 1g) 2. Explain three D's of security. (Nov 19) ‘OR Explain 3D's (Defense, Detection, and Deterrence) aspects af security can be applied to any situation. (Apr 23) 3. Write a note on Threat Vector. ev 19) 4- Explain the Onion Model. (Nov 19) OR Explain the onion model of defense. (Nov 23) OR With the help of diagram, explain how Onion Defense Model is berter than other Model. for security. (Apr 23) 5, List and explain the steps to create a Security Defense Plan. (Nov 1g) 6, Write a short note on CIA Triad Model with reference to Security in Computing. (Apr 23) ‘OR Describe the CIA Triad of computer security. (Nov 23) 7. What are the various countermeasures that, anyone can implement to minimize the risk of a successful attack? (Apr 23) 8. List various types of worms. Explain any two of them. (Nov 23) 9. What are the three recognized variants of malicious mobile code? Explain. (Apr a9) 10, Explain the best practices for networkdefense. (Apr 19) 11, Explain the statement that “Achieving Loo percent protection against all conceivable attacks is an impossible job” (Nov 19) 32, What are Application layer attacks? Explain following Application layer attacks: (Nov 19) i. Buffer overflows ji. Password cracking 13. Explain malicious mobile code and open access models. (Nov 23) 14. What are the importance of information protection? Explain with example. (Apr ig) a5. Explain vatiolis components used to build a security program. (Apr 19) oR Eyplain the components of a security program. (Nov 23) 16. Explain the two most common approaches of security. (Apr ig) 47. Explain Various Application-layer attacks which include an any exploit directed at the applications running on top of the OSI protocol stack. (Apr 23) 28. What is meant by Zone of Trust? Explain the importance of Zone of Trust for communication through with diagram. {Apr 23)Unit-2 1. Define authentication, Explain two parts of authentication. (Apr ig) OR Explain different types of Authentication in detail. (Apr 23), 2. Explain certificate-based authentication in detail. (Nov 19) ‘OR ‘Write a short note on Certificate-Based Authentication. (Apr 23) 3+ Write a note on symmetric key cryptography. (Nov 19) 4- Explain different types of database backups. (Nov 19) OR Explain importance of database backups? Explain various types of it (Nov 23) 5+ What is meant by Extensible Authentication Protocol (EAP)? Explain its different types. (Apr 23) 6. Explain role of PKI (Public Key Infrastructure) in Security in Computing and Structure and Function of PKI. (Apr 23) 7. “Each layer of security is designed for a specific purpose and can be used to provide authorization rules”. Explain this statement with reference to Database Security Layers and its types. (Apr 23) 8. Explain SSL and TLS. (Now 23) 9. Explain CA hierarchy and certificate templates and enrolment. (Nov 23) 19, Explain the authorization systems. (Apr 1p) 11. What are the three primary categories of storage infrastructure in modern storage security? Discuss. (Apr 19) 12, Write a short note on integrity risks. (Apr 19) 13 How Kerberos Authentication Process takes place? Explain each step with diagram. (Apr 23) 14. Explain CHAP and MS-CHAP (Nov 23) 15. Explain One Time Passwords (OTP) systems. (Nov 23) 16. Explain public key Cryptography. (Apr 19), 17. Explain Database-Level Security. (Apr a9) 18, Write a note‘on Role-based Authorization (RBAC). (Nev 19) 1. Explain any two confidentiality risks. (Nov 19) 20, Write a note on object-level security. (Nov ig) a1. What are ciphers? Explain “Transposition Cipher” VS "Substitution Cipher." (Now 23)eee a Unit-3 1. Write a short note on hubs and switches. (Apr 19) oR Explain the role of hubs and switches in network. (Nov 19) 2, Explain the features of firewall. (Apr 1g) oR Write a short note on the fearures of a firewall. (Nov 23) 3. Explain the five different types of wireless attacks, (pr 19) OR Explain any two types of wireless ammacks. (Nov 19) 4. Write a note on outbound filtering. (Nov 19) 5. Explain in detail Network Address Translation (NAT). (Nov 19) 6, With reference to OSI model in which layer does Router operate? Explain the working of Routing Protocols. (apr 23) 7+ With the help of diagram, explain working of Bluetooth Protocol Stack. (apr 23) 8. What is meant by Wireless Intrusion Detection and Prevention? Explain working of it. (Apr 23) 9. Write a short note on DMZ networks. (Nov 23) 10, Explain different types of ICMP messages. (Nov 23) u1. Write a short note on Access Control Lists (ACLS). (Nov 23) 12, What are the counter mezsures against the possible abuse of wireless LAN? (Apr 19) 3g, Explain strengths and weaknesses of a firewall. (Nov 19) 14. Explain the importance of antenna choice and positioning. (ov 19) 15, Write a short note on different generatioa of Firewalls. (apr 23) 16, What is spread spectrum technique? List the two techniques to spread the bandwidth. (Nov 23) 17. Explain the Cisco Hierarchical Internet working model. (Apr 19) 18, Explain network availability and security. (Apr a9) 19, Explain different layers of two-tier network fundamentals. ‘(Apr 23) 20. Explain role of ICMP, SNMP and ECHO in network hardening. (Apr 23) 21. . List the various techniques for network hardening. Explain any two. (Nov 23)Unit-4 1. Explain intrusion Defense System types and detection models. (Apr ag) 2. Write a short note on Security Information and Event Management. (Apr 29) 3. What are components of Voice over IP? Explain. (Cpr ig) OR List the various VoIP components. Explain any two. (Nov 23) 4. Write a short note on Private Bank Exchange. ‘(Apr ig) ‘OR What is Private Branch Exchange (PBX)? How will you secure PBX? Q¥ov 19) 5. List and explain steps to a successful IPS Deployment plan. (Gov 1g) G. Write a short note on two types of IDS Generation in brief. (Apr 23) 7. How Mandatory Access Control Lists (MACL) differ from Discretionary access control lists (DACLs)? Explain. (Apr 23) ‘8, Explain main problems of TCP/IP's lack of security. (apr 23) .g. What is PBX? What are its features? Explain common attacks on PBX. How to secure it? (Nov 23) 10, Explain network-based intrusion detection system in detail (Nov 19) 11, Write a note on H.323 protocol that incindes: (Nov 19) ‘Governing Standard Purpose Function I. Known Compromises and Vulnerabilities v. Recommendations 12. Explain the reference monitor concept and windows security reference monitor, (Nov 19) 13. Write a short note on Microsoft's Trustworthy Computing initiative. (Nav 23) 14. Explain working of Biba and Clark Wilson Classic Security Models. {Apr 23) 15. Explain different classic security modal. (Apr 19, Nov 23) 16. Write a short note on trustworthy computing. (Apr 19) 17. Write a note on Access Control List (ACL). (Nov 19) 18, What is meant by Security Reference Monitor? Explain Windows Security Reference Monitor in detail. (Apr 23) 19. What are IDS types? Explain. (Nov 23) 20. What is SIEM? What are its features? (Nov 23)Peery Cede nylons) Unit-5 1. Define virtual machine. How is hypervisor responsible for managing all guest OS ‘installations on a VM server? (Apr 19) 2. What is doud computing? Explain the types of doud services. (Apr 1g) oR, State and explain types of cloud services. (Nov 19) 3. Explain the application security practices and decisions that appear in most secure development lifecycle. {Apr ig) ‘OR Explain various Application Security Practices. (Nov 19) ‘oR ‘With the help of diagram explain concept of secure development lifecycle in Agile. (Apr 23) OR ‘Write a short note on Secure Development Lifecycle (SDL). (Nov 23) 4. Explain the security considerations for choosing a secure site location. (Apr 19) 5. Explain the different factors for securing the assets with physical security devices (Apr 19) ‘OR Eyplain Locks and Entry Controls that should be considered while securing assets with physical security devices. (Nov1g) 6. What is meant by Hypervisor machine? Explain why it is necessary to protect this machine. (Apr 23) OR ‘What is hypervisor? How to protect the hypervisor? (Nov 23) 7. Write a short note on Security Benefits of Cloud Computing. (Apr 23) 8, Explain phishing mechanism and 30's aspects of security with referencetoit (Apr 23) 9. Explain any two confidentiality risks associated with doud computing and their remediation. (Nov 23) 10. Explain how to protect the Guast OS, Virtual Storage and Virtual Networks in Virtual machines. (Nov 19) 11, Givea reason in brief, why it is mandatory to update application patches? Explain various mechanisms for easily updating applications. (apr 23) 12, List and explain any three Client Application Security issues. How to resolve them. (Nov 23) 13. Explain any five criteria for choosing site location for security? (Nov 23) 1g. Explain the reasons for remote administration security. What are advantages of web ‘remote administration? (Apr ag) ‘oR Explain the reasons for remote administration security. What are its advantages and isadvantages? (Nov 23) 15. Write a note Custom Remote Administration. Now 19) 16. Explain the classification of corporate physical Assets. (Now 19) 17. Explain various concerns for web application security to be considered with reference to Security in Computing. (apr 23)