2 Marks Questions

1. What is CERT-In’s role in India’s cyber security?

CERT-In, or the Computer Emergency Response Team – India, is the

primary agency responsible for responding to cyber security
incidents across India. Its role includes analyzing and responding to
cyber threats, providing alerts and advisories, and coordinating
responses to cyber incidents to protect Indian cyberspace.

2. Define the National Cyber Security Policy of 2013.

The National Cyber Security Policy of 2013 was established by the

Government of India to address evolving cyber threats. This policy
aims to safeguard information, strengthen protection mechanisms,
and create a secure cyberspace environment in India.

3. List any two cyber security initiatives in India.

1. Cyber Surakshit Bharat – An initiative to spread awareness on

cyber security and conduct training and certification.
2. Cyber Swachhta Kendra – A botnet cleaning and malware
analysis center, launched under the Digital India initiative, to
promote safer cyber practices.
4. What is phishing?

- Phishing is a cyber attack technique where attackers attempt to

gain sensitive information, such as usernames, passwords, and
financial details, by masquerading as a trustworthy entity in
electronic communication, often through email or fake websites
.

5. Explain UPI and its security features.

UPI, or Unified Payment Interface, is an Indian digital payment

platform enabling instant money transfers 24/7. Key security
features include two-factor authentication (2FA), the use of a UPI
PIN for transaction verification, and often additional biometrics for
enhanced security.

5 Marks Questions

1. Describe the National Critical Information Infrastructure

Protection Centre (NCIIPC) and its importance.

The NCIIPC is an Indian agency established to protect critical

information infrastructure in sectors that are vital for national
security, such as energy, telecommunications, and transportation.
Its importance lies in safeguarding these infrastructures from cyber
threats, ensuring that any compromise does not endanger public
safety, economic stability, or national security.

2. Outline the steps in handling a cyber security incident.

Handling a cyber security incident involves:

1. Identification: Recognizing that a security event has occurred.
2. Containment: Isolating the affected systems to prevent the
incident from spreading.
3. Eradication: Removing the root cause of the incident, such as
malware or compromised accounts.
4. Recovery: Restoring systems to normal operation and
validating that no threat remains.
5. Post-Incident Review: Analyzing the incident to learn and
improve future responses.

3. What are common security threats in online banking?

Common online banking threats include:

- Phishing: Attempting to trick users into disclosing their login
credentials.
- Man-in-the-Middle Attacks: Intercepting communications to
steal information.
 - Malware: Infecting users’ devices to capture banking
information.
- Denial of Service (DoS): Disrupting online banking services to
prevent access.
- Data Breaches: Unauthorized access to sensitive financial
information.

4. Discuss the significance of regulatory compliance, like GDPR or

HIPAA, in database security.

Regulatory compliance is critical in database security to ensure that

organizations protect sensitive personal data and uphold privacy
rights. GDPR (General Data Protection Regulation) and HIPAA
(Health Insurance Portability and Accountability Act) mandate
security controls like data encryption, access controls, and breach
notifications, which help organizations minimize data misuse and
avoid legal penalties, while fostering trust among customers.

5.Explain the layered security approach in database security.

A layered security approach, or defense-in-depth, uses multiple

security measures to protect databases at various levels. This
includes:
- **Network Security**: Firewalls, VPNs, and intrusion
prevention systems.
 - **Access Controls**: Authentication and authorization
mechanisms to limit access.
- **Encryption**: Protecting data both at rest and in transit.
- **Application Security**: Securing the database applications
against exploits.
- **Monitoring and Logging**: Tracking access and behavior for
anomaly detection.
This approach ensures comprehensive protection, reducing the
chance of a single point of failure.

---

10 Marks Questions

1. Explain the process of security risk assessment in database

security, including its importance and key steps.
- **Answer**: A security risk assessment in database security
helps identify and address potential threats. Key steps include:
1. **Identification**: Determining critical assets (data,
infrastructure) and assessing their sensitivity.
2. **Risk Assessment**: Evaluating risks for each asset,
considering potential threats, vulnerabilities, and impacts.
3. **Mitigation**: Developing controls to address high-priority
risks.
4. **Prevention**: Implementing security tools and monitoring
processes to mitigate future risks.
 The importance lies in understanding vulnerabilities and
proactively preventing breaches, which supports informed
decision-making and strengthens the organization’s security
posture.

2. Describe cryptography’s role in database security, including its

purposes and key techniques.
Cryptography is essential for database security as it ensures:
- **Confidentiality**: Encryption transforms data, making it
unreadable to unauthorized users.
- **Integrity**: Hash functions and digital signatures verify data
has not been tampered with.
- **Authentication and Non-Repudiation**: Techniques like
digital signatures confirm the source of data and prevent deniability.
Key cryptographic techniques include:
- **Encryption (e.g., AES)**: Encrypts data-at-rest and in transit.
- **Hashing (e.g., SHA-256)**: Secures passwords and sensitive
data.
- **Digital Signatures**: Verifies authenticity of data sources.

3. Discuss access control models (DAC, MAC, RBAC) and how each
enforces security differently.

Access control models enforce database security by managing how

access is granted:
 - **Discretionary Access Control (DAC)**: Allows data owners to
set permissions for other users. It is flexible but can be vulnerable to
unauthorized sharing.
- **Mandatory Access Control (MAC)**: Access is based on
security labels and clearance levels, used often in government
environments, enforcing strict access based on data sensitivity.
- **Role-Based Access Control (RBAC)**: Access rights are based
on user roles, aligning permissions with organizational functions,
which simplifies access management and minimizes errors.
Each model balances flexibility with control differently, catering to
varied security needs.

4. Analyze the importance of a disaster recovery plan in database

security, outlining its key components and best practices.

A disaster recovery plan (DRP) ensures business continuity and data

availability after a disruption (cyberattacks, disasters). Key
components include:
- **Risk Assessment**: Identifying threats and evaluating impacts
on data.
- **Backup Protocols**: Regularly storing data in secure, offsite
locations.
- **Resource Allocation**: Designating personnel and tools for
recovery.
 - **Testing and Training**: Routinely testing the DRP and
training team members.
Best practices involve updating DRPs, documenting recovery
processes, and implementing redundant backups, all of which
reduce downtime and help organizations recover efficiently.

5. Describe challenges and solutions in implementing access control

in distributed databases.

: Implementing access control in distributed databases is

challenging due to inconsistent policies across sites and diverse
authentication needs. Key challenges and solutions include:
- **Consistency of Access Control**: Centralized policies ensure
uniform access controls across all database instances.
- **Federated Authentication**: Using federated systems like
Kerberos supports secure access across multiple sites.
- **Audit Trails**: Maintaining comprehensive logging across all
nodes to track access.
Solutions like centralized policies, federated authentication, and
consistent logging maintain integrity, security, and accountability
across distributed environments.