Alliance College of Engineering and Design

Bachelor of Technology
Semester –VII- Btech CSE Data Analytics, General A, AIML-D
Course Code & Title: CS 701 Information Security
Case Studies
Max. Marks: 10
Answer any 5 Case studies \ Questions

1) How would you apply different information security policies and standards to
prevent or mitigate a ransomware attack in a healthcare facility? (BTL-3, CO4).

2) What types of authentication mechanisms (e.g., Kerberos, X.509) would you

implement in a corporate network to protect against unauthorized access? Justify
your choice based on the security needs of the organization. (BTL-4, CO4).

3) Analyze the role of Intrusion Detection and Prevention Systems (IDPS) in

identifying advanced persistent threats (APTs) within a corporate environment.
What challenges may arise in deploying IDPS effectively? (BTL-5, CO5).

4) In the context of cloud vulnerabilities, evaluate how a misconfiguration in

access control could lead to a data breach. What measures could be taken to
prevent such incidents? (BTL-4, CO5).

5) How would you implement RSA and SHA in a financial application to ensure
secure data transmission? Describe the steps and security benefits involved.
(BTL-4, CO4).

6) How does the X.509 directory authentication service support secure

communication in distributed systems? Evaluate its strengths and limitations in
identity verification. (BTL-4, CO4).

7) Describe how an Intrusion Detection and Prevention System (IDPS) can be

configured to detect and respond to unusual traffic patterns in a network.
(BTL-4, CO4).
 8) Analyze how honeypots and honeynets contribute to cybersecurity. What are the
risks and ethical considerations of using these decoy systems? (BTL-4, CO5).

Additional Case Study Topics (BTL 3 & 4)

1. Ransomware Attacks on Critical Infrastructure
Focus: Analyze the impact of ransomware attacks on sectors like healthcare, energy, and
government, including financial losses, operational disruptions, and policy responses.
2. Social Engineering in Enterprise Environments
Focus: Study a high-profile social engineering attack on a corporation, examining how
attackers exploited human vulnerabilities and how defenses could be improved.
3. DDoS Attacks on Financial Institutions
Focus: Investigate DDoS attacks on major financial institutions, exploring the financial impact,
response strategies, and mitigation techniques.
4. Data Breach in the Cloud Environment
Focus: Analyze a cloud-based data breach incident, examining vulnerabilities, the role of
encryption, and policy implications for data protection.
5. Role of VPNs and Firewalls in Remote Work Security
Focus: Explore how VPNs and firewalls are implemented to secure remote work environments,
analyzing their effectiveness and challenges in a post-COVID world.
6. Impact of Malware on Small and Medium Enterprises (SMEs)
Focus: Case study of malware's impact on SMEs, examining financial losses, data corruption,
and recovery strategies.
7. Mitigating Insider Threats in Corporate Security
Focus: Study a case where insider threats impacted a company's security, focusing on detection
methods, preventive measures, and policy implications.
8. The Role of IDPS in Detecting and Preventing Advanced Persistent Threats (APTs)
Focus: Analyze how an IDPS helped mitigate an APT, examining detection methods, response
strategies, and lessons learned.