Amity MBA IT 4th Sem Assignment For Information Security & Risk

Body: 

Information Security & Risk

Assignment- A

1. What are the 4 jobs of an operating system?

2. How does the Operating system keep track of the different disk drives?

3. What kind of natural hazards are not normally insurable?

4. Describe the trends in disaster management

5. What is network security and how does it protect you?

6. What is the Microsoft Encrypting File System and what are some of its features?

7. What is computer Security?

8. Discuss the concept of Local Security Policies

Assignment- B

1. What is the user authentication concept?

2. Discuss the key mechanism of Firewall.

3. Define the term "Disaster" and describe its classification

Assignment- C

1. In computer security............. means that the computer sytem assets can be modified only by authorized parties           

Options          

1. Confidentiality           
2. Integrity        
3. Availability    
4. Authencity

2. A computer security................ means that the information in acomputer sytem only can be accessible for reading by authorized parties  

Options          

1. confidentiality           
2. Integrity         
3. Availibility     
4. Authencity

3. Which of the following is independent malicious program that need not any host programe?    

Options          

1. Trap Doors     
2. Trojan horse   
3. virus   
4. worm

4. The .................... is code embedded in some legitimate program that is set to explode when certain conditions are met     

Options          

1. Trap doors      
2. Trojan horse   
3. Logic bomb   
4. Virus

5. which of the following malicious prog do not replicate authomatically ? 

Options          

1. Trojan Horse
2. Virus  
3. Worm 
4. Zombie

6. ......................Programs can be used to accomplish functions indirectly that an unauthorized user not accomplish directly           

Options          

1. Zombie           
2. worm  
3. Trojan horse 
4. Logic Bomb

7. state whether true of falls 1.A worm mails a copy of itself to other system 2.a worm executes a copy of itself on another system           

Options          

1. true, false       
2. false, true       
3. true, true       
4. false, false

8. ............ are used in denial of service attacks, typically against targeted web sites           

Options          

1. Worm 
2. Zombie          
3. Virus  
4. Trojan horse

9. ..................... is a form of virus explicitely designed to hide itself from detection by antivirus software

Options          

1. Stealth Virus 
2. Polymorphic virus      
3. Parastic virus  
4. macro virus

10. State whether the following statement is true 1. A macro virus is paltform indepecent 2. Macro viruese infect documents, not executabel portions of code 

Options          

1. 1 only 
2. 2 only 
3. both 1 & 2     
4. none

11. The type of auto executing macros, in microsoft word is/are      

Options          

1. auto execute   
2. auto macro     
3. command macro         
4. all of the above

12. In.................... the virus places an identical copy of itself into other programs or into certain sytem areas on the disk    

Options          

1. Dormat phase 
2. Propagation phase   
3. Triggering Phase        
4. execution phase          

13. In the world of computing, the essential element that controls how computers are used is       

Options          

1. ethics  
2. legal laws       
3. security requiremnts   
4. business demands

14. The guidelines for the morally acceptable use of computers in socitey are         

Options          

1. computer ethics        
2. privacy           
3. morality          
4. legal system

15. The issues that deal with the collection and use of data about individuals is     

Options          

1. access 
2. property          
3. accuracy         
4. privacy

16. The ethical issue concerned with the correctness of data collected is     

Options          

1. access 
2. property          
3. Exactness      
4. Privacy

17. The ethical issue that involves who is able to read and use data is          

Options          

1. access 
2. property          
3. accuracy         
4. privacy

18. The vast industry  involves the gathering and selling of personal data is

Options          

1. direct marketing         
2. fund raising    
3. information reselling
4. government agencies

Question No.  19        

The first step in developing a Business Continuity Plan (BCP) is developing a:      

Options          

1.  Business Impact Analysis     
2.  Risk Analysis Sheet  
3.  Risk Mitigation Document   
4.  Risk Assess ment Sheet

Question No.  20        

An analysis of threats based on impacts and prioritizing business disruptions based on severity and occurrence comes under the second step of developing a BCP, which is:                     

Options          

1.  Risk Monitoring        
2.  Risk Assessment      
3.  BIA   
4.  Risk Management

Question No.  21        

Testing the BCP regularly comes under the phase:   

Options          

1.  Risk Assessment       
2.  BIA   
3.  Risk Monitoring        
4.  Risk Management

Question No.  22        

Effectiveness of a BCP can be validated through     

Options          

1.  Monitoring    
2.  Assessment   
3.  Feedback       
4.  Testing

Question No.  23        

By using "__________" option in Windows, you can limit the ability of users and groups to perform various actions by assigning permissions.       

Options          

1.  Network and Internet           
2.  Hardware and Sound
3.  Programs       
4.  Local Users and Groups

Question No.  24        

A Windows NT ______ is the administrative unit of directory services.     

Options          

1.  Directory       
2.  File    
3.  Domain         
4.  Folder

Question No.  25        

Domains, Folders, Objects are a part of ________ structure of Windows OS.        

Options          

1.  Physical         
2.  Logical          
3.  Both Physical and Logical    
4.  None of the above

Question No.  26        

Encrypting File System (EFS) is a feature of:           

Options          

1.  Microsoft Windows  
2.  iOS    
3.  Linux 
4.  Unix

Question No.  27        

Cyber-attack is a kind of:      

Options          

1.  Natural Disaster        
2.  Man-Made disaster   
3.  Both  
4.  None of the above

Question No.  28        

Which password management feature ensures that a user cannot re use a password for a specific time?    

Options          

1.  Account Locking      
2.  Password Verification          
3.  Password History      
4.  Password Ageing

Question No.  29        

Composing hard-to-guess passwords is a good practice.      

Options          

1.  FALSE          
2. May or May not be TRUE     
3.  TRUE           
4.  Not Sure        

Question No.  30        

Study of encryption algorithms in order to find weaknesses in the system so as to retrieve plain text from cipher text without knowing the key/algorithm.  

Options          

1.  Cryptography          
2.  Key Analysis 
3.  Algorithm Analysis   
4.  Cryptanalysis

Question No.  31        

Capital 'A' in CIA triangle stands for:           

Options          

1.  Availability   
2.  Authorization
3.  Authentication          
4.  Algorithm      

Question No.  32        

When the sender and receiver do not have a possibility of denying sending or receiving data, it is called the principle of:       

Options          

1.  Confidentiality          
2.  Non-repudiation        
3.  Repudiation  
4.  Integrity

Question No.  33        

While Symmetric key cryptography utilizes ___ key(s) for encryption, the asymmetric key cryptography uses ___ key(s).

Options          

1.  1,2     
2.  2,1     
3.  1,1     
4.  2,3

Question No.  34         Marks - 10

A software application that monitors network and system activities for malicious content and policy violations is termed as:       

Options          

1.  Firewall         
2.  Anti-Virus     
3.  Anti-Malware
4.  Intrusion Detection System

Question No.  35        

During an earthquake in Nepal, many computers were destroyed with significant data. This is a kind of: 

Options          

1.  Accidental Error       
2.  Malicious use
3.  Unauthorized access 
4.  Physical Threat          

Question No.  36        

Process to eliminate means of attack by patching vulnerabilities and turning off inessential services is called:       

Options          

1.  Malicious Code elimination  
2.  Attack Prevention Mechanism          
3.  Hardening    
4.  Disaster Management

Question No.  37        

The local security policy of a system is a set of information regarding the security of a local computer. It includes trusted _____, ______ accounts and ______ assigned to the accounts.

Options          

1. Users, domain, privileges       
2. Domains, user, privileges     
3. Privileges, user, domains        
4.  None of the above

Question No.  38        

Administrator and Guest are examples of ____ user accounts.         

Options          

1.  Default         
2.  Explicit          
3.  Implicit          
4.  None of the above

Question No.  39        

Rahul, an IT Engineer, while working on his system, noticed that a new Notepad tab has popped out and a message is being typed. This is an example of 

Options          

1.  Unauthorized Access          
2.  Malicious Code         
3.  Network Attack        
4.  Password Attack

Question No.  40        

A secret entry point in the code which could be exploited by malicious users is called:      

Options          

1.  Virus 
2.  Worm
3.  Trapdoor     
4.  Trojan Horse

 

 

Select Semester:  Semester-IV-IT Select Cource:  MBA Product: 

Select Type Personal and exclusiveGeneral everyoneWith Online Typing & Filling