Define Information.

Explain basic principle of

information security.

Information is organized or classified data, which has some

meaningful values for the receiver. Information is the
processed data on which knowledge, decisions and actions
are based. For the decision to be meaningful, the processed
data must qualify for the following characteristics
Timely: Information should be available when required.
Accuracy: Information should be accurate.
Completeness: Information should be complete.

Basic Principles of information security:

 Explain the working of Kerberos.

Kerberos: Kerberos is a network authentication protocol. It is

designed to provide strong authentication for client/server
applications by using secret-key cryptograph
There are 4 parties involved in Kerberos protocol
 User
 Authentication service (AS)
 Ticket granting server (TGS)
 Service server

Working of Kerberos:
Step 1: The authentication service, or AS, receivers the
request by the client and verifies that the client is indeed the
computer it claims to be. This is usually just a simple
database lookup of the user’s ID.
Step 5: The TGS creates an encrypted key with a timestamp,
and grants the client a service ticket.

Step 6: The service decrypts the key, and makes sure the
timestamp is still valid. If it is, the service contacts the key
distribution centre to receive a session that is returned to the
client.
 Explain Public Key Infrastructure with example.

A public key infrastructure (PKI) is a set of roles, policies,

hardware, software and procedures needed to create,
manage, distribute, use, store and revoke digital certificates
and manage public- key encryption. The purpose of a PKI is to
facilitate the secure electronic transfer of information for a
range of network activities such as e-commerce, internet
banking and confidential email.
It usually consists of the following components:
 A digital certificate also called a public key certificate
 Private Key tokens
 Registration authority
 Certification authority
 CMS or Certification management system

Working on a PKI:
PKI and Encryption: The root of PKI involves the use of
cryptography and encryption techniques. Both symmetric and
asymmetric encryption uses a public key
Public Key Certificate or Digital Certificate: Digital certificates
are issued to people and electronic systems to uniquely
identify them in the digital world.
 Explain Policies, configuration & limitations of
Firewall.

Policies of firewall: All traffic from inside to outside and vice

versa must pass through the firewall. To achieve this all
access to local network must first be physically blocked and
access only via the firewall should be permitted. As per local
security policy traffic should be permitted.

Configuration of firewall

There are 3 common firewall configurations.

 Screened host firewall, single-homed bastion
configuration
 Screened host firewall, dual homed bastion
configuration
 Screened subnet firewall configuration
2) Screened host firewall, dual homed bastion configuration
To overcome the disadvantage of a screened host firewall,
single homed bastion configuration, another configuration is
available known as screened host firewall, Dual homed
bastion. n this, direct connections between internal hosts and
packet filter are avoided. As it provides connection between
packet filter and application gateway, which has separate
connection with the internal hosts. Now if the packet filter is
successfully attacked. Only application gateway is visible to
attacker. It will provide security to internal hosts.

Limitations of firewalls:
 Firewall do not protect against inside threats.
 Packet filter firewall does not provide any content-based
filtering.
 Protocol tunnelling, i.e. sending data from one protocol
to another
 protocol which negates the purpose of firewall.
 Encrypted traffic cannot be examined and filter.
 Describe the following terms:
(i) Assels
(ii) Vulnerability
(iii) Risks

Asset: Asset is any data, device, or other component of the

environment that supports information-related activities.
Assets generally include hardware, software and confidential
information.

Risks: Risk is probability of threats that may occur because of

presence of vulnerability in a system.
OR
Risk is any event or action that could cause a loss or damage
to computer hardware, software, data, or information.
 Describe COBIT framework with neat diagram.

COBIT stands for: Control Objectives for Information and

related Technology‖, it is a framework that was developed by
ISACA (Information System Audit and Control Association). It
is a set of guidance material for IT governance to manage
their requirements, technical issues, and business risks.
COBIT connects IT initiatives with business requirements,
monitors and improves IT management practices, and
ensures quality control and reliability of information systems
in an organization.
 Explain active attack and passive attack with
suitable example.

A passive attack monitors unencrypted traffic and looks for

clear-text passwords and sensitive information that can be
used in other types of attacks.
Passive attacks include: traffic analysis, release of message
contents monitoring of unprotected communications,
decrypting weakly encrypted traffic, Capturing
authentication information such as passwords.
Passive attacks are in the nature of eavesdropping on, or
monitoring of, transmissions. The goal of the opponent is to
obtain information that is being transmitted. The release of
message contents is easily understood.
A second type of passive attack, traffic analysis: Suppose
that we had a way of masking the contents of messages or
other information traffic so that opponents, even if they
captured the message, could not extract the information from
the message. The common technique for masking contents is
encryption.
Passive attacks are very difficult to detect because they do
not involve any alteration of the data. Typically, the message
traffic is not sent and received in an apparently normal
fashion and the sender nor the receiver is aware that a third
party has read the messages or observed the traffic pattern.
Explain IP sec security with help of diagram.
 Explain the following attacks using an example:
(i) Sniffing (ii) Spoofing (iii) Phishing

(I) sniffing is a network layer attack consisting of capturing

packets from the network transmitted by other computers
and reading the data content in search of sensitive
information like passwords, session tokens and confidential
information.
There are two ways to detect a sniffer: host-based and
network-based.
Host-based detection: Small utilities can used to detect if the
NIC is running in a promiscuous mode on any host in a
network.
Network-based detection: Anti-sniffer software can be run to
detect the presence of specific signature packets.

For Example:
Capturing a Password Over an Unsecured Network
Describe ITIL framework with different stages of
life cycle.
 State and explain 3 types of firewall
configurations with a neat diagram.

(i) Circuit level Gateway firewall

iii) Application Gateway firewall
(ii) Packet filter Firewall:
(iv) Stateful multilayer Inspection Firewall (SMLI)
 Draw and explain DOS & DDOS attack in detail.

DoS Attack: A single computer sends an overwhelming

number of requests to a target server or network. The server
becomes overwhelmed and unable to respond to legitimate
user requests.

Key Characteristics:
 Only one attacking system is involved.
 Easier to identify and block since all malicious traffic
originates from a single source.
 Limited in scale compared to DDoS attacks.

DDoS Attack: Multiple computers, often part of a botnet (a

network of compromised devices), send a massive volume of
requests to the target server simultaneously. This results in
overloading the server and causing a service outage.
 Write short note on:
(i) Digital signature
(ii) Steganography

A digital signature is a cryptographic technique used to

validate the authenticity, integrity, and origin of digital data.
It serves as a digital equivalent of a handwritten signature or
a stamped seal but is much more re. Digital signatures are
widely used in electronic communications to ensure that the
message or document received has not been tampered with
and that it genuinely comes from the stated sender.
Key Features of Digital Signatures:
Authentication: Confirms the identity of the sender, ensuring
that the document or message is from a trusted source.
Integrity: Ensures that the data has not been altered during
transmission. Any modification would render the signature
invalid.
Non-Repudiation: Prevents the sender from denying their
involvement in signing the message or document
How it works:
The sender generates a hash (a fixed-size string of characters
representing the data) of the message or document.
The hash is then encrypted using the sender's private key to
create the digital signature.
 Describe following terms w.r.t. biometric:
(i) Finger Print Analysis
(ii) Retina Scan
(iii) Keystroke

Fingerprint Analysis in Biometrics: Fingerprint analysis is a

biometric authentication method that uses the unique
patterns of ridges and valleys on a person's finger to identify
or verify their identity. Since no two individuals (even identical
twins) have the same fingerprint patterns, fingerprint analysis
is one of the most reliable and widely used biometric
techniques

Key Features of Fingerprint Analysis:

Uniqueness: Each individual has a unique fingerprint pattern,

including minutiae points (specific ridge characteristics) and
overall ridge flow.
Permanence: Fingerprints remain relatively unchanged
throughout an individual's life, making them reliable for long-
term identification.
Collectability: Fingerprints are easy to capture using various
hardware like optical, capacitive, or ultrasonic scanners.
Retina Scan in Biometrics: Retina scanning is a biometric
technique that uses the unique patterns of blood vessels in
the retina (a thin layer of tissue at the back of the eye) to
identify or verify a person's identity. The retina's intricate
vascular patterns are unique to each individual, even
between identical twins, and remain stable over time, time,
making this method highly accurate and secure.

Key Features of Retina Scan:

Uniqueness: The arrangement of blood vessels in the retina is

unique to every person. Even two eyes of the same individual
have different patterns.
Permanence: Retinal patterns remain unchanged throughout
life unless affected by diseases such as glaucoma or diabetes.
High Accuracy: Retina scanning is one of the most reliable
and precise biometric methods, with a very low false
acceptance rate (FAR).

Application
 High security access control
 Healthcare
 Law Enforcement and Forensics
 Draw and explain proxy server:

A Proxy Server is an intermediary server that sits between a

client (such as a user's computer) and the server providing the
service (such as a website). The proxy server makes requests
on behalf of the client and then forwards the response back
to the client. It acts as a "gateway" that facilitates or controls
communication between a user and the internet or other
network resources.

Key features:
 Intermediary role
 Network address translation
 Caching
 Security
 Explain following terms of intellectual property
right:
(i) Copyright
(ii) Patent
(iii) Trademark

(i) Copyright:
It is a type of intellectual property right that grants the
creator of original works exclusive rights to their use and
distribution. These works can include a wide variety of
creative outputs such as books, music, films, software,
artwork, and more. Copyright provides the creator with
control over how their work is used, ensuring they are
compensated for its use and protecting it from unauthorized
copying or distribution.

(ii) Patent:
A Patent is an intellectual property right granted to an
inventor for a new, useful, and non-obvious invention or
process. It provides the inventor with exclusive rights to
prevent others from making, using, selling, or distributing the
patented invention without permission, typically for a limited
period (usually 20 years from the filing date of the patent
application).