Information Security – Solved Question Paper – To Score Better – RGPV (IT-8001)

Introduction

This article ‘RGPV (IT-8001) – Information Security – Solved Question Paper – To Score Better’ has answer for the questions asked in the above mentioned RGPV IT semester 8 Information Security question paper.

The articles includes euler’s totient function, has function, elliptic curve cryptography, penetration testing, packet filtering, firewall, phishing, cross site scripting etc.

IT-8001-CBGS
B.E. VIII Semester
Examination, December 2020
Choice Based Grading System (CBGS)
Information Security
Time : Three Hours
Maximum Marks : 70
Note: i) Attempt any five questions.
ii) All questions carry equal marks.

Solved Answers:

1. Define Euler’s totient function and their applications.

Euler’s Totient Function:

• Algorithm or solution that iterates through all numbers from 1 to n-1 and count numbers with gcd with n as 1 -or- in other words it counts the positive integers up to a given integer n that are relatively prime to n.
• This is also called as phi function.
• So the total integers in range 1 to n that has GCD as 1 with n are called as totatives.
• E.g. In range 1 to 10 numbers 1,3,7,9 are relatively prime to 10 or we can say that 10 and these numbers has GCD as 1 only, whereas numbers 2,4,5,6,8 and 10 has GCD greater 1 as well other number like 2 or 5 in this example.
  • So, in above example numbers 1,3,7,9 are called as totatives and numbers 2,4,5,6,8 are called as cototient.
• The below geekforgeeks link has code for it’s implementation in C, C++, Java, Python etc. refer that in case one want to see how to implement this actually.
• Application:
  • RSA cryptosystem: Refer the below wikipedia link for it’s detailed explanation.

Source: geekforgeeks | wikipedia

2.a) Briefly explain the idea behind elliptic curve cryptography.

Elliptic Curve Cryptography:

• ECC is the short form of Elliptic Surve Cryptography.
• Key based technique for data encryption, where data encryption is conversion of plain text to ciphertext and to decrypt that data one needs decryption key that is why the remains secure.
• Very important from security point of view.
• Advantage of elliptic curve cryptography:
  • Smaller key size.
  • High security.
• Keys generated by ECC are more difficult to crack mathematically and hence these are more secure.
• Allows smaller keys w.r.t non-ECC to maintain high security.
• First used in 1985.
• Applications:
  • Encryption
  • DIgital signatures
  • Cryptography
• With increasing need of keeping customers data safe in online businesses the need of ECC is quite important.

Source: avinetworks | wikipedia

2.b) What is Hash function? Give the basic use of Hash function.

Hash Function:

• Used in conversion of text or other data to numerical data that computer understands for e.g. converting phone number to smaller integer value that is used as an index in hash table.
• Values returned by hash function are called as hashes, hash values, hash codes etc.
• Application:
  • For indexing of a table.
  • Data retrieval from database quickly i.e. with the help of hashing it becomes really fast to retrieve data from databases.
• With the help of hashing data retrieval happens in a very ordered and structured manner, hence avoids non-constant times.
• Properties of a good hash function:
  • Fast to compute.
  • Minimum or no duplication of output values as if multiple inputs are mapped to same hash values then more lookup operations will be required to search through colliding table entries.
  • Based on above point we can say that uniformity in hashing is required and this should not be random.

Source: wikipedia

3.a) Explain web security and penetration testing -or- 4.a)What is penetration testing?

Penetration Testing in Web Security:

• Penetration testing in web security is a planned -or- ethical cyber attack or security assessment of the computer system to check for loopholes in the system or finding exploitable vulnerabilities.
• Ideally, doing such activities once a year is recommended or when product launch happens or in case of changes to existing IT infrastructure.
• Types of penetration testing:
  • Internal infrastructure penetration testing i.e. devices, remote machines, firewalls, internal infrastructures etc.
  • Wireless penetration testing: Bluetooths, organisations WLAN (wireless local area network) network.
  • Web applications testing e.g. company website, mobile applications etc.

• White box vs black box vs grey box penetration testing
  • White box: Involves sharing full network information with the tester.
  • Black box: No information is shared with the tester.
  • Grey box: Sharing of only partial information with the tester.

Source: redscan | imperva | crashtest-security

3.b) What is packet filters and intrusion detection system?

Packet Filters:

• Packet filtering is a firewall technique which restricts network access based on monitoring of outgoing and incoming packets.
• It allowed packets to pass or halt based on source and destination IP (Internet Protocol) addresses, ports and protocols.
• If source and destination IP address, protocols and ports match happens then it allows packets to pass through otherwise it halts it.
• Advantages:
  • Better performance of systems
  • Data protection
  • Not much expensive
  • Accessible and easy to use
• Types of packet filtering:
  • Static packet filtering firewall: Firewall rules are defined manually.
  • Dynamic packet filtering firewall: Allows users to adjust rules dynamically as per certain conditions.
  • Stateless packet filtering firewall
  • Stateful packet filtering firewall
• There are certain disadvantages as well like reduced security, inflexibility etc. refer the second link for it’s detailed explanation.

Source: techopedia | Indeed

Intrusion Detection System (IDS):

• Alert system that detects the suspicious activities and accordingly sends alert based on which relevant actions being taken up by relevant person.
• Types of Intrusion Detection System:
  • Host based: To protect a particular endpoint only.
  • Network based: To monitor entire network.
• IDS vs Firewall:
  • IDS is a passive option that only sends alerts when some suspicious activity happens, whereas firewall is an active option that fully blocks the identified threats.

Source: checkpoint | geekforgeeks

4.b) What is firewall and its types?

Firewall:

• Security layer or security system that prevents unauthorised access to a system.
• Firewalls quickly and seamlessly detects and reacts to outside attacks across the network. For e.g. Sometimes don’t even allow to third party cloud services or softwares as well even though they are safe.
• Types of firewall:
  • Packet Filtering: Packet filtering is a firewall technique which restricts network access based on monitoring of outgoing and incoming packets. It allowed packets to pass or halt based on source and destination IP (Internet Protocol) addresses, ports and protocols.
  • Proxy Service: Prevents direct connection to from outside the network and serves as gateway from one network to another for a specific application.
  • Stateful Inspection: It monitors active connections and based on predefined rules allows packets to pass through. It allows or blocks traffic based on state, port and protocol.
  • Next Generation Firewall (NGFW): Involves deep packet inspection to block modern threats like application layer attacks and advanced malwares.
  • Unidentified Threat Management Firewall
  • Threat Focused NGFW
    

Source: wikipedia | checkpoint | cisco

5.a) Explain detail Phishing attacks.

Phishing Attacks:

• Sending a fraudulent communication to user using email or any other source that seems authentic with the intention to gain sensitive confidential information or steal users data or spreading virus on their system.
• Dangers of Phishing Attacks if attackers becomes successful:
  • They can gain access of sensitive financial information like credit card or account details or personal information and can misuse it.
• Common examples:
  • Mails like password is going to expire tomorrow.
  • Sending emails like your account is blocked and unblock it by clicking on below link.
• In any of the cases the user is directed to a bogus site that somehow steals users data.
• Ways to avoid phishing:
  • Two-factor authentication
  • RSA tokens
  • Password management policies like changing password in frequently.
  • Educational trainings that happens in corporates every quarter.

Source: imperva | cisco

5.b) Explain Cross Site Scripting with example.

Cross Site Scripting:

• Cross site scripting is an attack on website or application where attackers injects a piece of code or script into main code of website of application.
• Such attacks from any such places where users are allowed to post unregulated content to a website.
• Potential threats of Cross Site Scripting Attacks:
  • Capturing users data or redirecting user to a malicious website.
  • Crashing the browser while surfing website.
  • Capturing cookie information of a logged in user.
• Ways to avoid such attacks:
  • Security review of the code periodically.
  • Testing for avoiding cross site scripting attack.
• Types of Cross Site Scripting Attacks:
  • Stored Cross Site Scripting Attacks: In such attacks the attackers scripts gets permanently stored on the target servers.
  • Blind Cross Site Scripting Attacks: Attackers script gets stored in database and is executed only from the backend e.g. attackers sending script via front end form, which gets executed when victim opens it from backend.
  • Reflected Cross Site scripting

• Cross Site Scripting Prevention Cheat Sheet | owasp | synopsys

6.a) Briefly discuss about Email security.

Email Security:

• Email security includes techniques and procedures designed to protect email accounts and contents available in that from unauthorised access.
• Attackers sends different types of emails that intrigues email account holders to click on that and pass on their sensitive information like personal information, confidential information, financial details like credit card details etc.
• To avoid such attacks organisations perform online training to educate their employees about potential ways in which attackers can steal their information e.g.
  • Checking email address and domain properly as minor change in email sometime gets unnoticed while attackers portraying as genuine employee of organisation and asking for some sensitive information.
• Solutions:
  • Secured email gateways that processes all incoming and outgoing emails like google that always displays warning s related to it.
  • Automated email encryption so saving the information in case attackers intercepts it.
  • Spam filters i.e. separating unwanted emails into spam.
  • Anti-virus protection that scans incoming and outgoing emails for malicious content and blocks heir entry or exit.

Source: proofpoint | duocircle | toolbox

6.b) Write detail about types of Viruses.

Types of viruses:

• Computer virus is a program or code that when leads to destructive activity on a computer like
  • Replicating itself many times hence decreasing storage.
  • Unnecessarily consuming the CPU and memory of computer hence slowing performance.
  • Crashing the system again and again
  • Constant pop-ups etc.
• Different type computer system virus are:
  • Boost sector virus:
    • Sits in RAM of system and affects it’s operations.
    • It impacts the boot sector of system and renders it useless.
  • Resident virus:
    • Virus that remain formant until a date or user action and can start impacting the system after that.
  • Direct action virus:
    • Targets any specific type of files only in a system.
  • Multipartite virus:
    • Affects the whole system of system and performs unauthorised actions.
  • Browser hijacker:
    • This virus attacks browser and directs users to other websites.
  • Web scripting virus:
    • Happens in case of old browsers that allow attacker to attack local machines.
  • File Infector:
    • Infects important files of system that are crucial to run OS.
  • Network virus:
    • These type of virus travel through network connections and replicates themselves.
  • Overwrite virus:
    • This virus overwrite existing files and affects the whole folders, files etc.
  • Polymorphic virus:

Source: proofpoint | hightouchtechnologies

Similar Articles like “RGPV (IT-8001) – Information Security – Solved Question Paper – To Score Better”:

• Soft Computing Solved Question Paper
• Soft Computing MCQ
• RGPV (IT-840) – Data Mining and Warehousing – Solved Question Paper – To Score Better
• RGPV (IT-702) – Wireless and Mobile Computing – Solved Question Paper – To Score Better
• RGPV (IT-601) – Computer Graphics and Multimedia – Solved Question Paper – To Score Better
• RGPV-CS-801 – Soft Computing – Solved Question Paper – To Score Better
• RGPV-CS-8002 – Cloud Computing – Solved Question Paper – To Score Better
• RGPV (CS-8003) – Machine Learning – Solved Question Paper – To Score Better
• Cloud Computing Solved Question Paper & Question Bank

Final Words:

So, hope this article “RGPV (IT-8001) – Information Security – Solved Question Paper – To Score Better” will help in getting better marks in your Information Security exam, if yes then please let us know in comments how it help you and what other questions you want us to answer.

---