MED ICT ICTED 526 Network Security 2080

Objective

TRIBHUVAN UNIVERSITY

Subject: ICT.Ed.526 Network Security

Master/Education /2 Semester ICT.Ed.526 Network Security

Symbol No.:

Group "A"

Attempt all questions

10 X 1 mark=10

Tick(v) the best answers

1. Which of the malware types permits the hackers to access administrative controls and do nearly everything he wants with the infected systems?

a. RATS

b. Worms

c. Rootkits

d. Botnets

2. Why one time password is safe?

a. It is easy to generate

b. It cannot be shared.

c. It is different for every access.

d. It is a complex encrypted password.

3. Security features that control and can access resources in Operating System is called

a. Authentication

c. Validation

b. Access Control

d. Identification

4. What type of security control are audit trails considered to be?

a. Physical

c. Passive

b. Administrative

d. Corrective

5. IPSec is designed to provide security at the

a. Transport Layer

c. Session Layer

b. Application Layer

d. Network Layer

6. Which of the following is not protocol for email security?

a.SET

c. DNSSEC

b. DKIM

d PGP

7. that does not support that protocol directly?

a. Switching

c. Tunnelling

b. Trafficking

d. Transferring

8. When an attacker is able to eavesdrop on network traffic and identify the MAC address of a computer with network privileges. Which type of Wireless network threat would you classify this under?

a. Identity Theft

c. Network Injection

b. Man in the middle attack

d. Accidental Association

9. Which of the following is not a correct way to secure communication layer?

a. TLS/SSL

b. Cloud initiated communication

c. IPS

d. Firewalls

10. Which of the following is threat to loT Device?

a. People

c. Virus

b. Spoofing

d. All of the above

Subjective

TRIBHUVAN UNIVERSITY

2080 (New Course)

Master/Education /2 Semester ICT.Ed.526 Network Security

Candidates are required to give answers in their own words practicable. The figures in the margin indicate full marks.

Attempt all questions

Group "B" 6X5 marks

1. How do information security manager protect an organization from security threats? Explain security design principle

2. How do you protect data from users? Define Kerberos with example.

3. Describe subject, object and access right for access control. Explain major component of access control.

Suppose you are an Information Security Officer at Tribhuvan University Information Technology Innovation Center (TUITIC). The TUITIC intends to introduce new IT Security Guidelines for data security. How do you prepare information security guidelines as an Information Security Officer?

OR

Why is it important to have Security Audits? Explain Security Auditing Trail.

5. How does Secure Electronic Transaction work? Define importance and challenges of Web Security.

OR

Why is email protection important? Define email security protocols briefly.

6. What are the major cloud security approaches? Define cloud security as service.