Anna University
Department of Computer Science Engineering
Eighth Semester
IT2042 Information Security
Nov / Dec 2013 Important Questions
(Regulation 2008)
1. Briefly explain the components of an information system and their security.
2. Give the SDLC and SecSDLC phase summary.
3. Explain the phases of SDLC and how are they refined to include security
4. Explain the approaches to information security implementation.
5. Explain briefly the components of an information system. How will you balance the security and access.
6. Discuss in detail the legal, ethical and professional issues associated with information security.
7. Explain the various groups of threat faced by an organization.
8. Discuss briefly the four important functions of information security in an organization.
9. Discuss in detail the legal, ethical and professional issues associated with information security.
10. Explain the various groups of threat faced by an organization.
11. Discuss briefly the four important functions of information security in an organization.
12. What is Risk Management? State the methods of identifying and assessing risk management?
13. What is cost benefit analysis? What is the definition of single loss expectancy? What is annual loss expectancy?
14. Explain the stages involved in risk identification
15. Explain ISO 17799 standard and VISA International Security Model in detail.
16. List the styles of architecture security models. Discuss them in detail.
17. Explain the major steps involved in contingency planning.
18. Explain the different types of firewalls with typical practical scenarios.
19. Discuss in detail the types of IDPS.
20. Describe in detail the operation principles and types and applications of firewalls.
21. What is the purpose of IDPS? Explain the various methodologies for achieving it.