Home | | Information Security | Important Short Questions and Answers: Information Security - Physical Design

Chapter: Information Security : Physical Design

Important Short Questions and Answers: Information Security - Physical Design

Information Security - Physical Design - Important Short Questions and Answers: Information Security - Physical Design

 

1. What is intrusion?

 

An intrusion is a type of attack on information assets in which the instigator attempts to gain entry into a system or disrupt the normal operations of a system with, almost always, the intent to do malicious harm.

 

2. What is IDS?

 

IDS stands for Intrusion Detection Systems. It works like a burglar alarm in that it detects a violation of its configuration and activates and alarm. This alarm can be audible and/or visual or it can be silent.

 

3. What is Signature based IDSs?

 

Signature based IDSs, also known as knowledge based IDSs, examine data traffic for patterns that match signatures, which are pre-configured, predetermined attack patterns.

 

 

 

4. What are Honey pots?

 

Honey pots are decoy systems, which means they are designed to lure potential attackers away from critical systems.

 

In the security industry, these systems are also known as decoys, lures, or flytraps.

 

5. What is the use of Scanning and analysis tools?

 

Scanning and analysis tools are used to pinpoint vulnerabilities in systems, holes in security components, and unsecured aspects of the network. Although these tools are used by attackers, they can also be used by an administrator not only to learn more about his/her own system but also identify and repair system weaknesses before they result in losses.

 

6. What are the factors of authentication?

 

          What a supplicant knows

 

          What a supplicant has

 

          Who a supplicant is

 

          What a supplicant produces

 

7. What is Hash function?

 

Hash functions are mathematical algorithms that generate a message summary or digest that can be used to confirm the identity of a specific message and to confirm that the message has not been altered.

 

8. What is PKI?

 

PKI – Public Key Infrastructure

 

It is an integrated system of software, encryption methodologies, protocols, legal agreements and third party services that enables users to communicate securely. It includes digital certificates and certificate authorities.

 

9. What is Steganography?

 

Steganography is the process of hiding information, and while it is not properly a form of cryptography, it is related to cryptography in that both are ways of transmitting information without allowing it to be revealed in transit.

 

10. What are the protocols used in Secure Internet Communication?

 

          S-HTTP(Secure Hypertext Transfer Protocol)

 

          SSL(Secure Socket Layer)

 

          SSL Record Protocol

 

          Standard HTTP

 

11. What is Physical security?

 

Physical security addresses the design, implementation, and maintenance of countermeasures that protect the physical resources of an organization. This means the physical protection of the people, the hardware, and the supporting system elements and resources associated with the control of information in all its states: transmission, storage and processing.

 

12. What are the controls of protecting the Secure Facility?

 

          Walls, Fencing, Gates

 

          Guards

 

          Dogs

 

          ID Cards and Badges

 

 

          Locks and keys

 

          Mantraps

 

          Electronic Monitoring

 

          Alarms and Alarm Systems

 

          Computer Rooms and Wiring Closets

 

          Interior Walls and Doors

 

13. What are the basic types of Fire Detection Systems?

 

          Thermal Detection

 

          Smoke Detection

 

          Flame Detection

 

14. What is TEMPEST?

 

TEMPEST is a technology that prevents the loss of data that may result from the emissions of electromagnetic radiation.

 

15. What is UPS? What are the types of UPS? UPS- Uninterruptible Power Supply

 

It is a electrical device that serves as a battery backup to detect the interruption of power to the power equipment.

 

The basic configurations are,

 

          Standby or offline UPS

 

          Ferroresonant Standby UPS

 

          Line-interactive UPS

 

          True online UPS

 

16. What are the relevant terms for electrical power influence?

 

          Fault:  Momentary Interruption in power

 

          Blackout:  Prolonged Interruption in power

 

Sag:  Momentary drop in power voltage levels

 

 

          Brown out:   Prolonged drop in power voltage levels

 

          Spike:  Momentary increase in power voltage levels

 

• Surge:       Prolonged increase in power voltage levels

 

17. What is fail-safe lock?

 

It is usually used on an exit, where it is essential for human safety in the event of a fire. It is used when human safety is not a factor.

 

18. What are the conditions controlled by HVAC Systems? • Temperature

 

          Filtration

 

          Humidity

 

          Static Electricity.

 

19.How firewalls are categorized by processing mode?

 

The five processing modes are

Packet filtering

 

Application gateways

 

Circuit gateways

 

MAC layer firewalls

 

Hybrids

 

20. What are the factors to be considered while selecting a right firewall? Selecting the Right Firewall

 

          What type of firewall technology offers the right balance of protection features and cost for the needs of the organization?

 

          What features are included in the base price? What features are available at extra cost? Are all cost factors known?

 

          How easy is it to set up and configure the firewall? How accessible are staff technicians with the mastery to do it well?

 

          Can the candidate firewall adapt to the growing network in the target organization?

 

21. What are Sock Servers?

 

SOCKS Servers

 

          The SOCKS system is a proprietary circuit-level proxy server that places special SOCKS client-side agents on each workstation

 

          Places the filtering requirements on the individual workstation, rather than on a single point of defense (and thus point of failure)

 

          This frees the entry router of filtering responsibilities, but then requires each workstation to be managed as a firewall detection and protection device

 

          A SOCKS system can require additional support and management resources to configure and manage possibly hundreds of individual clients, versus a single device or set of devices

 

22. What are the recommended practices in designing firewalls?

 

Firewall Recommended Practices

 

          All traffic from the trusted network is allowed out

 

          The firewall device is always inaccessible directly from the public network

 

          Allow Simple Mail Transport Protocol (SMTP) data to pass through your firewall, but insure it is all routed to a well-configured SMTP gateway to filter and route messaging traffic securely

 

          All Internet Control Message Protocol (ICMP) data should be denied

 

          Block telnet (terminal emulation) access to all internal servers from the public networks

 

          When Web services are offered outside the firewall, deny HTTP traffic from reaching your internal networks by using some form of proxy access or DMZ architecture

 

23. What are intrusion detection systems(IDS)?

 

Intrusion Detection Systems (IDSs)

 

          IDSs work like burglar alarms

 

          IDSs require complex configurations to provide the level of detection and response desired

 

          An IDS operates as either network-based, when the technology is focused on protecting network information assets, or host-based, when the technology is focused on protecting server or host information assets

 

IDSs use one of two detection methods, signature-based or statistical anomaly-based

 

Stateful firewall

 

keeps track of the state of network connections (such as TCP streams) traveling across it.

 

Stateful firewall is able to hold in memory significant attributes of each connection, from start to finish. These attributes, which are collectively known as the state of the connection, may include such details as the IP addresses and ports involved in the connection and the sequence numbers of the packets traversing the connection.

 

Stateless firewall

 

Treats each network frame (Packet) in isolation. Such a firewall has no way of knowing if any given packet is part of an existing connection, is trying to establish a new connection, or is just a rogue packet.

 

The classic example is the File Transfer Protocol, because by design it opens new connections to random ports.

 

Intrusion:


 

Type of attack on information assets in which instigator attempts to gain entry into or disrupt system with harmful intent

 

Intrusion detection:

 

ü Consists of procedures and systems created and operated to detect system intrusions

 

Intrusion reaction:

 

ü Encompasses actions an organization undertakes when intrusion event is detected

 

Intrusion correction activities:

 

ü Finalize restoration of operations to a normal state

 

Intrusion prevention:

 

ü Consists of activities that seek to deter an intrusion from occurring

 

Signature-Based IDS

 

ü Examine data traffic in search of patterns that match known signatures

 

Statistical Anomaly-Based IDS

 

The statistical anomaly-based IDS (stat IDS) or behavior-based IDS sample network activity to compare to traffic that is known to be normal

 

Network-Based IDS (NIDS)

 

Resides on computer or appliance connected to segment of an organization’s network; looks for signs of attacks

 

Honey pots:

 

Decoy systems designed to lure potential attackers away from critical systems and encourage attacks against the themselves

 

Honey nets:

 

ü Collection of honey pots connecting several honey pot systems on a subnet

 

Mantraps

 

ü Small enclosure that has entry point and different exit point

 

Study Material, Lecturing Notes, Assignment, Reference, Wiki description explanation, brief detail
Information Security : Physical Design : Important Short Questions and Answers: Information Security - Physical Design |


Privacy Policy, Terms and Conditions, DMCA Policy and Compliant

Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.