Home | | Information Security | Important Short Questions and Answers: Information Security - Physical Design

Chapter: Information Security : Physical Design

Important Short Questions and Answers: Information Security - Physical Design

Information Security - Physical Design - Important Short Questions and Answers: Information Security - Physical Design


1. What is intrusion?


An intrusion is a type of attack on information assets in which the instigator attempts to gain entry into a system or disrupt the normal operations of a system with, almost always, the intent to do malicious harm.


2. What is IDS?


IDS stands for Intrusion Detection Systems. It works like a burglar alarm in that it detects a violation of its configuration and activates and alarm. This alarm can be audible and/or visual or it can be silent.


3. What is Signature based IDSs?


Signature based IDSs, also known as knowledge based IDSs, examine data traffic for patterns that match signatures, which are pre-configured, predetermined attack patterns.




4. What are Honey pots?


Honey pots are decoy systems, which means they are designed to lure potential attackers away from critical systems.


In the security industry, these systems are also known as decoys, lures, or flytraps.


5. What is the use of Scanning and analysis tools?


Scanning and analysis tools are used to pinpoint vulnerabilities in systems, holes in security components, and unsecured aspects of the network. Although these tools are used by attackers, they can also be used by an administrator not only to learn more about his/her own system but also identify and repair system weaknesses before they result in losses.


6. What are the factors of authentication?


          What a supplicant knows


          What a supplicant has


          Who a supplicant is


          What a supplicant produces


7. What is Hash function?


Hash functions are mathematical algorithms that generate a message summary or digest that can be used to confirm the identity of a specific message and to confirm that the message has not been altered.


8. What is PKI?


PKI – Public Key Infrastructure


It is an integrated system of software, encryption methodologies, protocols, legal agreements and third party services that enables users to communicate securely. It includes digital certificates and certificate authorities.


9. What is Steganography?


Steganography is the process of hiding information, and while it is not properly a form of cryptography, it is related to cryptography in that both are ways of transmitting information without allowing it to be revealed in transit.


10. What are the protocols used in Secure Internet Communication?


          S-HTTP(Secure Hypertext Transfer Protocol)


          SSL(Secure Socket Layer)


          SSL Record Protocol


          Standard HTTP


11. What is Physical security?


Physical security addresses the design, implementation, and maintenance of countermeasures that protect the physical resources of an organization. This means the physical protection of the people, the hardware, and the supporting system elements and resources associated with the control of information in all its states: transmission, storage and processing.


12. What are the controls of protecting the Secure Facility?


          Walls, Fencing, Gates






          ID Cards and Badges



          Locks and keys




          Electronic Monitoring


          Alarms and Alarm Systems


          Computer Rooms and Wiring Closets


          Interior Walls and Doors


13. What are the basic types of Fire Detection Systems?


          Thermal Detection


          Smoke Detection


          Flame Detection


14. What is TEMPEST?


TEMPEST is a technology that prevents the loss of data that may result from the emissions of electromagnetic radiation.


15. What is UPS? What are the types of UPS? UPS- Uninterruptible Power Supply


It is a electrical device that serves as a battery backup to detect the interruption of power to the power equipment.


The basic configurations are,


          Standby or offline UPS


          Ferroresonant Standby UPS


          Line-interactive UPS


          True online UPS


16. What are the relevant terms for electrical power influence?


          Fault:  Momentary Interruption in power


          Blackout:  Prolonged Interruption in power


Sag:  Momentary drop in power voltage levels



          Brown out:   Prolonged drop in power voltage levels


          Spike:  Momentary increase in power voltage levels


• Surge:       Prolonged increase in power voltage levels


17. What is fail-safe lock?


It is usually used on an exit, where it is essential for human safety in the event of a fire. It is used when human safety is not a factor.


18. What are the conditions controlled by HVAC Systems? • Temperature






          Static Electricity.


19.How firewalls are categorized by processing mode?


The five processing modes are

Packet filtering


Application gateways


Circuit gateways


MAC layer firewalls




20. What are the factors to be considered while selecting a right firewall? Selecting the Right Firewall


          What type of firewall technology offers the right balance of protection features and cost for the needs of the organization?


          What features are included in the base price? What features are available at extra cost? Are all cost factors known?


          How easy is it to set up and configure the firewall? How accessible are staff technicians with the mastery to do it well?


          Can the candidate firewall adapt to the growing network in the target organization?


21. What are Sock Servers?


SOCKS Servers


          The SOCKS system is a proprietary circuit-level proxy server that places special SOCKS client-side agents on each workstation


          Places the filtering requirements on the individual workstation, rather than on a single point of defense (and thus point of failure)


          This frees the entry router of filtering responsibilities, but then requires each workstation to be managed as a firewall detection and protection device


          A SOCKS system can require additional support and management resources to configure and manage possibly hundreds of individual clients, versus a single device or set of devices


22. What are the recommended practices in designing firewalls?


Firewall Recommended Practices


          All traffic from the trusted network is allowed out


          The firewall device is always inaccessible directly from the public network


          Allow Simple Mail Transport Protocol (SMTP) data to pass through your firewall, but insure it is all routed to a well-configured SMTP gateway to filter and route messaging traffic securely


          All Internet Control Message Protocol (ICMP) data should be denied


          Block telnet (terminal emulation) access to all internal servers from the public networks


          When Web services are offered outside the firewall, deny HTTP traffic from reaching your internal networks by using some form of proxy access or DMZ architecture


23. What are intrusion detection systems(IDS)?


Intrusion Detection Systems (IDSs)


          IDSs work like burglar alarms


          IDSs require complex configurations to provide the level of detection and response desired


          An IDS operates as either network-based, when the technology is focused on protecting network information assets, or host-based, when the technology is focused on protecting server or host information assets


IDSs use one of two detection methods, signature-based or statistical anomaly-based


Stateful firewall


keeps track of the state of network connections (such as TCP streams) traveling across it.


Stateful firewall is able to hold in memory significant attributes of each connection, from start to finish. These attributes, which are collectively known as the state of the connection, may include such details as the IP addresses and ports involved in the connection and the sequence numbers of the packets traversing the connection.


Stateless firewall


Treats each network frame (Packet) in isolation. Such a firewall has no way of knowing if any given packet is part of an existing connection, is trying to establish a new connection, or is just a rogue packet.


The classic example is the File Transfer Protocol, because by design it opens new connections to random ports.




Type of attack on information assets in which instigator attempts to gain entry into or disrupt system with harmful intent


Intrusion detection:


ü Consists of procedures and systems created and operated to detect system intrusions


Intrusion reaction:


ü Encompasses actions an organization undertakes when intrusion event is detected


Intrusion correction activities:


ü Finalize restoration of operations to a normal state


Intrusion prevention:


ü Consists of activities that seek to deter an intrusion from occurring


Signature-Based IDS


ü Examine data traffic in search of patterns that match known signatures


Statistical Anomaly-Based IDS


The statistical anomaly-based IDS (stat IDS) or behavior-based IDS sample network activity to compare to traffic that is known to be normal


Network-Based IDS (NIDS)


Resides on computer or appliance connected to segment of an organization’s network; looks for signs of attacks


Honey pots:


Decoy systems designed to lure potential attackers away from critical systems and encourage attacks against the themselves


Honey nets:


ü Collection of honey pots connecting several honey pot systems on a subnet




ü Small enclosure that has entry point and different exit point


Study Material, Lecturing Notes, Assignment, Reference, Wiki description explanation, brief detail
Information Security : Physical Design : Important Short Questions and Answers: Information Security - Physical Design |

Privacy Policy, Terms and Conditions, DMCA Policy and Compliant

Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.