Subject Code: D5810 M.

Tech II Semester [R09] Regular Examinations August 2010 SECURE DATABASE APPLICATIONS DEVELOPMENT (CS, CS&E) Time: 3 Hours Max Marks: 60 Answer any FIVE questions All questions carry EQUAL marks 1. a). What is an information system? Describe components of the information system. b). Describe the characteristics of information system categories. 2. a). Describe in detail about database security vulnerabilities and data base security risks. b). What is digital authentication? Briefly describe LDAP. 3. a). What are the best practices for user administration, and describe with an example how each practice enhances OS Security. b). Describe the database account access procedure. 4. What is a User profile? Describe in detail about the involved process in design and implementation of password policies either in Oracle or SQL server environment. 5. a). Describe the process of Granting and revoking user privileges b). What are the most commonly used application types? List the most common application security models. 6. a). Describe the importance of VIEW database object, while implementing a VPD. b). Briefly describe the process to implement row-level and column-level security. 7. a). Describe the process to generate a data manipulation history b). Differentiate between the auditing architectures of DML Action Vs DML changes 8. a). Describe the process to create and implement DLL triggers with Oracle b). Briefly describe the project security requirements for a secured repository.

Subject Code: D5810 M.Tech II Semester [R09] Regular/Supplementary Examinations, September 2011

SECURED DATABASE APPLICATIONS DEVELOPMENT (Com. to CS, CSE and CNIS) Time: 3 Hours Max Marks: 60 Answer any FIVE questions. All questions carry EQUAL marks 1. (a) Explain about the various methods involved in securing a database? (b) Explain about Asset types?
2. Explain in detail about E-mail Security?

3. (a) Differentiate between Linked and Remote Servers? (b) Explain in detail about user and operating system Authentication?
4. Explain in detail about the design and implementation of Various Password Policies?

5. (a) Explain Different types of users in a database? (b) Explain in detail about Data Encryption? 6. (a) Explain about the implementation of Virtual private database Using Views? (b) Explain about the implementation of Oracle VPD? 7. (a) List out the Advantages and Disadvantages of Database Auditing? (b) Explain about Auditing Application errors with oracle? 8. (a) Explain about the steps involved in Creating DLL Triggers? (b) Explain in detail about Secured Authentication?

Subject Code: D581() M.Tech. II Semester [R09] Regular/Supplementary Examinations, October 2012 SECURED DATABASE APPLICATION DEVELOPMENT (Comm to CS,CS&E and CN&IS) Time: 3 Hours Max Marks: 60 Answer any FIVE questions All questions carry EQUAL marks 1. a. With a neat diagram, explain the information security architecture in detail? b. Define security? Describe the information system and its components? . a. List and explain different Authentication methods in detail? b. Describe vulnerabilities of operating system in detail? 3. a. Outline the risks of database links? b. Explain the steps for Creating/ modifying] removing users in OS? 4. What is the process involved in granting and revoking user privileges, explain? 5. With the help of example show how data encryption method is used in providing database security? 6. a. Define VPD? How VPD is implemented using views, explain? b. Explain the implementation of row and Column level security with SQL server? '7. a. List the objectives 0f database auditing? b. What are the benefits and side-effects of auditing? 8. a. With a case study, explain the development of an Online database? b. Briefly explain auditing database activities with Oracle?