NIS QB with answers

1. Need for firewall:

• Protects against unauthorized access: Firewalls act as a barrier between an internal network and
the external network (usually the Internet), preventing unauthorized access and potential attacks
from malicious sources.
• Monitors and filters network traffic: Firewalls monitor and filter incoming and outgoing
network traffic based on predefined rules, allowing only authorized traffic to pass through while
blocking or alerting on suspicious or malicious traffic.
• Safeguards sensitive data: Firewalls help in preventing data breaches by monitoring and
controlling the flow of data between networks, ensuring that sensitive information remains
protected.

2. Meaning of hacking:
• Unauthorized access: Hacking refers to gaining unauthorized access to a computer system or
network, bypassing security measures, and gaining control or stealing information.
• Malicious intent: Hacking is typically done with malicious intent, such as stealing sensitive data,
disrupting services, or causing harm to individuals or organizations.
• Illegitimate activity: Hacking is considered illegal and unethical unless done for legitimate and
legal purposes, such as ethical hacking for security testing or with proper authorization.

3. Working principle of SMTP:

• Simple Mail Transfer Protocol (SMTP) is a communication protocol used for sending email
messages over a network.
• SMTP uses a client-server model, where the sender's email client (e.g., Outlook) sends the email
to the recipient's mail server through a series of commands and responses.
• The recipient's mail server then delivers the email to the recipient's mailbox or forwards it to
another mail server until it reaches the intended recipient.
 4. Creation and verification of digital signature:
• Creation: A digital signature is created by generating a unique hash (a fixed-length string of
characters) of the original data using a cryptographic algorithm, and then encrypting the hash
with the private key of the sender. This creates a unique signature that is appended to the original
data.
• Verification: To verify the digital signature, the recipient uses the sender's public key to decrypt
the signature and obtain the hash. The recipient then generates a hash of the received data using
the same cryptographic algorithm. If the decrypted hash matches the generated hash, the digital
signature is valid and the data has not been tampered with.

5. Criteria for classification of information:

• Confidentiality: Information can be classified based on the level of confidentiality, such as public,
internal, confidential, or top secret, depending on the sensitivity and potential impact of the
information if disclosed to unauthorized parties.
• Integrity: Information can be classified based on the level of integrity, such as unaltered, partially
altered, or completely altered, depending on the level of trust and reliability required for the
information.
• Availability: Information can be classified based on the level of availability, such as highly
available, moderately available, or low availability, depending on the importance and accessibility
requirements of the information.

6. Types of firewall and explanation of one:

• Types of firewalls include network layer (packet-filtering) firewalls, application layer firewalls,
and stateful inspection firewalls.
• Network layer firewalls operate at the network level and filter traffic based on source and
destination IP addresses, ports, and protocols.
• Application layer firewalls operate at the application level and inspect traffic based on
application-specific rules, providing more advanced filtering and protection against application-
layer attacks.
• Stateful inspection firewalls combine elements of network and application layer firewalls,
keeping track of the state of network connections and filtering traffic based on the connection
state, providing better security and performance.
 7. IPsec security with the help of a diagram:
• IPsec (Internet Protocol Security) is a protocol suite used to secure IP communications by
providing authentication, integrity, and confidentiality.
• IPsec operates at the network layer and is typically used to create virtual private networks
(VPNs) for secure communication over public networks, such as the Internet.
• IPsec uses various security mechanisms, such as Authentication Header (AH) and Encapsulating
Security Payload (ESP), to provide authentication, integrity, and confidentiality of IP packets,
as shown in the diagram.
[Diagram: IPsec security diagram showing IP packets with AH or ESP headers for authentication,
integrity, and confidentiality]

8. Kerberos with help of a suitable diagram:

• Kerberos is a network authentication protocol used for secure authentication of users and
services in a distributed environment.
• Kerberos uses a trusted third-party authentication server, known as the Key Distribution Center
(KDC), to authenticate users and services using tickets.
• The diagram illustrates the Kerberos authentication process, where a user requests a ticket for a
particular service from the KDC, which issues a ticket granting ticket (TGT) and a service ticket
(ST) that the user presents to the service for authentication.
[Diagram: Kerberos authentication process diagram showing user, KDC, TGT, and ST]
9. DMZ (Demilitarized Zone) with a suitable example:
• DMZ is a network architecture that creates a separate and isolated network zone between an
internal network and an external network, typically the Internet.
• DMZ is used to host publicly accessible services, such as web servers or email servers, while
keeping the internal network secure from direct exposure to external threats.
• An example of a DMZ is a company's web server that is accessible from the Internet, but is
isolated from the internal network by a firewall, allowing external users to access the website
without directly accessing the internal network.

10. Honey pots:

• Honey pots are decoy systems or resources intentionally designed to attract attackers or intruders
and detect their activities.
• Honey pots simulate vulnerable systems or services to lure attackers into interacting with them,
providing valuable insight into their techniques and intentions.
• Honey pots can be used for early detection of attacks, studying attacker behavior, and gathering
intelligence on new threats or vulnerabilities in a controlled and monitored environment.

11. Host-based IDS (Intrusion Detection System):

• Host-based IDS is a security system that monitors and analyzes activity on a single host or
endpoint, such as a server or a workstation, to detect signs of intrusion or malicious activity.
• Host-based IDS typically uses a combination of log analysis, file integrity monitoring, and
system call monitoring to detect deviations from normal behavior or known attack patterns.
• Host-based IDS can provide detailed visibility into the activities happening on a specific host,
allowing for quicker detection and response to potential security incidents.
• Host-based IDS can be effective in detecting attacks that bypass network-based defenses, such
as insider threats or attacks targeting specific hosts or applications.
 12. Firewall Configuration:
• Firewall configuration refers to the process of setting up and defining the rules and policies for
a firewall to filter and control incoming and outgoing network traffic.
• Firewall configuration involves defining access control rules based on criteria such as source
and destination IP addresses, ports, and protocols, to allow or deny traffic.
• Firewall configuration also includes setting up logging and monitoring rules to capture and
analyze firewall activity for security analysis and auditing purposes.
• Firewall configuration should be based on the organization's security policies and best practices,
and should be regularly reviewed and updated to adapt to changing security requirements and
threat landscapes.
13.Define Cyber Crime? List any two cyber crime.
Cyber Crime: Cyber crime refers to illegal activities that are committed using computers, networks,
or the internet, typically with the intention of causing harm, gaining unauthorized access, stealing
data, or disrupting digital systems.
Two examples of cyber crimes are:
1. Phishing: It involves attempting to trick individuals into revealing their personal or confidential
information, such as usernames, passwords, and credit card numbers, by posing as a trustworthy
entity in electronic communication, such as emails, messages, or websites.
2. Malware attacks: These involve the use of malicious software, such as viruses, worms, and
ransomware, to gain unauthorized access to computer systems or networks, disrupt their
operation, or steal sensitive data.

Ans]14. Define following Cyber Crimes: i)Cyber Stalking ii) Email Harassment
i) Cyber Stalking: Cyber stalking refers to the act of repeatedly harassing, threatening, or intimidating
an individual or group online. This may involve sending unwanted messages, emails, or social media
posts, making false accusations, spreading rumors, or engaging in other malicious activities that
cause emotional distress or fear to the victim.
ii) Email Harassment: Email harassment involves the use of email to send threatening, abusive, or
offensive messages to an individual or organization with the intent to cause harm or distress. This
may include sending derogatory remarks, hate speech, explicit content, or repeated messages that are
meant to intimidate, bully, or harass the recipient. Email harassment can have serious psychological,
emotional, and professional consequences for the victim.

Ans] 15. Explain the following terms of Intellectual property: (i)Copyright (ii) Patent (iii)
Trademark
(i) Copyright:
1. Copyright protects original works of human intellect, such as literary, artistic, musical, and
technological works. This includes writings, paintings, sculptures, computer programs, and
electronic databases.
2. Copyright grants the creator or owner of the work the exclusive right to reproduce, distribute,
display, and create derivative works from the original work.
 3. Copyright protection is automatic and arises as soon as a work is created, without the need for
formal registration, although registration may be required for certain legal benefits and
enforcement actions.
4. The duration of copyright protection varies depending on the type of work and the jurisdiction,
typically lasting for the life of the creator plus a certain number of years after their death.
(ii) Patent:
1. Patent is an exclusive right granted by law to an inventor or assignee for a new and useful
invention or process. It prevents others from commercially using, making, or selling the patented
invention without permission for a limited period of time.
2. In exchange for the exclusive rights, the inventor or assignee is required to provide a detailed
public disclosure of the invention, which contributes to the advancement of technology and
knowledge.
3. Patents are typically granted for inventions that are novel, non-obvious, and have industrial
application.
4. The duration of patent protection varies depending on the type of patent and jurisdiction, but
generally lasts for 20 years from the filing date of the patent application.
(iii) Trademark:
1. A trademark is a sign, such as a logo, name, or symbol, that identifies and distinguishes the
goods or services of one enterprise from those of competitors.
2. Trademarks are used to protect brands and create brand recognition, goodwill, and consumer
loyalty.
3. To be eligible for trademark protection, a mark must be distinctive, meaning it is not generic or
descriptive, and is capable of identifying the source of the goods or services.
4. Trademark protection provides the owner with the exclusive right to use the mark in connection
with the goods or services covered by the mark, and may be renewed indefinitely as long as the
mark is actively used and maintained.

Ans]16. Symmetric and Asymmetric key cryptography

Symmetric Key Cryptography: In symmetric key cryptography, the same secret key is used for both
encryption and decryption of data. The sender and receiver share the same key, and it is used to
encrypt the original data at the sender's end and decrypt the encrypted data at the receiver's end.
Symmetric key cryptography is relatively fast and efficient, but it requires a secure method of key
distribution since the same key is used for both encryption and decryption.
• Asymmetric Key Cryptography: In asymmetric key cryptography, also known as public-key
cryptography, a pair of keys is used for encryption and decryption. These keys are
mathematically related, but they are not identical. One key, known as the public key, is used for
encryption, while the other key, known as the private key, is used for decryption. The public key
can be freely shared with anyone, while the private key must be kept secret by the owner.
Asymmetric key cryptography provides better security and authentication compared to
symmetric key cryptography, but it is slower and computationally more complex.