Scribd Logo
Upload

Welcome to Scribd!

  • 9 views

    Ispaper

    Uploaded by

    bodhu varun
    This document is an examination paper for an Information Security Assessments and Audits course. It contains instructions for the exam and questions worth a total of 70 marks. The exam consists of two parts: Part A is worth 20 marks and contains 10 short questions. Part B is worth 50 marks and contains 5 units with 4 questions each, and students must answer one question from each unit. The questions cover topics like the ethics of security auditors, performance metrics, vulnerability analysis, types of security audits, social media countermeasures, risks and threats, risk management processes, and configuration management.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Ispaper

    Uploaded by

    bodhu varun
    9 views2 pages
    This document is an examination paper for an Information Security Assessments and Audits course. It contains instructions for the exam and questions worth a total of 70 marks. The exam consists of two parts: Part A is worth 20 marks and contains 10 short questions. Part B is worth 50 marks and contains 5 units with 4 questions each, and students must answer one question from each unit. The questions cover topics like the ethics of security auditors, performance metrics, vulnerability analysis, types of security audits, social media countermeasures, risks and threats, risk management processes, and configuration management.

    Original Description:

    Original Title

    ispaper

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document is an examination paper for an Information Security Assessments and Audits course. It contains instructions for the exam and questions worth a total of 70 marks. The exam consists of two parts: Part A is worth 20 marks and contains 10 short questions. Part B is worth 50 marks and contains 5 units with 4 questions each, and students must answer one question from each unit. The questions cover topics like the ethics of security auditors, performance metrics, vulnerability analysis, types of security audits, social media countermeasures, risks and threats, risk management processes, and configuration management.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    9 views2 pages

    Ispaper

    Uploaded by

    bodhu varun
    This document is an examination paper for an Information Security Assessments and Audits course. It contains instructions for the exam and questions worth a total of 70 marks. The exam consists of two parts: Part A is worth 20 marks and contains 10 short questions. Part B is worth 50 marks and contains 5 units with 4 questions each, and students must answer one question from each unit. The questions cover topics like the ethics of security auditors, performance metrics, vulnerability analysis, types of security audits, social media countermeasures, risks and threats, risk management processes, and configuration management.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 2

    R17 Regulation Subject code: 1E7EB

    TKR COLLEGE OF ENGINEERING AND TECHNOLOGY


    (Autonomous, Accredited by NAAC with ‘A’ Grade)
    B.Tech IV Year I Semester Regular Examinations, February 2021

    INFORMATION SECURITY ASSESSMENTS AND AUDITS


    (Computer Science and Engineering)
    Maximum Marks: 70 Date: 27.02.2021 Duration: 3 hours
    Note: 1.This question paper contains two parts A and B.
    2. Part A is compulsory which carries 20 marks. Answer all questions in Part A.
    3. Part B consists of 5 Units. Answer any one full question from each unit.
    4. Each question carries 10 marks and may have a, b, c, d as sub questions.
    Part-A
    All the following questions carry equal marks (10x2M=20 Marks)
    1 What are the ethics of an information security Auditor?
    2 Discuss common issues and variances of Performance Metrics.
    3 Define Pre-audit checklist and Vulnerability Analysis.
    4 Compare External , internal ,Firewall and IDS Security Auditings.
    5 Explain social Media countermeasures.
    6 Jot down the Threats and Vulnerabilities of information Security.
    7 Risk Management Feedback Loops – Define.
    8 Differentiate between Risk Treatment and Residual Risk.
    9 What is Configuration Management?
    10 Why do we perform Configuration Reviews?
    Part-B
    Answer All the following questions. (10M X 5=50Marks)
    11 Explain information security Methodologies.(10M)
    OR
    12 Elaborate on the phases of information security Audit and Strategies.(10M)
    13 Detail on Information Security Audit Tasks, Reports And Post Auditing Actions.(10M)
    OR
    14 List down the Information Security Audit Deliverables & procedure of Writing
    Report.(10M)
    15 Compare and Contrast Human-based Social Engineering, Computer-based Social
    Engineering of vulnerability management.(10M)
    OR
    16 Explain Vulnerability Management such as Vulnerability Scanning, testing, Threat
    Management, Remediation etc.(10M)
    17 Describe the phases and types of Information Security Assessment.(10M)
    OR
    18 How to Choose the right tools for Vulnerability Assessment Records.(10M)
    19 What are Configuration management Requirements-Plan-Control ?(10M)
    OR
    20 Explain in Detail about Development of Configuration Control Policies and
    Testing.(10M)

    1
    2

    You might also like