Introduction – Introduction to Information Systems, Types of Information Systems, Development of Information Systems, Introduction to Information Security and CIA triad, Need for Information Security, Threats to Information Systems, Information Assurance and Security Risk Analysis, Cyber Security.
II
Application Security – (Database, E-mail and Internet), Data Security Considerations (Backups, Archival Storage and Disposal of Data), Security Technology (Firewall, VPNs, Intrusion Detection System), Access Control. Security Threats – Viruses, Worms, Trojan Horse, Bombs, Trapdoors, Spoofs, E-mail Viruses, Macro Viruses, Malicious Software, Network and Denial of Services Attack.
III
Introduction to E-Commerce – Threats to E-Commerce, Electronic Payment System, e-Cash, Credit/Debit Cards. Digital Signature, Cryptography, Developing Secure Information Systems, Application Development Security, Information Security Governance & Risk Management, Security Architecture & Design, Security Issues in Hardware, Data Storage & Downloadable Devices, Physical Security of IT Assets – Access Control, CCTV, Backup Security Measures.
IV
Security Policies – Why policies should be developed, Policy Review Process, Publication and Notification Requirement of policies, Types of policies – WWW policies, Email Security policies, Corporate Policies, Sample Security Policies. Case Study – Corporate Security
V
Information Security Standards – ISO, IT Act, Copyright Act, IPR. Cyber Crimes, Cyber Laws in India; IT Act 2000 Provisions, Intellectual Property Law, Copyright Law, Semiconductor Law and Patent Law, Software Piracy and Software License.
SECTION A
1. Attempt all questions in brief.
Q no.
Question
CO
Level
a.
What is mean by Information System
1
K1
b.
What is CIA
1
K2
c.
What is an Information?
1
K1
d.
Define Access Control
2
K2
e.
What is mean by Intellectual Property
5
K2
f.
What is need of having Application Security
3
K3
g.
What are the features of Ecommerce System
3
K3
SECTION B
2. Attempt any three of the following:
Q no.
Question
CO
Level
a.
Describe on Threats to Information Systems
1
K3
b.
Explain in detail on Cyber security
1
K4
c.
Why is it necessary to develop Policies
3
K4
d.
What are the threats in E-Payment System
4
K3
e.
Explain in detail on Firewall? How it provides Security to Hardware and Software
2
K4
SECTION C
3. Attempt any one part of the following:
Q no.
Question
CO
Level
a.
What is a Risk? What are the ways in which the Risk can be Evaluated
2
K2
b.
Explain in detail on VPN and its types
2
K3
4. Attempt any one part of the following:
Q no.
Question
CO
Level
a.
Explain various security standards
5
K4
b.
Why we need cyber laws in India? Define any 2 laws that you feel is necessary
5
K4
5. Attempt any one part of the following:
Q no.
Question
CO
Level
a.
What is the need for having information security? Explain the levels
1
K3
b.
Explain Cryptography in Detail.
3
K3
6. Attempt any one part of the following:
Q no.
Question
CO
Level
a.
Explain General Information system in Detail
1
K4
b.
Write in detail on Software Piracy and Software Licens
5
K3
7. Attempt any one part of the following:
Q no.
Question
CO
Level
a.
What are the various security threats in Applications
2
K4
b.
Write in detail on symmetric and asymmetric key algorithm
