Cyber Security Past Papers PDF

Summary

This document contains past exam questions on cyber security, covering topics such as firewalls, malware, and network security. Questions span multiple topics including different types of hackers, hacking methodologies, security protocols like RSA and Diffie-Hellman key exchange, and vulnerability management in various contexts.

Full Transcript

JAN/FEB 2023
Q1. (a) At which layer of OSI stack firewall will be placed? Give the
types and advantages of firewall in cyber security?
1.b) You have purchased a laptop for your business purpose then what
measures shall you take to protect your device and data.
Q2. (a) Describe the way hackers collect information from intended
users/organization.
(b) Think that you are the security manager for your project team, how
do you apply secure SDLC in each stage of project development.
Q3. (a) Let p=23 and q=5 Alice picks x=4 and Bob picks y=3, compute
the shared secrete key between Alice and Bob using Daffy Hellman key
exchange protocol Algorithm
Q3. (b) Give the importance of the following I. Hashing II. Digital
signature
Q4. (a) Given the implementation of RSA P=53 Q=59 if encryption key
is 3, what is the decryption key? Encrypt and decrypt the message ‘6’
using above keys.
4.b) Find the GCD for the following: (i)gcd(108,144) (ii)gcd(360,210)
Q5. (a) Describe the life cycle of Vulnerability Management.. (b) Describe the shared Responsibility Model in cloud with advantages.
Q6. (a) Create a Threat Model for Secure Online Banking.
Q6. (b)Describe the responsibility of Red team and Blue team.
Q7. (a) How do you find vulnerability in your android application? What
are the common vulnerabilities?
Q7. (b) What are the essential benefits we can realize with the adoption
of DevOps principals, describe the sample tools used at various DevOps
life cycle stages.
Q8. (a) Describe the shared Responsibility Model in cloud.
Q8. (b) What is the need of Dynamic Code Analysis? Which stage of
secure SDLC it is applied?
Q9. (a) Describe Android Application Security architecture.
Q9. (b)Why Is WAF (Wireless Application Firewall) Security Important?
Give its types and features.
Q10. (a) Give two KRI examples each for the following domains: a.
Patch Management b. Anti-virus management
Q10. (b) Describe the IT Incident management life cycle/ Process flow.
JUN/JULY 2023
Q1. (a) Who are hackers? Explain different types of hackers? Illustrate
different hacking methodology.
Q1. (b) Elaborate the three dimensions of McCumber Cube.
Q2. (a) List and explain different types of Malwares.
Q2. (b) How do you apply secure SDLC in each stage of software
development?
Q3. (a) Explain RSA algorithm. Using RSA solve p=5, q=11, key=27,
d=?
Q3. (b) Give the importance of the following I. Hashing II. Digital
signature
Q4. (a) Let p=191 and q=2 Alive picks x=42 and Bob picks y=33,
compute the shared secret key between Alice and Bob using Daffy
Hellman key exchange protocol Algorithm
Q4. (b) Find the GCD for the following numbers
(i) gcd (108,144)
(ii) gcd (360,210)
Q5. (a) Elaborate on software development life cycle (SDLC)
Q5. (b) Illustrate the Vulnerability in different layer in OSI model.
Q6. (a) Discuss and identify and Access Management (IAM). What are
IAM best practices?
Q6. (b) What is threat modeling? Why it is necessary? Explain different
threat modeling methodologies.
Q7. (a) Explain different types of Cloud Models. Illustrate IaaS, SaaS
and PaaS?
Q7. (b) Explain top 10 OWSAP issues in Web Applications. OR Explain
issues in Web Vulnerability
Q8. (a) How is data protection is achieved in cloud?
Q8. (b)Describe shared responsibility in cloud?
Q9. (a) What is incident management? Explain stages and life cycle of
incident management life cycle? List the best practices of incident
management?
Q9. (b) Explain is GRC? Explain ERM and types of risk faced by
enterprise?
Q10. (a) Explain DevOps and Security Challenges. What are its core
principals?
Q10. (b) Give two KRI examples each for the following domains: a).
Patch Management b). Anti-virus management c). Change Management
Makeup Examination-Sept.2023
1 a. Describe how the following concepts secure our Network a).
Firewall b). IPS.
1b Write about different methods of infiltration.
2 a. List and explain different types of Malwares.
2 b. Illustrate the Vulnerability in different layer in OSI model.
3 a Explain RSA algorithm. Using RSA solve p=13, q=17, e=35, d=?
3b.(i).Euler Totient Function. φ(360), φ(777)
(ii). GCD of two numbers.gcd(108,144), gcd(161,28)
4 a. Let p=23 and q=5 Alice picks x=4 and Bob picks y=3, Compute the
shared secret between Alice and Bob using Diffie-Hellman key
exchange protocol.
4b.Write a note on
a). MAC b). Digital Signature
5 a Explain Hardening in Linux
b. Explain the following in Windows: a). Third Patch management b).
Windows Autopilot.
6 a. Explain the Software Development Life Cycle
6 b. What is threat modeling? Why it is necessary? Explain different
threat modeling methodologies.
7. a. Illustrate static code analysis vs dynamic code analysis.
7 b. Explain top 10 OWSAP issues in Web Applications
8 a Discuss and identify and Access Management (IAM). What are IAM
best practices?
8 b. Elaborate on Cloud Vulnerabilities
9. a. Explain Vulnerability life cycle. Elaborate the types of
Vulnerabilities.
9 b. Explain Android Application Security architecture.
10 a. Explain GRC in an company and its benefits.
10 b Explain DevOps and Security Challenges. What are its core
principals?

Examination-Dec-2023
1a. Define cyber security. Explain CIA and AAA security principles.
1 b. What is malware? List and explain any five types of malwares.
2a. Illustrate the purpose of defence in depth? Explain the layers of
defence in depth.
2b. Illustrate: i. DOS and DDOS Attack ii. ON path Attack
3a. Write the steps of RSA-algorithm. Given p=17, q=11, e=7.Find the
decryption key(d)
3b. Analyze & identify the need for digital signature. Explain the
working principle of digital signature
4a. What is the purpose of Public key infrastructure(PKI),explain the
different components of PKI.
4b. Find: 10M i. Euler totient function-φ(255),φ(256) ii. Find
GCD(360,210), GCD(136,260)
5a. Explain the following security devices in cyber security.
5b. Explain the different phases of Microsoft Secure SDLC.
6a. Write a note on i. Third Party patch management ii. Bit locker drive
Encryption
6b. Illustrate OWASP top 10 common web vulnerabilities.
7a. Differentiate between the different categories of cloud delivery
models.
7b. What is the need of Identity and Access Management (IAM)?
Explain any five IAM best practices.
8a. List and explain HTTP methods
8b. Explain Android application security architecture.
9a. What are the objectives of Incident Management? Explain the life
cycle of Incident Management.
9b. Define GRC. Explain Enterprise Risk Management and identify the
different types of risk faced by the Enterprise.
10a. Explain:
i. Life cycle of vulnerability management
ii. Types of Vulnerability
10b. What are DevOps? Explain its security challenges and its core
principles.
Makeup Examination - JULY 2024

1 a. What is the need of defense in depth for a network? Illustrate with
an example
1b. From the perspective of a hacker, mention the methods of infiltration
rules to be applied to capture the confidential information.
2 a. How do you provide two step verification for your login account,
considering the vulnerabilities present in web applications?
2b. You are creating a new password for your online banking, how will
you strengthen your password elaborate.
3a. Let p=23 and q=5 Alice picks x=4 and Bob picks y=3, Compute the
shared secret between Alice and Bob using Diffie-Hellman key
exchange protocol.
3b. Find Euler totient function: φ(255), φ(256)
4a. List the steps in RSA algorithm. Given an implementation of RSA
algorithm that uses primes p=17, q=11, encryption key e=7. What is the
decryption key(d).
4b. In relation with cryptography explain the following
5a. Assuming you are working as software security professional for a
company as designer define threat modeling. Why do you consider it as
important? llustrate with an example.
5 b. Explain various cloud service models
6a. Create a threat model for secure online banking application.
6b. Explain the Software Development Life Cycle. (SDLC) with neat
diagram
7a. Explain types and benefits of penetration testing.
7 b. Assuming the following scenarios explain how mobile security
exploitation occurs in
I. Insecure data storage
II Insecure cryptographic implementations
8. a. What is the need for static code analysis? Compare static code
analysis with dynamic code analysis
8 b. List and explain HTTP methods.
9 a. Illustrate the life cycle of security incident management
9 b. Explain the different kinds of hackers? what do you mean by blue,
red and purple teams
10 a. Discuss phases of Devops with a diagram and illustrate how
security is integrated in it.
10 b. List incident management tools and their features
CYBER SECURITY (20CS54I )FEB 2023

V semester Diploma Examination Jan-2023
CYBER SECURITY 20CS54I
Model answers

NOTE: All model answers are general specific to subject, if any answers are relevant
please give marks.

Q1. (a) At which layer of OSI stack firewall will be placed? Give the types and
advantages of firewall in cyber security?

Ans: Network layer where firewall will be placed in OSI stack.

Different Types of Firewalls in Cyber Security
Firewall in Cyber Security: Types, Advantages & Components (knowledgehut.com)

1. Packet-filtering Firewalls

A packet-filtering firewall is a type of firewall that can obstruct network traffic IP protocol, a
port number, and an IP address. It applies a set of rules, which are based on the contents of IP
and transport header fields on each packet. Upon receiving and analysing the outcome, the
packet-filtering firewall decides whether to forward or discard the packet.

2. Proxy Service Firewalls

Proxy service firewalls are systems that filter messages at the application layer to improve
network security. You can think of it as an intermediary between your internal network and
outside servers. By analysing incoming traffic with stateful and deep packet inspection
technology, they are more secure than traditional firewalls.

3. Stateful Multilayer Inspection (SMLI) Firewalls

Page 2 | 26
CYBER SECURITY (20CS54I )FEB 2023

Stateful Multilayer Inspection firewalls keep track of connections and provide standard
firewall capabilities. Traffic is filtered based on state, port, and protocol, as well as
administrator-defined rules and contexts. A prior connection and packets from a current
connection are used in this process.

4. Unified Threat Management (UTM) Firewalls

SMLI firewalls work in conjunction with intrusion prevention and antivirus software to form
a unified threat management firewall. UTM may include additional services such as cloud
management.

5. Next-generation Firewalls (NGFW)

Compared to packet-filtering and stateful inspection firewalls, next-generation firewalls are
more sophisticated. Unlike standard packet filters, they perform a more thorough inspection
of packets, examining not just packet headers but also their contents and sources. As security,
threats evolve and become more sophisticated, NGFWs are able to block them.

6. Network Address Translation (NAT) Firewalls

As a result, NAT firewalls are capable of assessing internet traffic and blocking unsolicited
communications, so they only accept inbound web traffic from devices on your private
network.

7. Virtual Firewalls

In cloud-based systems, both private and public, virtual firewalls serve as security appliances.
Internet traffic is assessed and managed using this type of firewall, whether it is over a
physical or virtual network.

Advantages of Using Firewalls
What Is Firewall: Types, How Does It Work & Advantages | Simplilearn
The advantages of using firewalls.

It provides enhanced security and privacy from vulnerable services. It prevents
unauthorized users from accessing a private network that is connected to the internet.
Firewalls provide faster response time and can handle more traffic loads.
A firewall allows you to easily handle and update the security protocols from a single
authorized device.
It safeguards your network from phishing attacks.

Q 1.b) You have purchased a laptop for your business purpose then what measures
shall you take to protect your device and data.
Data Security Best Practices: 10 Methods to Protect Your Data | Ekran System
1. Encryption — prevents unauthorized parties from reading your data.

Page 3 | 26
CYBER SECURITY (20CS54I )FEB 2023

2. Masking — suppresses or anonymizes high-value data by replacing sensitive information
with random characters. You can also substitute data with a low-value representative token;
this method is called tokenization.
3. Data erasure — involves cleaning your repository in case stored data is no longer used or
active.
4. Data resilience — involves full, differential, and incremental backups of your critical
data. Storing your valuable data in different locations helps to make it recoverable and
resilient to different cybersecurity threats.

Basic Security Measures You have to Take to Protect Your Digital Assets and Devices -
InfosecTrain
1. Secure the company Wi-Fi and stay up to date: Firstly, you must update your
software frequently because the old versions cannot prevent new hacking methods.
You must adhere to Wi-Fi security best practices to protect your digital assets. Ensure
your router is kept in a physically safe position, change the network name, ensure the
firewall is enabled, and regularly update the firmware and software.

2. Maintain a Data Backup: Data Backup is a process of copying the data files and
storing them in a different location. We can restore the files whenever we want. Data
Backup is very important: assume your system were crashed, or assume your system
was locked by some ransomware that is when you can use the backed up data.

3. Two-step verification: In the world of cyber-crimes, hoping that a password can save
your data is nothing but your innocence. There are many social engineering
techniques where a cybercriminal can easily get the credentials of your social media
accounts, your bank accounts, or any other private accounts. So the only solution to
escape the attacks is to have two-step verification. This is nothing but using an OTP to
login into your accounts. This method is helpful because you will receive the OTP to
your mobile (physical device), which an attacker cannot access. Even if the attacker
knows your credentials, he cannot log in to your account until they have the OTP.

4. Limit Access: Restricting access to digital assets and systems reduces the risk of loss
or theft. Limiting access is a crucial step in protecting digital assets. Make sure that
only those workers who need to use digital assets and systems have access to them.
Authorized users of these systems should follow data security best practices,
including password protection and authentication while utilizing personal devices and
other risk factors.

5. Cyber Insurance: Cyber insurance is kind of similar to regular insurance. For
example, take health insurance. This health insurance can compensate for the money
when you are ill. You can pay your medical bills with health insurance. Similarly,
Cyber Insurance can compensate for the costs of your data loss and investigations of
cyberattacks.

Page 4 | 26
CYBER SECURITY (20CS54I )FEB 2023

6. Document Protocols: Create a calendar and set timelines for activities like backups,
upgrades, and software reviews using an ongoing schedule and calendar. Make a list
of your company’s current protocols, and make sure to update them as required in the
future. Guidelines for digital asset management should be viewed as a dynamic
document that changes and evolves as content, applications, and programs mature and
evolve.

Q2. (a) Describe the way hackers collect information from intended users/organization.

Methodology followed by the Hackers
Methodology followed by the Hackers - GeeksforGeeks

Different types of methodologies:
1. Reconnaissance
Reconnaissance is the process of gathering information about the target system. Finding
vulnerabilities in the computer system or the methods that are left vulnerable is part of the
process. If the hacker is able to get access to the system, he or she will continue the
hacking procedure. The hacker has a lot of knowledge at the end of the reconnaissance
phase, which he can use to build a promising attack on the target system.

2. Scanning
Before launching an attack, the hacker wants to determine whether the system is
operational, which apps are in use, and what versions of those programs are in use.
Scanning entails looking for all open and closed ports in order to locate a backdoor into
the system. It entails getting the target’s IP address, user accounts, and other information.
The information acquired during the reconnaissance phase is utilized to inspect the
network using tools such as port scanners. N-map is a popular, powerful, and freely
available scanning tool.

3. Gaining Control
The information obtained in the previous two phases is utilized to enter and take control
of the target system over the network or physically in this phase of the hacking method.
This stage is often referred to as ―Owning the System.‖

4. Maintaining Access
After acquiring access to the system in the previous stage, the hacker keeps the access for

Page 5 | 26
CYBER SECURITY (20CS54I )FEB 2023

future attacks and makes changes to the system so that no other security personnel or
hacker can acquire access to the compromised system. The attacked system is referred to
as the ―Zombie System‖ in this case.

5. Log Clearing
It is the method of erasing any remaining log files or other sorts of evidence on the
hacked system that could lead to the hacker’s capture. Penetration testing is one of the
instruments in ethical hacking approaches that can be used to catch a hacker.

Q2. (b) Think that you are the security manager for your project team, how do you
apply secure SDLC in each stage of project development.

Microsoft SDL consists of seven components including five core phases and two supporting
security activities. The five core phases are requirements, design, implementation,
verification, and release. Each of these phases contains mandatory checks and approvals to
ensure all security and privacy requirements and best practices are properly addressed. The
two supporting security activities, training and response are conducted before and after the
core phases respectively to ensure they're properly implemented, and software remains secure
after deployment.

Training
All Microsoft employees are required to complete general security awareness training and
specific training appropriate to their role.

Requirements
Every product, service, and feature Microsoft develops starts with clearly defined security
and privacy requirements; they're the foundation of secure applications and inform their
design. Development teams define these requirements based on factors such as the type of
data the product will handle, known threats, best practices, regulations and industry
requirements, and lessons learned from previous incidents. Once defined, the requirements
are clearly defined, documented, and tracked.

Page 6 | 26
CYBER SECURITY (20CS54I )FEB 2023

Design
Once the security, privacy, and functional requirements have been defined, the design of the
software can begin. As a part of the design process, threat models are created to help identify,
categorize, and rate potential threats according to risk. Threat models must be maintained and
updated throughout the lifecycle of each product as changes are made to the software.

Implementation
Implementation begins with developers writing code according to the plan they created in the
previous two phases. Microsoft provides developers with a suite of secure development tools
to effectively implement all the security, privacy, and function requirements of the software
they design. These tools include compilers, secure development environments, and built-in
security checks.

Verification Testing
Before any written code can be released, several checks and approvals are required to verify
that the code conforms to SDL, meets design requirements, and is free of coding errors.
Various automated checks are also required and are built into the commit pipeline to analyse
code during check-in and when builds are compiled.

Release
After passing all required security tests and reviews, builds aren't immediately released to all
customers. Builds are systematically and gradually released to larger and larger groups,
referred to as rings, in what is called a safe deployment process (SDP).

Response
All Microsoft services are extensively logged and monitored after release, identifying
potential security incidents using a centralized proprietary near-real-time monitoring system

Q3. (a) Let p=23 and q=5 Alice picks x=4 and Bob picks y=3, compute the shared
secrete key between Alice and Bob using Daffy Hellman key exchange protocol
Algorithm

ALGORITHM:

1. Key = (YA) XBmod q -> this is the same as calculated by B
2. Global Public Elements

q: q is a prime number
a: a < q and α is the primitive root of q
3. Key generation for user A

Select a Private key XA Here, XA