Scribd
Upload
70 views

18CSC364J - Information Security MCQ UNIT 4

The document discusses database security, including key pillars like access management and identity controls. It also covers Linux command security and risk mitigation strategies. Common database security threats are described, such as privacy invasion and data manipulation. The importance of audit logs and threat monitoring is explained.

Uploaded by

Mayank
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
70 views

18CSC364J - Information Security MCQ UNIT 4

The document discusses database security, including key pillars like access management and identity controls. It also covers Linux command security and risk mitigation strategies. Common database security threats are described, such as privacy invasion and data manipulation. The importance of audit logs and threat monitoring is explained.

Uploaded by

Mayank
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

UNIT-4

Security architecture, Security Architecture – Implementation, Linux Command, Linux


Command Analysis, Linux Command Security, Linux Command Security Implementation,
Database Security Architecture, Database Security Architecture- Implementation,
Database Security Types, Applications of Database Security, Key Pillars of Database
Security, Establish Strong Identity Controls, Access Management Control, Disaster
Recovery, Risk Mitigation Plan, Cyber Security Measure, Anomalous Data Traffic

PART A

1. What is the used for database security.


A. Data encryption
B. A view
C. Finger print
D. All of the above

2. …………is responsible for using that the database remains in a consistent state
despite system failure.
A. Transaction
B. Storage manager.
C. End user.
D. Sophisticated.
3. The security of a system can be improved by-
A. Audit Log
B. Threat Monitoring
C. Audit Log
D. None of the above
4. Data security threats include:
A. Privacy invasion
B. Hardware protection
C. Manipulation of data
D. All of the above
5. Prevention of access to the database by unauthorized user is referred to as-
A. Security
B. Confidentiality
C. Integrity
D. availability
6. risk mitigation includes all the following except
A. risk assumption
B. risk identification
C. risk planning
D. risk limitation
7. two forms of risk asssement are
A. technical and procedural
B. subjective and objective
C. analytics and assessment
D. qualitative and quantitative
8. another term for project impact analysis is
A. risk assessment
B. risk analysis
C. risk benefit
D. risk management
9. ………….. is one of the most secured linux OS that provide anonymity and an
incognito option for securing its user data
A. Tails
B. Fedoro
C. Ubuntu
D. Open SUSE
10.MAC is abbreviated as
A. Mandatory access control
B. Machine access control
C. Manage account control
D. Machine Accounting control
11.DTE is abbreviated as…………….
A. Domain and Type Enforcement
B. Domain and type enforce
C. DNS and type enforcing
D. DNS and type enforce
12.What is the first process in the risk management methodology?
A. Risk Analysis
B. Likelihood
C. Fault tolerance
D. Record retention
13.An audit log is an example of what type of control?
A. Detection
B. Preventive
C. Recovery
D. Containment
14.What are the three objectives of information security?
A. Prevent, detect, and respond.
B. Confidentiality, integrity and availability.
C. Integrity, authenticity, and completeness.
D. Identification, authentication, and non repudiation.
15.Which one of the following can be considered as the class of computer threats?
A. DoS Attack
B. Phishing
C. Soliciting
D. Both A and C
16.Which of the following is considered as the unsolicited commercial email?
A. Virus
B. Malware
C. Spam
D. All of the above
17.…………….is a type of software designed to help the user computer detect viruses and
avoid them.
A. Malware
B. Adware
C. Antivirus
D. All of the above
18.Which of the following refers to the violation of the principle if a computer is no more
accessible?
A. Availability
B. Confidentiality
C. Integrity
D. None of these
19.Which of the following is not a type of scanning?
A. Xmas Tree Scan
B. Cloud Scan
C. Null Scan
D. None of these

20. What is Cyber Security?


A. Cyber Security provides security against malware
B. Cyber Security provides security against cyber-terrorists
C. Cyber Security protects a system from cyber attacks
D. All of the mentioned
21.Who is the father of computer security?
A. August Kerckhoffs
B. Bob Thomas
C. Robert
D. Charles
22.Which of the following is not a type of cyber security?
A. Cloud security
B. Network security
C. Application Security
D. Operating System Security
PART C
1. Explain in detail the key pillars of database security.

Describe the most common and far-reaching vulnerabilities in default Linux installations

Illustrate basic security architecture model used to protect logical and physical data
PPT
Describe various database security access points
PPT

Discuss various risk mitigation policies and processes to reduce the overall risk or impact of a cybersecurity threats.

https://securityscorecard.com/blog/6-strategies-for-cybersecurity-risk-
mitigation#:~:text=Cybersecurity%20risk%20mitigation%20involves%20the,prevention%2C
%20detection%2C%20and%20remediation.

You are an employee of a company responsible for the administration of ten production databases lately you have
notice that your manager is asking you frequent questions about the data used by one of the top researchers of the
engineering department for two days while conducting routine database tasks you notice your manager exporting
data from the database the top researchers are using
1. What type of security threat is the exportation of data how can you prevent it
2. To what type of security risk could exporting data lead
3. Explain briefly how you would react to this incident

You might also like