Exam Details
| Subject | system management security and control information system | |
| Paper | ||
| Exam / Course | mba | |
| Department | ||
| Organization | solapur university | |
| Position | ||
| Exam Date | 04, December, 2018 | |
| City, State | maharashtra, solapur |
Question Paper
M.B.A. (Semester IV) (CBCS) Examination, 2018
Paper IV System Management Security and Control
Information System
(Group
Day and Date Tuesday, 4-12-2018 Max. Marks 70
Time 10.30 a.m. to 1.00 p.m.
Instructions Question No. 1 is compulsory.
Solve any two questions from 4 and any two from
6 and 7.
All questions carry equal marks indicated in the right side of
each question.
1. Analyze the following case study, identify problems, suggest alternatives and
choose the best solution. 14
In 2004, Gartner, Inc. (Gartner) issued the first warning to organizations about
the threats they faced from the portable devices carried by the employees.
Data theft, one of the major security issues facing the companies, could
lead to heavy financial and economic loss to the organizations, according to
experts. Apart from the more prevalent forms of data theft like online hacking
of the organization's networks and stealing of hard copies of the files of the
organization, the companies were now waking up to yet another 'physical' way
of data theft with innocent looking IT gadgets like iPods, digital cameras, MP3
players and smart phones. The expenses incurred on preventing the theft of
data were slowly taking a major part of the IT budget for many organizations.
Employees could easily use their advantage of access to the internal resources
of the company to steal vital data. The main motives for stealing the data were
monetary gain, malicious intent and curiosity. Corporate data was profitable in
many ways; patented formulae, tender details, plans for future expansion were
some bits of information which could be very useful to competitors and fetch a
good sum of money in the market. Dishonest employees could steal data and
sell it to their competitors.
P.T.O.
Seat
No. Set P
Set P
SLR-CL 75 *SLRCL75*
Corporate insiders could easily evade the ring of security. Statistics showed
that internal security breaches were growing faster than the external security
breaches; and it constituted almost half of the total security breaches in the
organization.
However, there were some who argued that it was more of hype than a real
threat. Though there was every possibility of the data getting stolen and
used for malicious purposes, some experts opined that the threat had been
over-publicized in the media.
At a time when all the companies (mostly banks and governments) were
encouraging the customers to transact online, a considerable amount of
confidential customer data was stored in the company's database; and there
could not be any question of complacency on the part of the organizations in
safeguarding this data.
2. Write short notes on any two of the following 14
Security Policy.
Secret Key encryption.
Virus Threats and Protection.
3. Answer any two of the following 14
Discuss the need for security and control in information systems.
Discuss in detail Access Control and types of access control.
Discuss meaning of malicious software and its threat to information system.
4. Answer any two of the following 14
Explain Logical Security in detail.
Discuss the applications of Message Digests.
Explain meaning of Authentication and discuss types of authentication in
e-security.
5. Discuss in detail Security Audit along with security policy. Also discuss assurance
and evaluation of a secure information system. 14
6. Discuss the concept of Security of information resources along with different
types of security risks. 14
7. Discuss in detail cryptography and different types of cryptographic techniques. 14
Paper IV System Management Security and Control
Information System
(Group
Day and Date Tuesday, 4-12-2018 Max. Marks 70
Time 10.30 a.m. to 1.00 p.m.
Instructions Question No. 1 is compulsory.
Solve any two questions from 4 and any two from
6 and 7.
All questions carry equal marks indicated in the right side of
each question.
1. Analyze the following case study, identify problems, suggest alternatives and
choose the best solution. 14
In 2004, Gartner, Inc. (Gartner) issued the first warning to organizations about
the threats they faced from the portable devices carried by the employees.
Data theft, one of the major security issues facing the companies, could
lead to heavy financial and economic loss to the organizations, according to
experts. Apart from the more prevalent forms of data theft like online hacking
of the organization's networks and stealing of hard copies of the files of the
organization, the companies were now waking up to yet another 'physical' way
of data theft with innocent looking IT gadgets like iPods, digital cameras, MP3
players and smart phones. The expenses incurred on preventing the theft of
data were slowly taking a major part of the IT budget for many organizations.
Employees could easily use their advantage of access to the internal resources
of the company to steal vital data. The main motives for stealing the data were
monetary gain, malicious intent and curiosity. Corporate data was profitable in
many ways; patented formulae, tender details, plans for future expansion were
some bits of information which could be very useful to competitors and fetch a
good sum of money in the market. Dishonest employees could steal data and
sell it to their competitors.
P.T.O.
Seat
No. Set P
Set P
SLR-CL 75 *SLRCL75*
Corporate insiders could easily evade the ring of security. Statistics showed
that internal security breaches were growing faster than the external security
breaches; and it constituted almost half of the total security breaches in the
organization.
However, there were some who argued that it was more of hype than a real
threat. Though there was every possibility of the data getting stolen and
used for malicious purposes, some experts opined that the threat had been
over-publicized in the media.
At a time when all the companies (mostly banks and governments) were
encouraging the customers to transact online, a considerable amount of
confidential customer data was stored in the company's database; and there
could not be any question of complacency on the part of the organizations in
safeguarding this data.
2. Write short notes on any two of the following 14
Security Policy.
Secret Key encryption.
Virus Threats and Protection.
3. Answer any two of the following 14
Discuss the need for security and control in information systems.
Discuss in detail Access Control and types of access control.
Discuss meaning of malicious software and its threat to information system.
4. Answer any two of the following 14
Explain Logical Security in detail.
Discuss the applications of Message Digests.
Explain meaning of Authentication and discuss types of authentication in
e-security.
5. Discuss in detail Security Audit along with security policy. Also discuss assurance
and evaluation of a secure information system. 14
6. Discuss the concept of Security of information resources along with different
types of security risks. 14
7. Discuss in detail cryptography and different types of cryptographic techniques. 14
Other Question Papers
Subjects
- (paper – x) financial management
- (paper – xi) human resource management
- accounting for management
- accounting for managers
- agricultural marketing
- agricultural production management
- agro-processing industries and rural industrialization
- banking and insurance (paper – xvi)
- brand management and social marketing
- busines ethics
- business ethics (new) (cbcs)
- business ethics (old)
- corporate planning and strategic management (old)
- corporate planning and strategic management(old cbcs)
- day and date : friday, 30-11-2018 total
- economic environment for business
- entrepreneurship development and project management
- excel
- excellence in management
- export policy, procedure and documents (paper – ii)
- financial decision analysis
- financial management
- fundamentals of agriculture and co-operative management
- fundamentals of agriculture and co-operative management (new cbcs)
- global human resource management
- group d – system management (paper – ii)
- human resource initiatives (paper – ii)
- human resource management
- indian financial system
- indian financial system (paper – xix)
- industrial engineering
- industrial relations and labour regulations
- integrated marketing communication and consumer behaviour
- international busines (paper – xiii)
- international business environment (old)
- international business environment (paper – i)
- international finance
- international financial system and markets
- international financial systems and markets
- international logistics
- international marketing
- international trade and agriculture
- international trade procedures and documentation
- international trade procedures and documentations
- investment management
- it for management
- legal aspects of busines
- legal aspects of business
- logistics and supply chain management
- logistics and supply chain management (paper – xx)
- management accounting
- management accounting (paper–xviii)
- management acounting
- management information system
- managerial communication – i
- managerial communication – ii
- managerial economics
- managerial excellence
- marketing management
- marketing management (cbcs)
- operations management
- organisational behaviour
- organizational behaviour
- paper – ix : marketing management
- paper – xii : production and materials management (old)
- paper – xiii : economic environment of busines
- paper – xiv : managerial comunication – ii
- paper – xv : research methodology
- paper – xvi : event management(new)
- paper – xvi : operations management
- paper – xvii : strategic management
- performance management and compensation
- perspectives of management
- principles of management
- product and brand management
- product and brand management (paper – i)
- production and materials management
- production management and operations research (paper – xii)
- programing concepts and advanced
- programming concepts and advanced excel
- project planning and working capital management
- purchasing and inventory management
- purchasing and inventory management (paper – xix)
- quality management
- relational database management system
- research methodology
- research methodology (paper – xv)
- retail and rural marketing
- sales and distribution management (new) paper – xx
- sales and strategic marketing
- sales and strategic marketing (new cbcs)
- sales and strategic marketing (old)
- security and control information system
- skill development (paper – xix)
- statistical methods
- statistics for management
- strategic financial management
- strategic financial management (paper – ii)
- strategic human resource management
- strategic human resource management (old)
- strategic human resource management (paper – xix)
- system management
- system management security and control information system
- systems management
- systems management (paper – i)
- systems management (paper – ii)
- taxation
- training and development
- training and development gr.c : human resource management
- world class manufacturing