Q1.
Explain the following:
a. Firewall
A firewall is a security device or software that monitors and controls network traffic based on
security rules. It acts as a barrier between trusted internal networks and untrusted external
networks.
Types:
• Packet Filtering: Blocks or allows packets based on rules.
• Stateful Inspection: Tracks active connections for context.
• Proxy Firewalls: Acts as an intermediary for requests.
• Next-Generation Firewalls (NGFW): Combines traditional firewall features with advanced
security measures.
Benefits: Protects against unauthorized access, logs traffic, and prevents malware.
b. Honey Pots
A honey pot is a decoy system designed to attract attackers. It helps gather information about attack
methods and distracts them from real systems.
Types:
• Production Honey Pots: Used in real environments.
• Research Honey Pots: Used for studying attack patterns.
Benefits: Provides insights into attacker behavior and helps improve security strategies.
Q2. Explain in detail Security Requirement Specification
Security Requirement Specification (SRS) is a document that outlines the security requirements for a
system or application. It serves as a guideline for developers, stakeholders, and security professionals
to ensure that security considerations are integrated into the design and implementation phases of a
project.
Key Components of SRS:
1. Introduction: Overview of the system, its purpose, and the importance of security.
2. Scope: Defines the boundaries of the system and what is included in the security
requirements.
3. Stakeholders: Identifies all parties involved, including users, developers, and security
personnel.
4. Security Objectives: High-level goals that the security measures aim to achieve, such as
confidentiality, integrity, and availability (CIA).
5. Functional Requirements: Specific security features that the system must have, such as
authentication, authorization, encryption, and logging.
� 6. Non-Functional Requirements: Performance-related aspects, such as response time for
security checks and system resilience against attacks.
7. Compliance Requirements: Any legal, regulatory, or industry standards that the system must
adhere to, such as GDPR, HIPAA, or PCI-DSS.
8. Assumptions and Constraints: Any assumptions made during the specification process and
constraints that may affect security implementation.
Importance of SRS:
• Ensures that security is considered from the beginning of the development process.
• Provides a clear understanding of security needs for all stakeholders.
• Facilitates communication between technical and non-technical parties.
Q3. Explain format string problems and Integer overflow
Format String Problems
Format string vulnerabilities occur when untrusted input is used as a format string in functions like
‘printf’. This can lead to security issues such as memory corruption and unauthorized access to
sensitive data.
Mitigation: Use fixed format strings and validate user input to prevent exploitation.
Integer Overflow
Integer overflow happens when an arithmetic operation exceeds the maximum value that a data
type can represent, leading to unexpected behavior and potential security vulnerabilities.
Mitigation: Use safe arithmetic practices and perform checks before arithmetic operations to avoid
overflow conditions.
Q4. What do you mean by Denial of Service
Denial of Service (DoS) is a type of cyber attack that aims to make a machine or network resource
unavailable to its intended users. Attackers achieve this by overwhelming the target with excessive
traffic or requests, causing it to slow down or crash.
Types of Denial of Service Attacks:
1. Volume-Based Attacks: Focus on consuming bandwidth.
2. Protocol Attacks: Exploit weaknesses in network protocols.
3. Application Layer Attacks: Target specific applications or services.
Impact: DoS attacks can result in significant downtime, loss of revenue, damage to reputation, and
increased operational costs for recovery.
Mitigation Strategies: Effective measures include implementing rate limiting, using firewalls, and
employing DDoS protection services to absorb and mitigate attacks.
