Tuesday

ADVANCED DATABASE SECURITY

 ADVANCED DATABASE SECURITY

(MTCSPE3001A)

Assignment Questions

UNIT I: Database Basics & SQL

Bloom Level 3 – Apply

1. Apply the concept of data abstraction by giving real-life examples of each level.

2. Write a SQL query to display names and salaries of employees earning more than ₹50,000.

3. Draw an ER diagram for a library management system.

4. Demonstrate the process of converting an ER model into a relational schema.

5. Formulate a SQL query to fetch customer details who have placed orders in the last 30 days.

Bloom Level 4 – Analyze

6. Analyze the differences between a schema and an instance with suitable examples.

7. Differentiate between logical and physical data independence with examples.

8. Compare ER model and Relational model in terms of data representation and usage.

9. Given a SQL query, identify and explain its components (SELECT, FROM, WHERE).

10. Analyze a poorly structured SQL query and suggest improvements.

Bloom Level 5 – Evaluate

11. Evaluate the effectiveness of SQL in querying large databases.

12. Critically assess the limitations of the ER model in representing complex relationships.

13. Justify the use of relational databases over file systems with examples.

14. Assess how data abstraction improves database performance and usability.

15. Evaluate SQL’s role in enforcing data integrity.

UNIT II: Introduction to Database Security

Bloom Level 3 – Apply

1. Apply access control concepts to a hospital database system.

2. Demonstrate how cryptographic techniques secure data in transit and at rest.

3. Illustrate the structure of a statistical database and its use in government data.

4. Apply SQL GRANT and REVOKE commands to manage access.

5. Create an access control list (ACL) for a university student portal.

Bloom Level 4 – Analyze

6. Analyze various types of security threats databases face.

7. Compare discretionary access control and mandatory access control with examples.

8. Analyze how cryptographic data protection differs from access control.

9. Examine how SQL handles security features like roles and permissions.

10. Compare the advantages and limitations of statistical databases.

Bloom Level 5 – Evaluate

11. Evaluate the role of databases in supporting organizational security policies.

12. Judge the effectiveness of cryptographic data protection in preventing data breaches.

13. Evaluate the importance of SQL security features in multi-user systems.

14. Critically examine the trade-offs between performance and security in database systems.

15. Justify the need for security mechanisms even in isolated database systems.

UNIT III: Security Methods and Techniques

Bloom Level 3 – Apply

1. Demonstrate how to use SQL views to limit data exposure.

2. Apply data masking to protect sensitive information in a database.

3. Write SQL triggers to track unauthorized modifications.

4. Illustrate row-level security using example SQL commands.

5. Use escaping techniques to prevent SQL injection in user input.

Bloom Level 4 – Analyze

6. Analyze the role of triggers in enhancing security.

7. Compare column-level and row-level access control with examples.

8. Examine the effectiveness of change tracking for detecting unauthorized access.

9. Distinguish between symmetric and asymmetric encryption in databases.

10. Analyze how views can support security while ensuring data usability.

Bloom Level 5 – Evaluate

11. Evaluate different access control models in the context of database security.

12. Assess the use of data masking in protecting personally identifiable information (PII).

13. Judge the impact of encryption on database performance and security.

14. Justify the need for query escaping in web applications.

15. Evaluate change tracking tools as part of a database audit mechanism.

UNIT IV: Data Integrity & Backup

Bloom Level 3 – Apply

1. Apply referential integrity rules to a banking database.

2. Demonstrate how to perform a full database backup using SQL tools.

3. Illustrate how domain integrity constraints ensure data validity.

4. Use SQL commands to enforce table-level constraints.

5. Show how to configure monitoring tools to track user activity.

Bloom Level 4 – Analyze

6. Analyze how different types of integrity constraints ensure data consistency.

7. Compare integrity constraints and triggers in terms of their roles.

8. Examine how backup strategies differ for small and large databases.

9. Analyze the importance of transaction logs in backup and recovery.

10. Distinguish between logical and physical database backups.

Bloom Level 5 – Evaluate

11. Evaluate the effectiveness of built-in database integrity features.

12. Judge the role of regular backups in disaster recovery planning.

13. Assess the reliability of database monitoring tools in detecting suspicious activity.

14. Critically evaluate whether constraints limit or enhance database performance.

15. Justify the use of foreign keys in maintaining relational integrity.

UNIT V: Security Analysis Tools

Bloom Level 3 – Apply

1. Apply penetration testing methods on a test database.

2. Demonstrate how a SQL injection attack works with a basic example.

3. Use a database security scanner to identify vulnerabilities.

4. Illustrate how to write a simple script to detect weak passwords in a database.

5. Apply input validation techniques to prevent SQL injection.

Bloom Level 4 – Analyze

6. Analyze the causes and consequences of SQL injection attacks.

7. Compare manual vs automated database security analysis.

8. Examine the working of a popular open-source database security scanner.

9. Distinguish between false positives and true threats in vulnerability reports.

10. Analyze how security misconfigurations contribute to database breaches.

Bloom Level 5 – Evaluate

11. Evaluate different tools used for database security analysis.

12. Judge the adequacy of SQL injection prevention techniques.

13. Critically assess the benefits and limitations of writing custom security tools.

14. Evaluate how regular audits can improve database security posture.

15. Justify the need for continuous monitoring even after initial hardening.

Friday

Social Network Analysis

 

1: Introduction & Tools

  1. Define social network analysis and explain its importance in real-world systems.

  2. Describe the basic components of a graph. How are these used in network modeling?

  3. Explain the differences between directed and undirected networks with suitable examples.

  4. Write a Python snippet using NetworkX to create and visualize a simple graph.

  5. Describe the main features and uses of Google Colab for social network analysis tasks.


 2: Network Measures

  1. Define degree centrality and closeness centrality. How do they differ in interpretation?

  2. What is betweenness centrality? Explain its significance in identifying bridge nodes.

  3. Describe clustering coefficient. What does a high clustering coefficient imply?

  4. Explain the concept of average path length in a network.

  5. Write a Python code using NetworkX to compute degree centrality and plot it.


3: Network Growth Models

  1. Compare and contrast the Erdős–Rényi model and Barabási–Albert model.

  2. Explain the concept of preferential attachment in network evolution.

  3. How do random graphs help in understanding real-world network structures?

  4. What are small-world networks? Explain with the help of the Watts–Strogatz model.

  5. Describe the steps to generate a scale-free network using NetworkX.


 4: Link Analysis

  1. Describe the PageRank algorithm and its applications.

  2. What is the HITS algorithm? How does it differ from PageRank?

  3. Explain the concepts of hub and authority scores.

  4. How does link analysis help in ranking web pages?

  5. Illustrate with code how to compute PageRank of a graph in NetworkX.


 5: Graph Visualization & Community Detection I

  1. Why is graph visualization important in network analysis?

  2. Discuss different layout algorithms available for visualizing graphs.

  3. What are communities in a network? Give real-world examples.

  4. Explain the Girvan–Newman algorithm for community detection.

  5. Demonstrate a visualization of communities using NetworkX and matplotlib.


 6: Community Detection II

  1. What is modularity? How does it help in evaluating community structures?

  2. Explain the Louvain method for community detection.

  3. Compare the Girvan–Newman and Louvain algorithms in terms of accuracy and efficiency.

  4. How can overlapping communities be identified in a network?

  5. Write code to detect communities in a graph and calculate modularity using NetworkX.


7: Link Prediction

  1. What is link prediction and why is it important in social networks?

  2. Describe common similarity-based methods for link prediction.

  3. Explain how machine learning can be applied to the link prediction problem.

  4. Describe and compare Jaccard Coefficient and Adamic-Adar Index.

  5. Implement a simple link prediction model using NetworkX.


 8: Cascade Behavior and Network Effects

  1. Explain the concept of information cascade with an example.

  2. How does the threshold model of behavior adoption work in networks?

  3. What are network externalities? How do they affect user behavior?

  4. Describe diffusion models used in analyzing cascade behaviors.

  5. Simulate a simple cascade process using a Python script.


9: Anomaly Detection

  1. What constitutes an anomaly in a network?

  2. Explain how network topology can help detect anomalous nodes or links.

  3. Discuss different types of anomalies (e.g., structural, temporal).

  4. Describe a method to detect fraud in e-commerce networks.

  5. Write a Python function to identify nodes with unusual degree distributions.


10: Intro to Deep Learning & Graph Representation I

  1. What are the challenges in applying deep learning to graphs?

  2. Define graph embeddings and explain their purpose.

  3. Describe the concept of node2vec and how it captures network features.

  4. How does graph structure differ from regular data in DL applications?

  5. Illustrate how to convert a graph into a format usable by deep learning models.


11: Graph Representation II

  1. Explain Graph Convolutional Networks (GCNs) and their working principles.

  2. How is information propagated in GCNs?

  3. Describe one practical use case of Graph Neural Networks.

  4. What are the limitations of shallow embedding methods like DeepWalk?

  5. Implement a basic graph representation learning model using node2vec.


12: Applications & Case Studies

  1. Describe a real-world application where social network analysis improved outcomes.

  2. How can network science help in analyzing fake news spread?

  3. Discuss a case study involving anomaly detection in financial transaction networks.

  4. Explain the role of SNA in recommendation systems.

  5. Summarize key learnings from the course and their practical significance.

Thursday

Strategic Management

 

1: Introduction to Strategic Management

  1. Explain the significance of strategic management in achieving organizational goals.

  2. Discuss the steps involved in the strategic management process with examples.

  3. Analyze how the liberalization of the Indian economy in 1991 impacted corporate strategy.

  4. Compare corporate strategy with business and functional strategies.

  5. Illustrate with examples how strategic management leads to competitive advantage.


2: Board of Directors and Top Management

  1. Describe the structure and key functions of the Board of Directors in a corporate setting.

  2. Explain the strategic role played by top management in shaping the vision of a company.

  3. Discuss corporate governance and its influence on strategic decision-making.

  4. Analyze the challenges faced by Boards in the Indian context while performing their duties.

  5. What skills should top executives possess to ensure effective strategic planning?


 3: Environmental and Internal Scanning

  1. Explain the purpose and process of environmental scanning in strategic planning.

  2. Differentiate between EFAS and IFAS with suitable examples.

  3. How does industry analysis help in identifying strategic opportunities and threats?

  4. Describe the value chain model and its application in internal analysis.

  5. Using a hypothetical case, explain how to synthesize internal and external factors.


4: Strategy Formulation

  1. Explain the process of preparing a Strategic Factors Analysis Summary (SFAS).

  2. Distinguish between corporate-level strategy and business-level strategy with examples.

  3. Evaluate how strategic alternatives are assessed and selected in organizations.

  4. Describe the role of functional strategies in the overall strategic framework.

  5. How do internal and external factors influence strategic choice?


5: Strategy Implementation

  1. Explain how organization structure supports or hinders strategy implementation.

  2. Discuss the impact of corporate culture on successful strategy execution.

  3. Analyze diversification strategies using real-world company examples.

  4. Explain how mergers and acquisitions contribute to strategic growth.

  5. Identify and explain key challenges in implementing corporate strategies effectively.


6: Evaluation and Control

  1. Describe the steps involved in evaluating strategic performance.

  2. How does the Balanced Scorecard help in monitoring and controlling strategy?

  3. Discuss the role of feedback mechanisms in strategic control systems.

  4. Analyze the benefits of using Strategic Information Systems for performance evaluation.

  5. Provide a framework for measuring the success of a newly implemented strategy.


7: Strategic Enablers – R&D, IT

  1. Explain the strategic significance of R&D in innovation-driven industries.

  2. How does IT support strategic decision-making and competitive positioning?

  3. Analyze the integration of IT strategy with business strategy using an industry example.

  4. Discuss the challenges of managing R&D as a strategic function.

  5. Evaluate the role of digital transformation in reshaping strategic planning.


8: KM, Technology, Strategic Risk

  1. Explain the process of Knowledge Management and its strategic importance.

  2. Discuss the types of strategic risks faced by global businesses today.

  3. How can organizations build resilience against strategic risks?

  4. Analyze the role of emerging technologies in transforming strategic capabilities.

  5. Discuss how KM supports continuous improvement and innovation in strategy.


More Questions 

1: Introduction to Strategic Management

  1. Define strategic management. How does it differ from operational management?

  2. Explain the key elements of the strategic management process.

  3. What is the significance of corporate strategy in an organization?

  4. Discuss the role of vision and mission statements in strategy formulation.

  5. How does strategic management provide a competitive edge in a liberalized economy?


2: Board of Directors and Top Management

  1. What are the primary roles and responsibilities of the Board of Directors?

  2. How does top management influence strategic decision-making?

  3. Explain the importance of corporate governance in strategic management.

  4. Compare and contrast board functioning in Indian companies versus global practices.

  5. What are the essential skills required by top executives for effective strategic leadership?


 3: Environmental and Internal Scanning

  1. What is environmental scanning and why is it important for strategy formulation?

  2. Describe the components of the external environment in strategic analysis.

  3. How is the EFAS (External Factors Analysis Summary) prepared?

  4. Explain the concept of value chain analysis and its strategic significance.

  5. Discuss how internal factors are analyzed using IFAS (Internal Factors Analysis Summary).


 4: Strategy Formulation

  1. What is SFAS (Strategic Factors Analysis Summary) and how is it derived?

  2. Differentiate between business-level and corporate-level strategies.

  3. Explain the process of choosing an appropriate strategic alternative.

  4. Describe the role of functional strategy in supporting business strategy.

  5. What factors should be considered while making strategic choices?


5: Strategy Implementation

  1. How does organizational structure affect strategy implementation?

  2. What is the relationship between corporate culture and strategy execution?

  3. Discuss the strategic rationale behind mergers and acquisitions.

  4. Explain how diversification can be used as a strategic tool.

  5. Identify key barriers to successful strategy implementation.


 6: Evaluation and Control

  1. What are the key steps in strategic evaluation?

  2. Explain the role of feedback in strategic control systems.

  3. Describe the concept of Balanced Scorecard and its application in strategy control.

  4. How can Strategic Information Systems support evaluation and control?

  5. Discuss how companies can measure the effectiveness of their strategies.


 7: R&D and IT as Strategic Enablers

  1. How does R&D contribute to sustaining competitive advantage?

  2. Discuss the strategic role of Information Technology in modern organizations.

  3. Explain the interlinkages between innovation, R&D, and strategy.

  4. What challenges do firms face while integrating IT with business strategy?

  5. How can R&D and IT be aligned with long-term corporate objectives?


8: Knowledge Management, Technology & Strategic Risk

  1. Define Knowledge Management and its relevance in strategic management.

  2. Discuss how technology acts as a driver of strategic change.

  3. What are the different types of strategic risk organizations face today?

  4. Explain how companies can proactively manage strategic risks.

  5. How does KM enhance organizational learning and decision-making?

DATA PRIVACY Syllabus

 DATA PRIVACY MTCSPE1001D

Course objectives:

1. To create architectural, algorithmic and technological foundations for the maintenance of the privacy of individuals, the confidentiality of organizations, and the protection of sensitive information, despite the requirement that information be released publicly or semi-publicly.

Course outcomes: After successful completion of this course, students will be able to:

1. Understand the concepts of privacy in today’s environment.

2. Obtain the understanding of how automation is changing the concepts and expectations concerning privacy and the increasingly interconnected issue of security.

3. Obtain the knowledge of the role of private regulatory and self-help efforts.

4. Have an understanding of how emerging issues are affecting society and business, with a concentration on how information security must shape corporate practices.

Course Contents: 

UNIT I

Introduction- Fundamental Concepts, Definitions, Statistics, Data Privacy Attacks, Data linking and profiling, access control models, role-based access control, privacy policies, their specifications, languages and implementation, privacy policy languages, privacy in different domains- medical, financial, etc. 

UNIT II

Data explosion- Statistics and Lack of barriers in Collection and Distribution of Person- specific information. Mathematical model for characterizing and comparing real-world data sharing practices and policies and for computing privacy and risk measurements, Demographics and Uniqueness.

UNIT III

Protection Models- Null-map, k-map, Wrong map Survey of techniques- Protection models (null-map, k-map, wrong map), Disclosure control, Inferring entity identities, Strength and weaknesses of techniques, entry specific databases. Computation systems for protecting delimited data- MinGen, Datafly, Mu-Argus, k-Similar, Protecting textual documents: Scrub. 

UNIT IV

Technology, Policy, Privacy and Freedom- Medical privacy legislation, policies and best practices 

UNIT V

Examination of privacy matters specific to the World Wide Web, Protections provided by the Freedom of Information Act or the requirement for search warrants.


References:

1. B. Raghunathan, The Complete Book of Data Anonymization: From Planning to Implementation, Auerbach Pub, 2013.

2. L. Sweeney, Computational Disclosure Control: A Primer on Data Privacy Protection, MIT Computer Science, 2002.

DCCN: Course objectives and Course Outcomes

 This course introduces students to the fundamental concepts of data communication and computer networks. It covers the basic components of network systems, transmission media, multiplexing, switching technologies, error detection and correction techniques, medium access control protocols, and network topologies. The course also explores Internet protocols, transport layer mechanisms, and application layer functions, providing students with a comprehensive understanding of how data is transmitted and processed across networks.

Course Objectives:

  1. To introduce students to the basic components and concepts of data communication and networking.
  2. To provide a comprehensive understanding of transmission media, multiplexing and switching.
  3. To explain error detection and correction techniques, and medium access control.
  4. To explain the functions and protocols associated with Internet layer, Transport and Application layers.
  5. To understand the various network topologies and network devices.

Course Outcomes:

After successful completion of this course the student will be able:

  1. To understand the fundamentals of data communication and computer networks.
  2. To understand transmission media, multiplexing and switching.
  3. To gain the ability to implement and analyze error detection and correction techniques and understand medium access control methods.
  4. To be capable of describing Internet and Transport layer protocols.
  5. To identify and explain the various components and topologies of data communication systems

Type of connection

 Two types of connections

a. Point-to-point

b. Multipoint

In point-to-point connection the two devices are connected by a dedicated link. The entire capacity of

the link is reserved for transmission between those two devices.


A multipoint (also known as multidrop) connection is one in which more than two specific devices share

a single link. The capacity of the channel is shared either spatially or temporally.