INFORMATION AND NETWORK SECURITY INS December 2012 Semester 6 BE IT
(3 Hours) [Total Marks : 100]
N.B : (1) Question No. 1 is compulsory.
(2) Attempt any four questions from remaining six questions.
1. | Attempt any four :- | 20 |
| (a) What is primary advantages of SSL over IP Sec ? What is primary advantages | ||
| of IP Sec. over SSL ? | ||
| (b) What is the distinction between a polymoriphic and a metamorphic worm ? | ||
| How might metamorphic software be used for good instead of evil ? | ||
| (c) What is validation error and how can such an error lead to a security flow ? | ||
| (d) What is a race condition ? Discuss an example of race condition ? | ||
| (e) 'Strength and DES depends on the S-boxes in DES'. Comment on the statement. | ||
2. | Explain technique (or fundamental concepts behind) following attacks ? | 20 |
| (Attempt any five) :- | ||
| (a) Cross site scripting | ||
| (b) ARP poisioning | ||
| (c) Packet sniffing | ||
| (d) Spoofing | ||
| (e) Session hijacking | ||
| (f) Piny to Death | ||
| (g) Root Traverse attack on web server. | ||
3. (a) | Why is it a good idea to hash passwords that are stored in a file ? What is a "Salt" | 5 |
| and why should a salt be used whenever passwords are hashed ? | ||
| (b) | Explain Visual CAPTCHA. | 5 |
| (c) | How are polyalphabetic ciphers implemented and how are they superior to | 10 |
| monoalphabetic ciphers ? | ||
4. (a) | Explain DMZ in enterprise wide Networks. Explain various attacks possible | 10 |
| on DMZ and its counter measure. | ||
| (b) | Explain key generation, encryption and decryption in the RSA algorithm. | 10 |
5. (a) | Identify security issue due to protocol. Weakness in following protocols. | 10 |
| (i) CSMALCD (ii) Ethernet with MTU 1500. | ||
| (b) | What isdiffernces between Digital signature and Digital certificate. | 5 |
| (c) | Explain Diffie-Itellmon key exchange algorithm. | 5 |
6. (a) | How is Authentication acieved in Pretty Good Privacy ? | 5 |
| (b) | What are the possible attacks on the password. Explain each in detail ? | 5 |
| (c) | What is Acess Control ? How it is different from availability ? | 5 |
| (d) | Explain relationship betwwen confidentiality, integrity and availability. | 5 |
7. | Write short notes :- | 20 |
| (a) PKI | ||
| (b) IDS/IPS | ||
| (c) Firewall | ||
| (d) KERBE-ROS |
No comments:
Post a Comment