SYSTEM SECURITY (SS) DECEMBER 2011 COMPUTER SCIENCE SEMESTER 7

SYSTEM SECURITY (SS) DECEMBER 2011 COMPUTER SCIENCE SEMESTER 7 

Con.6646-11.                                   (REVISED COURSE)                           MP-5614

                                                                   (3 Hours)                                [Total Marks :-100]

N.B: (1) Question No.1 is compulsory.
        (2) Attempt any four from remaining six questions.
        (3) Assume suitable data if required.

1. (a) How does RC4 stream cipher work? [5 Marks]
    (b) Explain Knapsack algorithm with example. [5 Marks]
    (c) What are the key principles of security? [5 Marks]
    (d) What is software reverse engineering? [5 Marks]

2. (a) Explain MD5 in detail. [10 Marks]
    (b) Compare packet sniffing and packet spoofing. Explain the session hijacking
          attack. [10 Marks]

3. (a) Explain one time initialization process and processes in each round of Advanced Encryption
         Standard. [10 Marks]
    (b) Explain IPSec protocol in detail. Also write applications and advantages of IPSec. [10 Marks]

4. (a) What is Buffer overflow and incomplete mediation in Software Security. [10 Marks]
    (b) Explain how threat precursors are used for Reconnaissance of network. [10 Marks]

5. (a) How flaws in TCP/IP can cause operating systems to become vulnerable? Also explain how
         kerberos are used for user authentication in windows. [10 Marks]
    (b) Based on packet filters and proxy servers what are the different firewall configurations. What
         are the limitations of firewall? [10 Marks]

6. (a) What are different types of password? Explain how they work with neat diagrams. What
         are the problems with passwords? [10 Marks]
    (b) What is Malware? Explain Salami and Linearization attacks. [10 Marks]

7. Write short notes on (any four): - [20 Marks]
     (a) Honey pots
     (b) CAPTCHA
     (c) SHA-1
     (d) Digital Rights Management.
     (e) Multiple -level security model.