Scribd Logo
Upload

Welcome to Scribd!

  • All Unit 2 Mark and 16 Mark PDF

    Uploaded by

    Subash Prabhu
    116 views6 pages

    Original Title

    All Unit 2 Mark and 16 mark.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    116 views6 pages

    All Unit 2 Mark and 16 Mark PDF

    Uploaded by

    Subash Prabhu

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    VALLIAMMAI ENGINEERING COLLEGE

    (A member of SRM Institution)


    SRM Nagar, Kattankulathur 603203.
    DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

    Year and Semester

    : I / II

    Section

    :1

    Subject Code

    : NE7202

    Subject Name

    : NETWORK AND INFORMATION SECURITY

    Degree and Branch

    : ME - CSE

    Staff Incharge

    : Dr.V.Dhanakoti

    UNIT-1
    PART-A

    1. What is the OSI security architecture?


    2. What is the difference between passive and active security threats?
    3. List and briefly define categories of passive and active security attacks.
    4. List and briefly define categories of security services.
    5. List and briefly define categories of security mechanisms
    6. What is access control matrix?
    7. Define theBell-Lapadula Model - simple security condition preliminary version.
    8. Define the Bell-Lapadula Model- Star property.
    9. What is Low-Water mark policy?
    10. Define Ring Policy.
    11. What is Bibas Strict Integrity Model?
    12. List the Lipners use of The Bell-Lapadula Model Security levels and categories.
    13. Define Lipners Full model
    14. What is Chinese wall Model?
    15. Define Originator access control
    16. Define role based call control.
    17. What is Conditional command?
    18. Define the Principle of Attenuation of Privilege
    19. How the protection state transitions are specified?
    20.List the different security policies and types of access control.

    Prepared By : Dr.V.Dhanakoti

    Page 1

    PART B
    1. What is meant by cryptanalysis? What are the types of cryptanalytic attacks and the amount of
    information known to cryptanalyst? What are the features of these attacks?(16)
    2. Explain in detail about Active attacks and passive Attacks.(16)
    3. Describe in detail about security services.(16)
    4. Explain in detail about access control matrix with example (16)
    5. Write short notes on following models
    i) Biba Integrity model (6)
    ii) Lipners integrity model (10)
    6. Explain in detail about Clinical information systems security policy (8)
    7. Write short notes on following models
    i) Bell la-padula model (10)
    ii) Biba integrity model (6)
    8.i)Describe in detail about clark Wilson integrity model(12)
    ii) Describe the lower water mark policy (4)
    9.Describe in detail about Confidentiality policies(16)
    10.Explain in detail about Hybrid Policies (16)
    UNIT-II
    PART-A
    1. What are the essential ingredients of a symmetric cipher?
    2. What are the two basic functions used in encryption algorithms?
    3. How many keys are required for two people to communicate via a cipher?
    4. What is the difference between a block cipher and a stream cipher?
    5. Briefly define the Caesar cipher.
    6. Briefly define the monoalphabetic cipher.
    7. Briefly define the Playfair cipher.
    8. What is the difference between a monoalphabetic cipher and a polyalphabetic cipher?
    9. What are two problems with the one-time pad?
    10. What is a transposition cipher?
    11. What is the difference between diffusion and confusion?
    12. Which parameters and design choices determine the actual algorithm of a Feistel cipher?
    13. What is the purpose of the S-boxes in DES?
    14. Explain the avalanche effect.
    15 What is the difference between differential and linear cryptanalysis?
    16.What is the purpose of the State array?
    17. What is the difference between SubBytes and SubWord?
    18. What is the difference between ShiftRows and RotWord?
    19 What is the role of a compression function in a hash function?
    20. What are some approaches to producing message authentication?

    Prepared By : Dr.V.Dhanakoti

    Page 2

    PART-B
    1. Describe in detail about Substitution ciphers with examples (16)
    2. Explain in detail about linear cryptanalysis and differential cryptanalysis (16)
    3. Explain in detail about Data Encryption Standard (16)
    4. Describe in detail about Advanced Encryption standard (16)
    5. Write short notes on the following
    i) HMAC (8)
    ii) SHA-512(8)
    6. Describe in detail about hash function and Message authentication code (16)
    7. Write short notes on the following
    i) Ceaser cipher (3) ii) polyalphabetic cipher (3)
    iv) Playfair cipher(3) iii) vernam cipher (3)
    v) Transposition method of encryption (4)
    8. Write short notes on the following
    i) MAC (8)
    ii)Hash function(8)
    9. Describe in detail about authentication protocols (16)
    10. Describe in detail about Message Authentication function.(16)

    UNIT-III
    PART-A
    1. What is an elliptic curve?
    2. What is the zero point of an elliptic curve?
    3. List ways in which secret keys can be distributed to two communicating parties.
    4. What is the difference between a session key and a master key?
    5. What is a nonce?
    6. What is a key distribution center?
    7. What are two different uses of public-key cryptography related to key distribution?
    8. List four general categories of schemes for the distribution of public keys.
    9. What are the essential ingredients of a public-key directory?
    10. What is a public-key certificate?
    11. What are the requirements for the use of a public-key certificate scheme?
    12. Briefly define a group, ring and field
    13. What is the difference between modular arithmetic and ordinary arithmetic?
    14. What are the principal elements of a public-key cryptosystem?
    15. What are the roles of the public and private key?
    16. What are three broad categories of applications of public-key cryptosystems?
    17. What requirements must a public key cryptosystems fulfill to be a secure algorithm?
    18. What is a one-way function?
    19. What is a trap-door one-way function?
    20. Describe in general terms an efficient procedure for picking a prime number.

    Prepared By : Dr.V.Dhanakoti

    Page 3

    PART-B
    1. Explain in detail about public key encryption with neat diagram (16)
    2. i)Describe in dtail about RSA Cryptosystem (10)
    ii) Write Short Notes on RSA Attacks(6)
    3.i)Explain in detail about El-Gamal Crypto system(10)
    ii) Consider an ElGamal scheme with a common (6)
    prime q=71 and primitive root =7.If B has public key YB =3 and A chose the
    random
    integer k=2 what is the cipher text of M=30?
    4. Consider an ElGamal scheme with a common prime q=11 and primitive root =2 . k=2
    i) If A has public key XA =5 What is As private key YA
    ii)If user B has private key XB=12 what is Bs public key YB
    iii) What is the cipher text of M=30?
    5. Explain in detail about Digital signature with diagrams(16)
    6. i)Explain in detail about Elliptic curve Crptography (8)
    ii) Describe in detail about symmetric key distribution (8)
    7. Explain in detail about distribution of public keys (16)
    8.i)Perform encryption and Decryption using RSA
    P=11 q=13 e=11 M=7 (10)
    ii) Explain in detail about private key distribution (6)
    9. i)Explain in detail about Elliptic curve Cryptography (8)
    ii) Describe in about RSA Algorithm (8)
    10. Explain in detail about following in detail with diagram
    i) Public key cryptosystem Secrecy (5)ii) Public key cryptosystem Authentication (5)
    iii)Public key cryptosystem Secrecy &authentication (6)
    UNIT-IV
    PART-A
    1. Define the principle of fail-safe defaults
    2. What is principle of Complete mediation?
    3. Define the principle of Psychological Acceptability.
    4. What is Access control list?
    5. What is lock and Key Technique?
    6. How the Internet handles identity conflict?
    7. Differentiate static and dynamic identifiers.
    8. Define Confinement problem
    9. What is the use of sandboxes?
    10. Define virtual machine
    11. What is Capability list? Give an example
    12. List the top ten OWASP Vulnerabilities
    13. Define the information flow of an Assignment statement with example.
    Prepared By : Dr.V.Dhanakoti

    Page 4

    14. What is buffer overflow?


    15. What is the use of Ring based Access control?
    16. Define information flow of procedure calls
    17. What is the use of covert channel?
    18. Define the use of Fentons data Mark machine.
    19. What is command Injection?
    20. Define state and cookies.
    PART-B
    1. Describe in detail about Design principles with examples (16)
    2. Explain in detail about Identity of the web (16)
    3. Describe in detail about Access Control list with example (16)
    4. Explain in detail about Compiler base information Mechanism of information flow (16)
    5. Explain in detail about Representation of identity (16)
    6. Describe in detail Capabilities and Access control list with example (16)
    7. Explain in detail about confinement problem with example (16)
    8. Describe the following OWASP Vulnerabilities
    i) Buffer overflows ii) AntiCross site Scripting Libraries
    iii) Command Injection iv)Canonical data Format
    9. Explain in detail about top ten OWASP Vulnerabilities (16)
    10. Explain in detail about Entropy based Analysis and Nonlattice Information Flow Policies(16)

    UNIT-V
    PART-A
    1. What was the problem addressed by Kerberos?
    2. In the context of Kerberos, what is a realm?
    3. List three approaches to secure user authentication in a distributed environment
    4. Why is R64 conversion useful for an email application?
    5. Draw the Format of PGP Message
    6. Why is the segmentation and reassembly function in PGP needed?
    7. What is the utility of a detached signature?
    8. What is the difference between an SSL Connection and SSL session?
    9. What services are provided by the SSL Record Protocol?
    10. What is the role of encryption in the operation of a virus?
    11. List three design goals for a firewall.
    12. What is circuit level gateway?
    13. Differentiate rule-based anomaly detection and rule-based penetration identification?
    14. Define honeypot.
    15. What is the use of Trojan Horses?
    16. List the three classes of Intruders.
    17. What information is used by a typical packet-filtering route?
    18. Define application gateway.
    Prepared By : Dr.V.Dhanakoti

    Page 5

    19. List the types of Viruses.


    20. What are the typical phases of operation of a virus or Worm?
    PART-B
    1. Explain the version 4 of Kerberos with neat diagram (16)
    2. i)Compare Version 4 of Kerberos with Version 5 (6)
    ii) Explain in detail about Version 5 of Kerberos (10)
    3. Explain in detail about Version 5 Kerberos with neat diagram (16)
    4. Describe in detail about Pretty Good Privacy (16)
    5. Explain in detail about Secure socket layer (16)
    6. What is IDS? Explain in detail about Various Intrusion detection system. (16)
    7. Explain in detail about HIDS and NIDS (16)
    8. Explain in detail about Viruses and related threats (16)
    9. Describe in detail about Firewall design principles. (16)
    10. Explain in detail about Firewall with neat diagram and Examples.

    Prepared By : Dr.V.Dhanakoti

    Page 6

    You might also like