written 8.7 years ago by |
System & Web Security - Dec 2011
Information Technology (Semester 6)
TOTAL MARKS: 80
TOTAL TIME: 3 HOURS
(1) Question 1 is compulsory.
(2) Attempt any three from the remaining questions.
(3) Assume data if required.
(4) Figures to the right indicate full marks.
1 (a) How does RC4 Stream cipher work? (3 marks)
1 (b) Explain Knapsack Algorithm with example. (5 marks)
1 (c) What are the key principles of security? (5 marks)
1 (d) What is Software Reverse Engineering? (5 marks)
2 (a) Explain MD5 in detail. (10 marks)
2 (b) Compare Packet Sniffing and Packet Spoofing. Explain the Session Hijacking attack. (10 marks)
3 (a) Explain one time initialization process and processes in each round of advanced encryption standard. (10 marks)
3 (b) Explain IPSec protocols in detail. Also write applications and advantages of IPSec. (10 marks)
4 (a) What is Buffer overflow and incomplete mediation in Software Security? (10 marks)
4 (b) Explain how threat precursors are used for Reconnaissance of network. (10 marks)
5 (a) How flaws in TCP/IP can cause operating systems to become vulnerable? Also explain how Kerberos are used for user authentication in Windows. (10 marks)
5 (b) Based on packet filters and proxy servers what are different firewall configurations. What are the limitations of firewall? (10 marks)
6 (a) What are different types of password? Explain how they work with neat diagrams. What are the problems with passwords? (10 marks)
6(b) What is Malware ? Explain Salami and Linearization attacks.(10 marks)
7 (b) Captcha(5 marks)
7 (c) SHA-1(5 marks)
7 (d) Digital Rights Management(5 marks)
7 (e) Multiple-level security model.(5 marks)
Write short notes on ( Any four )
7(a) Honeypots(5 marks)