Question Paper: Information & Network Security : Question Paper Dec 2012 - Information Technology (Semester 6) | Mumbai University (MU)

Information & Network Security - Dec 2012

Information Technology (Semester 6)

(1) Question 1 is compulsory.
(2) Attempt any four from the remaining questions.
(3) Assume data wherever required.
(4) Figures to the right indicate full marks.

Attempt any four questions:-

1 (a) What is primary advantage of SSL over IP sec? What is primary advantage of IP sec over SSL? (5 marks) 1 (b) What is a distinction between a polymorphic and a metamorphic worm? How might metamorphic software be used for a good instead of evil?(5 marks) 1 (c) What is validation error? How can such an error lead to a security flow?(5 marks) 1 (d) What is race condition? Discuss an example of race condition.(5 marks) 1 (e) Strength and DES depends on S-boxes in DES . Comment on the statement.(5 marks)

Explain technique (or fundamental concept behind) following attacks? Attempt any five questio

2 (a) Cross site scripting.(4 marks) 2 (b) ARP poisoning.(4 marks) 2 (c) Packet sniffing.(4 marks) 2 (d) Spoofing.(4 marks) 2 (e) Session hijacking.(4 marks) 2 (f) Ping to death.(4 marks) 2 (g) Root Traverse attack on web server(4 marks) 3 (a) Why is it a good idea to hash password that are stored in a file? What is a "salt" and why should a salt be used whenever passwords are hashed?(5 marks) 3 (b) Explain visual CAPTCHA.(5 marks) 3 (c) How are polyalphabetic ciphers implemented and how are they superior to monoalphabetic ciphers?(10 marks) 4 (a) Explain DMZ in enterprise wide networks. Explain various attacks possible on DMZ and its counter measure.(10 marks) 4 (b) Explain key generation encryption and decryption in the RSA algorithm.(10 marks) 5 (a) Identify security issues due to protocol weakness in following protocols.
(ii) Ethernet with MTU 1500.
(10 marks)
5 (b) What is difference between digital signature and digital certificate?(5 marks) 5 (c) Explain Diffie-Hellman key exchange algorithm.(5 marks) 6 (a) How is authentication achieved in pretty good privacy?(5 marks) 6 (b) What are the possible attacks on the password? Explain each in details.(5 marks) 6 (c) What is Access Control? How it is different from availability?(5 marks) 6 (d) Explain relationship between confidentiality, integrity and availability.(5 marks)

Write short notes on:-

7 (a) PKI.(5 marks) 7 (b) IDS/IPS.(5 marks) 7 (c) Firewall.(5 marks) 7 (d) Kerberos.(5 marks)

Please log in to add an answer.