System & Web Security - Dec 2013
Information Technology (Semester 6)
TOTAL MARKS: 80
TOTAL TIME: 3 HOURS (1) Question 1 is compulsory.
(2) Attempt any three from the remaining questions.
(3) Assume data if required.
(4) Figures to the right indicate full marks. 1 (a) Explain substitution cipher and transposition cipher.(5 marks) 1 (b) Does a Public Key Infrastructure use symmetric or asymmetric encryption? Explain your answer(5 marks) 1 (c) What are the system security goals? Explain why a balance between the various goals is needed?(5 marks) 1 (d) What are the different types of malicious codes(5 marks) 2 (a) (2) Use the Playfair Cipher to encipher the message, ? Attack Cancelled on Monday . Wait for next message?. The Secret key can be made by filling the first and part of the second row by ?MORNING?. Filling of rest of the matrix can be done with remaining alphabets. Consider Alphabets ?Y? and ?Z? in one cell of the matrix.(10 marks) 2 (b) Write a note on Kerberos Systems that support authentication in distributed systems.(10 marks) 2(a)(1) Explain Advanced Encryption Standard Algorithm in detail.(10 marks) 3(a) Explain control of access to general objects in operating systems.(10 marks) 3(b) Explain Non-malicious program errors with examples (10 marks) 4 (a) If generator g=2 and n or P =11, using Diffie-Hellman algorithm solve the following
1) Show that 2 is a primitive root of 11.
2) If A has a public key =9 , what is A?s private key?
3) If B has a public key =3 what is B?s private key?
4) Calculate the shared secret key.
(10 marks) 4 (b) Explain different Denial of Service attacks.(10 marks) 5 (a) List explain and compare different kinds of firewalls used for network security. (10 marks) 5 (b) Explain multiple levels security model. Also explain multilateral security. (10 marks)
Write a detailed note on (Any 2)
6 (a) E-mail Security(10 marks) 6 (b) RSA Algorithm(10 marks) 6 (c) SSL Protocol (10 marks) 6 (d) Covert Channel(10 marks) 7 (b) Explain packet sniffing and packet spoofing. Explain the session hijacking attack.(10 marks) 7(a) Explain the process of digital certificate generation and the process of evaluation of authenticity of a digital certificate. (10 marks)