System & Web Security - Dec 2015

Information Technology (Semester 6)

TOTAL MARKS: 80
TOTAL TIME: 3 HOURS (1) Question 1 is compulsory.
(2) Attempt any three from the remaining questions.
(3) Assume data if required.
(4) Figures to the right indicate full marks. 1 (a) Consider an online Volting System. People will cast their votes through the internet. For this system identify vulnerability, threat and attack.(5 marks) 1 (b) Differentiate between Multilevel and Multilateral security with the help of example.(5 marks) 1 (c) Explain different types of malicious attacks.(5 marks) 1 (d) Differentiate between SSL and IP Sec protocols.(5 marks) 2 (a) Explain Needham Schroeder Authentication Protocol.(5 marks) 2 (b) What is Digital Signature? Explain how it is created at the sender end and retrieved at receiver end. Differentiate digital signature from digital certificate.(10 marks) 3 (a) Explain non malicious program errors with the help of examples.(10 marks) 3 (b) What is Digital Right management? Explain DRM in Real world.(10 marks) 4 (a) Explain the role of Firewall in securing a network. Describe different types of Firewall.(10 marks) 4 (b) Explain secure Email and S/MIME.(10 marks)

Explain the technique behind following attacks:

5 (a) ARP spoofing.(5 marks) 5 (b) Packet Sniffing(5 marks) 5 (c) Session Hijacking.(5 marks) 5 (d) Cross-site request forgery(5 marks)

Write Short note on:

6 (a) Windows Vulnerabilities.(5 marks) 6 (b) Access control policies.(5 marks) 6 (c) Linearization attack.(5 marks) 6 (d) Distributed -Denial of Service attack.(5 marks)