Information & Network Security - May 2012

Information Technology (Semester 6)

TOTAL MARKS: 100
TOTAL TIME: 3 HOURS (1) Question 1 is compulsory.
(2) Attempt any four from the remaining questions.
(3) Assume data wherever required.
(4) Figures to the right indicate full marks. 1 (a) Consider an online fees payment system. People will cast their vote through internet. For this system identify vulnerability, threat and attacks.(5 marks) 1 (b) Define the term confidentiality, integrity and availability. Give one example each of two attacks each that violates these goals.(5 marks) 1 (c) Describe any two non malicious program flaws.(5 marks) 1 (d) Explain session hijacking attack with an example.(5 marks) 2 (a) Explain clearly the difference between block and stream cipher.(10 marks) 2 (b) Give the list of network vulnerability with an example each.(10 marks) 3 (a) Differentiate between public and private key cryptosystem. Give examples of each type of cryptosystem.(10 marks) 3 (b) Write a short note on different authentication methods.(10 marks) 4 (a) Describe various types of viruses that can infect a system.(10 marks) 4 (b) What is role of firewall in securing a network? Describe different types of firewall.(10 marks) 5 (a) Use two prime number p=3, q=5 and explain the working of RSA cryptosystem.(10 marks) 5 (b) Explain any 2 access control mechanism. Indicate the advantage and disadvantage of each schema.(10 marks) 6 (a) Explain the protocol flaws existing in TCP/IP model that leads to security incidents and how to overcome them.(10 marks) 6 (b) What is role of hashing? Explain any one hashing algorithm.(10 marks)

Write detailed notes on the following:-

7 (a) Intrusion Detection Systems.(10 marks) 7 (b) Secure Socket Layer (SSL).(10 marks)