System & Web Security - May 2013

Information Technology (Semester 6)

TOTAL MARKS: 80
TOTAL TIME: 3 HOURS (1) Question 1 is compulsory.
(2) Attempt any three from the remaining questions.
(3) Assume data if required.
(4) Figures to the right indicate full marks. 1(a) Explain Different security mechanisms.(5 marks) 1(b) Explain the steps used to construct knapsack cryptosystem.(5 marks) 1(c) What is Personal Firewall?(5 marks) 1(d) Explain different Targeted Malicious code.(5 marks) 2(a) What is difference between substitution cipher and transposition cipher? Explain additive and double transposition cipher with example?(10 marks) 2(b) What are the different types of vulnerabilities, threat and access control? Give example of each.(10 marks) 3(a) What is denial of service attack? What are the ways in which an attack can mount a DOS/DDOS attack on system?(10 marks) 3(b) Write short note on Access control lists and capabilities?(10 marks) 4(a) Explain different authentication methods and protocols?(10 marks) 4(b) Explain Cryptographic hash function criteria and compare MD5 and SHA-1?(10 marks) 5(a) Explain different types of data link layer vulnerability.(10 marks) 5(b) Explain various types of port scan?(10 marks) 6(a) Explain methods used to commit session hijack. What is SQL Injection? Give example.(10 marks) 6(b) What are network level threats to web server? Explain.(10 marks)

Write short note on the following:-

7(a) Digital Signature(5 marks) 7(b) Multilateral security(5 marks) 7(c) Digital Rights Management(5 marks) 7(d) Various ways of memory and address protection(5 marks)