System & Web Security : Question Paper May 2015 - Information Technology (Semester 6) | Mumbai University (MU)

System & Web Security - May 2015

Information Technology (Semester 6)

(1) Question 1 is compulsory.
(2) Attempt any three from the remaining questions.
(3) Assume data if required.
(4) Figures to the right indicate full marks.
1 (a) Explain with examples, Vulnerability, Threat and attacks.(8 marks) 1 (b) Discuss with examples the following:
i) ARP spoofing
ii) TCP syn flood attack
iii) Port scanning
iv) IP spoofing
(12 marks)
2 (a) Discuss with an example how knapsack is used in cryptography.(10 marks) 2 (b) Explain the roles of the different servers in Kerberos protocol. How does the user get authenticated to the different servers?(10 marks) 3 (a) Define access control list and capability list and compare them. Explain the Bell La Padula access control model.(10 marks) 3 (b) Differentiate between the tunnel mode and transport mode of IPSec. Explain how integrity is achieved.(10 marks) 4 (a) List the different protocols of SSL. Explain in detail Handshake protocol. How does server get authenticated to client?(10 marks) 4 (b) List and explain the different TCP/IP vulnerabilities.(10 marks) 5 (a) What are the different approaches to Software Reverse Engineering?(10 marks) 5 (b) With the help of example explain cross-site scripting and SQL injection attacks.(10 marks)

Write a short notes on:

6 (a) Linux File Security.(5 marks) 6 (b) Phishing and Pharming techniques(5 marks) 6 (c) Federated Identity Management.(5 marks) 6 (d) Biometric authentication schemes.(5 marks)


Next up

Read More Questions

If you are looking for answer to specific questions, you can search them here. We'll find the best answer for you.


Study Full Subject

If you are looking for good study material, you can checkout our subjects. Hundreds of important topics are covered in them.

Know More