Name of the College : Dasari Jhansi Rani Institute Of Engineering And Technology
University : JNTUK
Department : Computer Science And Engineering
Subject Code/Name : R05320504 – Information Security
Year : 2008
Degree : B.Tech
Year/Sem : III/II
Website : djriet.edu.in
Document Type : Model Question Paper
Information Security Regular April/May 2008 : https://www.pdfquestion.in/uploads/djriet.edu.in/2943-R05320504-INFORMATION-SECURITY.pdf
Information Security Supple Aug/Sep 2008 : https://www.pdfquestion.in/uploads/djriet.edu.in/2943–R05320504-INFORMATION-SECURITY.pdf
DJRIET Information Security Question Paper
(Computer Science & Engineering)
Time: 3 hours
Max Marks: 80
Answer any FIVE Questions
Related : Dasari Jhansi Rani Institute Of Engineering & Technology RR320202 Microprocessors And Interfacing B.Tech Question Paper : www.pdfquestion.in/2942.html
Set – I
All Questions carry equal marks :
1. (a) Define a Security attack. Explain in detail about the various types of attacks an Internetwork is vulnerable to.
(b) Write about Man-in-the-middle attacks. [10+6]
2. (a) Differentiate between the symmetric block ciphers and symmetric stream ciphers.
(b) Write about Key distribution. [8+8]
3. (a) Alice and Bob wish to share private messages, where each of them of two separate keys generated. What kind of strategy would you suggest to ensure confidentiality, key management and authentication for the conversation between Alice and Bob? Explain the strategy and also highlight the design issues related to the strategy proposed.
(b) Describe the X.509 version 3 in detail. [8+8]
4. (a) What is Radix-64 format? Explain how both PGP and S/MIME perform the Radix-64 conversion is performed.
(b) Describe the five principal services that Pretty Good Privacy (PGP) provides. [8+8]
5. (a) Discuss about the documents regarding IPSec protocol?
(b) Describe any four ISAKMP payload types listing the parameters of the pay-load? [8+8]
6. (a) Draw the diagrams showing the relative location of security facilities in TCP/IP protocol stack? Discuss the advantages of each?
(b) What is SSL session? Can a session be shared among multiple connections?
What are the parameters that define a session state? [8+8]
7. (a) Draw the figure showing VACM logic and explain?
(b) The encryption scheme used for UNIX passwords is one way; it is not possible to reverse it. Therefore, would it be accurate to say that this is, in fact, a hash code rather than an encryption of the password. [8+8]
8. (a) List the characteristics of a good firewall implementation?
(b) Explain in detail the two broad categories of statistical anomaly detection? [6+10]
Set – II
1. (a) What is a Security attack? Give the classification of the Security attacks. Discuss the following terms in detail with relevant examples:
i. Interruption
ii. Interception
iii. Modification
iv. Fabrication
(b) Explain UDP hijacking. [10+6]
2. (a) With neat illustration explain Advanced Encryption Standard algorithm (AES).
(b) Explain the importance of Secure Hash functions with relevant examples. [8+8]
3. (a) Explain the procedure involved in RSA public-key encryption algorithm.
(b) Explain what Kerberos is and give its requirements. [8+8]
4. (a) What is Radix-64 format? Explain how both PGP and S/MIME perform the Radix-64 conversion is performed.
(b) Describe the five principal services that Pretty Good Privacy (PGP) provides. [8+8]
5. (a) Explain about the routing applications of IPSec?
(b) Give the formats of ISAKMP header and Generic payload header? Explain various fields? [6+10]
6. (a) List the sequence of events that are required for a secure electronic transaction?
(b) Explain the concept of dual signature? [8+8]
7. (a) Draw the figure indicating the relationship among the different versions of SNMP by means of the formats involved. Explain.
(b) Discuss in detail the advanced anti virus techniques? [6+10]
8. (a) What are two default policies that can be taken in a packet filter if there is no match to any rule? Which is more conservative? Explain with example rule sets both the policies?
(b) What are the advantages of decomposing a user operation into elementary actions?
(c) What are false negatives and false positives? [6+6+4]