X

MCSCB106–4 Secure Coding M.Tech Model Question Paper : mgu.ac.in

Name of the College : Mahatma Gandhi University
Department : Computer Science and Engineering
Subject Code/Name : MCSCB 106 – 4/Secure Coding
Sem : I
Website : mgu.ac.in
Document Type : Model Question Paper

Download Model/Sample Question Paper :
I : https://www.pdfquestion.in/uploads/mgu.ac.in/5036-1-MCSCB%20106-4%20SC%20-%20I.doc
II : https://www.pdfquestion.in/uploads/mgu.ac.in/5036-2-MCSCB%20106-4%20SC%20-%20II.doc

MGU Secure Coding Model Question Paper

M.Tech Degree Examination :
Branch: Computer Science and Engineering
Specialization : Cyber Security

Related : MGU MCSCB106–2 Information Risk Management M.Tech Model Question Paper : www.pdfquestion.in/5035.html

Paper – I

First Semester
MCSCB 106 – 4
SECURE CODING :
(Regular – 2013 Admissions)
Time : Three Hours
Maximum : 100 marks
Answer all questions. :
1. a) Write note on signal handling and stack overflow. (12)
b) Explain about race condition in coding. (13)
OR
2. a) Discuss various concepts of secure programming. (12)
b) Write note on secure coding in C and C++. (13)

3. a) Describe about resource lifetime management. (13)
b) Discuss various injection flaws in detail. (12)
OR
4. a) Explain threat modeling ,its concerned properties and necessary mitigations. (13)
b)Give note on cross site scripting.What are the types of cross site scripting?
Explains the mitigations if needed. (12)

5. a) Explain about secure assurance and testing. (12)
b) Write note on risk assessing. (13)
OR
6. a) Briefly explain the categories of testing threats. (15)
b) Describe the categories of software testing. (10)

7. Describe the following secure testing methodologies.
a. Attacking Methodologies. (6)
b. Attacking Design. (6)
c. Practice for developing of high assurance code. (13)
OR
8. a) Explain attacking through the User Interface. (13)
b) Explain Static Analysis techniques for analyzing software. (12)

Paper – II

M.Tech DEGREE EXAMINATION :
Branch: Computer Science and Engineering
Specialization: Cyber Security
Model Question
First Semester
MCSCB 106 – 4
Secure Coding :
(Regular – 2013 Admissions)
Time : Three Hours
Maximum : 100 marks
Answer all questions. :
1. a) Write note on secure coding in C and C++. (12)
b) Explain about race condition in coding. (13)
OR
2. a) Discuss various concepts of secure programming. (12)
b) Write note on signal handling and stack overflow. (13)

3. a) Explain about threat modeling. (13)
b) Explain various injection flaws in detail. (12)
OR
4. a) Explain about resource lifetime management. (13)
b) Give note on cross site scripting. (12)

5. a) Explain about secure assurance and testing. (12)
b) Write note on risk assessing. (13)
OR
6. a) Explain the categories of testing threats. (15)
b) Explain the categories of software testing. (10)

7. a) Explain attacking through the User Interface. (13)
b) Explain Static Analysis techniques for analyzing software. (12)
OR
8. a) Explain the following secure testing methodologies.
a. Attacking Methodologies. (6)
b. Attacking Design. (6)
b) What are the best Practices for developing of high assurance code? Explain. (13)

Syllabus

Module 1 :
A brief overview of Application Security and Secure Programming ‘concepts. Secure Coding in C and C++, Stack overflow, Strings, ‘Integers, Arrays, File I/O, Race conditions, Signal handling, Recommended Practice,

Module 2 :
Secure Coding in Java and Web Applications-Web as a primary vector for Cyber-attacks, Anatomy of stacks, data breach case studies, Threat modeling, Cross Site Scripting (XSS) vulnerabilities, Injection flaws (SQL, process, path, etc.), Buffer overflows, Resource leaks and resource lifetime management, Threat modeling and Security design review,

Module 3 :
Software Assurance and Testing-Software Assurance overview, Testing threat categories, Assessing Risk.

Module 4 :
Secure Testing Methodologies – Attacking Dependencies, Attacking through the User Interface, Attacking Design, Attacking Implementation, Software engineering practices for development of high assurance code, Model Checking, Static Analysis techniques for analyzing software.

References :
1. Robert C. Seaford, “Secure Coding in C and C++”, Addison-Wesley Professional, 2005.
2. James A. Whittaker and Herbert H. Thompson, “How to Break Software Security”, Addison Wesley, 2003.
3. John C. Mitchell and Krzysztof Apt, “Concepts in Programming Languages”, Cambridge University Press, 2001.

MCSCB 106 – 3 Secure Software Engineering Question Paper :
1. a) Explain the different approach through software reliability engineering. (13)
b) Explain the software reliability engineering process. (12)
OR
2. a)Explain about software and hardware reliability. (12)
b) Write note on operational profile implementation. (13)

3. a) Explain the procedures for developing software failure intensity objectives. (13)
b) Discuss how to Plan new test cases for current release of software. (12)
OR
4. a) Explain how to Setting system failure intensity objectives. (15)
b) Explain the user needs for reliability and availability. (10)

5. a) Explain about Certifying reliability. (12)
b) Write note on tracking reliability growth in testing. (13)
OR
6. a) Discuss the steps for Planning and allocating test time for the current release. (12)
b) Explain how to identifying test failures and analyzing test output. (13)

7. a) Explain Model based security engineering with UML (15)
b) Write note on important security opportunities. (10)
OR
8. a) Explain UML diagrams for security requirement.. (13)
b) Explain different tools support for UML Sec. (12)

Tags: mgu.ac.in
Anusha:
www.pdfquestion.in © 2022 Contact Us   Privacy Policy   Site Map