Assignment A
Q1.) Explain the Network Role-Based Security for E-mails, Proxy Servers, DNS Servers, Web Servers and Credit Card Security.
Q2.) Describe the criteria required for Security Policy Development to improve the security architecture.
Q3.) Give the answer for following questions:
a) Explain the Network Security Model with neat and clean diagram.
b) Describe the impacts of Active Attack and Passive Attack over wireless
network.
Q4.) Discuss the impacts of Viruses & Worms to generate malicious code as an attack for Information Security.
Q5.) Give the answer for following questions:
a) Describe the role of Virtual Private Network Security in wireless data communication.
b) Explain the Authentication and Authorization Controls for physical security.
Assignment B
Q.l Numerical Problem
Discuss Hill Cipher Encryption Technique in Cryptography. Using Hill Cipher Technique, encrypt the plaintext “AFRICA”, if encryption key is given as
Q2). Give the answer for following questions:
a) Describe the physical intrusion detection techniques for access control.
b) Explain the role of Kerberos as an authorization technique to enhance
Information Security.
Q3). Discuss the current security threats for Information Security. How can you protect your network from such threats?
Q4). Give the answer for following questions:
a) Explain the IT laws which are affecting information security professional.
b) Describe the role of Firewall in Network Security Architecture.
Assignment C
1. Protecting information and information systems from unauthorized access, use,
disclosure, disruption, modification, perusal, inspection, recording or destruction is called
a) Network Security
b) Information Security
c) System Security
d) None of these
2. The nature of eavesdropping on, or monitoring of, transmissions comes under the
category of
a) Active Attack
b) Passive Attack
c) Simple Attack
d) None of these
3. If an unauthorized party gains access to the system and inserts false objects into it, this is
called as
a) Interruption
b) Modification
c) Fabrication
d) Interception
4. Which service is concerned with assuring that a communication is authentic?
a) Data Integrity
b) Non Repudiation
c) Confidentiality
d) Authentication
5. The science of devising methods that allow information to be sent in a secure form in
such a way that the only person able to retrieve this information is the intended recipient is
called
a) Cryptography
b) Steganography
c) Bibliography
d) None of these
6. Which type of cryptography refers to a cryptographic system requiring two separate
keys, one of which is secret and one of which is public.
a) Public Key Cryptography
b) Simple Cryptography
c) Symmetric Key Cryptography
d) None of these
7. In which principle, the message is broken into blocks, each of which is then encrypted i.e.
like a substitution on very big characters – 64-bits or more?
a) Block Cipher Principle
b) Stream Cipher Principle
c) Confusion & Diffusion Principle
d) None of these
8. The Claude Shannon theoretically introduced the following principles that should be
followed to design se-cure cryptographic systems.
a) Block Cipher Principle
b) Stream Cipher Principle
c) Confusion & Diffusion Principle
d) None of these
9. Which algorithm was developed in the early 1970s at IBM and based on an earlier design
by Horst Feistel, the algorithm was submitted to the National Bureau of Standards (NBS) for
the protection of sensitive, unclassified electronic government data?
a)DES
b) Triple DES
c)AES
d)RSA
10. Which algorithm uses a 64 bit key as input? Out of the 64 bits every 8th bit is ignored
and only 56 bits are used.
a) DES
b) Triple DES c)AES
d)RSA
11. Which algorithm describes the use of three keys in the following encryption and
decryption process?
^ = C.K3 [DK2 [Eki (P))]
P = DK3 [EK2 (Dki(C))]
a)DES
b) Triple DES
c)AES
d)RSA
12. Which mode of operation describes the process of encrypting each of these blocks, and
generally uses randomization based on an additional input value, called as initialization
vector?
a) Symmetric Cipher Mode
b) String Cipher Mode
c) Block Cipher Mode
d) None of these
13. Two integers a and b are said to be congruent modulo n, if
a) a = bmod/?
b) a = n mod b
c) b = amodn
d) None of these
14. Two numbers are said to be relatively prime to each other if there is no factor common
between them other than
a)l b)2 c)3 d)0
15. Which theorem states that if ‘p’ is a prime number and ‘a’ is a positive integer not
divisible by p, then jaP1 = 1 mod p
a) Fermat’s Principle
b) Chinese Remainder Theorem
c) Euclidian Theorem
d) Euler’s Theorem
16. Which algorithm describes that for every a and n that are relatively prime as
n =1 nwo n ^
a) Fermat’s Principle
b) Chinese Remainder Theorem
c) Euclidian Theorem
d) Euler’s Theorem
17. In which encryption each communicating party generates a pair of keys?
a) Public Key Encryption
b) Symmetric Key Encryption
c) Private Key Encryption
d) None of these
18. Authentication refers to the genuineness of the communicating entities. For example if A
and B are communicating, both A and B should be aware of each other’s
a) Identity
b) Network
c) Application
d) None of these
19. The process of verifying the integrity and authenticity of transmitted messages is called
a) Message Authentication
b) Message Integrity
c) Message Inspection
d) None of these
20. The message authentication function includes
aJ Message Encryption
b)MAC
CJ Hash Function d) All of the above
21. Which version of hash function chosen in a public review process from non-government
designers?
a) SHA-0
b) SHA-1
c) SHA-2
d) SHA-3
22. Which version of message-digest algorithm takes as input a message of arbitrary length
and produces as output a 128-bit “fingerprint” or “message digest” of the input?
a)MD2 b)MD4 c)MD5 d) None of these
23. Which attack is a type of cryptographic attack that exploits the mathematics behind the
birthday problem in probability theory?
a) Brute Force Attack
b) Birthday Attack
c) Cryptanalysis
d) None of these
24. Which scheme typically consists of three algorithms as key generation, signing
algorithm and signature verification?
a) Digital Signature
b)MD5
c)RSA
d)SHA
25. Which management has two main aspects of distribution of public keys and use of
public key encryption to distribute secret keys?
a) Key Management
b) Protocol Management
c) Distribution Management
d) None of these
26. Which certificates allow key exchange without real time access to public key authority?
a) Public Key Certificates
b) Private Key Certificates
c) Digital Certificates
d) All of the above
27. The 1st published public-key algorithm was invented by Whitfield Diffie and Martin
Hellman in 1976. Which name was referred to this algorithm?
a) Whitfield-Martin key exchange
b) Diffie-Hellman key sharing
c) Whitfield-Martin key generation
d) Diffie-Hellman key exchange.
28. Which key is associated with the identity contained in the X.509 certificate?
a) Private Key
b) Public Key
c) Symmetric Key
d) None of these
29. Which is a security architecture that has been introduced to provide an increased level
of confidence for exchanging information over an increasingly insecure Internet?
a)PKI
b) Digital Signature
c) X.509
d) None of these
30. Which protocol uses strong cryptography so that a client can prove its identity to a
server (and vice versa) across an insecure network connection?
a) Kerberos b)PGP
c) MIME
d) None of these
31. Which authentication protocol was developed by Phil Zimmerman, who developed this
encryption system for humanitarian reasons?
a) Kerberos b)PGP
c) MIME
d) S/MIME
32. Which protocol provides the cryptographic security services for electronic messaging
applications?
a) Kerberos b)PGP
c) MIME
d) S/MIME
33. Which member of IPSec protocol suite provides connectionless integrity and data origin
authentication for IP datagram and provides protection against replay attacks?
a) Authentication Headers (AH)
b) Encapsulating Security Payloads (ESP)
c) Security Associations (SA)
d) None of these
34. Which protocol was originally developed by Netscape, to ensure security of data
transported and routed through HTTP, LDAP or P0P3 application layers?
a) Authentication Headers (AH)
b) Encapsulating Security Payloads (ESP)
c) Security Associations (SA)
d) Secure Socket Layer (SSL)
35. Which protocol is used to initiate a session between the server and the client?
a) SSL
b) Handshake Protocol c)ESP
d) None of these
36. Which protocol has the potential to emerge as a dominant force in the securing of
electronic transactions?
a) Digital Signature
b)SSL
c)ESP
d) Secure Electronic Transactions (SET)
37. Which security mechanisms of a system are designed to prevent unauthorized access to
system resources and data?
a) IDS
b) Firewall
c) Antivirus Software
d) None of these
38. Which software is a code or software that is specifically designed to damage, disrupt,
steal, or in general inflict some other “bad” or illegitimate action on data, hosts, or
networks?
a) Malicious Software
b) Freeware
c) Antivirus
d) Firewall
39. Which security mechanism protects networked computers from intentional hostile
intrusion that could compromise confidentiality or result in data corruption or denial of
service?
a) Firewall
b) Antivirus
c) Honeypot d]IDS
40. Which law touches almost all aspects of transactions and activities on and concerning the Internet, the World Wide Web and Cyberspace?
a) IT Law
b) IT Act
c) Cyber Law
d) None of these