JNTU exam papers | B -Tech IIIrd Sem Examinations, Information security, Aug/Sep 2008

JNTU III B.Tech Supplimentary Examinations, Aug/Sep 2008


(Computer Science & Engineering)


1. (a) Explain how Data integrity and Data confidentiality is provided as a part of

Information security.

(b) Explain the terms related to Buffer overflow:

i. Stack frame

ii. Execute Payload.


2. (a) Differentiate between the symmetric block ciphers and symmetric stream ciphers.

(b) Write about Key distribution.


3. (a) Explain the procedure involved in RSA public-key encryption algorithm.

(b) Explain what Kerberos is and give its requirements.


4. (a) What is Radix-64 format? Explain how both PGP and S/MIME perform the Radix-64 conversion is performed.

(b) Describe the five principal services that Pretty Good Privacy (PGP) provides.


5. (a) The IPSec architecture document states that when two transport mode Sas are bounded to allow both AH and ESP protocols on the same end-to-end flow, only one ordering of security protocols seems appropriate. Performing the ESP protocol before performing the AH protocol. Why this approach is recommended rather authentication before encryption?

(b) Discuss the advantages and disadvantages of Diffie-Helman key exchange protocol? What is the specific key exchange algorithm mandated for use in the initial version of ISAKMP


6. (a) What are the fields present in SSL record protocol header? Mention their sizes

and purpose?

(b) Discuss the purpose of change cipher spec protocol and alert protocol in detail?


7. (a) Draw the figure showing VACM logic and explain?

(b) The encryption scheme used for UNIX passwords is one way; it is not possible to reverse it. Therefore, would it be accurate to say that this is, in fact, a hash code rather than an encryption of the password.


8. (a) Taking your own packet filtering rule set, explain the working packet-filtering


(b) “One way to secure against Trojan horse attacks is the use of a secure, trusted

OS”. Explain?

Leave a Comment