JNTU Previous Exam Papers CSE B Tech 4th year Information Security Apr/May 2008

JNTU B.Tech II Semester INFORMATION SECURITY Examinations, Apr/May 2008

(Computer Science & Engineering)

Time: 3 hours Max Marks: 80

SET-III

Answer any FIVE Questions

All Questions carry equal marks

1. (a) “Gaining control over the Routing tables at layer 3 is one of the attacks” -explain how Route tables modification is crucial.

(b) Explain how Buffer overflow is created for any known platforms (eg., WIN-DOWS NT / LINUX). [8+8]

 

2. (a) What is a cipher block mode of operation? Explain the use of these modes of operation for the block ciphers for encipherment,

(b) Describe the different methods of Message authentication. [8+8]

 

3. (a) Explain the procedure involved in RSA public-key encryption algorithm.

(b) Explain what Kerberos is and give its requirements. [8+8]

 

4. (a) What is Radix-64 format? Explain how both PGP and S/MIME perform the Radix-64 conversion is performed.

(b) Describe the five principal services that Pretty Good Privacy (PGP) provides. [8+8]

 

5. (a) Discuss the purpose of SA selectors?

(b) Enumerate on the five default ISAKMP exchange types? [8+8]

 

6. (a) Draw the diagrams showing the relative location of security facilities in TCP/IP

protocol stack? Discuss the advantages of each?

(b) What is SSL session? Can a session be shared among multiple connections?

What are the parameters that define a session state? [8+8]

 

7. (a) What is an access policy? On what factors does access determination depends?

(b) Discuss the two techniques for developing an effective an efficient proactive password checker? [8+8]

 

8. (a) What are two default policies that can be taken in a packet filter if there is no match to any rule? Which is more conservative? Explain with example rule sets both the policies?

(b) What are the advantages of decomposing a user operation into elementary actions?

(c) What are false negatives and false positives? [6+6+4]

Leave a Comment