Mumbai University Question Papers System Security Dec 2007
Mumbai University question papers
VII Sem CSE Examination Dec 2007
N.S. : (1) Question No.1 is compulsory.
(2) Attempt any four questions from the remaining six questions.
(3) Figures to the right indicate full marks.
(4) Assume any suitable data wherever required but justify the same.
1. (a) Distinguish between vulnerability, threat and control.
(b) Compare secret key and public key encryption.
(c) What are Covert Channels? How potential Covert Channejs can be identified?
(d) Explain how capabilities are used to control the access to general objects.
(e) ‘Smurf’ is an “availability” attack. Justify.
2.(a) Compare AES and DES. Comment on Double and Triple DES.
(b) Compare stream encryption and block encryption algorithms.
3. (a) What are malicious codes? Explain the various types.
(b) Discuss the probable homes for virus.
4. (a) What are multi-level databases? Discuss the design of multi-level secure databases.
(b) Explain and compare Digital signatures and Digital certificates. 10
5.(a) Discuss the various threats in a network. 10
(b) Compare signature based and Heuristic based IDS. What are the limitations of IDS?
6.(a) Explain in detail, the steps in Risk Analysis.
(b) Discuss the legal issues in Computer Security.
7.Write short notes on any two :
(b) File Protection Mechanism