Mumbai University Question Papers System Security Dec 2009
Mumbai University question papers
VII Sem CSE Examination Dec 2009
(1) Question No.1 is com~ulsory.
(2) Attempt any four questions out of remaining six questions.
(3) Figures to the right indicate full marks.
(4) Answer to the questions should be grouped and written together.
(5) Assume any suitable data wherever required but justify the same.
1.(a) Distinguish among vulnerability, threat and control.
(b) Explain threat precursors with example.
(c) Does a PKI use symmetric or asymmetric encryption? Explain your answer.
(d) Does VPN use Link or End to End encryption? Justify your answer.
2. (a) What is the difference between a digital signature and digital certificate? How one can decide whether to trust that or not, upon reception of a digital certificate?
(b) Write a note on Data Encryption Standard (DES).
(c) Compare between DES, AES and RSA encryption algorithms.
3. (a) How memory and address protection is done by different methods as fence, relocation and Base and Bound register?
(b) Explain nonmalicious program errors with examples. 10
4. (a) How is multilevel security provided to database? Explain in terms of seperation, encryption, integrity lock, sensitivity lock.
(b) Explain denial of service or DOS attack in networks. 10
5. (a) List functions of Intrusion Detection System. Explain and differentiate signature based and anomaly based IDS.
(b) List and explain the issues of security plan for administrative security. 10
6. (a) Write a note on Kerberos system that supports authentification in distributed system. 10
(b) What is file protection mechanism? List and explain basic forms of protection. 10
7. (a) How risk analysis is done to provide effective security planning? Present examples of risk analysis methods.
(b) Define the term Ethics. What is the difference between Laws and Ethics? What is IEEE code for Ethics