Mumbai University Question Papers System Security June 2007

Mumbai University question papers

 VII Sem CSE Examination June 2007

System Security

N.B.: (1) Question No.1 is compulsory.

(2) Attempt anyfour questions out of remaining six questions.

(3) Figures to the right indicate full marks.

(4) Assumeany suitabledatawherever requiredbutjustifythe same.

 

1. (a) Distinguishamong vulnerability, threat and control.

(b) Can a database containtwoidenticalrecordswithouta negativeeffecton the integrity of the database? Whyor whynot.

(c) Explainhow a fence register is used for relocating a user’s program.

(d) Compare copyright, patent and trade secret protection.

 

2′: (a) Answerthe following:

(i) What is access control? Howdifferent is itfrom availability?

(ii) What is worm? What is the significant difference between worm and virus.

(b) Compare the following:

(i) AES, SHAand RSAcryptography

(ii) Secret key and public key encryption.

 

3. (a) Consider a program to accept and tabulate votes in an elector. Who might want to attack the program? What types of harm might they want to cause? What kind of vulnerabilities mightthey exploit to cause harm?

(b) Explain the use of temporal separation and physical separation for security in computing environment.

 

4. (a) What are multileveldatabases? Discuss the designs of multilevelsecure databases.

(b) Explain in details the steps in risk analysis.

 

5. (a) Answer the following:

(i) What is the difference between a digital signature and digital certificate? Upon reception of a digital certificate, how one can decide whether to trust that or not?

(ii) Is a so~ial engineering attack more likely to succeed in person, over the telephone or through e-mail?

(b) Listthe characteristics of a good firewa!1implementation. What are the limitationsof a firewall? Give the comparison between the several types of firewallssuch as packet. filtering,stateful inspection, application proxy,guard and personal firewall.

 

‘6. (a) Discuss the similarities and differences between signature based IDS and heuristic based IDS. What are the limitationsof IDS?

(b) What is the Denialof Service (DOS)attack? What is the meaning of the term ‘service’ in DOS? What can possibly prevent DOS attacks?

 

7. Writea details note on: (any two)

(a) Kerberos

(b) Virtual Private Networks

(c) E-mailSecurity.

Leave a Comment