Mumbai University Question Papers System Security June 2008
Mumbai University question papers
VII Sem CSE Examination June 2008
N.S. : (1) Question NO.1 is compulsory.
(2) Attempt any four questions out of remaining six questions.
(3) Figures to the right indicate full marks. ‘
(4) Answers toquesli,ons should be grouped and written together.
1.(a) What are the key principles of S’ecurity ? Explain with example.
(b) Explain the tagged Architecture in memory protection. Give example.
(c) l,.istthe limitations on the amount of information leaked per second through a covert ch~nnel in a multiaccess computing system.
(d) List three controls that could be applied to detect or prevent Salami attacks.
2.(a) What are the differel’Jt types of Vulnerability, Threat and Control? Give example of each
(b) What is a .denial of service attack? What are the way in which an attacker can mount a DOS/DDOS attack on the system?
3.(a) List and explain the various malicious codes and Non-malicious codes.
(b) . What is a Firewall? Describe the types of firewalls with their limitations.
4.(a) Explain the use of temporal, physical and logical separation for Security in computing environment.
(b) Explain the various facilities that a database management system provides to protect the sensitive data.
5.(a) Describe the typ.es of lOSs and their limitations. Why we need hybrid IDSs ?
(b) Define the term Ethics. What is the difference between laws and Ethics? What is IEEE code for Ethics?
6.(a) What are the various forms of protection that operating system applies at the file level? What are the difficulties involved with mechanism?
(b) What is the purpose of encryption in multi-level secure data bases? Explain how is it implemented? .Is it a good technique to implement the separation in databses ? Justify.
7.(a) What is the term Risk analysis? Explain in detail the steps in Risk analysis.
(b) Explain Secure E-mail systems with examples.