Pune University BE IT Information Assurance and Security
B.E. (Information Technology) INFORMATION ASSURANCE AND SECURITY
(2008 Pattern) (Sem. – I)
Time :3 Hours] [Max. Marks :100
Instructions to the candidates:
1) Answer question 1 or 2, 3 or 4, and 5 or 6 from Section -1 and question 7 or 8,
9 or 10 and 11 or 12 from Section – II.
2) Answers to the two sections should be written in separate books.
3) Neat diagrams must be drawn wherever necessary.
4) Pigures to the right indicate full marks.
5) Use of logarithmic tables slide rule, Mollier charts, electronic pocket calculator and steam tables is allowed.
6) Assume suitable data, if necessary.
SECTION – I
QIA a) What are the different types of ciphers? Explain in detail. 
b) Differentiate between Active attacks 8 Passive attacks. 
Q2) a) Enlist the Security goals and mechanism in detail. 
b) State Euclid’s Algorithm with example? 
Q3) a) What are the possible attacks on DES? Explain double DES and triple DES. 
b) Explain the working of MD5 in detail. 
Q4) a) Write working of AES algorithm in detail. 
a) Calculate Cipher text using RSA algorithm. Given data is as follows :- Prime numbers P, Q as 7, 17 respectively 8 the plain text is to be send is 10. 
QS) a) What is PKI? Explain the different PKI Architectures. 
a) Encryption does not solve all the security problems: Justify. 
Q6) a) Explain the Needham/Schroeder Protocol for secret key distribution. 
b) How the Digital Certificate creation takes place? Enlist the contents of digital certificate. 
SECTION – II
Q7) a) What is IPSEC? How does AH and ESP differs while working under Tunnel Mode and Transport Mode? 
b) What is IDS? Explain working of Honeypots as Intrusion detection system. 
Q8) a) What is SSL? Explain the SSL architecture in detail. 
b) Explain the different phases in IKE-Internet Key Exchange Protocol. 
Q9) a) Which are the key participants in SET? How does SET protect payment information from the merchant? Explain the SET model. 
b) Write a note on Smart Cards and Chip Cards transaction. 
QIO) a) What are the possible attacks on the E-Transaction using cards. 
b) Explain the steps to carry out Payment over the Internet. 
c) Write a note on Electronic Cash. 
QII) a) Explain in detail about Information Security Policy. 
b) What are different methods of Industrial Espionage? How can we prevent Industrial Espionage? 
Q12) Write Short Notes on : 
a) Indian IT Act.
b) Security by obscurity.
c) Computer Forensics.