THE UNIVERSITY OF TRINIDAD & TOBAGO



Similar documents
THE UNIVERSITY OF TRINIDAD & TOBAGO FINAL ASSESSMENT/EXAMINATIONS DECEMBER 2012

FINAL ASSESSMENT/EXAMINATION JULY 2015 PLEASE READ ALL INSTRUCTIONS CAREFULLY BEFORE YOU BEGIN THIS EXAMINATION

THE UNIVERSITY OF TRINIDAD & TOBAGO

Client Server Registration Protocol

THE UNIVERSITY OF TRINIDAD & TOBAGO

THE UNIVERSITY OF TRINIDAD & TOBAGO

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

First Semester Examinations 2011/12 INTERNET PRINCIPLES

Chapter 7: Network security

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

CS5008: Internet Computing

What is network security?

Chapter 10. Network Security

Wireless Encryption Protection

TELE 301 Network Management. Lecture 18: Network Security

CSE/EE 461 Lecture 23

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028

VPN Lesson 2: VPN Implementation. Summary

Authentication Types. Password-based Authentication. Off-Line Password Guessing

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Information Security

SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries

Cryptography: Authentication, Blind Signatures, and Digital Cash

SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

COSC 472 Network Security

Security vulnerabilities in the Internet and possible solutions

KEY DISTRIBUTION: PKI and SESSION-KEY EXCHANGE. Mihir Bellare UCSD 1

Dr. Arjan Durresi. Baton Rouge, LA These slides are available at:

Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

FIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others

CS 161 Computer Security Spring 2010 Paxson/Wagner MT2

Midterm. Name: Andrew user id:

Name: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35.

Network Security. HIT Shimrit Tzur-David

Practice Questions. CS161 Computer Security, Fall 2008

NETWORK ADMINISTRATION AND SECURITY

Network Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

Outline. CSc 466/566. Computer Security. 18 : Network Security Introduction. Network Topology. Network Topology. Christian Collberg

Schnorr Signcryption. Combining public key encryption with Schnorr digital signature. Laura Savu, University of Bucharest, Romania

EXAM questions for the course TTM Information Security May Part 1

Security Sensor Network. Biswajit panja

The application of prime numbers to RSA encryption

SFWR ENG 4C03 - Computer Networks & Computer Security

CS 494/594 Computer and Network Security

Cryptography and Network Security

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Computer Networks. Secure Systems

Computer Networks - CS132/EECS148 - Spring

Security Policy Revision Date: 23 April 2009

Discrete logarithms within computer and network security Prof Bill Buchanan, Edinburgh Napier

CSCE 465 Computer & Network Security

SECURITY IN NETWORKS

Key Management (Distribution and Certification) (1)

Chapter 16: Authentication in Distributed System

Midterm 2 exam solutions. Please do not read or discuss these solutions in the exam room while others are still taking the exam.

IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT

Chapter 37. Secure Networks

True False questions (25 points + 5 points extra credit)

Chapter 8 Network Security. Slides adapted from the book and Tomas Olovsson

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

Tutorial 3. June 8, 2015

Mathematics of Internet Security. Keeping Eve The Eavesdropper Away From Your Credit Card Information

Content Teaching Academy at James Madison University

Computer Science A Cryptography and Data Security. Claude Crépeau

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

CS 155 Final Exam. 1. (21 points)... Short Answer. CS 155: Spring 2006 June 2006

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.

Secure Authentication of Distributed Networks by Single Sign-On Mechanism

Chapter 8 Network Security

Computer Security: Principles and Practice

Security Awareness. Wireless Network Security

Chapter 9 Key Management 9.1 Distribution of Public Keys Public Announcement of Public Keys Publicly Available Directory

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

Advanced Cryptography

Single Sign-On Secure Authentication Password Mechanism

Chapter 8 Network Security

Network Security. Raj Jain. The Ohio State University. Columbus, OH Raj Jain 31-1

SSL. Secure Sockets Layer. - a short summary - By Christoph Gutmann and Khôi Tran

The Mathematics of the RSA Public-Key Cryptosystem

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from

What is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services

Chapter 7 Transport-Level Security

CS 758: Cryptography / Network Security

Cornerstones of Security

Chapter 8 Security Pt 2

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Managing and Securing Computer Networks. Guy Leduc. Chapter 4: Securing TCP. connections. connections. Chapter goals: security in practice:

Transcription:

THE UNIVERSITY OF TRINIDAD & TOBAGO FINAL ASSESSMENT/EXAMINATIONS DECEMBER 2013 ALTERNATE Course Code and Title: TCOM3003 Communication Security and Privacy Programme: Bachelor of Applied Science in Computer Engineering Date and Time: PLEASE READ EXAMINATION Duration: ALL INSTRUCTIONS CAREFULLY BEFORE YOU BEGIN THIS Instructions to Candidates 1. This paper has 5 pages and 10 questions. 2. You are required to answer all 10 questions 3. Each question is 10 points. 4. This final exam accounts for 40% of course evaluation Key Examination Protocol 1. Students please note that academic dishonesty (or cheating) includes but is not limited to plagiarism, collusion, falsification, replication, taking unauthorised notes or devices into an examination, obtaining an unauthorised copy of the examination paper, communicating or trying to communicate with another candidate during the examination, and being a party to impersonation in relation to an examination. 2. The above mentioned and any other actions which compromise the integrity of the academic evaluation process will be fully investigated and addressed in accordance with UTT s academic regulations. 3. Please be reminded that speaking without the Invigilator s permission is NOT allowed. The University of Trinidad & Tobago Page 1 of 6

Question 1 RSA scheme has been most widely accepted and implemented general-purpose approach to public-key encryption. Following the figure below, perform encryption and decryption using the RSA algorithm, for the following p = 5; q = 13; e = 7; M = 18 Question 2 If a password is salted with a 24-bit random number, how big is the dictionary attack search space for a 200,000 word dictionary? The University of Trinidad & Tobago Page 2 of 6

Question 3 Consider the following fragment in an authentication program: username = read_username ( ); password = read_password ( ); If username is 133t h4ck0r return ALLOW_LOGIN; If username and password are valid return ALLOW_LOGIN else return DENY_LOGIN What type of malicious software is this? Question 4 Explain how IP broadcast messages can be used to perform a smurf DOS attack. Question 5 Either party in an established TCP session is allowed to instantly kill their session just by sending a packet that has the reset bit, RST, set to 1. After receiving such a packet, all other packets for this session are discarded and no further packets for this session are acknowledged. Explain how to use this fact in a way that allows a third party to kill an existing TCP connection between two others. This attack is called a TCP reset attack. Include both the case where the third party can sniff packets from the existing TCP connection and the case where he cannot. The University of Trinidad & Tobago Page 3 of 6

Question 6 What is ACK storm and how does it start? Question 7 Explain how a stateless firewall would block all incoming and outgoing HTTP requests. Question 8 Why are pharming and phishing attacks often used in concert with each other? The University of Trinidad & Tobago Page 4 of 6

Question 9 As illustrated in the following figure, public key cryptography solves the problem of how to get Alice and Bob to share a common secret key. That is, Alice can simply encrypt secret key K using Bob s public key, P b, and send the ciphertext to him. But this solution has a flaw: How does Alice know that the public key, P b, that she used is really the public key for Bob? And if there are lots of Bobs, how can she be sure she used the public key for the right one? The University of Trinidad & Tobago Page 5 of 6

Question 10 Find an integer x, 7x 6 (mod 5) END OF EXAMS The University of Trinidad & Tobago Page 6 of 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information