BSc (Hons) Sofware Engineering. Examinations for 2010-2011 / Semester 2



Similar documents
NETWORK ADMINISTRATION AND SECURITY

VALLIAMMAI ENGINEERING COLLEGE

Weighted Total Mark. Weighted Exam Mark

Introduction to Cyber Security / Information Security

CISCO IOS NETWORK SECURITY (IINS)

Network Security Course Specifications

SCP - Strategic Infrastructure Security

BSc (Hons.) Computer Science with Network Security. Examinations for 2011/ Semester 2

CMSC 421, Operating Systems. Fall Security. URL: Dr. Kalpakis

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

Firewalls, Tunnels, and Network Intrusion Detection

Name: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35.

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Network Security - ISA 656 Review

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Content Teaching Academy at James Madison University

ICTTEN8195B Evaluate and apply network security

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

ISM/ISC Middleware Module

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

CRYPTOG NETWORK SECURITY

Cryptography and Network Security

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Chapter 10. Network Security

Security Policy Revision Date: 23 April 2009

Description: Objective: Attending students will learn:

Section 12 MUST BE COMPLETED BY: 4/22

Cryptography and network security CNET4523

Skoot Secure File Transfer

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT


CSE/EE 461 Lecture 23

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

CS 758: Cryptography / Network Security

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Princeton University Computer Science COS 432: Information Security (Fall 2013)

IY2760/CS3760: Part 6. IY2760: Part 6

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Security Policy. Security Policy.

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

Directory and File Transfer Services. Chapter 7

Chapter 8. Network Security

CRYPTOGRAPHY AS A SERVICE

Basics of Internet Security

Things You Need To Know About DDoS Attacks

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Network Security Foundations

Cryptography & Network Security

Securing Data at Rest ViSolve IT Security Team

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

Chapter 23. Database Security. Security Issues. Database Security

CS5008: Internet Computing

Chapter 17. Transport-Level Security

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

EDA385 Embedded Systems Design. Advanced Course

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

Best Practices For Department Server and Enterprise System Checklist

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

Client Server Registration Protocol

How To Use A College Computer System Safely

Course Outline Computing Science Department Faculty of Science. COMP Credits Computer Network Security (3,1,0) Fall 2015

March PGP White Paper. Transport Layer Security (TLS) & Encryption: Complementary Security Tools

DarkFS - An Encrypted File System

Principles of Information Assurance Syllabus

CPSC 467b: Cryptography and Computer Security

E- Encryption in Unix

SecureAge SecureDs Data Breach Prevention Solution

Information, Network & Cyber Security

CSCI 4250/6250 Fall 2015 Computer and Networks Security

COSC 472 Network Security

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Network Security. Raj Jain. The Ohio State University. Columbus, OH Raj Jain 31-1

Kerberos. Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, BC. From Italy (?).

AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES

Innovative Defense Strategies for Securing SCADA & Control Systems

ICOM 5018 Network Security and Cryptography

WEBARROW: A CASE STUDY OF SECURE WEB DEPLOYMENT

Using End User Device Encryption to Protect Sensitive Information

Access Control patient centric selective sharing Emergency Access Information Exchange

CRYPTOGRAPHY AND NETWORK SECURITY

Security (II) ISO : Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012

BeamYourScreen Security

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Secure data storage. André Zúquete Security 1

IF3291 Jaringan Komputer dan Pengamanannya. Bugi Wibowo Mei 2006 Informatika STEI ITB

Security Goals Services

SENSE Security overview 2014

Seamless ICT Infrastructure Security.

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

VoIP Security. Seminar: Cryptography and Security Michael Muncan

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Network Security Essentials:

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Chapter 15: Security

Transcription:

BSc (Hons) Sofware Engineering Cohort: BSE/09/FT & BSE/07/PT Examinations for 2010-2011 / Semester 2 MODULE: Security Concepts MODULE CODE: SECU2101 Duration: 2 Hours Instructions to Candidates: 1. ALL questions are COMPULSORY 2. Start each question on a fresh page. 3. Calculators are NOT permitted in this examination. 4. Total Marks: 100 This question paper contains 3 questions and 5 pages. Page 1 of 5

QUESTION 1: (30 MARKS) (a) Distinguish between confidentiality, integrity and availability. Illustrate your answer using an example. (3+6 Marks) (b) What is the difference between a virus, a worm and a trojan horse? (3x2 Marks) (c) Why are corporate employees especially dangerous? What kinds of attacks do they perpetrate? (2+1 Marks) (d) Does using passwords with salts make attacking a specific account more difficult than using passwords without salts? Explain why or why not. (5 Marks) (e) Describe the principle of least privilege. Why is it important? (2+2 Marks) (f) Data compression is often used in data storage or transmission. Suppose you want to use data compression in conjunction with encryption. Does it make more sense to I. Compress the data and then encrypt the result, or II. Encrypt the data and then compress the result. Justify your answer. (3 Marks) Page 2 of 5

QUESTION 2: (40 MARKS) (a) Decrypt the following, which has been encrypted with a Caesar cipher: G AYKC, G QYU, G AMLOSCPCB (5 Marks) (b) Why is it important for a cipher to have a large number of potential keys? (c) Discuss the algorithm of the rail fence cipher. You may use an example to illustrate your answer. (4 Marks) (d) Discuss the need to perform a threat assessment to implement a physical security program? (e) Teardrop attacks and Ping of death attacks are methods of launching a Denial of Service attack. Explain the terms in bold. (3x3 Marks) (g) Describe five services in PGP operation. (10 Marks) (h) Explain the need for web security. Describe briefly the three different approaches to provide web security. (2+6 Marks) Page 3 of 5

QUESTION 3 (30 MARKS) (a) Describe three network threats that a firewall does not protect against. (3x2 Marks) (b) Explain the strengths and weaknesses of each of the following firewall deployment scenarios in defending servers, desktop machines, and laptops against network threats. I. A firewall at the network perimeter. II. Firewalls on every end host machine. III. A network perimeter firewall and firewalls on every end host machine. (4x3 Marks) (c) Amy wants to send a cellphone text message to Bill securely, over an insecure communication network. Amy's cellphone has a RSA public key KA and matching private key va; likewise, Bill's cellphone has KB and vb. Let's design a cryptographic protocol for doing this, assuming both know each other's public keys. Here is what Amy's cellphone will do to send the text message m: 1. Amy's phone randomly picks a new AES session key k and computes c = RSA-Encrypt(KB; k), c = AES-CBC-Encrypt(k;m), and t = RSA-Sign(vA; (c; c )). 2. Amy's phone sends (c; c ; t) to Bill's phone. Page 4 of 5

And here is what Bill's cellphone will do, upon receiving (c; c ; t): 1. Bill's phone checks that t is a valid RSA signature on (c; c ) under public key KA. If not, abort. 2. Bill's phone computes k = RSA-Decrypt(vB; c) and m = AES-CBC- Decrypt(k ; c ). 3. Bill's phone informs Bill that Amy sent message m. I. Does this protocol ensure the confidentiality of Amy's messages? Why or why not? (1+2 Marks) II. Does this protocol ensure authentication and data integrity for every text message Bill receives? Why or why not? (1+2 Marks) III. Suppose that Bill is Amy's stockbroker. Bill hooks up the output of this protocol to an automatic stocktrading service, so if Amy sends a text message Sell 100 shares MSFT using the above protocol, then this trade will be immediately and automatically executed from Amy's account. Suggest one reason why this might be a bad idea from a security point of view. (d) Suppose that an algorithm is found that can efficiently factorise a large number. Explain how a cryptanalyst could use this algorithm to break RSA cryptosystem. ***END OF QUESTION PAPER*** (4 Marks) Page 5 of 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information