QUESTION BANK Subject: Computer System Security

ABHA GAIKWAD-PATIL COLLEGE OF ENGINEERING, NAGPUR

QUESTION BANK Subject: Computer System Security

UNIT I1What is the difference between passive and active security threats?2List and briefly define categories of security mechanisms.3Discuss any four substitution cipher encryption methods and list their merits and demerits. 4Explain simplified DES with example. 5Write short notes on Steganography 6Explain classical Encryption techniques in detail. 7Write short notes on (a) Security services (b) Feistel cipher structure 8What is the difference between a block cipher and a stream cipher?9What are the two general approaches to attacking a cipher?10Why do some block cipher modes of operation only use encryption while others use both encryption and decryption?11Why is the middle portion of 3DES a decryption rather than an encryption?12How AES is used for encryption/decryption? Discuss with example. 13 List the evaluation criteria defined by NIST for AES. 14Briefly explain design principles of block cipher. 15Discuss in detail block cipher modes of operation. 16How are Diffusion and Confusion achieved in DES?

UNIT II

1State and explain the principles of public key cryptography. (16) 2Explain Diffie Hellman key Exchange in detail with an example (16) 3 Explain the key management of public key encryption in detail (16) 4Explain RSA algorithm in detail with an example (16) 5Briefly explain the idea behind Elliptic Curve Cryptosystem. (16)6User A and B exchange the key using Diffie-Hellman algorithm. q=11 XA=2 XB=3. Find the value of YA, YB and k?7Perform encryption and decryption using RSA Alg. for the following. P=7; q=11; e=17; M=8. 8What are the principal ingredients of a public-key cryptosystem?

UNIT III

1What are the requirements for message authentication? 2What you meant by hash function? 3Differentiate MAC and Hash function? 4What is the role of compression function in hash function? 5 What is the difference between weak and strong collision resistance? 6 Compare MD5, SHA1 and RIPEMD-160 algorithm. 7Distinguish between direct and arbitrated digital signature? 8 List ways in which secret keys can be distributed to two communicating parties.9 What is a key distribution center?

UNIT IV

1In the context of Kerberos, what is a realm?2 What is the purpose of the X.509 standard?3 How is an X.509 certificate revoked?4Define and explain Kerberos. 5What 4 requirements were defined by Kerberos? In the content of Kerberos, what is realm? 6Assume the client C wants to communicate server S using Kerberos procedure. How can it be achieved? 7What is the purpose of X.509 standard?8Explain the classification of authentication function in detail (16) 9Describe MD5 algorithm in detail. Compare its performance with SHA-1. 10Describe SHA-1 algorithm in detail. Compare its performance with MD5 and RIPEMD-160 and discuss its advantages.11Describe RIPEMD-160 algorithm in detail. Compare its performance with MD5 and SHA-1. 12 Describe HMAC algorithm in detail. 13 Write and explain the Digital Signature Algorithm. 14What services are provided by the SSL Record Protocol?15What steps are involved in the SSL Record Protocol transmission?16What is the purpose of HTTPS?17For what applications is SSH useful? List and briefly define the SSH protocols.

UNIT V

1Give examples of applications of IPsec.2 What services are provided by IPsec?3What is the difference between transport mode and tunnel mode?4What is a replay attack?5Why does ESP include a padding field?6 General format of IPsec ESP Format? 7What is Authentication Header? Give the format of the IPsec Authentication Header? 8Define Transport Adjacency and Iterated Tunnel? 9 What are two common techniques used to protect a password file?10 What are three benefits that can be provided by an intrusion detection system?11What metrics are useful for profile-based intrusion detection?12List the steps involved in SSL record protocol? 13Give SSL record format? 14What is mean by SET? What are the features of SET? 15What are the steps involved in SET Transaction? 16Define virus. Specify the types of viruses? 17Differentiate Transport and Tunnel mode in IPsec?

UNIT VI

1List the design goals of firewalls?2Explain in details firewall and describe any three types of firewall.3Write short notes on Intrusion Detection. 4Describe trusted system in detail. 5 List four techniques used by firewalls to control access and enforce a security policy.6What are some weaknesses of a packet filtering firewall?7What is the difference between a packet filtering firewall and a stateful inspection firewall?AGPCE/CSE/2014-15Page 3