G5CSEC-E1

G5CSEC-E1 Turn Over

The University of Nottingham
Malaysia Campus

SCHOOL OF COMPUTER SCIENCE AND INFORMATION TECHNOLOGY

A LEVEL C MODULE, AUTUMN SEMESTER 2006-2007

COMPUTER SECURITY

Time allowed ONE Hour




Candidates must NOT start writing their answers until told to do so

Answer THREE out of FOUR questions

No calculators are permitted in this examination.

Dictionaries are not allowed with one exception. Those whose first language is not English
may use a standard translation dictionary to translate between that language and English
provided that neither language is the subject of this examination. Subject specific translation
dictionaries are not permitted.

No electronic devices capable of storing and retrieving text, including electronic dictionaries,
may be used.

DO NOT turn examination paper over until instructed to do so

























G5CSEC-E1
G5CSEC-E1 Turn over
2


1. Answer the following questions about computer security.

(a) Briefly explain the main principles of security. [4 marks]

(b) With the aid of examples, briefly explain the four main classes of computer
attacks. [10 marks]

(c) Discuss the relationship between vulnerability and threat. [3 marks]

(d) Differentiate the terms interception and interruption in the context of computer
security. [3 marks]


2. Answer the following questions about computer security, authentication and encryption.

(a) Both national Intelligence agencies and hackers/crackers are adverse to risk, albeit
in different ways. Explain the differences between them. [4 marks]

(b) Describe any two strategies normally used by an attacker to guess the password of
a system. How would you protect the system from these attacks? [5 marks]

(c) Briefly describe the functions of any commercial biometric system in use. What are
the false acceptance, false rejection and equal error rates for this system?
[6 marks]

(d) Briefly describe the main concepts of public-key and secret-key encryption
schemes. [3 marks]

(e) Give one advantage and one disadvantage of public-key encryption as compared
to secret-key encryption [2 marks]


3. Answer the following questions about encryption and security applications.

(a) Briefly explain the concepts of digital signature in cryptography. [6 marks]

(b) Describe the operations performed by "PGP¨ tool to send a message securely.
[5 marks]

(c) List any three controls that could be applied to detect or prevent salami attacks.
[3 marks]

(d) Describe the two different types of firewall, how they work and when they are
used. [6 marks]


G5CSEC-E1
G5CSEC-E1 End
3


4. Answer the following questions about security applications, social aspect of security and
implementation of security procedures.

(a) Describe how honey pots and burglar alarms work? [4 marks]

(b) Networks are increasingly managed remotely. Identify the security implications
of remote network management and briefly describe the security mechanisms
that are needed for secure network management. [6 marks]

(c) Briefly explain the following terms:

i) Blowfish [2 marks]

ii) IP Spoofing [2 marks]

iii) Vernam Cipher [2 marks]

iv) Vulnerability Scanner [2 marks]

v) Steganography [2 marks]

Sign up to vote on this title
UsefulNot useful