Sample Paper

Subject Title: Web and Mobile Security/20CST/ITT-333

Time: 3 Hour Maximum Marks: 60

Instructions: Attempt all questions

Q. No Statement CO mapping
Section A
5 x 2 = 10 marks
1 Discuss Mesh Topology. CO1
2 What is DMZ? CO2
3 Explain XSRF attack. CO2
4 List types of Bluetooth attacks CO3
5 Describe GSM algorithms CO3
Section B
4 x 5 = 20 marks
6 What it scripting language? Explain its types. CO2
7 What is CAPTCHA and how does it work? CO3
8 How input injection attack is performed? Explain all methods. CO2
9 Explain different session hijacking and fixation techniques. How CO4
session hijacking is done? .
Section C
3 x 10 = 30 marks
10 a) Discuss encryption process of mono-alphabetic cipher CO3
working.
b) Differentiate between all topologies along with advantages.
11 a) Explain remote server security attacks? Explain all methods? CO4
Explain mitigations.

12 b) How CSS attack is performed? Explain methods and CO5

solutions.
c) How XML attack is performed? Explain methods and
solutions.
Sample Paper

Subject Title: Web and Mobile Security/20CST/ITT-333

Time: 3 Hour Maximum Marks: 60

Instructions: Attempt all questions

Q. No Statement CO mapping
Section A
5 x 2 = 10 marks
1 Define directory traversal attack. CO1
2 How buffer overflow is used to perform malicious activities? CO2
3 Explain SIM/UICC Security. CO2
4 What is browser exploit? CO3
5 What are canonicalization attacks? CO3
Section B
4 x 5 = 20 marks
6 Explain Creaser cipher with an example. CO2
7 Explain encryption and decryption process of Monoalphabetic cipher CO3
with an example
8 Discuss polyalphabetic algorithm with example. CO2
9 What types of attacks are performed on Apache server? Explain each CO4
with their countermeasures.
Section C
3 x 10 = 30 marks
10 Explain features of Window and Linux along with layer architecture. CO3
How these platforms are made secure? Explain in detail.
11 Explain security attacks and measures of WI-FI attacks. CO4
12 How SQL injection is performed? Explain methods,types and CO5
solutions
Sample Paper

Subject Title: Web and Mobile Security/20CST/ITT-333

Time: 3 Hour Maximum Marks: 60

Instructions: Attempt all questions

Q. No Statement CO mapping
Section A
5 x 2 = 10 marks
1 What do you mean by blue-snarfing. CO1
2 How blue-jacking is done? CO2
3 What are different types of captcha? CO2
4 What is dictionary attack? CO3
5 How ping of death attack is performed ? CO3
Section B
4 x 5 = 20 marks
6 Explain different types of mobile malwares and security practices. CO2
7 What types of attacks are performed through Bluetooth connection? CO3
Explain.
8 Explain Attacks and countermeasures for common web CO2
authentication.
9 What attacks are performed on VoIP? How is it made secure? CO4
Explain.
Section C
3 x 10 = 30 marks
10 Explain mobile malwares in detail. What security practices are CO3
applied to keep your Mobile phone safe? Discuss all
countermearsures.
11 a) Why IOS is more secure than android? Explain CO4
b) Elaborate the countermeasures or mitigations for SQL
INJECTION attack.
12 How VPN is used to provide security in public network? Explain. CO5