Scribd Logo
Upload

Welcome to Scribd!

  • Ilovepdf Merged

    Uploaded by

    d.soni
    9 views21 pages

    Original Title

    ilovepdf_merged

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views21 pages

    Ilovepdf Merged

    Uploaded by

    d.soni

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 21

    K. J.

    Somaiya College of Engineering, Mumbai-77


    (Autonomous College Affiliated to University of Mumbai)

    End Semester Exam


    MAY-JUNE 2021
    Max. Marks: 50
    Duration: 1 Hr. 45 Min. Class: TY B.Tech
    Semester: VI
    Name of the Course: Cryptography and System Security Branch:COMP.
    Course Code: 2UCC602
    Instructions:
    (1) All questions are compulsory
    (2) Draw neat diagrams
    (3) Assume suitable data if necessary

    Question Questions Max


    No. Marks
    Q1 (A) Objective / MCQ type 10

    1) _______ is a standard defining the format of public key certificates.

    2) A secure N bit symmetric key algorithm requires _______ work to


    “break” while secure N bit hash algorithm requires _______ work to
    “break” using brute-force attack.
    a) 2N+1, 2N/2 c) 2N-1, 2N/2
    b) 2N/2, 2N+1 d) 2N/2 , 2N-1

    3) In PGP operation the session key is encrypted using ________ public key
    algorithm.

    4) Identify the odd one from the following


    a) Buffer overflow c) Malware
    b) Format string attack d) Race condition

    5) Match the following

    1) Virus A) exhaust system resources


    2) Worm B) unexpected functionality
    3) Trojan C) active propagation
    4) Rabbit D) passive propagation
    6) Select the appropriate option

    Virus pseudocode

    infect( );
    if ________( )
    then _______( );

    a) trigger( ), payload( ) c) trigger( ), infect( )


    b) payload( ), trigger ( ) d) payload( ), infect( )
    7) Arrange the following layers in proper order ___________

    1 TLS / SSL
    2 APPLICATION
    3 IP
    4 TCP

    8) IPSec operates in one of two different modes: __________ or ________

    9) Give the full form of OWASP

    10) Kerberos protocol uses ______ number of servers


    a) 1 c) 3
    b) 2 d) 4

    Q1 (B) Attempt any FIVE questions out of the following (attempt any 5 out of 7) 10

    1) Name different types of cryptanalysis attacks.


    2) What is Kerckhoff’s Principle? What is its relevance to Cryptography?
    3) Discuss the use of Zero knowledge protocols.
    4) What is principle of least privilege? Illustrate with an example.
    5) What is sniffing, spoofing and phishing?
    6) List different security services which can be implemented using public
    key cryptography.
    7) What are DOS and DDOS attacks? List some of its preventive measures.

    Q. 2 Discuss any digital signature mechanism for achieving authentication, 10


    signing, integrity and non-repudiation services.
    OR
    Discuss working of Rabin Cryptosystem. Discuss what security services can
    be implemented using it.

    Q. 3 What are secure software development principles? Discuss applications of 10


    these principles against the non-malicious programme flaws.

    Q. 4 Discuss security issues at transport layer and various mechanisms for 10


    solutions of security related issues.
    OR
    Discuss security issues at Network layer and various mechanisms for
    solutions of security related issues.
    K. J. Somaiya College of Engineering, Mumbai-77
    (Autonomous College Affiliated to University of Mumbai)
    Semester: January – May 2021
    In-Semester Examination

    Class: TY B. Tech
    Branch: Comp. Engg. Semester : VI
    Full name of the course: Cryptography and System Security Course Code: 2UCC602
    Duration: 1hr.15 min (attempting questions) +15 min (uploading) Max. Marks: 30

    Q. Questions Marks
    No
    Q1 1.1 A security ___________ makes use of one or more security
    ___________

    a. Service, Mechanisms
    b.Goal, mechanisms
    c. Mechanism, services
    d.Mechanism, goals

    1.2 A student steals test question paper from a professor’s office. It is


    an attack on which of the following
    a. Confidentiality
    b. Integrity
    c. Availability
    d. Authentication

    1.3 An attacker modifies the transaction amount in banking system. It


    is an attack on which of the following 10 marks
    a. Confidentiality (1 MARK
    b. Integrity EACH)
    c. Availability
    d. Authentication

    1.4 State whether the following is true or false


    Masquerade is a passive threat.

    1.5 Confusion is hiding the relationship between _______ and


    _________

    1.6 Diffusion is hiding the relationship between ______ and ________

    1.7 In DES algorithm the block size = ____ and key size = _____
    1.8 In AES algorithm the block size = _____ and key size = ______
    (all variants)

    1.9 In DES algorithm, what is the probability of randomly selecting a


    weak, a semi-weak, or a possible weak key?

    1.10 Name the modes of operation of block ciphers which allow a


    block cipher to be used as stream cipher

    Q2 Discuss various methods of defense giving at least one example for 10 marks
    each method.

    OR

    A) Discuss DES algorithm analysis with respect to its strengths and 5 marks
    weaknesses.

    B) You have video file with size 100 MB, Illustrate how will you send
    it securely using DES algorithm. 5 marks

    Q3 A) Find the multiplicative inverse of 13 in Z100 using extended


    05 marks
    Euclidean method.

    B) With respect to below figure, prove that


    05 marks
    L6 = L1 and R6 = R1
    Figure for Q3B
    K. J. Somaiya College of Engineering, Mumbai-77

    End Semester Exam


    December 2020
    Max. Marks: 30
    Duration: 1 Hr. 15 Min. (For attempting questions) + 15 min. (uploading)
    Class: TY Semester: V
    Name of the Course: Information and Network Security Branch: IT
    Course Code: 2UIC503
    Instructions:
    (1) All questions are compulsory
    (2) Draw neat diagrams
    (3) Assume suitable data if necessary

    Question No. Max.


    Marks

    Q1 (a)Explain basic principle of DES. (02) 10


    (b)Explain the avalanche effect on DES with example.(02)
    (c)Why do round key generator need a parity drop permutation.(02)
    (d)Name the two attacks which are possible on DES.(01)
    (f)Find the output of the initial permutation box when the input is given in
    hexadecimal as 0x0002 0000 0000 0001. Show all the steps in detail.(03)
    The Initial permutation table and final permutation tables are given below:

    Initial Permutation Final Permutation

    OR
    (a)Explain with diagram the process of using message authentication
    code.(03)
    (b)Can attacker alter the MAC? Yes or No? Give justification.(01)
    (c)Is Mac algorithm similar to encryption and decryption process?
    Justify.(02)
    (d)Is it possible to use MD5 and SHA1 algorithms for calculating a MAC?
    Justify.(02)
    (e) List two limitations of MAC. Also state solution to the limitation.(02)

    Q2 (a)What are the features of authentication tokens?(02) 10


    (b)How authentication token is created and used? (03)
    (c)Explain time based token in detail(03)
    (d)What is the difference between challenge/response tokens and time- based
    tokens.(02)

    Q3 (a)Explain how DDOS work on the system.(03) 10


    (b)Explain any two DDOS attack with example.(03)
    (c)If you were a system administrator looking for whether your network is
    under DDOS attack, What would you look for?(02)
    (d)How to prevent DDOS attack on system?(02)

    OR
    (a)Explain salami attack with example(05)
    (b)Explain Incomplete mediation with example.(05)

    You might also like