University of Mumbai(Bombay) - System Information & Network Security - 2010 Question paper

System Information & Network Security

Time: 3 Hours Total marks: 100

N.B. (1) Question No. 1 is compulsory.
(2) Attempt any four out of remaining six questions.
(3) Assume suitable data if necessary & state the assumptions clearly.

Q. 1. (a) What the attacks in information transfer? Also write the security service used to prevent these attacks. [05]
(b) How ASE is better than DES? [05]
(c) Compare ACL with C-list. [05]
(d) Explain session hijacking. [05]

Q. 2. (a) Explain RSA cryptosystem in detail. [10]
(b) Explain network layer attacks. Discuss packet sniffing in detail. [10]

Q. 3. (a) What is symmetric key cryptography? Explain A5/l algorithm. [10]
(b) Discuss denial service of attack with its causes, preventive and reactive measures. [10]

Q. 4. (a) Discuss various categories of malware and ways to detect them. [10]
(b) Explain different types of firewalls. At which layer of internet protocol stack do each operate? [10]

Q.5. (a) Explain cryptography hash function and explain tiger hash in detail. [10]
(b) What are the security policies used by banks during the time of disaster. [10]

Q. 6. (a) Discuss different biometric means used for authentication. Compare them with password authentication. [10]
(b) Compare signature based and anormaly based IDS with suitable examples. [10]

Q. 7. Write notes on any three of the following. [20]

(a) Knapsack cryptosystem.
(b) Covert channel.
(c) Risk analysis.
(d) Web server vulnerabilitie