Information and Network Security 10IS835

VTU QUESTION BANK

UNIT-I
PLANNING FOR SECURITY


1 a Discuss the system specific security policy .How managerial guidelines and technical
specification can be used in SysSP? (Dec 2011,Jun 2013)

1 b. Who is responsible for policy management? How a policy is managed. Explain? Responsible
individual .(Dec 2011,Dec 2012) (10 marks)

2 a. Explain issue-specific Security policy?(Jun-2012) (10 marks)

2 b. Draw a systematic diagram showing the major steps in contingency Planning. Explain in
Detail. Business impact analysis.(Jun-2012) (10 marks)

3 a. Explain the Pipkins three categories of incident indicators. (Jun 2013) (12 Marks)
3 b. Explain the ISO/IEC 270 01 : 2005 plan-DO-Check-Act cycle. (Jun 2012,Dec 2012) (8
Marks)
4 a. Define policy and explain issue specific security policy. (Jun 2011) (10 Marks)
4 b. Explain the importance of incident response planning strategy. (Jun 2011,jun 2012)
(10 marks)
5 a. Define the terms: Policy, Standards and practices in the context of information security.
Draw a schematic diagram depicting the inter-relationship between the above. (Dec 2011,)
(6 Marks)
5 b. What are the policies that must be defined by the management (of organizations) as per
NIST SP 800-14 ? Describe briefly the specific areas covered by any two of these policies.
(Dec 2011)

5c. What are the components of contingency planning? Describe briefly the important steps
involved in the recovery process after the extent of damage caused by an incident has been
assessed. (7 Marks)

a .Explain the steps which are unique to security system development life cycle.(Jun 2013 )
(10 marks)



Page 1

(10 marks)
(7 Marks)
(Dec 2011)

6




Dept of ISE,SJBIT

Information and Network Security 10IS835

UNIT 2

SECURITY TECHNOLOGY: FIREWALLS AND VPNS



1a Explain the major steps specified in BSS7799:2 document. How these steps help in security
planning (Dec 2012) (10 marks)

1 b What is firewall? Show the working of screened host and dual homed firewall? (December
2012,Jun 2013)(10 marks)

2a Explain the FIREWALL RULES.( Jun-2012,Jun 2011,Dec 2011)
(10 marks)

2 b what is VPN and explain the different techniques used to implement the VPN Virtual Private
Network (VPNs) (Jun-2012,Jun 2011) (10
marks)

3 a. Explain the screened subnet firewall.(Dec 2012)(10 Marks)
3b. What is firewall? Explain categories of firewalls based on processing mode. (Jun 2011) (10
Marks)

4a What is firewall? Show the working of screened host and dual homed firewall? (Dec
2011,Jun 2012)(10 marks)

4b Describe in brief the different types of security policies (Jun 2013). (10 marks)











Dept of ISE,SJBIT Page 2
Information and Network Security 10IS835

UNIT 3

SECURITY TECHNOLOGY 2


1a What is VPN? Explain the two modes of VPN. (Dec 2011,Jun 2012) (10 marks)

1b Differentiate between network based IDS and Host Based IDS emphasizing on their
advantages and disadvantages . (Jun 2013,Dec 2011)(8 marks)

2 a With the help of schematic diagram explain the centralized control strategy implementation
of IDS. (Jun 2013). (6 marks)

2 b Enumerates the advantages and disadvantages of using honey pots. (Jun 2013) (6 marks)

3 a. How does a signature-based IDPs differ from a behavior based IDPs ? (Jun 2011)
(10 Marks)

3 b. Explain the venerability scanners.(Dec 2012)(10 Marks)

4 a. Explain network based intrusion detection and prevention system (Jun2012) (10 Marks)

4 b. Describe the need of operating system detection tools. (Jun 2011) (10 Marks)
5 a. Define the following terms related to IDS :
i. Alert
ii. False attack stimulus
iii. False negative
iv. False positive
True attack stimulus

5 b. Discuss the reasons for acquisition and use of IDSs by organizations. (6 Marks)
6a Explain the functionality of a network based IDPS. What are its advantages and
disadvantages.(Dec 2012) (10 marks)

6 b Explain the different ways in which authentication is carried out to achieve access control(Jun
2013 ) (10 marks)


Dept of ISE,SJBIT Page 3
v. (Dec 2011) (5 Marks)
(Dec 2011)
Information and Network Security 10IS835

UNIT 4

CRYPTOGRAPHY


1 a What is an intrusion? Briefly write about eight IDPS terminologies. (Dec 2012)
(10 marks)
1 b what is an encryption? Discuss the asymmetric and symmetric methods. (Dec 2012)
(10 marks)
2 a what are the fundamental differences between asymmetric and symmetric encryption
(Jun 2013) (6 marks)

2 b Explain the different categories of attacks on cryptosystem. (Jun 2013) (8 marks)

2 c Define the following with relation to cryptography (Jun 2013) (6 marks)

3 a. What are the difference between digital signature and digital certificate ?
(Jun 2011) (10 Marks)
3 b. Explain the two methods of encrypting plaintext.(Jun 2011) (10 Marks)

4 a. List out the elements of cryptosystems and explain transposition cipher technique
(Jun 2012)(10Marks)
4 b. Who can attack cryptosystems? Discuss different categories of attacks on cryptosystems
(July 2011) (10 Marks)
5 a Define the following with relation to cryptography (Dec 2011) (6 marks)

5 b what is an encryption? Discuss the asymmetric and symmetric methods(Dec 2011)(12 marks)
6 a Discuss in brief the specific security mechanisms.(Jun 2012) (10 marks)

6 b with the help of a diagram, explain the classical fiestel network structure.(Jun 2013,Jun 2012)
(10 marks)







Dept of ISE,SJBIT Page 4
Information and Network Security 10IS835

PART B
UNIT 5

INTRODUCTION TO NETWORK SECURITY, AUTHENTICATION APPLICATIONS
1a what is meant by information security? Discuss the three aspects of information
security.(Dec 2011) (10 marks)

1 b Briefly explain the four types of security attacks? That are normally encountered. also
Distinguish between active and passive attacks. (Dec 2011) (10 marks)

2 a Discuss Active security attack .(Jun 2013) (10 marks)
2 b with the help of neat diagram explain the general format of a X.509 public key certificate.
(Jun 2013) (10 marks)

3 a. What are the difference between active and passive security attacks ? (Jun 2011,Dec 2012)
(10 Marks)
3 b. Explain the different authentication procedures in X.509 certificate. (Jun 2011)
(10 Marks)

3 c. Write the summary of Kerberos version five message exchange. (Jun 2012) (6 Marks)

4 a. With a neat diagram, explain network security model ( Jun 2013,Dec 2012)(07 Marks)

4 b. List out the difference between Kerberos version 4 and version 5. (Jun 2011) (8 Marks)
(10 marks)

5 a. Describe the various security attacks and specific mechanisms covered by X.800
(Dec 2011) (14 Marks)

5 b Explain the different authentication procedures in X.509 certificate.(Dec 2011,Jun 2012)
(10 marks)
6a Discuss the simple authentication dialogue in Kerberos vertion 4(Jun 2012) (10 marks)










Dept of ISE,SJBIT Page 5
Information and Network Security 10IS835

UNIT 6

ELECTRONIC MAIL SECURITY


1 a With a systematic diagram explain Kerberos Ver-4 authentication dialogue clearly mention
different steps.(Dec 2011,Jun 2012 ) (10 marks)

1 b With a flowchart explain the process of transmission and reception of PGP message.
(Dec 2011 ) (10 marks )


2 a Explain the PGP message generation and reception process.(Jun 2013,Dec 2012) (10
marks)

2 b Explain the different MIME Content types.(Jun 2013). (10 marks)

3a. With a neat diagram, explain the digital signature service provided by PGP
(Jun 2013) (10 Marks)
3b. Explain the different MIME content types.(Jun 2012) (10Marks)
4a. Explain PGP message generation and PGP message reception techniques.
(Jun 2011) (10 Marks)
4b.Describe S/MIME Functionality.(Jun 2011) (5 Marks)

5a.Explain S/MIME certificate processing method. (Jun 2011) (5 Marks)
5b. Describe the steps involved in providing authentication and confidentiality by PGP, wit h
suitable illusions.(Dec 2011)(Jun 2013,Jun 2012) (10
Marks)

6a .Discuss the limitations of SMTP and how MIME overcomes these Limitation
(Dec 2011,Dec 2012)(10 Marks)
6b what are the various message header fields and content types in MIME,explain in brief
(Jun 2013) (10 marks)








Dept of ISE,SJBIT Page 6
Information and Network Security 10IS835

UNIT 7

IP SECURITY


1 a Give a general structure of IPSEC Authentication header. Describe how anti reply service is
supported. (Dec 2011,Jun 2012) (10 marks)

1 b With a neat diagram explain the basic combination of security association. (Dec 2011)
10 marks

2 a Mention the application of IPSEC. (Jun 2013,Dec 2012)(4 marks)

2 b Explain the security association selector that determine the security policy database entry.
(Jun 2013) (6marks)

2 c Draw a neat diagram IPSEC ESP format and explain . (Jun 2011) (10 marks)

3a Mention the important features of OAKLEY algorithm. (Jun 2013) (10 marks)

3b. Explain the format of an ESP packet in IP security.(Dec 2012 ,Jun 2013) (07 Marks)
3c. Why does ESP include a padding field?(Jun 2011) (3 Marks)
4a. Give an example of an aggressive Oakley key.(Jun 2012) (10 Marks)
4b. Describe SA parameters and SA selectors in detail.(Jun 2012) (10 Marks)
5 a. Describe the benefits of IPSec.(Dec 2011) (5 Marks)
5b . Describe the transport and tunnel modes used for IPSec AH authentication bringing out
their scope relevant to IPV4.(Dec 2011) (5 Marks)












Dept of ISE,SJBIT Page 7
Information and Network Security 10IS835

UNIT 8

WEB SECURITY


1 a What is SET? Discuss the requirements and key features of SET. (Dec 2012)
(10 marks)

1 b write short notes on SSL handshake protocol. (Dec 2012) (10 marks)

2 a Explain the parameter that define the session state and connection state in SSL.(Jun 2013)
(10 marks)

2 b Describe the SET participants. (Jun 2013 ) (5 marks)
2c Explain the construction of Dual signature in SET with neat diagram. Also show its
verification with merchant and the bank. (Jun 2013) (5 marks)
3a. Explain the dual signature in SET protocol. What is its purpose?
(June2011) (10Marks)
3 b. Explain the different alert codes of TLS protocols.(Jun 2011) (10 Marks)

4 a. Explain SSL handshake protocol with a neat diagram.(Jun 2011) (10Marks)
4b. List out the key features of secure transaction and explain in detail.(Jun 2013)
(10 Marks)
5 a. Discuss the SSL protocol stack.(Dec 2011) (10 Marks)
5 b.What are the service provided by SSL record protocol? Describe the operation of this
protocol.(Jun 2013) ( 08 Marks)














Dept of ISE,SJBIT Page 8