Information Security-1


SKU: 88c3ef002065 Category:

Assignment A

Q1.) Explain the Network Role-Based Security for E-mails, Proxy Servers, DNS Servers, Web Servers and Credit Card Security.

Q2.) Describe the criteria required for Security Policy Development to improve the security architecture.

Q3.) Give the answer for following questions:

a)  Explain the Network Security Model with neat and clean diagram.

b)   Describe the impacts of Active Attack and Passive Attack over wireless

Q4.) Discuss the impacts of Viruses & Worms to generate malicious code as an attack for Information Security.

Q5.) Give the answer for following questions:

a)            Describe the role  of Virtual Private  Network Security in wireless  data communication.

b)     Explain the Authentication and Authorization Controls for physical security.


Assignment B

Q.l Numerical Problem

Discuss   Hill   Cipher  Encryption   Technique   in   Cryptography.   Using   Hill   Cipher Technique, encrypt the plaintext “AFRICA”, if encryption key is given as


Q2). Give the answer for following questions:

a)  Describe the physical intrusion detection techniques for access control.

b)   Explain the role of Kerberos as an authorization technique to enhance
Information Security.

Q3). Discuss the current security threats for Information Security. How can you protect your network from such threats?

Q4). Give the answer for following questions:

a)   Explain the IT laws which are affecting information security professional.

b)   Describe the role of Firewall in Network Security Architecture.


Assignment C

1. Protecting information and information systems from unauthorized access, use,
disclosure, disruption, modification, perusal, inspection, recording or destruction is called

a)  Network Security

b)  Information Security

c)  System Security

d)  None of these

2. The nature of eavesdropping on, or monitoring of, transmissions comes under the
category of

a)  Active Attack

b)  Passive Attack

c)  Simple Attack

d)  None of these

3. If an unauthorized party gains access to the system and inserts false objects into it, this is
called as

a)  Interruption

b)  Modification

c)  Fabrication

d)  Interception

4. Which service is concerned with assuring that a communication is authentic?

a)  Data Integrity

b)  Non Repudiation

c)  Confidentiality

d)  Authentication

5. The science of devising methods that allow information to be sent in a secure form in
such a way that the only person able to retrieve this information is the intended recipient is

a)  Cryptography

b)  Steganography

c)  Bibliography


d) None of these

6. Which type of cryptography refers to a cryptographic system requiring two separate
keys, one of which is secret and one of which is public.

a)  Public Key Cryptography

b)  Simple Cryptography

c)  Symmetric Key Cryptography

d)  None of these

7. In which principle, the message is broken into blocks, each of which is then encrypted i.e.
like a substitution on very big characters – 64-bits or more?

a)  Block Cipher Principle

b)  Stream Cipher Principle

c)  Confusion & Diffusion Principle

d)  None of these

8. The Claude Shannon theoretically introduced the following principles that should be
followed to design se-cure cryptographic systems.

a)  Block Cipher Principle

b)  Stream Cipher Principle

c)  Confusion & Diffusion Principle

d)  None of these

9. Which algorithm was developed in the early 1970s at IBM and based on an earlier design
by Horst Feistel, the algorithm was submitted to the National Bureau of Standards (NBS) for
the protection of sensitive, unclassified electronic government data?


b) Triple DES



10. Which algorithm uses a 64 bit key as input? Out of the 64 bits every 8th bit is ignored
and only 56 bits are used.

a)  DES

b)  Triple DES c)AES



11. Which algorithm describes the use of three keys in the following encryption and
decryption process?

^ = C.K3 [DK2 [Eki (P))]

P = DK3 [EK2 (Dki(C))]


b) Triple DES



12. Which mode of operation describes the process of encrypting each of these blocks, and
generally uses randomization based on an additional input value, called as initialization

a)  Symmetric Cipher Mode

b)  String Cipher Mode

c)  Block Cipher Mode

d)  None of these

13. Two integers a and b are said to be congruent modulo n, if

a)   a = bmod/?

b)  a = n mod b

c)   b = amodn

d)  None of these

14. Two numbers are said to be relatively prime to each other if there is no factor common
between them other than

a)l b)2 c)3 d)0

15. Which theorem states that if ‘p’ is a prime number and ‘a’ is a positive integer not

divisible by p, then jaP1 = 1 mod p


a)  Fermat’s Principle

b)  Chinese Remainder Theorem

c)  Euclidian Theorem

d)  Euler’s Theorem

16.      Which algorithm describes that for every a and n that are relatively prime as
n    =1 nwo n ^

a)  Fermat’s Principle

b)  Chinese Remainder Theorem

c)  Euclidian Theorem

d)  Euler’s Theorem

17. In which encryption each communicating party generates a pair of keys?

a)  Public Key Encryption

b)  Symmetric Key Encryption

c)  Private Key Encryption

d)  None of these

18. Authentication refers to the genuineness of the communicating entities. For example if A
and B are communicating, both A and B should be aware of each other’s

a)  Identity

b) Network

c)  Application

d) None of these

19. The process of verifying the integrity and authenticity of transmitted messages is called

a)  Message Authentication

b)  Message Integrity

c)  Message Inspection

d)  None of these

20. The message authentication function includes
aJ Message Encryption



CJ Hash Function d) All of the above

21. Which version of hash function chosen in a public review process from non-government

a)  SHA-0

b)  SHA-1

c)  SHA-2

d)  SHA-3

22. Which version of message-digest algorithm takes as input a message of arbitrary length
and produces as output a 128-bit “fingerprint” or “message digest” of the input?

a)MD2 b)MD4 c)MD5 d) None of these

23. Which attack is a type of cryptographic attack that exploits the mathematics behind the
birthday problem in probability theory?

a)  Brute Force Attack

b)  Birthday Attack

c)  Cryptanalysis

d)  None of these

24. Which scheme typically consists of three algorithms as key generation, signing
algorithm and signature verification?

a) Digital Signature




25. Which management has two main aspects of distribution of public keys and use of
public key encryption to distribute secret keys?

a) Key Management


b)  Protocol Management

c)  Distribution Management

d)  None of these

26. Which certificates allow key exchange without real time access to public key authority?

a)  Public Key Certificates

b)  Private Key Certificates

c)  Digital Certificates

d)  All of the above

27. The 1st published public-key algorithm was invented by Whitfield Diffie and Martin
Hellman in 1976. Which name was referred to this algorithm?

a)  Whitfield-Martin key exchange

b) Diffie-Hellman key sharing

c)  Whitfield-Martin key generation

d) Diffie-Hellman key exchange.

28. Which key is associated with the identity contained in the X.509 certificate?

a)  Private Key

b)  Public Key

c)  Symmetric Key

d)  None of these

29. Which is a security architecture that has been introduced to provide an increased level
of confidence for exchanging information over an increasingly insecure Internet?


b) Digital Signature

c)  X.509

d) None of these


30. Which protocol uses strong cryptography so that a client can prove its identity to a
server (and vice versa) across an insecure network connection?

a) Kerberos b)PGP

c)  MIME

d) None of these

31. Which authentication protocol was developed by Phil Zimmerman, who developed this
encryption system for humanitarian reasons?

a) Kerberos b)PGP

c)  MIME


32. Which protocol provides the cryptographic security services for electronic messaging

a) Kerberos b)PGP

c)  MIME


33. Which member of IPSec protocol suite provides connectionless integrity and data origin
authentication for IP datagram and provides protection against replay attacks?

a)  Authentication Headers (AH)

b)  Encapsulating Security Payloads (ESP)

c)  Security Associations (SA)

d)  None of these

34.  Which protocol was originally developed by Netscape, to ensure security of data
transported and routed through HTTP, LDAP or P0P3 application layers?

a)  Authentication Headers (AH)

b)  Encapsulating Security Payloads (ESP)

c)  Security Associations (SA)

d)  Secure Socket Layer (SSL)


35. Which protocol is used to initiate a session between the server and the client?

a)   SSL

b)  Handshake Protocol c)ESP

d) None of these

36. Which protocol has the potential to emerge as a dominant force in the securing of
electronic transactions?

a) Digital Signature



d) Secure Electronic Transactions (SET)

37. Which security mechanisms of a system are designed to prevent unauthorized access to
system resources and data?

a)  IDS

b) Firewall

c)  Antivirus Software

d) None of these

38. Which software is a code or software that is specifically designed to damage, disrupt,
steal, or in general inflict some other “bad” or illegitimate action on data, hosts, or

a)  Malicious Software

b) Freeware

c)  Antivirus

d) Firewall

39.  Which security mechanism protects networked computers from intentional hostile
intrusion that could compromise confidentiality or result in data corruption or denial of

a) Firewall


b)  Antivirus

c)  Honeypot d]IDS

40. Which law touches almost all aspects of transactions and activities on and concerning the Internet, the World Wide Web and Cyberspace?

a)  IT Law

b)  IT Act

c)  Cyber Law

d)  None of these