MCA5042- Cryptography and Network Security

Dear students get fully solved  SMU MSC IT Spring 2014 assignments
Send your semester & Specialization name to our mail id :

“ help.mbaassignments@gmail.com ”
or
Call us at : 08263069601


 
ASSIGNMENT


DRIVE
Spring – 2017
PROGRAM
MCA(REVISED FALL 2012)
SEMESTER
5
SUBJECT CODE & NAME
MCA5042- Cryptography and Network Security
BK ID
B2069
CREDITS   
MARKS
60


Note: Answer all questions. Kindly note that answers for 10 marks questions should be approximately of 400 words.  


Q. No. Question Marks Total Marks

Question. 1. a) What is avalanche effect?

Answer: In cryptography, the avalanche effect refers to an attractive property of block ciphers and cryptographic hash functions algorithms.

The avalanche effect is satisfied if:

·       The output changes significantly (e.g.,
·        


b) Explain data encryption standard (DES).

Answer: The Data Encryption Standard is a symmetric-key algorithm for the encryption of electronic data. Although now considered insecure, it was highly influential in the advancement of modern cryptography.

Developed in the early 1970s at IBM and based on an earlier design by Horst Feistel, the algorithm was submitted to the National Bureau of Standards (NBS) following the agency's invitation to propose a candidate for the protection of sensitive



Question. 2. a) List and explain the objectives of computer security.

Answer: Most of us understand how locks, barred windows, lit parking lots, and loud barking dogs can be used to make our office buildings more secure. Computer security can, in many ways, be compared with these physical security approaches. But, as with anything else that we translate from the real world to the computer world, we find that we must very firmly define our terminology and our business needs before the computer version can either be understood or made to work. In this chapter, we will define what computer security is and


b) What is the difference between passive and active security threats?

Answer: Businesses and individuals around the globe have felt the sting of cyber intruders who attack organizational networks with relative impunity. Some attacks only deface a website, while others result in significant embarrassment or financial loss. While it is almost impossible to stop some attacks, it is important for organizations to recognize the difference between passive attacks and active attacks -- and the surprising risks of passive attacks.

Attack Motives: The motive for an attack depends on the


Question. 3. Explain the evaluation criteria for Advanced Encryption Standard (AES).

Answer: The National Institute of Standards and Technology (NIST) started development of AES in 1997 when it announced the need for a successor algorithm for the Data Encryption Standard (DES), which was starting to become vulnerable to brute-force attacks.

This new, advanced encryption algorithm would be



Question. 4. a) What is key distribution?

Answer: In symmetric key cryptography, both parties must possess a secret key which they must exchange prior to using any encryption. Distribution of secret keys has been problematic until recently, because it involved face-to-face meeting, use of a trusted courier, or sending the key through an existing encryption channel. The first two are often impractical and always unsafe, while the third depends on the security of a previous key exchange.

In public key cryptography, the key distribution of public keys is




Question. 5. a) Describe the four types of protocol of SSL.

Answer: SSL protocol, which was initially developed by Netscape, is the base for secure communication in the internet today. SSL Being a big topic to cover in a single article/blog post, we have tried to segregate different topics to be understood in SSL.

In this post, we will try to understand the Record Protocol in SSL, out of the four main layers in SSL, which are mentioned below.

1.       SSL Handshake Protocol
2.       SSL Record Layer Protocol
3.       SSL Change Cipher Spec
4.       SSL alert Protocol




b) What is Transport Layer Security (TLS)? Explain.

Answer: Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as "SSL", are cryptographic protocols that provide communications security over a computer network. Several versions of the protocols find widespread use in applications such as web browsing, email, Internet faxing, instant messaging, and voice-over-IP (VoIP). Websites use TLS to secure all communications between their servers and web browsers.




Question. 6. a) Discuss intrusion detection.

Answer: An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any detected activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources, and uses alarm filtering techniques to distinguish malicious activity from false alarms.




b) What do you mean by malicious software? Explain in detail.

Answer: Malware is software designed to cause harm to a computer and user. Some forms of malware “spy” on user Internet traffic. Examples include spyware and adware. Spyware monitors a user’s location and if enabled, it can capture sensitive information, e.g., credit card numbers, promoting identity theft. Adware also acquires user information, which is shared with advertisers and then integrated with unwanted, triggered pop-up ads.

Worms and viruses behave differently, as they can quickly proliferate and undermine an entire computer system. They also may perform unsavory

Dear students get fully solved  SMU MSC IT Spring 2014 assignments
Send your semester & Specialization name to our mail id :

“ help.mbaassignments@gmail.com ”
or
Call us at : 08263069601


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.