Dear
students get fully solved SMU MSC IT
Spring 2014 assignments
Send
your semester & Specialization name to our mail id :
“
help.mbaassignments@gmail.com ”
or
Call
us at : 08263069601
ASSIGNMENT
|
DRIVE
|
Spring – 2017
|
|
PROGRAM
|
MCA(REVISED FALL 2012)
|
|
SEMESTER
|
5
|
|
SUBJECT CODE & NAME
|
MCA5042-
Cryptography and Network Security
|
|
BK ID
|
B2069
|
|
CREDITS
|
4
|
|
MARKS
|
60
|
Note:
Answer all questions. Kindly note that answers for 10 marks questions should be
approximately of 400 words.
Q.
No. Question Marks Total Marks
Question.
1. a) What is avalanche effect?
Answer: In cryptography, the avalanche effect refers to an attractive property of
block ciphers and cryptographic hash functions algorithms.
The avalanche effect is satisfied if:
· The output changes significantly (e.g.,
·
b)
Explain data encryption standard (DES).
Answer: The Data Encryption Standard is a symmetric-key algorithm for the
encryption of electronic data. Although now considered insecure, it was highly
influential in the advancement of modern cryptography.
Developed in the early 1970s at IBM and based
on an earlier design by Horst Feistel, the algorithm was submitted to the
National Bureau of Standards (NBS) following the agency's invitation to propose
a candidate for the protection of sensitive
Question.
2. a) List and explain the objectives of computer security.
Answer: Most of us understand how locks, barred windows, lit parking lots, and
loud barking dogs can be used to make our office buildings more secure.
Computer security can, in many ways, be compared with these physical security
approaches. But, as with anything else that we translate from the real world to
the computer world, we find that we must very firmly define our terminology and
our business needs before the computer version can either be understood or made
to work. In this chapter, we will define what computer security is and
b)
What is the difference between passive and active security threats?
Answer: Businesses and individuals around the globe have felt the sting of cyber
intruders who attack organizational networks with relative impunity. Some
attacks only deface a website, while others result in significant embarrassment
or financial loss. While it is almost impossible to stop some attacks, it is
important for organizations to recognize the difference between passive attacks
and active attacks -- and the surprising risks of passive attacks.
Attack Motives: The motive for an attack depends on the
Question.
3. Explain the evaluation criteria for Advanced Encryption Standard (AES).
Answer: The National Institute of Standards and Technology (NIST) started
development of AES in 1997 when it announced the need for a successor algorithm
for the Data Encryption Standard (DES), which was starting to become vulnerable
to brute-force attacks.
This new, advanced encryption algorithm would
be
Question.
4. a) What is key distribution?
Answer: In symmetric key cryptography, both parties must possess a secret key
which they must exchange prior to using any encryption. Distribution of secret
keys has been problematic until recently, because it involved face-to-face
meeting, use of a trusted courier, or sending the key through an existing
encryption channel. The first two are often impractical and always unsafe,
while the third depends on the security of a previous key exchange.
In public key cryptography, the key
distribution of public keys is
Question.
5. a) Describe the four types of protocol of SSL.
Answer: SSL protocol, which was initially developed by Netscape, is the base for
secure communication in the internet today. SSL Being a big topic to cover in a
single article/blog post, we have tried to segregate different topics to be
understood in SSL.
In this post, we will try to understand the
Record Protocol in SSL, out of the four main layers in SSL, which are mentioned
below.
1.
SSL
Handshake Protocol
2.
SSL
Record Layer Protocol
3.
SSL
Change Cipher Spec
4.
SSL
alert Protocol
b)
What is Transport Layer Security (TLS)? Explain.
Answer: Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer
(SSL), both frequently referred to as "SSL", are cryptographic
protocols that provide communications security over a computer network. Several
versions of the protocols find widespread use in applications such as web
browsing, email, Internet faxing, instant messaging, and voice-over-IP (VoIP).
Websites use TLS to secure all communications between their servers and web
browsers.
Question.
6. a) Discuss intrusion detection.
Answer: An intrusion detection system (IDS) is a device or software application
that monitors a network or systems for malicious activity or policy violations.
Any detected activity or violation is typically reported either to an
administrator or collected centrally using a security information and event
management (SIEM) system. A SIEM system combines outputs from multiple sources,
and uses alarm filtering techniques to distinguish malicious activity from
false alarms.
b)
What do you mean by malicious software? Explain in detail.
Answer: Malware is software designed to cause harm to a computer and user. Some
forms of malware “spy” on user Internet traffic. Examples include spyware and
adware. Spyware monitors a user’s location and if enabled, it can capture
sensitive information, e.g., credit card numbers, promoting identity theft.
Adware also acquires user information, which is shared with advertisers and
then integrated with unwanted, triggered pop-up ads.
Worms and viruses behave differently, as they
can quickly proliferate and undermine an entire computer system. They also may
perform unsavory
Dear
students get fully solved SMU MSC IT
Spring 2014 assignments
Send
your semester & Specialization name to our mail id :
“
help.mbaassignments@gmail.com ”
or
Call
us at : 08263069601
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.