Exam Details

Subject network security
Paper
Exam / Course mca(integrated)
Department
Organization Gujarat Technological University
Position
Exam Date May, 2017
City, State gujarat, ahmedabad


Question Paper

1
Seat No.: Enrolment
GUJARAT TECHNOLOGICAL UNIVERSITY
MCA Integrated SEMESTER- VIII • EXAMINATION SUMMER 2017
Subject Code: 4480603 Date: 03-May-2017
Subject Name: Network Security
Time: 10:30 AM 1:00 PM Total Marks: 70
Instructions:
1. Attempt all questions.
2. Make suitable assumptions wherever necessary.
3. Figures to the right indicate full marks.
Q.1


ii)
iii)
iv)

vi)
vii)
viii)
ix)
Answer in brief (any seven):
Give digest size for SHA-1, SHA-224, SHA-256, SHA-384 SHA-512.
Enumerate the security services and security mechanisms.
Differentiate between known plaintext and chosen plaintext.
What is peer entity authentication?
Enumerate the ingredients of public key cryptography.
Write the full form of TGT.
MIME converts ASCII-data to Non-ASCII data. [True False]
RC4 is an example of
What is ipad opad in HMAC?
07


ii)
iii)
iv)

vi)
vii)
viii)
ix)
Write in one or two sentences (any seven):
What is a realm in Kerberos?
What is the purpose of alert message in TLS?
What is a Digital Signature?
What is a Subject in X.509 certificate?
What is the purpose of the alert protocol in SSL?
How session keys are exchanged in PGP?
What is the job of the ticket granting server in Kerberos?
What does radix-64 step do in PGP?
What is Honeypot intrusion detection?
07
Q.2

Discuss Symmetric Block Cipher? Explain AES with suitable diagram.
07

Explain HMAC algorithm with suitable diagram.
07
OR

Why mode of operation is defined? Explain any two cipher block modes of operations.
07
Q.3

Explain PGP Services.
07

1. Write any four important differences between Kerberos version 4 and Kerberos version 5.
2. Discuss the Man-In-The-Middle attack with suitable diagram.
04
03
OR
Q.3

Explain SHA-512 with diagram.
07

Discuss SSL Alert and SSL Handshake Protocol.
07
Q.4

What is IPSec? What are the applications of IPSec? Explain the modes of IPSec operations.
07

What is random number generator? Discuss TRNG, PRNG and PRF with suitable diagram.
07
OR
Q.4

1. Discuss Rule based Intrusion Detection.
2. What do you mean by false positive and false negative in Intrusion Detection System?
05
02
2

Discuss Password selection strategies in detail.
07
Q.5

1. What is an Audit record in IDS?
2. How UNIX manages passwords to make it secure from attackers?
3. Explain how one can use Markov model for proactive password checking?
02
02
03

Draw ESP format for IPsec and show the need of fields SPI, sequence number, payload data, padding, pad length, next header and authentication data field.
07
OR
Q.5

Draw AH format for IPsec and discuss all the necessary fields.
07

Explain how attacks like IP address spoofing, source routing and tiny fragments can be carried out on packet filtering routers? What are the counter measures?
07



Subjects

  • advanced c programming (adv – c)
  • advanced python
  • basic mathematics for it
  • big data
  • c++ with class libraries (cpp)
  • communication skills - ii
  • communication skills-1
  • cyber security and forensics (csf)
  • data analytics with r
  • data structure
  • database management systems
  • discrete mathematics for computer science (dmcs)
  • environmental studies
  • fundamentals of computer
  • fundamentals of database management systems
  • fundamentals of networking
  • fundamentals of programming – i
  • fundamentals of web
  • information security
  • java programming
  • machine learning
  • management information systems (mis)
  • mobile programming
  • network security
  • operating system
  • operations research
  • python (py)
  • software engineering
  • software testing
  • statistical methods
  • uml & object oriented modeling
  • web development tools