MU Information Technology (Semester 6)
System & Web Security
May 2017
Total marks: --
Total time: --
INSTRUCTIONS
(1) Assume appropriate data and state your reasons
(2) Marks are given to the right of every question
(3) Draw neat diagrams wherever necessary


1(a) Considter an Online Shopping Site identify vulnerability, threat and attack.
5 M
1(b) Explain CIA security goals.
5 M
1(c) Describe TCP Syn Flood attack.
5 M
1(d) What are types of Malicious codes?
5 M

2(a) Explain the types of Non-Malicious Codes- Buffer Overflow, Incomplete Mediation & Racc Condtions with an example.
10 M
2(b) Explain Transport mode and Tunnel mode of IPScc and mention under which scenarios bothe modes can be used.
10 M

3(a) What is Denial of Service attack? List and explain different techniques to perform DOS atatck. Explain deference mechanism against DOS.
10 M
3(b) How the single sign on is achieved in Kerberos protocol? What is the concept of ticket in this protocol?
10 M

4(a) Explain the need of Intrusion Detection System (IDS)? Differentiate between signature based and anomaly based IDS. State advantages and disadvantages of each.
10 M
4(b) What is Token Based Authentication? Explain its types.
10 M

5(a) What is Digital Signature? Explain how it is created by sender and verified by receiver.
10 M
5(b) Explain steps of RSA algorithm with an example and list real time applications where RSA can be used.
10 M

Write short note any four question from Q.6(a, b, c, d, e)
6(a) Federated Identity Management
5 M
6(b) Convert Channel
5 M
6(c) SQL Injection attack with example
5 M
6(d) Biometric authentication
5 M
6(e) Honey pots
5 M



More question papers from System & Web Security
SPONSORED ADVERTISEMENTS