QUESTION BABK WITH ANSWERS

CW3551 – DATA AND INFORMATION SECURITY

UNIT I - INTRODUCTION

PART A

K
S.NO QUESTION CO AU
LEVEL
1 How shall you interpret Information Security?
Information security, or InfoSec, is the practice of protecting
information from unauthorized access, use, or destruction. It's
CO1 K1
important to protect information because it's a valuable
resource for organizations and individuals, and it can have
catastrophic consequences if lost or incorrect.
2 Name the multiple layers of security that a successful
organization should have in its place to protect its
operations.
Multi-layered security refers to securing your organization’s
CO1 K1
data using a variety of security measures. The idea is that if
hackers want to access the data, they have to break through
multiple layers of security (e.g., physical, administrative, and
technical), making it much more difficult to gain access.
3 Define Information Security.
Information security, or InfoSec, is the practice of protecting
sensitive information from unauthorized access, modification,
CO1 K1
disruption, or destruction. It includes a set of tools and
procedures to prevent, detect, and respond to threats to
information.
4 List the characteristics of CIA triangle.
The CIA triad is a model for information security that's made
CO1 K1
up of three key principles: confidentiality, integrity, and
availability
5 List the critical characteristics of Information.
 Availability
 Accuracy
NOV/
 Authenticity
CO1 K1 DEC
 Confidentiality 2023
 Integrity
 Utility
 Possession
6 Define the bottom-up approach and top-down approach. CO1 K1
While a bottom-up approach allows decisions to be made by
the same people who are working directly on a project, the
top-down style of management creates distance between that
 team and decision-makers. This can lead to poorly-informed
decisions if leadership doesn't ask for input or feedback from
their project team.
7 What are the measures required to protect confidentiality
of information?
By protecting devices, you can also protect the data they
contain. Follow basic cyber security hygiene by using anti- CO1 K1
virus software, routinely patching software, whitelisting
applications, using device passcodes, suspending inactive
sessions, enabling firewalls, and using whole-disk encryption.
8 Compare Vulnerability and Exposure
Vulnerability is the state of being susceptible to harm or
attack, while exposure is the state of being affected by APR/
something. While vulnerability management focuses on CO1 MAY
K2 2024
identifying weaknesses, exposure management is concerned
with understanding and mitigating the risk posed by those
vulnerabilities.
9 Information Security is which of the following: Art or
Science or both?
Information security is both an art and a science because it
has elements of both, as it requires systematic analysis and CO1 K5
creative solutions. Viewing it as a social science emphasizes
human behavior's role in developing security measures and
policies.
10 Describe a Security Team in an organization. Is the
approach to security technical or managerial?
Security management covers all aspects of protecting an
organization’s assets – including computers, people,
CO1 K2
buildings, and other assets – against risk. The approach to
security should be more managerial than technical, although,
the technical ability of the resources performing the day-to-
day activities is critical.
11 Show with the help of a diagram about the components of
information Security.

CO1 K1
12 Why is methodology important in the implementation of
information security?
 Communicate the process APR/
 Get things on track CO1 K1 MAY
 Balance tactical and strategic issues 2024
 Systematize the process
 Reduce time
13 What is the use of methodology in the implementation of
Information Security?
 Identifying and evaluating risks
CO1 K1
 Selecting and planning security controls
 Creating an effective security system
 Driving towards a better state of security
14 What if the C.I.A. triangle is incomplete, why is it so
commonly used in security?
The CIA triad is a widely used model in information security
because it provides a holistic approach to security that helps
organizations consider all three of the most important CO1 K4
concepts in information security:
 Confidentiality
 Integrity
 Availability
15 List out the uses of CIA triad.
 Assessing environments
 Developing security policies
CO1 K1
 Evaluating new products and technologies
 Thinking about security challenges
 Assessing malfunctions and cyber security attacks.
16 Classify the three components of the C.I.A Triangle. What
are they used for?
The three letters in "CIA triad" stand for Confidentiality,
Integrity, and Availability. The CIA triad is a common model CO1 K2
that forms the basis for the development of security systems.
They are used for finding vulnerabilities and methods for
creating solutions.
17 Give a short note on E-mail spoofing.
Email spoofing is a technique used to trick recipients into
believing that an email is from a trusted source. It involves
CO1 K1
changing the sender's name, email address, or other details in
an email's header to make it appear as if the email is from a
legitimate source
18 Define an attack.
An attack on system security that derives from an intelligent
threat, that is an intelligent act which is deliberate attempt to CO1 K1
evade security services and violate the security policy of a
system.
19 What is the basic objective of the NSTISSC model?
 Using security services.
CO1 K1
 Maintaining information states
 Setting security counter measures.
20 What is a passive attack?
Passive attacks are eavesdropping on, or monitoring of
CO1 K1
transmissions. Two types of passive attacks are release of
message contents and traffic analysis.

PART B

K
S.NO QUESTION CO AU
LEVEL
1 Illustrate briefly about SDLC waterfall methodology and NOV/DEC
CO1 K2 2023
its relation in respect to information security.
2 Infer about information security project team. CO1 NOV/DEC
K2 2023
3 Analyze the methodology which plays a major role in the CO1
NOV/DEC
implementation of information security? How does a K4 2023
methodology improve the process?
4 Explain the components of an information system. Also, CO1
APR/MAY
enlighten about balancing methodologies of information K2 2024
security and access.
5 Briefly describe the approaches to information security CO1 APR/MAY
K2 2024
implementation.
6 Discuss the steps common to both the systems CO1
K6
development life cycle and the security systems life cycle.
7 What are the six components of an information system? CO1
Which are most directly affected by the study of computer K1
security?
8 Describe the Security Systems Development Life Cycle. CO1 K2
9 i) What is NSTISSC Security Model? CO1
K1
ii) Describe in detail about the top-down approach and the
K2
bottom-up approach with the help of a diagram.
10 Evaluate the various components of Information Security CO1
K5
that a successful organization must have.
11 Evaluate who decides how and when data in an CO1
organization will be used or controlled. Who is responsible K5
for seeing that these wishes are carried out?
12 Generalize which members of an organization are involved CO1
in the security system development life cycle? Who leads K1
the process?
13 Summarize the steps common to both the SDLC and CO1
APR/MAY
SSDLC. Elaborate the steps unique to the security system K2 2024
development life cycle.
 PART C

K
S.NO QUESTION CO AU
LEVEL
1. Formulate any methodology, why it important in the
implementation of information security? How does a CO1 K6
methodology improve the process?
2. Assess the importance of infrastructure protection (assuring
the security of utility services) and how that is related to CO1 K5
the enhancement of information security?
3. Analyze the critical characteristics of information. How are
K4
they used in the study of computer security? CO1
4. i) Compose the roles of Information Security Project Team.
K6
ii) Design the steps unique to the security systems CO1
K6
development life cycle in all the phases of SSDLC model.
5. i) List the various components of an information system K4
and talk about them. CO1
ii) List the history of Information Security. K4

UNIT II - SECURITY INVESTIGATION

PART A

K
S.NO QUESTION CO AU
LEVEL
1 Differentiate direct and indirect attacks.
It is when a hacker uses his personal computer to break into
the system. It is when a system is compromised and used to
NOV/DEC
attack other systems, such as in a distributed denial of CO2 K2 2023
service attack. Originate from the threat itself. Originate
from a system or resource that itself has attacked & it is
malfunctioning or working under the control of a threat.
2 List any five attacks that are used against controlled
systems.
 Malware
NOV/DEC
 MITM attack CO2 K1 2023
 SQL injection
 Spoofing
 Password attack
3 What is the logic behind using a license agreement CO2 K1 NOV/DEC
window and the use of online registration process to 2023
combat piracy.
Software licensing effectively builds a wall around your
software. You might not be able to remove piracy
 completely but you can ensure that users sign up for your
terms. It will give you a legal framework in which to take
action on any infringements.
4 Write the significance of access control matrix.
An access control matrix is a table that defines the access
permissions that exist between specific subjects and APR/MAY
CO2 K1 2024
objects. A matrix is a data structure that acts as a lookup
table for the operating system. The table's rows, or
capability lists, show the capabilities of each subject.
5 How is the technological obsolescence a threat to
information security? How can an organization protect
against it?
Technological obsolescence can be a threat to information
security because outdated technology can make systems
unreliable and untrustworthy. This can lead to a loss of data APR/MAY
CO2 K1 2024
integrity and security breaches. Technological
obsolescence threatens information security due to possible
system vulnerabilities in outdated technology.
Organizations can protect against it by implementing a
robust technology refresh strategy, conducting regular
security audits, employee training, and software upgrades.
6 Show with the help of points the 4 important functions
for an organization based on information security.
Four important functions of information security for an
organization are
CO2 K1
 Protecting data
 Safeguarding technology
 Enabling application operation
 Protecting organizational function
7 Analyze the assets in the organization that requires
protection.
 Identify assets: Define what an asset is and what
assets support the organization's goals, functions,
and processes. Assets can be tangible, like office
equipment, or intangible, like intellectual property.
 Assess value: Determine how valuable each asset is CO2 K4
to the organization.
 Evaluate impact: Consider how much impact each
asset would have if it were lost, compromised, or
damaged.
 Analyze risk: Evaluate the likelihood and impact of
potential threats to each asset.
8 Construct with the help of a table any 4 threats with its CO2 K3
examples.
Here are four threats to data and information security, along
with examples:
  Malware
 Wiper malware
 Worms
 Spyware
 SQL Injection Attack
 Unauthorized access, and malicious software.
9 What is the meaning of the sentence “data in motion
and data at rest”.
 Data in motion, also known as data in transit or data
in flight, refers to data that is being moved from one
location to another. CO2 K3
 Data at rest is currently stored, typically on a
computer's or server's hard disk. Data at rest is
safely stored on an internal or external storage
device.
10 What is meant by the term “Information Extortion”?
Information extortion is a type of cybercrime where a
person or entity steals information from a computer system CO2 K1
or company and demands compensation for its return or
non-use.
11 Give the definition of software piracy.
Software piracy is the illegal use, copying, or distribution
of copyrighted software:
 End-user piracy
CO2 K1
 Counterfeiting
 Hard disk loading
 Cracking
Software piracy can be intentional or unintentional.
12 List the technical mechanisms that have been used to
enforce copyright laws.
Technical mechanisms that are used to enforce copyright
laws include:
CO2 K1
 Encryption
 Watermarking.
 Rights management systems (RMS)
 Licensing management
13 Write the major differences between a Threat and an
Attack.
Threats and attacks are two important aspects from a
CO2 K4
security point of view. A threat is malicious act, that has the
potential to damage the system or asset while an attack is
an intentional act that causes damage to a system or asset.
14 Discuss about malware. CO2 K6
Malware, short for malicious software, is a general term for
 any software created by cybercriminals to harm or exploit
devices, networks, or businesses. The goal of malware is to
steal information or resources for monetary gain or
sabotage.
15 Name the most common methods of virus transmission.
Nowadays, viruses can still be spread via hard disks and
Universal Serial Bus (USB) devices, but they are more
CO2 K1
likely to be passed between devices through the internet.
Computer viruses can be spread via email, with some even
capable of hijacking email software to spread themselves.
16 Formulate which management groups are responsible
for implementing information security to protect the
organization’s ability to function.
Both general management and IT management are
responsible for implementing information security to
CO2 K6
protect the ability of the organization to function.
Other assets like systems and technology also require
protection. Both general management and IT
management are responsible for implementing security to
protect the organization.
17 How can individuals protect themselves from shoulder
surfing?
Surfers can't steal what they can't see. Put your body
between your sensitive information and anyone's direct line CO2 K5
of sight. For example, shield the keys on a PIN pad when
entering your code or stand against a wall and hold your
phone up to your body when entering passwords.
18 Define the meaning of the term ‘Electronic Theft’.
E-Theft means the transfer of the Client's or insured entity's
money, securities, or other property of value to a person, CO2 K1
place, or account beyond the Client's or insured entity's
control as a direct result of a Data Security Event.
20 How do worms differ from viruses? Do Trojan horses
carry viruses or worms?
A worm is like a computer virus by its design but is a sub-
class of a virus or trojan horse. Worms spread from CO2 K1
computer to computer, but unlike a virus, it has the
capability to travel without attaching to a host program and
can run independently.
21 Define Macro Virus CO2 K2
 Macro virus
A macro virus is a type of malware that uses advanced
programming languages to take over the macro
functionality of programs like Microsoft Word, Excel, and
PowerPoint. Macro viruses are often created by user error
when they unknowingly record harmful macros in their
 documents.
22 Define Boot Virus.
 Boot virus
A boot virus is a type of malware that infects a computer's
boot partition or the Master Boot Record (MBR) of a hard
disk. The boot sector is a reserved section of a disk that
contains the code and data needed to start the operating
system. Boot viruses are written to spread from computer to
computer and activate when the system starts.
23 List some common place security principles.
The basic tenets of information security are confidentiality,
integrity and availability. Every element of the information
CO2 K4
security program must be designed to implement one or
more of these principles. Together they are called the CIA
Triad.
24 What is the difference between a denial-of-service
attack and a distributed denial-of-service attack?
Speed of attack: Because a DDoS attack comes from
multiple locations, it can be deployed much faster than a CO2 K1
DoS attack that originates from a single location. The
increased speed of attack makes detecting it more difficult,
meaning increased damage or even a catastrophic outcome.

PART B

K
S.NO QUESTION CO AU
LEVEL
1 i) List the Computer Security Hybrid Policies. K1 NOV/DEC
CO2 2023
ii) Describe the types of Computer Security. K2
2 Illustrate which management groups are responsible for
NOV/DEC
implementing information security to protect the CO2 K2 2023
organization’s ability to function.
3 Summarize the various laws related to information security.
APR/MAY
How do people from varying ethnic backgrounds differ in CO2 K2 2024
their views of computer ethics?
4 Summarize how does technological obsolescence
constitutes a threat to information security? CO2 K2
How can an organization protect against it?
5 Generalize how the intellectual property owned by an
organization usually has value? If so, how can attackers CO2 K1
threaten that value?
6 Point out why data is the most important asset an
organization possesses. What other assets in the CO2 K1
organization require protection?
7 Analyze whether information security is a management CO2 K4
 problem? What can management do that technology
cannot?
8 How will you develop management groups that are
responsible for implementing information security to CO2 K1
protect the organization’s ability to function?
9 Illustrate the methods a social engineering hacker uses to
gain information about a user’s login id and password?
CO2 K2
How would this method differ if it were targeted towards
an administrator’s assistant versus a data-entry clerk?
10 i) State the types of password attacks. K1
ii) Tell the three ways in which an authorization can be CO2
handled. K1

PART C

S.N K
QUESTION CO AU
O LEVEL
1. Discuss the following in detail:
i) Confidentiality policies APR/MAY
CO2 K6 2024
ii) Integrity policies
iii) Hybrid policies
2. How has the perception of hackers changed over recent
CO2 K1
years? Compose the profile of a hacker today.
3. Evaluate which management groups are responsible for
implementing information security to protect the CO2 K5
organization’s ability to function?
4. i) Explain Integrity Policies. K1
CO2
ii) Assess the Secure Software Development. K5
5. How has the perception of hackers changed over recent
NOV/DEC
years? What is the profile of a hacker today by depicting the CO2 K1 2023
violated techniques, algorithms and security protocols?

UNIT III – DIGITAL SIGNATURE AND AUTHENTICATION

PART A

K
S.NO QUESTION CO AU
LEVEL
1 List the properties of digital signature. CO3 K1
A digital signature should have the following properties:
 Authenticity
 Integrity
 Non-repudiation
 Unforgeable
 Public verifiability
  Forward secrecy
2 List the types of attacks.
 Malware
 MITM attack
CO3 K2
 SQL injection
 Spoofing
 Password attack
3 List the forgeries done by attacker to break the break
the digital signature.
 Total break
 Universal forgery CO3 K1
 Selective forgery
 Existential forgery
 Universal signature forgery (USF)
4 What is meant by primitive root?
Primitive roots are the smallest positive power that can
correlate two integers, which are comparatively prime with
CO3 K1
each other. The Euler-Fermat formula determines the
evaluation of primitive roots. The outcome of the primitive
roots can be a quadratic residue or a quadratic non-residue.
5 Given two integers A=3 and M=11, identify the modular
multiplicative inverse of A under modulo M.
Input:
a=3
CO3 K3
m = 11
Output: 4
Explanation: Since (4*3) mod 11 = 1, 4
is modulo inverse of 3.
6 Identify the primitive roots of a prime number q=7.
Input : 7
Output : Smallest primitive root = 3
Explanation: n = 7
3^0(mod 7) = 1
CO3 K3
3^1(mod 7) = 3
3^2(mod 7) = 2
3^3(mod 7) = 6
3^4(mod 7) = 4
3^5(mod 7) = 5
7 Compare RSA approach and DSA approach.
As compared to DSA, the RSA algorithm is slower in
encryption. As compared to RSA, the DSA algorithm is
CO3 K2
faster in decryption. RSA works best in the cases of
encryption and verification. DSA works best in the cases of
signing (digital) and decryption.
8 What is Kerberos TGS. CO3 K2
Kerberos uses symmetric key cryptography and a key
 distribution center (KDC) to authenticate and verify user
identities. A KDC involves three aspects: A ticket-granting
server (TGS) that connects the user with the service
server (SS) A Kerberos database that stores the password
and identification of all verified users. A Ticket-granting
Service is a component of the Kerberos authentication
protocol that connects a user to a service server.
9 List the characteristics of user certificate generated by
CA.
Public key: Details on which public key and the
corresponding cryptographic algorithm are used to sign the
certificate. CO3 K1
Subject: Information about the domain the certificate was
issued to or, for certain types of certificates, the legitimacy
of the organization operating the website.
10 Types of authentication mechanisms.
Multi-factor authentication
CO3 K2
One factor authentication
Two factor authentication
11 Discuss the three threats that may occur in a
workstation.
Companies must understand their cyber security
CO3 K6
vulnerabilities to safeguard against a cyber-attack. Risks
might be privilege abuse, data mishandling, unapproved
hardware and software, or email misuse.
12 List the requirements for Kerberos.
 Secure – no masquerading.
 Reliable – distributed server architecture.
 Transparent – user unaware authentication is taking CO3 K1
place.
 Scalable – support large number of clients and
servers.
13 What is the Key distribution center.
A key distribution center (KDC) is a network component
that manages the distribution of cryptographic keys and
access tickets to users. KDCs are a critical part of network CO3 K2
security, and are used in a variety of settings, including
corporate networks, educational institutions, and
government agencies.
14 What are the principles of Kerberos.
A Kerberos principal is a unique identity to which Kerberos
can assign tickets. Principals can have an arbitrary number
of components. Each component is separated by a CO3 K2
component separator, generally `/'. The last component is
the realm, separated from the rest of the principal by the
realm separator, generally `@'.
 15 List the requirements that are not satisfied by version 2
of X.509 certificate.
An X.509 certificate is a digital certificate that uses the
widely accepted international X.509 public key CO3 K1
infrastructure (PKI) standard to verify that a public
key belongs to the user, computer or service identity
contained within the certificate.
16 List the categories of certificate extensions.
Here are some certificate extensions in data and
information security:
CO3 K1
 Key usage extensions
 DER
 X.509
17 What requirements should a digital signature scheme
satisfy?
NOV/DEC
The most basic requirement is that the signer's identity is CO3 K1 2023
bound to a certificate or other type of identifying credential
that can be encrypted and authenticated.
18 What is a Public-key certificate?
The public-key authority could be bottleneck in the system,
CO3 K1
for a user must appeal to the authority for a public key for
every other user that it wishes to contact.
19 Distinguish between direct and arbitrated digital
signature.
The Direct Digital Signature only includes two parties one
to send a message and the other one to receive it.
According to the direct digital signature both parties trust APR/MAY
CO3 K4 2024
each other and know their public key.
Arbitrated Digital Signature includes three parties in which
one is the sender, the second is a receiver and the third is
the arbiter who will become the medium for sending and
receiving messages between them.
20 Assume the client X wants to communicate server Y
using Kerberos procedure.
Kerberos is a protocol for authenticating service requests
between trusted hosts across an untrusted network, such as APR/MAY
CO3 K4 2024
the internet. Users, machines and services using Kerberos
need only trust the KDC, which runs as a single process
and provides two services: an authentication service and a
ticket granting service.

PART B

K
S.NO QUESTION CO AU
LEVEL
 1 Explain ElGamal Digital Encryption Scheme. CO3 K5
2 Explain NIST Digital Signature Algorithm. CO3 K5
3 Explain Elliptic curve Digital Signature Algorithm. CO3 K5
4 Explain Schnorr Digital Encryption Scheme. CO3 K5
5 Outline RSA-PSS Digital signature algorithm. CO3 K2
6 Outline the working of X.509 certificate along with its
CO3 K2
format.
7 Explain briefly about Kerberos. CO3 K2
8 Explain the categories of certificate extensions in X.509
CO3 K2
certificates.
9 With a neat sketch, illustrate the ElGamal digital signature APR/MAY
CO3 K2 2024
scheme in detail.
10 i) What is Kerberos? Elucidate how it provides K1
APR/MAY
authenticated service. CO3 2024
ii) Explain the format of the X.509 certificate. K2

PART C

S.N K
QUESTION CO AU
O LEVEL
1. Describe digital signature algorithm and show how signing
NOV/DEC
and verification is done using DSS. Provide example for the CO3 K2 2023
same.
2. Explain the format of the X.509 certificate. Provide any one NOV/DEC
CO3 K2 2023
real time case study for the use of X.509 certificate.
3. Discuss about Key Distribution and Certification. CO3 K2
4. A) Explain the 4 types of distribution of Public-keys. CO3 K1
B) Comparison between Kerberos Version 4 and Version 5 K1
5. How is hash function algorithm designed? Explain their CO3 K2
features and properties.

UNIT IV - EMAIL AND IP SECURITY

PART A

S.N K
QUESTION CO AU
O LEVEL
1 Discuss the purpose of padding field in ESP.
Padding – used to fill the payload data to a specific block size
multiple required by a particular encryption algorithm, or to
CO4 K6
randomize the length of the payload to protect against traffic
flow analysis. Pad length – an 8-bit field whose value
indicates in bytes the length of the padding field.
2 What is the usage of Mail Submission Agent. CO4 K2
 It is responsible for accepting email messages from users and
forwarding them to the Mail Transfer Agent (MTA) for
further processing. In simpler terms, MSA acts as a gateway
for outgoing emails, ensuring that they are properly formatted
and authenticated before being sent out into the vast expanse
of the internet.
3 Can you explain the use of 'MUST' and 'SHOULD'
terminology in the context of S/MIME
MUST, MUST NOT, SHOULD, and SHOULD NOT are
used in capital letters. This conforms to the definitions in CO4 K2
[MUSTSHOULD]. [MUSTSHOULD] defines the use of
these key words to help make the intent of standards track
documents as clear as possible.
4 List the IPsec services.
In computing, Internet Protocol Security (IPsec) is a secure
network protocol suite that authenticates and encrypts packets CO4 K1
of data to provide secure encrypted communication between
two computers over an Internet Protocol network.
5 What is a Message Transfer Agent (MTA) and how is it
used?
Within the Internet email system, a message transfer agent
CO4 K2
(MTA), mail transfer agent, or mail relay is software
that transfers electronic mail messages from one computer to
another using the Simple Mail Transfer Protocol.
6 Describe replay attack.
A replay attack is when a malicious actor captures and
retransmits valid data to achieve fraudulent authentication or
execute unauthorized actions in a network. As technology CO4 K2
advances, the integrity and security of society's online
transactions, data, and identities are of paramount
importance.
7 What are the advantages of using an Authentication
header in HTTP requests?
The Authentication Header (AH) protocol provides data
CO4 K2
origin authentication, data integrity, and replay protection.
However, AH does not provide data confidentiality, which
means that all of your data is sent in the clear.
8 What are the applications of IPV6.
One of the main applications of the home network is
the remote control and monitoring of home appliances. Under
CO4 K2
the home network based on IPv6, it can be used for
purposeful surveillance through voice calls or web interface
for specific area surveillance, residential security, etc.
9 What is POP3? CO4 K1
POP3 stands for Post Office Protocol version 3, which is a
protocol that downloads emails from a server to a local
 device. When a POP3 client connects to an email server, it
retrieves all messages from the inbox, stores them on the
local device, and deletes them from the server.
10 Write two additional fields in payload of ESP.
Encapsulating Security Payload (ESP) is a member of the
Internet Protocol Security (IPsec) set of protocols that encrypt CO4 K2
and authenticate the packets of data between computers using
a Virtual Private Network (VPN).
11 What is PGP?
PGP, or Pretty Good Privacy, is a security program that
encrypts and decrypts messages, authenticates messages, and
CO4 K1
encrypts files. It's a digital version of sending encoded notes,
where only the intended recipient can understand the
message.
12 Write the steps for preparing signed Data.
Hashed value of original data is encrypted using sender's
private key to generate the digital signature. It is generated by
CO4 K2
CA (Certifying Authority) that involves four steps: Key
Generation, Registration, Verification, Creation. Authenticity
of Sender, integrity of the document and non-repudiation.
13 What do you mean by S/MIME?
S/MIME stands for Secure/Multipurpose Internet Mail
Extensions, and it's an industry standard for encrypting and NOV/DEC
CO4 K1 2023
digitally signing emails. S/MIME is used by corporations to
enhance email security and is compatible with most
enterprise email clients.
14 What are the services provided by PGP?
- Encryption.
NOV/DEC
- Digital signatures. CO4 K1 2023
- Integrity checking.
- Authenticating digital certificates.
15 Define TLS.
Transport Layer Security (TLS) is a protocol that encrypts
and delivers email securely. TLS encryption requires the use
CO4 K2
of a digital certificate, which contains identity information
about the certificate owner as well as a public-key, used for
encrypting communications.
16 What are the different types of MIME?
MIME types are Text, Multipart, Message type, Image type, CO4 K1
Video type, Audio type, and Application type.
17 List the limitations of SMTP/RFC 822.
a) It cannot transmit executables or binary files without
conversion into test through non-standard programs.
CO4 K2
b) Tranfer limited in size.
c) Gateways fo not alwas map properly between EBCDIC
and ASCII.
18 What are the applications involved In IP Security?
a) Provide secure communication across private and public
LAN. CO4 K2
b) Secure remote access over the Internet.
c) Secure communication to other organization.
19 Define SPI.
The Security Parameter Index (SPI) is an identification tag
added to the header while using IPsec for tunneling the IP
CO4 K2
traffic. This tag helps the kernel discern between two traffic
streams where different encryption rules and algorithms may
be in use.
20 Draw the ESP packet format

CO4 K2

PART B

S.N K
QUESTION CO AU
O LEVEL
1 Explain S/MIME operational descriptions, message content
CO4 K2
types and enhanced security services.
2 Explain AH protocol with its format and modes. CO4 K2
3 Illustrate email architecture and explain its protocols. CO4 K2
4 Explain the various IPsec components with a neat
CO4 K2
architecture diagram. Also explain the IPsec modes.
5 Explain all the fields in Authentication Header with its two
CO4 K2
modes.
6 Illustrate the ESP along with its modes. CO4 K2
7 A PGP user may have multiple public keys. So that a
recipient knows which public key is being used by a sender, a
key ID, consisting of the least significant 64 bits of the public
CO4 K4
key, is sent with the message. What is the probability that a
user with N public keys will have at least one duplicate key
ID?
8 The IPsec architecture document states that when two CO4 K4
transport mode SAs are bundled to allow both AH and ESP
 protocols on the same end-to-end flow, only one ordering of
security protocols seems appropriate: performing the ESP
protocol before performing the AH protocol. Why is this
approach recommended rather than authentication before
encryption?
9 Suppose that the current replay window spans from 120 to
530.
a. If the next incoming authenticated packet has sequence
number 340, what will the receiver do with the packet, and
what will be the parameters of the window after that?
b. If instead the next incoming authenticated packet has
APR/MAY
sequence number 598, what will the receiver do with the CO4 K6 2024
packet, and what will be the parameters of the window after
that?
c. If instead the next incoming authenticated packet has
sequence number 110, what will the receiver do with the
packet, and what will be the parameters of the window after
that?
10 Explain S/MIME message preparations? CO4 K2

PART C

S.N K
QUESTION CO AU
O LEVEL
1. Suppose that the current replay window spans from 120 to
530. if the next incoming authenticated packet has sequence
number 105, what will the receiver do with the packet, and
what will be the parameters of the window after that? if
instead the next incoming authenticated packet has sequence APR/MAY
CO4 K6 2024
number 440, what will the receiver do with the packet, and
what will be the parameters of the window after that? if
instead the next incoming authenticated packet has sequence
number 540, what will the receiver do with the packet, and
what will be the parameters of the window after that?
2. Explain in detail about architecture of IP security. Depict how NOV/DEC
CO4 K5 2023
email message could be sent secured with a neat example.
3. Explain the operation description of PGP. Provide real time NOV/DEC
K5 2023
case study for understanding its real time working.
4. Evaluate who decides how and when data in an organization
will be used or controlled? Who is responsible for seeing that NOV/DEC
CO4 K5 2023
these wishes are carried out? Frame complete security model
with IPsec security and manage keys appropriately.
5. Explain S/MIME certificate processing, PEM and its message CO4 K2
processing steps.
 UNIT V – WEB SECURITY

PART A

S.N K
QUESTION CO AU
O LEVEL
1 Compare Passive and Active web security attacks.
Active attacks call for the attacker to be involved in other
actions with a view of interfering, modifying, or deleting the
CO5 K2
systems or data. On the other hand, Passive means the attack
is going on silently without interfering with the system and
the chief aim is to gather as much information as possible
2 List the parameters of connection state in TLS. CO5 K1

1. Session ID: A
unique
identifier
assigned by the
server to a
particular
SSL/TLS
session, which
allows the
client to
resume the
session later
without the
need
for a full
handshake.
2. Cipher suite:
A combination
of encryption,
hash, and key
exchange
algorithms
used to secure
the
communication
between the
client and
server.
3. Compression
method: A
method used to
compress the
data
exchanged
between the
client and
server, if
compression is
enabled.
4. Peer
certificates:
Digital
certificates
used to
authenticate
the identities of
the
client and
server.
5. Master
secret: A secret
key generated
by both the
client and
server during
the
SSL/TLS
handshake that
is used to
derive session
keys for
encryption and
decryption.
6. Client
random: A
random
number
generated by
the client
during the
SSL/TLS
handshake that
is used to
derive session
keys for
encryption and
decryption.
7. Server
random: A
random
number
generated by
the server
during the
SSL/TLS
handshake that
is used to
derive session
keys for
encryption and
decryption.
1. Session ID: A
unique
identifier
assigned by the
server to a
particular
SSL/TLS
session, which
allows the
client to
resume the
session later
without the
need
for a full
handshake.
2. Cipher suite:
A combination
of encryption,
hash, and key
exchange
algorithms
used to secure
the
communication
between the
client and
server.
3. Compression
method: A
method used to
compress the
data
exchanged
between the
client and
server, if
compression is
enabled.
4. Peer
certificates:
Digital
certificates
used to
authenticate
the identities of
the
client and
server.
5. Master
secret: A secret
key generated
by both the
client and
server during
the
SSL/TLS
handshake that
is used to
derive session
keys for
encryption and
decryption.
6. Client
random: A
random
number
generated by
the client
during the
SSL/TLS
handshake that
is used to
derive session
keys for
encryption and
decryption.
7. Server
random: A
random
number
generated by
the server
during the
SSL/TLS
handshake that
is used to
 derive session
keys for
encryption and
decryption.
 Session ID
 Cipher suite
 Compression methods
 Peer certificates
 Master secret
 Client random
 Server random
3 List the parameters of session state in TLS.
Here are some parameters of session state in Transport Layer
Security (TLS):
CO5 K1
 Session IDs
 Session tickets
 TLS False Start
4 What is web security?
Web security means protecting a website or web application
by detecting, preventing and responding to cyber threats.
Web security is a set of procedures, practices and CO5 K2
technologies for assuring the reliable, predictable operation of
web servers, web browsers, other programs that communicate
with web servers and the surrounding Internet infrastructure.
5 Discuss how the TLSV1.3 differs from its previous
version?
TLS 1.3 is the latest version of the TLS protocol. TLS, which
is used by HTTPS and other network protocols CO5 K6
for encryption, is the modern version of SSL. TLS 1.3
dropped support for older, less secure cryptographic features,
and it sped up TLS handshakes, among other improvements.
6 Compare TLS connection and TLS Session. CO5 K2
TLS (Transport Layer Security) is a cryptographic protocol
that encrypts data sent over the internet to secure
communications between a client and a server. The main
difference between a TLS connection and a TLS session is
that a TLS connection establishes a secure connection, while
a TLS session uses that connection to provide secure
 communications.
7 What is change cipher spec protocol.
A protocol which is used in the Secure Sockets Layer. This
technology uses cryptographic methods to send data between
a client and a server. The protocol is used to inform the CO5 K2
participants that the previous encryption algorithm used for
communication between the browser and the server is to be
replaced by a new one.
8 Different ways of classifying web security threats.
Different types of web security threats include computer
viruses, data theft, and phishing attacks. Web security threats CO5 K2
typically lead to issues like denial of access and unauthorized
changes to devices and networks and data exposure.
9 Define S-HTTP.
Secure Hypertext Transfer Protocol (S-HTTP) is a protocol
that encrypts messages to ensure the security of data
CO5 K2
transmitted over the internet. It's an extension of the
Hypertext Transfer Protocol (HTTP) and is designed for use
in browser applications.
10 What is the use of Heartbeat protocol.
The purpose of a heartbeat is to monitor the health of nodes
in a network. Heartbeats are also meant to prevent cluster CO5 K2
partitioning, which occurs in a cluster due to loss of
communication between (one or more) nodes in that cluster.
11 What is chosen-plaintext attack?
A chosen plaintext attack is a cryptanalysis technique where
CO5 K1
an attacker chooses plaintexts to be encrypted and analyzes
the resulting cipher texts to gain access to information.
12 Can you explain the notable crimes that occurred in
2012?
In 2012, the CRIME exploit was vulnerability against SPDY
CO5 K2
and TLS-level compression. The latest versions of Chrome
and Firefox web browsers mitigated the exploit, and some
websites also applied countermeasures.
13 List any 5 alert messages.
 Multiple failed login attempts: This is a common alert
that can be considered medium severity.
 New login location: This is a low severity alert.
CO5 K1
 User added to group: This is a low severity alert.
 Brute force login: This is a medium severity alert.
 Malware or virus detection: This is a common alert
that can be detected by a SIEM.
14 What is the purpose of alert protocol. CO5 K2
The alert protocol in data and information security sends
signals between peers to inform them of the cause of a
protocol failure. It's a defense mechanism that helps identify
 potential issues during encryption.
15 Outline the final step of TLS Record protocol.
The TLS (Transport Layer Security) Record Protocol is a
fundamental part of the TLS protocol suite that provides
confidentiality and integrity for the data transmitted over a CO5 K2
network. The final step of the TLS Record Protocol involves
the actual transmission of data to the application layer after
all necessary security measures have been applied.
16 What is mean by SET?
Secure Electronic Transaction or SET is a security protocol
designed to ensure the security and integrity of electronic NOV/DEC
CO5 K1 2023
transactions conducted using credit cards. Unlike a payment
system, SET operates as a security protocol applied to those
payments.
17 List the primary facts of web security problems.
a. Securing the web server and the data that is on it.
b. Securing information that transmits between the web server
CO5 K1
and the user.
c. Securing the end user's computer and other devices that
people use to access the Internet.
18 Define web server.
A web server is a program that stores files and makes them
CO5 K1
accessible via the network or the internet. A web server
requires both hardware and software.
19 What is a proxy server?
Proxy server works with the web/content filtering function to
centralize the aces to the internet and foreign networks. All CO5 K2
internet traffic will be processed within the Proxy Server to
be able to control and log access.
20 Define anonymization.
Anonymization is a data processing technique that removes
or modifies personally identifiable information; it results in
CO5 K1
anonymized data that cannot be associated with any one
individual. It is also a critical component of Google's
commitment to privacy

PART B

S.N K
QUESTION CO AU
O LEVEL
1 Explain the following protocols
i) TLS record protocol CO5 K5
ii) Heartbeat protocol
2 i) Explain the secure socket layer and working of SSL CO5 K5
protocol.
 ii) Explain the categories of web security threats that affects
the integrity, authenticity, confidentiality and availability K5
and explain its consequences and countermeasures.
3 Outline Transport level security architecture and explain its
CO5 K2
protocols.
4 Explain the protocols for securing internet communication,
CO5 K2
email and web transactions.
5 Explain the working of Handshake protocol. CO5 K2
6 You are developing a mobile application where users can
chat securely with one another. The application will send
messages over the internet, and you want to ensure that
these messages remain private and unaltered during transit.
Describe how you would apply Transport Level Security CO5 K5
(TLS) in your application to protect the messages. Discuss
how the two layers of protocols in TLS architecture would
participate in establishing and maintaining this secure
communication.
7 What is SSL/TLS encryption? How does SSL/TLS
APR/MAY
encryption work? Why is SSL/TLS decryption important for CO5 K1 2024
security?
8 What is dual signature? Describe briefly how dual signature APR/MAY
CO5 K1 2024
is generated using SET.
9 Describe the SSL architecture in detail and how it helps in NOV/DEC
CO5 K2 2023
maintaining secure end-to-end communication.
10 Describe the working of SET with neat diagram and NOV/DEC
CO5 K2 2023
elaborate its role in transaction processing.

PART C

S.N K
QUESTION CO AU
O LEVEL
1. What is wireless security and types of wireless attack and CO5 K2
wireless network.
2. Discuss about Web security, its issues and approaches. CO5 K1
3. Explain payment process with its diagram. CO5 K2
4. Explain about process of set and its four messages with a neat CO5 K2
diagram.
5. Comparison between a) SSL and TLS CO5 K2
b) IPsec and SSL
c) Features of SSL and its architecture.