Scribd
Upload
10 views1 page

Cyber 20-21

This document is an examination paper for a B. Tech course on Computer System Security, covering various topics related to cybersecurity. It includes multiple sections with questions on cryptography, network security, access control, and vulnerabilities in web applications. The exam consists of short answer questions, detailed discussions, and problem-solving tasks, totaling 100 marks.

Uploaded by

codingadarsh12
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
10 views1 page

Cyber 20-21

This document is an examination paper for a B. Tech course on Computer System Security, covering various topics related to cybersecurity. It includes multiple sections with questions on cryptography, network security, access control, and vulnerabilities in web applications. The exam consists of short answer questions, detailed discussions, and problem-solving tasks, totaling 100 marks.

Uploaded by

codingadarsh12
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Printed Page: 1 of 1

Subject Code: KNC301


0Roll No: 0 0 0 0 0 0 0 0 0 0 0 0 0

B. TECH
(SEM III) THEORY EXAMINATION 2020-21
COMPUTER SYSTEM SECURITY
Time: 3 Hours Total Marks: 100
Note: 1. Attempt all Sections. If require any missing data; then choose suitably.
SECTION A
1. Attempt all questions in brief. 2 x 10 = 20
Q no. Question Marks CO

a. What are the roles of a) cypher and b) key in cryptography? 2


b. What are some of the advantages and limitations of UNIX? 2
c. What is a privilege and discuss any two secure architecture principles 2
d. What is SSL and how does it work? 2
e. Discuss two problems associated with using ptrace 2
f. What are covert channels and what are their disadvantages? 2
g. When changing effective user ids, distinguish between ways to drop privileges 2
h. Why would you recommend using DNSSEC? 2
i. What are the goals of confidentiality policies? 2

P
j. Explain advanced anti-XSS tools 2
0Q

1
SECTION B

13
29

2. Attempt any three of the following: 10 x 3 = 30

2.
0E

a. Define the logout process, its steps and potential problems. Also, define session 10

24
hijacking and discuss steps to mitigate session-tokens theft.
P2

b. Define Network-based IDS. What are its strengths? 10

5.
_Q

c. Discuss a)SQL injection b)CSRF c)XSS d)Sessions e) Four HTTP auth 10


Problems
.5
17
TU

d. Define role-based access control its major properties and why would you use it? 10
|1

e. Discuss session fixation attacks, steps to perform an attack and how can it be 10
AK

prevented?
3
:5

SECTION C
07

3. Attempt any one part of the following: 10 x 1 = 10


a. Discuss how vulnerabilities can be exploited in web applications. 10
:
14

b. Define identity-based access control. What are the problems associated with it?
10
4. Attempt any one part of the following: 10 x 1 = 10
1
02

a. Discuss single vs public-key cryptography 10


b. Define knark. What are its features and why is it used? 10
-2

5. Attempt any one part of the following: 10 x 1 = 10


ar

a. Define any five of the LRK v4 trojans: ifconfig, login, ls, passwd, ps, rshd, 10
M

syslogd
2-

b. Discuss any three digital signatures and what are the steps to use them in the real 10
|1

world?
6. Attempt any one part of the following: 10 x 1 = 10
a. Discuss DoS attacks and briefly discuss various methods for mitigation of DoS 10
attacks.
b. Discuss any three Real-World Protocols and what are the steps to use them in the 10
real world?
7. Attempt any one part of the following: 10 x 1 = 10
a. Compare access control in Windows with the access control in UNIX 10
b. What is DNS and how does it work? 10

AKTU_QP20E290QP | 12-Mar-2021 14:07:53 | 117.55.242.131


Downloaded from : uptukhabar.net

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy