8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
1/27
CRYPTOGRAPHY AND NETWORK
SECURITY
IT1352 IT 3rd yr
UNIT I
PART A
1.Write different types of Authentication & explain it.
1. Peer entity authentication, 2.Data authentication
Peer entity authentication: Provides for the corroboration of the identify of a peerentity in an association. It provided for use at the establishment of a connection. It
attempts to provide confidence that an entity is not attempting an unauthorized
replay of a previous connection.
2. Data authentication: Provides for the corroboration of the source of a data unit. It
does not provide protection against the duplication of data units. This type of
service supports applications like electronic mail where there are no priorinteractions between the communicating entities.
2.Define Access control.In the context of security ,access control is the ability to limit and control the access to
host systems and applications via communications links.
3.Dfine Data Confidentiality
It is the protection of transmitted data from passive attacks with respect to the content
of a data transmission, several levels of protection can be identified. The broadest serviceprotects all user data transmitted between two users over a period of time.
4.Write Connection Integrity with RecoveryIt provides for the integrity of all users data on a connection and detects any
modification, insertion ,deletion or replay of any data with in a entire data sequence, with
recovery attempted.
5.Define No repudiation origin and nonrepudiation destination.
Nonrepudiation origin:Proof that the message was sent by the specified party.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
2/27
Nonrepudiation destination:
Proof that the message was received by the specified party.
6.Define Authentication.Authentication service in concerned with assuring that a communication is authentic.
7.Defie passive attacks and list its types?
Passive Attacks:
A Passive attack attempts to learn or make use of information from the system but
does not affect system resources.
Types:Passive Attacks are classified in to two types; they are
1.Release of message contents.
2.Traffic Analysis.
8.Define Traffic padding?
Traffic padding:The insertion of bits in to gaps in a data stream to frustrate traffic analysis attempts.
9.Define plain text?
Plain text:This is the original intelligible message or data that is fed in to the algorithm as input.
10.Define Encryption Algorithm?
Encryption Algorithm:
The Encryption algorithm performs various substitutions and transformations on the
plaintext.
11.Define secret key?
Secret Key:The secret key is also input to the encryption algorithm. The key is a value
independent of the plaintext.The algorithm will produce a different output depending on
the specific key being used at the time.
12.Define ciphertext?
Cipher Text:
This is the scrambled message produced as output. It depends on the plain textand the secret key. For a given message, two different keys will produce two different
ciphertexts. The ciphertext is an apparently random stream of data.
13.Define Decryption Algorithm?
Decryption Algorithm:
This is essentially the encryption algorithm run in reverse. It takes the cipher
text and the secret key and produces the original plaintext.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
3/27
14.List the characteristics of cryptography.
1.The type of operations used for transforming plaintext to ciphertext.
2.The number of keys used.
3.The way in which the plaintext is processed.
15.List the two approaches to attack conventional encryption.
The two general approaches to attacking a conventional encryption scheme are :
1.Cryptanalysis.2.Brute-force attacks.
16.List the different types of attacks on encrypted messages.
1.Ciphertext only.
2.Known plaintext.3.Chosen ciphertext .
4.Chosen text.
17.List the different types of substitution techniques.
1.Caesar cipher.
2.Monoalphabetic ciphers.3.Playfair cipher.
4.Hill cipher.
5.Polyalphabetic cipher.
18 Distinguish Stream Ciphers and Block Ciphers.
Stream Ciphers: It is one that encrypts a digital data stream one bit or one byte at
a time.
Block Ciphers: It is one in which a block of plaintext is treated as a whole and used
to produce a cipher text block of equal length.
19.Define Decryption.
The translation of encrypted text or data(called cipher text)into original text or data
(plain text) Decryption also called as deciphering.
20.Differential Cryptanalysis.A technique in which chosen plaintext with particular XOR difference patterns are
encrypted. The difference patterns of the resulting cipher text provide information
That can be used to determine the encryption key.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
4/27
21.Define Diffusion and Confusion
Diffusion:Cryptographic technique that seeks to obscure the statistical structure of the
plain text By spreading out the influence of each individual plain text digit over manycipher text Digits.
Confusion: Makes the relationship between cipher key and plaintext as complex as
possible
PART-B
1.Briefly explain the OSI Security Architecture.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 7
1.Security Services
2.Authentication3.Data Confidentiality
4.Security mechanisms5.Security attacks
2.Explain Classical Encryption Techniques.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 24
1.Symmetric Cipher Model* Cryptography
* Cryptanalysis
2.Substitution Techniques
*Caser Cipher
*Monoalphabetic Ciphers
*Playfair cipher*Hill Cipher
*Polyalphebetic Cipher
3.Transposition Techniques
4.Rotor Machines
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
5/27
3.Explain Block Cipher Design Principles
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 63
*DES Design Criteria*Design of Function F
1.Design criteria for F
2.S-Box Design
*Key schedule Algorithm
4.Write about AES Cipher and Triple DES.
Text Book :Cryptography and Network SecurityAuthor :William Stallings
Page No : 143 & 174
1.AES Architecture
2.AES S Boxes
3.AES Key Expansion4.Doubles DES
5.Triple DES TWO Keys
6.Triple DES THREE Keys
5.Explain Placement of Encryption Function
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 202
1.Potential Location for Confidentiality Attacks
2.Link versus End to End Encryption
*Basic Approaches*Logical Placement of End to End Encryption Function
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
6/27
UNIT II
1.Write about Public key cryptography.
It provides a radical departure from all that has gone before .Public key algorithm arebased on mathematical functions rather than on substitution and permutation. More
important, public key cryptography is asymmetric involving the use of 2 separate
keys, in contrast to symmetric encryption ,which use only one key.The use of 2 keys hasprofound consequences in the areas of confidently ,key distribution and authentication.
2.Write about RSA Algorithm
The RSA algorithm can be used for both public keyencryption and digital signatures. Its security is based on the
difficulty of factoring large integers.
3.Write about Security of RSA:
The possible approaches to attacking the RSA algorithm are follows.
1.Brute force:
This involves trying all possible keys .
2.Mathematical attacks: There are several approaches, all equivalent in
effect to factoring the product of two primes.
3.Timing attacks: These depend on the running time of the
decryption algorithm.
4.Definitions of Trap-door one-way function
A mathematical function that is significantly easier to perform in one direction (the
forward direction) than in the opposite direction (the inverse direction). Concerning
trap-doors, the inverse direction is easy, given a certain piece of information (the trap
door), but difficult otherwise.
5 Define Elliptic curve cryptography
Elliptic curve cryptography (ECC) is an approach to public-
key cryptography based on the mathematics of elliptic curves.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
7/27
6.Define one-way function:
A one-way function is a function which is easy to calculate
but hard to invert it is difficult to calculate the input to thefunction given its output. The precise meanings of "easy" and
"hard" can be specified mathematically. With rare exceptions,almost the entire field of public key cryptography rests on the
existence of one-way functions.
7.Write the Distribution of Public Keys.
Several techniques have been proposed for the distribution
of public keys.
1 .Public announcement
2 Publicly available directory
3 Public key authority4 Public key certificates
8. Define Diffie-Hellman Key Exchange
A cryptographic key exchange method developed by WhitfieldDiffie and Martin Hellman in 1976. Also known as the "Diffie-
Hellman-Merkle" method and "exponential key agreement," it
enables parties at both ends to derive a shared, secret keywithout ever sending it to each other. Using a common number,
both sides use a different random number as a power to raise the
common number. The results are then sent to each other. ...
9.What are the attacks can be identified in the context of
communication across a network?
1.Disclosure
2.Traffic analysis
3.Masquerade
4.Conten modification
5.Timing modification
6.Source repudiation
7.Destination repudiation
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
8/27
PART B
1.Explain briefly about the Distribution of public keys
Text Book :Cryptography and Network Security
Author :William StallingsPage No : 211
* Public Announcement of Public Keys
*Public Available Directory
*Public Key Authority
*Public key Certificates
2.Explain Diffie Hallman Key Exchange
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 293
Algorithm: *Global Public Elements
* User A key Generation
* User B key Generation
*Generation of secret key by user A
* Generation of secret key by user B
3.Explain briefly Elliptic Curve Cryptography
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 304
*Analog of Diffie Hallman Key Exchange
*Elliptic Curve Encryption and Decryption
*Security of Elliptic Curve Cryptography
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
9/27
4.Expalin Public key Cryptosystems with neat diagram
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 259
1. Public key Cryptography
*Encryption
*Decryption
2. Public key Cryptanalysis
5.Explain with example of RSA Algorithm.
Text Book :Cryptography and Network SecurityAuthor :William Stallings
Page No : 268
*Description of the Algorithm
*Computational Aspects
*Encryption and *Decryption
*Key Generation
6.Explain the Security of RSA.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 274
1.Brute force
2.Mathematical attacks
3.Timing attacks
4.Factering problem
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
10/27
UNIT III
PART-A
1.What are the classes are available in Authentication Function.
1.Message encryption
2.Message authentication code
3.Hash function.
2.Define Message authentication code.
A public function of the message and a secret key that producesa fixed length value that serve as the authenticator.
3.Define Hash function
A public function that maps a message of any length into afixed length hash value which serve as the authenticator.
4.Write about Message Authentication Code.
An alternative authentication technique involves the use of a
secret keys to generate a small fixed size of block of dataknown as cryptographic checksum or Message AuthenticationCode.
5.Explain Hash function.
A variation on the message authentication code is the one way
hash function. As with the message authentication code,a hashfunction accepts a variable size message as input and produces a
fixed output referred to as hash code.
Or
A hash functionHis a transformation that takes an input m and returns a fixed-size
string, which is called the hash value h (that is, h =H(m)). Hash functions with justthis property have a variety of general computational uses, but when employed in
cryptography, the hash functions are usually chosen to have some additional
properties.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
11/27
6.Explain purpose of hash function.
The purpose of hash function is to produce a fingerprint of a
file, message or other block of data.
7.What is message Authentication Code
A Message Authentication Code is a one-way hash computedfrom a message and some secret data. Its purpose is to detect if
the message has been altered.
8.What is the difference between a message authentication
code(MAC) and a one-way hash function?
The difference between a one-way hash and a MAC (Message authenticationcode), is that the hash verifies the uniqueness of a message or file. The MAC is usually
an encrypted hash, also used to verify the uniqueness of a message, but which only can be
verified if you know the secret key.
For example, say you have a list of the MD5 hashes of all your system files. If you verify
the MD5 values of the files periodically with this list, you could see which files havebeen changed or updated, by a virus, for instance. However, if a virus comes in your
system, and replaces a system file, it could also replace the MD5 value in your list with
the new one, and you wouldn't know this happened.
If you had a list of MACs, however, the virus could replace your system file, but it has no
way of replacing the hash, since it doesn't have the key to decrypt it.
PART-B
1.Explain with example of Authentication Functions
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 313
*Message encryption*MAC (Message Authentication Code)
*Hash function
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
12/27
2.Briefly write about Security of Hash Functions
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 335
1.Brute Force Attacks
*Hash functions
*MAC2.Cryptanalysis
3.Explain HMAC.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 372
*HMAC Design Objectives*HMAC Algorithm
*HMAC Security
4.Explain Digital Signatures verification briefly.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 380
*Define Digital Signature*Direct Digital Signature
*Arbitrated Digital Signature
5.Briefly explain about the Authentication Protocols
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 384
1.Mutual Authentication*Simple relay
*Repetition that can be logged
*Backward without modification*Timestamps
*Challenge
2.Symmetric Encryption Approaches
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
13/27
UNIT-IV
PART-A
1.Write about use of IP Security.
To secure the network infrastructure from unauthorized monitoring and control of
network traffic and the need to secure end user to end user traffic using authenticationAnd encryption mechanism.
2.Explain Applications of IP Security.
1.Secure branch office connectivity over the Internet.2.Secure remote access over the internet
3.Establishing extranet and internet connectivity with partners.
4.Enhancing electronic commerce security.
3.Benifits of IP Security.
1. IP Security in a firewall is resistant to bypass if all traffic from the outside must use IPand the firewall is the only means of entrance from the internet into the organization.
2.IP Security can be transparent to end users. It provide security for individual users if
need
4.Write IP Security Documents.
1. Architecture2. Encapsulating Security payload.
3. Authentication header
4. Encryption algorithm5. Key management
6. Domain of interpretation.
5.Define IP Security Services.
IP Security provide Services at the IP layer by enabling a system to select required
security protocols, determine the algorithm to use for the service and put in place any
cryptographic keys required to provide the requested services.
6.Define selectors.
Security Policy Database entry is defined by a set of IP and upper-layer protocolField values called selectors.
7.Define security association.A key concept that appears in both the authentication and confidentiality mechanisms
For IP is the security association.
8.Explain the concept of Association.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
14/27
Association is one way relationship between sender and receiver that affords security
services to the traffic carried on it.
9.Write the Parameters of SA.
1.SA Parameters Index
2.IP Destination Address.3. Security Protocol
10.Write any 4 selectors of SPD.
1.Destination IP address
2.Source IP address
3.User ID
4.Data sensitivity level
11.Explain Transport Mode.
It provides protection primarily for upper-layer protocols. That is transport mode
protection extends to the pay load of an IP packet.
12.Explain Tunnel Mode.
It provides protection to the entire IP packet. To archive this after the AH or ESP fields
are added to the IP packet, the entire packet plus security fields are treated as the payload
of new outer IP packet with new outer IP header.
13.Define SSL Architecture.
Secure Socket Layer is designed to make use of TCP to provide a reliable end-to-end
secure services is not a single protocol but rather two layers of protocols.
14.Define Connection.
A connection is a transport that provides a suitable type of service.
15.Write about SSL Session.
SSL Session is an association between a client and server. Sessions are created byHandshake Protocol.Session define a set of cryptographic security parameters, which
Can be shared among multiple connections.
16.Write the parameters of Session.
1.Session identifier
2.Peer certificate
3.Compression method4.Cipher spec
5.Master secret.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
15/27
17. Write the parameters of Connection.
1.Server and Client random
2.Server with MAC secret3.Server write key
4.Client write key
5.Initialitation vectors
18.Define SSL Protocol
It provides two services for SSL connections.
1. Confidentiality
2.Message Integrity
19.Define Alert Protocol
It is used to convey SSL related alerts to the peer entity. As with other application that
use SSL ,alert message are compressed and encrypted, as specified by the current state.
20.Explain Change Cipher Protocol
It is one of the three SSL specific protocols that use SSL record protocol, and it is the
simplest.This protocol consists of single message,which consists of single byte with the
value 1.The sole purpose of this message is to cause the pending state to copied into thecurrent state ,which updates the cipher suite to be used on this connection.
21.Explain Handshake Protocol.
The most complex part of SSL is the Handshake Protocol.This protocol allows the
server and client to authenticate each other and to negotiate an encryption and MAC
algorithm and cryptographic keys to be used to protect data sent in SSL record.
22.Define Secure Electronic Transaction.
SET is open encryption and security specification designed to protect credit cardtransaction on the internet.
23.Write purpose of Dual Signature.
The purpose of Dual Signature is to link two messages that are intended for two differentrecipients.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
16/27
24.Motivation Behind Kerberos
In a non-networked personal computing environment, resources and information can be
protected by physically securing the personal computer. In a timesharing computing
environment, the operating system protects users from one another and controls resources. In
order to determine what each user is able to read or modify, it is necessary for the timesharingsystem to identify each user. This is accomplished when the user logs in.
25.What is Kerberos?
Kerberos is a trusted third-party authentication service based on the model presented by
Needham and Schroeder. It is trusted in the sense that each of its clients believes
Kerberos' judgment as to the identity of each of its other clients to be accurate.Timestamps (large numbers representing the current date and time) have been added to
the original model to aid in the detection of replay. Replay occurs when a message is
stolen off the network and resent later.
26.What Does Kerberos Do?
Kerberos keeps a database of its clients and their private keys. The private key is a large
number known only to Kerberos and the client it belongs to. In the case that the client is a
user, it is an encrypted password. Network services requiring authentication register withKerberos, as do clients wishing to use those services. The private keys are negotiated at
registration.
27What are the Kerberos Software Components
The Athena implementation comprises several modules:
Kerberos applications library
encryption library
database library
database administration programs
administration server
authentication server
db propagation software
user programs
applications
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
17/27
28.How Kerberos Works
This section describes the Kerberos authentication protocols. As mentioned above, the
Kerberos authentication model is based on the Needham and Schroeder key distributionprotocol. When a user requests a service, her/his identity must be established. To do this,
a ticket is presented to the server, along with proof that the ticket was originally issued tothe user, not stolen. There are three phases to authentication through Kerberos. In the first
phase, the user obtains credentials to be used to request access to other services. In thesecond phase, the user requests authentication for a specific service. In the final phase,
the user presents those credentials to the end server.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
18/27
29.Pretty Good Privacy.
PGP is a remarkable phenomenon. It provides a confidentially and authentication service
that can be used for electronic mail and file storage applications.
30.Cryptography Keys and Rings
PGP makes use of 4 types of keys: one time session symmetric keys, public keys, private
keys and pass phrase based symmetric keys
31.Session key Generation
Each session key is associated with a single message and is used only for the purpose of
encrypting and decrypting that message.
32.Define X.509 authentication service
It defines a frame work for the provision of the authentication services By X.509directory to its users. The directory may serve as a repository of public keycertificates of the type. The distributed set of servers that maintains a data base of
information about users. The information includes a mapping from user name to
work address, as well as other attributes and information about the users.
33.Write About One way authentication
One way authentication involves a single transfer of information from one user(A) to
another(B) and establishes the following.
1.The identity of A and that the message was generated by A
2.That the message was indented for B
3.The integrity and originality .
34.Define S/MIME.
Secure /Multipurpose Internet Mail Extension is a security enhancement to the MIME
Internet e-mail format standard, based on the technology from RSA Data Security.
S/MIME. Is defined in a number of documents ,most importantly RFC2630,2632,2633.
35.Multi purpose Internet Mail Extensions
This document provides links to information about Multipurpose Internet Mail
Extensions (MIME). MIME extends the format of Internet mail to allow non-US-ASCII
textual messages, non-textual messages, multipart message bodies, and non-US-ASCIIinformation in message headers.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
19/27
36.Define S/MIME. Functionality.
In terms of general functionalitys/MIME is very similar to PGP.Both offer the ability to
sign and encrypt messages
37.Write different type of S/MIME. Functionality
1.Enveloped Data.
2.Signed Data
3 Signed and. Enveloped Data.
4.Signed Data .
38.te types of Multi purpose Internet Mail Extensions
1.Text Type
2.Multipart Type
PART-B
1.Explain briefly about X.509 Authentication service
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 419
*Define X.509 Formats
*Certificates*Obtaining Users Certificate
1.Forwared certificate
2.Reverse certificate*Authentication Procedures
1.One way Authentication
2.Two way Authentication
2.Explain PGP (Pretty Good Privacy) with example.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 436
*PGP Cryptographic Function
*Confidently
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
20/27
*Confidently and Authentication
*Comparison
*E-Mail Compatibility*Segmentation and Reassembly
3.Write the Functions of Cryptographic Keys and Key Rings
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 444
Keys
*Session Key Generation
*Key Identifiers
1.Timestamp
2.Message Digest3.Leading two octets of message digest
4.Key ID of senders public key
Key Rings
*Timestamp
*Key ID*Public Key
*Private Key
*User ID
4.Explain Secure /Multipurpose Internet Mail Extension(S/MIME).
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 444
1.MIME Content Types
2.S/MIME Functionality
1.Enveloped data2.Signed data
3.Clear signed data
4.Signed & Enveloped data3.Cryptographic algorithm
4.S/MIME Messages
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
21/27
5.Explain S/MIME Certificate Processing
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 469
*Key generation
*Registration
*Certificate storage and retrieval*Very Sign certificates
*Enhanced Security Services
6.Explain IP Security Overview with example.
Text Book :Cryptography and Network Security
Author :William StallingsPage No : 482
1.Applications of IPS
2.Benifits of IPS
3Routing Applications
7.Briefly explain IPS Architecture.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 485
1.IPS Documents*Architecture
*Encapsulating Security Payload(ESP)
*Authentication Header*Encryption algorithm
*Authentication algorithm
*Key management
*Domain of Interpretation2.IPS Services
3.Security Association
4. SA Selectors
8.Expalin briefly about Transport and Tunnel Modes.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 490
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
22/27
Transport Mode (end to- end communication between two hosts)
9.Explain Secure Socket Layer Architecture.
Text Book :Cryptography and Network SecurityAuthor :William Stallings
Page No : 531
1.Connection
2.Session
*Session identifier
*Peer certificate*Compression method
*Cipher spec
*Master secret
*Server write MAC secret*Server and Client Write Key
10.Write briefly about the SSL Record Protocol .
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 533
1.Servicess
2.Change Cipher Spec Protocol.3.Alert Protocol
4.Handshake Protocol
UNIT-V
SYSTEM LEVEL SECURITY
PART-A
1.Define Passwords.
Password serves to authenticate the ID of the individual logging on the system .
2.Write different types of password selection techniques.
*User education*Computer generated password
*Reacting password checking
*Proactive password checking
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
23/27
3.Define Logic Bomb.
One of the oldest types of program threat, predating viruses and warms, is the logic
bomb. The logic bomb is code embedded in some legitimate program that is set toexplode when certain conditions are met.
4.Define Trojan HorsesTrojan Horses is useful program or command procedure containing hidden code that
when invoked ,performs some unwanted or harmful function.
5.Define Zombie
It is a program that secretly takes over another internet attached computer and then uses
that computer to launch attacks that are difficult to trace to the zombie creator .Zombie is
used in denial of services attacks, typically against targeted websites
6.Difine VIRUSES.
It is a program that can infect other programs by modifying them, The modification
includes a copy of the virus program, which can then go on to infect other programs.
7.What are the phases are involved in the virus spreading process.
1.Dormant phase
2.Propacation phase
3.Triggering phase
4.Execution phase
8.Explain virus structure.
Virus can be pretended or post pended to an executable program or it can be embeddedIn some other fashion. The key to its operation is that the infected program ,when
invoked ,will first execute the virus code and then execute the original code of the
program.
9.Write types of viruses.
1.Parasitic virus
2.Memory resident virus
3.Boot sector virus4.Stealth virus
5.Polymorphic virus
10.What do you mean by Polymorphic virus?
Polymorphic virus creates copies during replication that are functionally equivalent but
have distinctly different bit patterns.
11Define Macro Viruses
It is a platform independent .Virtually all of the macro viruses infect MS word
document .This Macro virus are easily spread and a very common method is E- mail.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
24/27
12.What are the Auto executing Macros are available in the MS Word?
1. Auto execute2. Auto macro
3. Command macro
13.Define E-mail viruses
A more recent development in malicious software is the e-mail virus.The first rapidly
spreading e-mail viruses such as Melissa.
14.Explain antivirus approaches.
1.Detection:Once the infection has occurred determine that it has occurred and locate thevirus.
2.Identification:Once detection has been achieved identify the specific virus that has
Infected a program.
3.Removal: Once detection has been identified remove all traces of the virus from theinfected program and restore it to its original state .Remove the virus from all infected
systems so that the disease cannot spread further.
15.What are the Anti virus techniques are available ?
There are two Antivirus techniques are as follows.
1.Generic Decryption2.Digital Immune System
16.Define Generic Decryption.
Generic Decryption technology enables the antivirus program to detect easily even the
most complex polymorphic viruses, while maintaining fast scanning speeds.
17.Define Behavior-Blocking Software
Unlike heuristics or finger print based scanners, behavior-blocking software integrates
With the operating system of a host computer and monitors program behavior in real
time for malicious action. The Behavior-Blocking Software then blocks potentiallymalicious actions before they have a chance to affect the system.
18.Explain Firewall design principles
* Centralized data processing system ,with a central mainframe supporting a number of
directly connected terminals.
* LANs interconnecting PCs and terminals to each other and the mainframe.* Premises network, consisting of a number of LANs interconnecting PCs servers and
perhaps a mainframe.
19.Explain Firewall characteristics.
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
25/27
1.All traffic from inside to outside and vice versa must pass through the firewall.This
Is achieved by physically blocking all access to the local network except via firewall.
2.Only authorized traffic as defined by local security policy will be allowed to pass.
Various types of firewalls are used ,which implement various types of security polices.
3.The firewall itself is immune to penetration .This implies that use of system with a
secure operating system.
20.List the four general techniques that firewall use to control access.
1.Service control
2.Direction control
3.User control4.Behavior control
21.List the types of firewall
1.Packet Filtering Router2.Application Gateways
3.Circuit level Gateways
22.Define Packet Filtering Router
Packet Filtering Router applies a set of rules to each incoming IP packet and then
forwards or discards the packet. The router is typically configured to filter packets goingIn both directions. Filtering rules are based on information contained in a network
packet.
21.List the attacks that can be made on packet filtering routers .
1.IP address spoofing
2.Source routing attacks3.Tiny fragment attacks
22.Define Application level gateway
Application level gateway also called as proxy server, act as a relay of Application level
Traffic. This proxy server tend to be more secure than packet filters.
23.What do you meant by Bastion Host
A Bastion host is a system identified by the firewall administrator as a critical
Strong point in the network security .Typically the bastion host serves as a platform foran application level gateway.
PART-B
1.Explain Audit Records and Statistical Anomaly Detection.
Text Book :Cryptography and Network Security
Author :William Stallings
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
26/27
Page No : 537
Audit Records
1.Native Audit Records
2.Detection specific audit records3.Action
4.Subject
5.Exception Condition6.Resource Usage
Statistical Anomaly Detection
1.Counter2.Gauge
3.Interval Timer
4.Resource utilization
2.Explain Distributed Instruction Detection.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 578
*Host agent module*LAN Monitor agent module
*Central manager module
3.Explain Markov Modal for Password Selection Strategies.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 586
4.Explain Different types of VIRUSES.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 604
1.E-Mail Viruses2.Macro Viruses
*Auto execute
*Auto macro*Command macro
3. Parasitic virus
4. Memory resident virus
5. Boot sector virus
8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q
27/27
6.Stealth virus
7. Polymorphic virus
5.Explain Trojan Horse Defense method briefly
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 631
6.Explain the advanced Antivirus Techniques .
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 610
1.Generic Decryption*CPU Emulator
*Virus signature scanner
*Emulation control module
2.Digital Immune System
*Integrated mail system*Mobile program system
7.Explain Fire Wall Characteristics .
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 617
1.Service Control
2.Direction control
3.User control4.Behavior control
8.Explain the types of Firewall with suitable example.
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 618
1.Packet filters
*Source IP address
*Destination IP address*Source and Destination Transport level address
*IP protocol field
*Interface2.Application level gateways
3.Circuit Level Gateway