MB3H21T-0710

Section A : Basic Concepts (30 Marks)

• This section consists of questions with serial number 1 - 30.
• Answer all questions.
• Each question carries one mark.
• Maximum time for answering Section A is 30 Minutes.

1. Which of the following is/are passive security threat(s)?

I. Masquerade.
II. Traffic analysis.
lII. Replay.
IV. Denial of service.
(a) Only (II) above
(b) Both (I) and (II) above
(c) Both (II) and (IV) above
(d) Both (III) and (IV) above
(c) (II), (III) and (IV) above.
2. Ami! is part of a big project team at RS Systems and notices an unauthorized party gaining access to
the project website. Which of the following category of attacks can be aptly applied to the above
scenario?
(a) Interruption
(b) Interception
(c) Modification
(d) Fabrication
(c) Concurrence.
3. In the Internet Request For Comments (RFC) publication process, which of the following steps belong
to the series 'standards track'?
I. Proposed standard.
II. Draft standard.
III. Internet standard.
IV. Experimental standard.
(a) Both (I) and (II) above
(b) Both (I) and (III) above
(c) Both (II) and (Ill) above
(d) (I), (II) and (III) above
(e) (II), (III) and (IV) above.

Page 2 of 14

@ 2010, ICFAI University. All rights reserved. Photocopying is strictly prohibited.

 MB3H2IT-0710

4. Which of the following criteria must be satisfied by an RFC specification in order to be considered as
a standard?
I. Stability and clarity.
II. Technical competency.
III. Multiplicity of implementations with substantial operation trials.
IV. Dependency and interoperability with substantial operation trials.
(a) Both (I) and (II) above
(b) Both (1) and (III) above
(c) Both (II) and (III) above
(d) (I), (II) and (III) above
(e) (II), (III) and (IV) above.
5. Das had e-mailed some vital information to Eshwar, which he had received and read. However when
Das inquired, he denied ever receiving the message. Here, activation of which of the following
security services would prevent both sender and receiver from denying delivery of a transmitted
message?
(a) Confidentiality
(b) Authentication
(c) Integrity
(d) Nonrepudiation
(e) Access contro!'
6. Raj was sending their project's meeting schedule to Shruthi. Raj and Shruthi each were using differcnt
keys to encrypt and decrypt the message at their respective nodes. Here, the kind of encryption can be
named as
1. Asymmetric encryption.
II. Conventional encryption.
III. Public-key encryption.
(a) Only (II) above
(b) Only (III) above
(c) Both (1) and (II) above
(d) Both (1) and (III) above
(e) Both (II) and (III) above.
7. In which of the following types of attacks on encrypted messages, does the cryptanalyst needs to know
only the encryption algorithm and the ciphertext in order to decode the message?
(a) Ciphertext only
(b) Known plaintext
(c) Chosen plaintext
(d) Chosen ciphertext
(e) Chosen text.

Page 3 of 14 (Please Turn Page)

© 2010, ICFAI University. All rights reserved. Photocopying is strictly prohibited.
MB3H2IT-0710

8. SSL session and SSL connection are the important components of Secure Sockets Layer (SSL). Which
of the following is/are the parameter(s) of SSL session?
I. Peer cel1 ificate.
II. Compression method.
III. Server write key.
(a) Only (II) above
(b) Only (III) above
(c) Both (I) and (II) above
(d) Both (I) and (II!) above
(e) Both (II) and (III) above.
9. In the Data Encryption Standard (DES) algorithm, the length of a plaintext block is
(a) 16 bits
(b) 56 bits
(c) 64 bits
(d) 8 bits
(c) 128 bits.
10. The 3DES algorithm has an effective key length of
(a) 48 bits
(b) 168 bits
(c) 192 bits
(d) 24 bits
(c) 256 bits.
II. Which of the following mathematical and logical operations are used in the DES algorithm?
I. Add ition.
II. XOR.
III. Fixed S-boxes.
IV. Rotation.
(a) Both (I) and (II) above
(b) Both (II) and (III) above
(c) Both (Ill) and (IV) above
(d) (I), (II) and (Ill) above
(c) (II), (III) and (IV) above.

12. The input to an encryption algorithm is of the current plaintext block and the preceding
ciphertext block in the Cipher Block Chaining (CSC) mode.
(a) AND
(b) OR
(c) XNOR
(d) XOR
(e) NAND.

Page 4 of 14

@ 2010, ICFAI University. All rights reserved. Photocopying is strictly prohibited.

 MB3H2IT-0710

13. The desirable property of a stream cipher is that the length of its ciphertext be the length
of its plaintext.
(a) Double
(b) Triple
(c) Equal
(d) Half
(e) Four times.
14. Arrange the given steps in the correct sequence to establish a connection between two information
systems? .
I. When one host wishes to connect to another, it transmits a connection-request-packet.
II. If the Key Distribution Center (KDC) approves a connection request, it generates session key
based on unique permanent key for each Security Service Modules (SSMs) and delivers to the
respective SSMs.
Ill. The requesting SSM releases the connection-request-packet and a connection is set up between
the two end systems.
IV. Each ofthe SSMs saves its connection-request-packet and applies for permission to the KDC to
establish a connection.
(a) I-II-III-IV
(b) I-IV-II-lIl
(c) I-II-IV-III
(d) I-IV -III-II
(e) IV-I-II-III.
15. The MD5 message-digest algorithm, the most widely used Secure Hash Algorithm (Sf-IA), was
developed by
(a) Ron Rivest
(b) Bill Inmon
(c) Joan Daemen
(d) Vincent RUmen
(e) Gordon.
16. The total number of steps in the SHA-l is
(a) 20
(b) 40
(c) 60
(d) 80
(e) 100.
17. Kerberos version 5 corrects some of the security deficiencies of version 4 and is specified in
(a) RFC 1092
(b) RFC 1510
(c) RFC 1817
(d) RFC 2502
(e) RFC 1141.

Page 5 of 14 (Please Turn Page)

© 2010, ICFAI University. All rights reserved. Photocopying is strictly prohibited.
MB3112IT-0710

18. Which of the following Kerberos version 5 Flags, tells a Ticket Granting Server (TGS) that a new
ticket-granting ticket with a different network address may be issued based on the current one?
(a) RENEWABLE
(b) POSTDATED
(c) FORWARDABLE
(d) HW-AUTHENT
(e) PRE-AUTHENT.
19. HMAC has been issued as an9 chosen as the mandatory-to-implement Message
Authentication Code (MAC).
(a) RFC 2104
(b) RFC 811
(c) RFC 2228
(d) RFC 1624
(e) RFC 1542.
20. Wh ich of the following statements is/are false about Ell iptic-Curve Cryptography (ECC)?
I. ITC is easier to explain than either Rivest-Shamir-Adelman (RSA) or Diffie-Hellman.
II. The confidence in ECC is not as high as that in RSA.
Ill. The principal attraction of ECC over RSA is that it apparently offers equal security with a far
smaller bit size, thereby reducing processing overhead.
(a) Only (I) above
(b) Only (II) above
(c) Both (I) and (II) above
(d) Both (I) and (III) above
(e) Both (II) and (III) above.
21. l.ifetime values in Kerberos version 4 are encoded as an 8-bit quantity whieh in turn is expressed in
units 01" 5 minutes. Thus, the maximum lifetime that can be available would be
(a) 2xx5 minutes
(b) 2:i x8 minutes
(c) 82 x5 minutes
(d) 8:i x2 minutes
(e) 52 x8 minutes.
22, Which of the following statements is false about Kerberos version 4 and version 5?
(a) Kerberos version 4 requires the use of DES
(b) In Kerberos version 5, any encryption technique may be used
(c) Kcrberos version 4 requires the use of only Internet Protocol (lP) addresses and other addresses
are not accommodated
(d) Kerberos version 5 network addresses are tagged with type and length, allowing any network
address type to be used
(e) In Kerberos version 5, all message structures are defined only using Abstract Syntax Notation
One (ASN. I), which provides an unambiguous byte ordering.

Page 6 of 14
~) 2010, ICFAI University. All rights reserved. Photocopying is strictly prohibited.
 MB3H2IT-0710

23. Rajeev and Shiva are deciding on a gift for a friend's birthday, when Shiva suggests they buy the
unique sculpted pen he saw on the Internet. However, Rajeev is hesitant to use his credit card online
because of all the fraud incidents he keeps hearing about. To this objection, Shiva smiled and
explained that is an open encryption and security specification designed to protect
credit card transactions on the Internet so he need not worry.
(a) SET
(b) SSL
(c) SHA
(d) TLS
(e) SNMP.
24. Pretty Good Privacy (PGP) compresses a message after applying the signature but before the
encryption. Placement of the compression algorithm is indicated by for compression.
(a) C
(b) Z
(c) A
(d) P
(e) D.
25. In any encryption algorithm, each session key produced by KDC is associated with a single message
and is used only to encrypt and decrypt that message. The CAST-128 and the IDEA algorithms use
(a) 64-bit keys
(b) 128-bit keys
(c) 168-bitkeys
(d) 256-bit keys
(e) 512-bitkeys.
26. In the PGP message format, which of the following components is/are optional?
I. The message component.
II. The signature component.
Ill. The session key component.
(a) Only (I) above
(b) Only (II) above
(c) Both (l) and (II) above
(d) Both (I) and (III) above
(e) Both (II) and (III) above.
27. In the Internet Protocol version 6 (lPv6) header, the payload contains
(a) 4 bits
(b) 8 bits
(c) 16 bits
(d) 24 bits
(e) 32 bits.

Page 7 of 14 (Please Turn Page)

© 2010, ICFAI University. All rights reserved. Photocopying is strictly prohibited.

MB3H2IT-0710

28. Anand wanted to access the joint tax-returns document his wife had prepared on her laptop. It was last
day for filing them and he could not reach his wife. So he followed some strategies to crack the
password of the system. Which of the following rules could he have applied to crack the password?
I. Try with the user's name, initials, account name and relevant personal information.
II. Making first letter uppercase, making entire word uppercase.
III. Reversing the word.
(a) Only (II) above
(b) Only (III) above
(c) Both (I) and (III) above
(d) Both (II) and (III) above
(e) All (I), (II) and (III) above.
29. Rcshmi found that her system was infected with virus which corrupted the master boot record or the
boot record and thus spread to other parts of the system when the system was booted. Here, which of
the following types of virus could have caused this damage?
(a) Parasitic virus
(b) Memory-resident virus
(c) Boot sector virus
(d) Stealth virus
(e) Polymorphic virus.
30. Digital immune system is a comprehensive approach to virus protection developed by
(a) IBM
(b) Microsoft
(c) Intel
(d) CJC
(e) CA.

END OF SECTION A

Page 8 of 14
'£:) 2010, ICFAI University. All rights reserved. Photocopying is strictly prohibited.
VIB3H2IT-0710

Section B : Problem/Caselets (50 Marks)

• This section consists of questions with serial number 1 - 8.
• Answer all questions.
• Marks are indicated against each question.
• Detailed workings/explanations should form part of your answer.
• Do not spend more than 110 - 120 minutes on Section B.

I. Ex.plain in detail the RSA algorithm with an example. (IOmarks)

Caselet 1
Answer the following questions based on the given Caselet:
2. What are the objectives ofBU? ( 3 marks)
3. Critically analyze the solution chosen by BU for data encryption. ( 4 marks)
·L Discuss the scrviccs to be provided by the solution and list out the results obtained by the
security solution at BU. ( 10 marks)
13aylor University (BU) is the largest Baptist university in the world, with a 735-acre {

campus and almost 14.000 students from aliSO states of the U.S as well as from 70 other
countries. It's nationally recognized academic divisions offer 146 undergraduate, 73
masters, and 22 doctoral degree programs plus a Juries doctorate program in the School of
I,aw.
Universities hold a great deal of personal information about their students and other
constituents that needs to be safeguarded. BU employees had noticed the recent headlines
about security breaches at other organizations and their impact on the organizations public
reputation. These incidents along with a range of applicable legislation and best practices in
higher education reinforced BU's need upgraded sensitive information security.
If a security breach were to occur, BU would need to immediately notify any and all
individuals affected. If thus needed, managing the notifications and resolving any issues
could have a significant financial impact on the BU and cause unwanted negative publicity.
Many staff members at BU usc laptop computers to increase their productivity and
efficiency. Ilowever, the portable nature of laptops makes them more susceptible to loss or
theft. potentially leading to the exposure of sensitive information. BU needed a way to
safeguard the information and prevent such exposure or leakage.
BU required a data encryption solution that could be easily managed with a little oversight
by the IT staff and would integrate well with the existing infrastructure. In addition, the BU
wanted a solution that could be sealed easily as future encryption needs arose, rather than be
replaced.
Equally impol1ant that the encryption software accommodates the needs of today's
sophisticated academic users. With both PC and Mac systems as well as workstations
shared by Illultiple individuals on a daily basis, BU required an encryption solution that
would ensure that users could work without interruption and violation of their privacy.

Page 10 of 14
p 2010. ICFAI University. All rights reserved Photocopying is strictly prohibited.
 MB3H2IT-0710

BU carefully evaluated three data encryption solutions of which they ultimately chose PGP
Whole Disk Encryption. This was centrally managed by PGP Universal Server to protect
laptop data using full disk encryption. "We compared all the key features and could see that
the PGP solution offered the most solid technology. We knew it would make our day-to-day
lives easier," said BU's Information Security Officer, Jon Allen. The BU also identified
PGP Universal Gateway Email as a possible solution to secure emails in the future as
people enter and leave the network.
"We wanted software that had been tested in the real world," says Allen. "It is well-known
that PGP technology provides a solid security p'latform that has been proven effective
repeatedly over time." Before making his decision, Allen spoke to other PGP customers and
after hearing their positive experiences, decided to test the software in the BU's
environment. "We threw every scenario we could think of at the software, and were very
pleased with the results," Allen adds.
BU had already invested a significant amount of resources in a.Microsoft Active Directory
infrastructure. As Allen explains, "We knew PGP Universal Server would be able to
integrate with our existing environment, saving us the time and expense of creating a
duplicate infrastructure or being forced to replace the present setup."
A large university such as BU typically requires a wide variety of computers to meet the
needs of students, staff, as well as faculty. "Although PCs make up the majority of our
workstations, we also have a percentage of Macs. We needed to be able to safeguard both
types of systems, and PGP Whole Disk Encryption offered that capability," says Allen.
BU was looking for a solution that will not require a good deal of ongoing support. When a
user forgot his/her passphrase, for example, the BU wanted to resolve the issue quickly.
"The process for handling lost passphrases with PGP Whole Disk Encryption is much more
streamlined than with other competing software," says Allen. "There is less room for error
in this situation, and we knew the PGP solution would make things easier for us and for our
help desk."
When future encryption needs arise, BU's investment in the PGP Encryption Platform will
provide the flexibility to deploy and manage multiple encryption applications cost-
effectively from a single management console. For example, when email security becomes
a concern, BU can simply add the PGP Universal Gateway Email application to the existing
platform. It will not need additional infrastructure and the operational costs will be lower
because both the PGP products share common management architecture.
According to Allen, "We didn't want a software vendor, we wanted a technology partner.
We could see the commitment PGP Corporation has to technology and partnership with us.
The company understands our long-term goals and was willing to take on challenges of the
higher-education market. That was a very important factor in our decision." .
PGP Universal Server and PGP Whole Disk Encryption are now an integral part of BU's
information security system. BU acquired the software through a PGP Certified Solution
Partner (CSP). "We do a lot of business with this reseller, and they were extremely helpful
during this project," says Allen.
"We set up the server quickly and on time, which allowed us to focus on fine-tuning PGP
Whole Disk Encryption toour specific environment."
"Overall, we were very pleased with the performance of the software. Few issues arose
because of unique higher education requirements; however, PGP suppol1 worked with us to
resolve them quickly and accurately, allowing for a smooth deployment," Allen says.

Page 11 of 14 (Please Turn Page)

© 2010, ICFAI University. All rights reserved. Photocopying is strictly prohibited.

VIB3112IT-0710

"I've had zero complaints from users," Allen reports. "They're able to do their work as
before. and most say they don't even notice the software."
"We've had very few calls from users," says Allen. "The only reason users call is because
of forgotten passphrases," Sealey explains, "and we're able to fix that issue easily within
minutes.
As Becky King, Blrs interim C[O, explains, "A huge weight has been lifted off my
shoulders since PGP Whole Disk Encryption was installed on my laptop. It's a tremendous
benefit to be able to take my laptop wherever [ g.o and not have to worry." Allen adds,
"Now, if someone loses a laptop, we don't have to be concerned about sensitive information
being exposed and can avoid unnecessary costs and potential headaches both for us and our
students."
Allen summarizes: "~In PGP Corporation, we found both a strong, long-term data security
solution and a solid partner at the same time."
I--E-JN-I-)-O-F-C-A-S-F-~l-.JE--"T-l-

Caselet 2
Answer the following questions based on the given Caselet:
5. What would be the steps to design security architecture for Domino? ( 5 marks)
6. Who are attackers and why they attack? ( 5 marks)
7. Describe the Internet Protocols discussed in the caselet. ( 7 marks)
S. Describe S/MIME demonstrating how a message can be sent from one user to the other? ( 6 marks)
The convenience and ubiquitousness of the Web has many Notes/Domino customers to
decide to use the Web for employee mail, particularly while they travelled.
llowever, even with Domino's standard security features, there are times when additional
security mcasures arc prudent-or even mandatory.
Therefore. the system providing e-mail services is required to be universally accessible and
the mechanism for accessing the e-mail is equally universal and ubiquitous. The simplest
and most straightforward way of meeting these requirements was to use the Internet i.e., a
Web browser as the messaging client, and a Web application server for providing the
mcssaging services.
The Web browser would access a specific mail file for the employee via HTML using the
IITTP protocol. The Web application server would provide access to the user's mail box via
IITML using the HTTP protocol in addition to mail store and forward services (typically
using SMTP). The main issue was to determine how to do this in as secure a fashion as
possible. Providing access is one thing but restricting access only to those people who are
authorized to have it is quite another thing.
Before delving into security ramifications of providing the required services, it was
important for Domino's to understand the details of the architecture of a ubiquitous mail
access solution. Then it would be easy for them to add the necessary security services and
discuss the caveats that exist, if any. Web users' access and exchange mail over the Internet
to others in another department. Additionally, they are also exchanging mail with other
users who arc using another brand of messaging server and POP or [MAP messaging
clients.
Page 12 of 14
D 2010. ICFAI University. All rights reserved. Photocopying is strictly prohibited.
 MB3H2IT-0710

Given the increasingly complex architecture, it is important to take it one step at a time and
think through the threat model and what security measures can be applied to ensure that the
information is as safe as possible, while keeping the access as universal as possible.
In dealing with information exchanged outside the company network, attackers could be
anyone on the Internet with the means to intercept packets exchanged between the Web
client and the Web application server. In contrast, in dealing wi~h information exchanged
inside network, it could be only insiders who are either employees or contractors.
The various Internet protocols that are typically used for sending and receiving e-mails are:
SMTP, MIME, POP3, and IMAP4. The simplicitY of these protocols means that they pose
security issues for anyone sending and receiving mail, that is, between different types of
messaging servers.
S/MIME offers features to send a message securely. With those features, you can be sure
that: from the moment the message is sent by one person to the moment that it arrives to the
other person, no one can see the contents of the message; the message has not been
tampered with or changed on route to delivery.

END OF CASELET 2

END OF SECTION B

Section C : Applied Theory (20 Marks)

• This section consists of questions with serial number 9 - 10.
• Answer all questions.
• Marks are indicated against each question.
• Do not spend more than 25 -30 minutes on Section C.

9. Explain in detail about each of the following:

I. Cipher Block Chaining Mode.
II. Cipher Feedback Mode. ( 10 marks)
10. Enumerate the characteristics of a firewall and discuss the various types of firewalls. (10 marks)

END OF SECTION C

END OF QUESTION PAPER

Page 13 of 14 (Please Turn Page)

© 2010, ICFAI University. All rights reserved. Photocopying is strictly prohibited.