2 MARKS Ques ons

A) Define computer security and state its need

Defini on:
Computer security is the protec on of compu ng systems and the data that they store or access.

Need:
The need for computer security arises from the necessity to protect the confiden ality, integrity, and
availability of computer systems and their resources, ensuring that sensi ve informa on is accessible only to
authorized users and is not altered or destroyed

B) Explain the need for a firewall.

A firewall is needed to protect an organiza on's internal network from unauthorized access and threats from
the external network, typically the internet. It acts as a barrier that filters incoming and outgoing traffic based
on predefined security rules, ensuring only legi mate traffic is allowed and blocking malicious ac vi es

C) Define the term cryptography.

Cryptography is the art or science encompassing the principles and methods of transforming a plaintext
message into an unintelligible form (ciphertext) and then retransforming that message back to its original form

D) Differen ate between viruses & worms.

Viruses: A virus is a piece of code that a aches itself to other programs and cannot run independently. It
requires user ac on to spread and can alter system files or other programs.
Worms: A worm is a standalone program that replicates itself to spread to other computers, o en using a
network. It does not need to a ach itself to other programs and can propagate automa cally

E) Explain the use of PCI DSS.

PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure that
all companies that process, store, or transmit credit card informa on maintain a secure environment to protect
cardholder data from breaches and fraud

F) Define AH & ESP with respect to IP security.

AH (Authen ca on Header): Provides connec onless integrity, data origin authen ca on, and an op onal an -
replay service. It is used to authen cate the origin of the IP packets and ensure data integrity.
ESP (Encapsula ng Security Payload): Provides confiden ality, data origin authen ca on, connec onless
integrity, an an -replay service, and limited traffic flow confiden ality by encryp ng the payload of IP packets

4 MARKS Ques ons

1) Write & explain DES algorithm.

The Data Encryp on Standard (DES) is a symmetric-key algorithm for the encryp on of digital data. It operates
on a 64-bit block of data using a 56-bit key. The algorithm involves 16 rounds of permuta ons and subs tu ons
(each called a Feistel func on), combining the key with the data at each round to produce the final encrypted
data. Each round uses a different 48-bit subkey derived from the original key.

2) Enlist subs tu on techniques & explain any one.

Subs tu on Techniques:
Caesar Cipher
Monoalphabe c Cipher
Playfair Cipher
Hill Cipher
Vigenère Cipher
Caesar Cipher:
A simple subs tu on technique where each le er in the plaintext is shi ed a certain number of places down or
up the alphabet. For example, with a shi of 3, 'A' would be replaced by 'D', 'B' by 'E', and so on. This method is
easy to implement but also easy to break due to its simplicity.

3) Differen ate between firewall & IDS.

Firewall: A security device that monitors and controls incoming and

outgoing network traffic based on predetermined security rules. It
acts as a barrier between a trusted internal network and an
untrusted external network.
IDS (Intrusion Detec on System): A system that monitors network or
system ac vi es for malicious ac vi es or policy viola ons. It detects
and alerts on suspicious ac vi es but does not block them. Unlike
firewalls, IDS focuses on iden fying possible security breaches

4) Write a short note on DAC and MAC.

DAC (Discre onary Access Control):

An access control method where the owner of the informa on or resource decides who is allowed to access it.
It relies on user discre on and permissions assigned by the resource owner.

MAC (Mandatory Access Control):

An access control method where access to resources is controlled by a central authority based on mul ple
levels of security. It enforces access policies based on the sensi vity of the informa on and the user's clearance
level, providing stricter control compared to DAC.

5) Explain digital signature in Cryptography.

A digital signature is a cryptographic technique used to validate the authen city and integrity of a message,
so ware, or digital document. It involves genera ng a hash of the message and encryp ng it with the sender's
private key. The recipient can verify the signature by decryp ng it with the sender's public key and comparing
the hash with the message's hash. Digital signatures provide assurance that the message has not been altered
and confirm the sender's iden ty.

6) Explain DOS.

DOS (Denial of Service):

A type of cyber a ack intended to make a machine or network resource unavailable to its intended users by
overwhelming it with a flood of illegi mate requests, causing the system to crash or become unresponsive.
Common methods include flooding the target with traffic, sending malformed packets, and exploi ng
vulnerabili es in the target system.

7) Explain the working of Kerberos.

Kerberos is a network authen ca on protocol designed to provide strong authen ca on for client-server
applica ons using secret-key cryptography. It works as follows:

Authen ca on Service (AS) Request: The client sends a request to the AS for a cket to access a service.
AS Response: The AS verifies the client's iden ty and issues a Ticket Gran ng Ticket (TGT).
Ticket Gran ng Service (TGS) Request: The client sends the TGT to the TGS to request access to a specific
service.
TGS Response: The TGS verifies the TGT and issues a service cket.
Client-Service Request: The client sends the service cket to the target service to gain access.
Service Response: The service verifies the cket and grants access to the client.

8) Describe the following terms:

Sniffing: Intercep ng and capturing network packets to analyze the data being transmi ed.
Spoofing: Faking the iden ty of another device or user on a network to gain unauthorized access.
Man-in-the-middle: An a ack where the a acker intercepts communica on between two par es and possibly
alters the communica on without their knowledge.
TCP Hijack: Taking control of an exis ng TCP session between two machines to gain unauthorized access.

9) Explain DMZ in detail.

A DMZ (Demilitarized Zone) is a physical or logical subnet that separates an internal local area network (LAN)
from other untrusted networks, typically the internet. It adds an addi onal layer of security to an
organiza on's network by isola ng external-facing services from the internal network. Services such as web
servers, mail servers, and DNS servers are placed in the DMZ so that they are accessible from the internet but
protected from direct access to the internal network.

10) Explain:
- Ac ve A ack: An a ack where the a acker ac vely interferes with the network opera ons, such as
intercep ng and altering data during transmission.
- Passive A ack: An a ack where the a acker only monitors the network traffic without altering it, aiming to
gather informa on like passwords or other sensi ve data.

11) What is DNS rebinding.

DNS rebinding is an a ack that allows an a acker to bypass the same-origin policy in web browsers, enabling
them to manipulate and interact with internal network resources. It involves exploi ng the DNS protocol by
changing the IP address associated with a domain name a er it has been ini ally resolved by the vic m's
browser.

6 MARKS Ques ons

1) Write a brief note on firewall configura on.

Firewall configura on involves se ng up rules and policies to control incoming and outgoing network traffic.
The configura on includes:

Defining Security Policies: Establishing the organiza on's security requirements and objec ves.
Access Control Lists (ACLs): Crea ng lists of allowed and blocked traffic based on IP addresses, ports, and
protocols.
NAT (Network Address Transla on): Configuring NAT to translate private IP addresses to public ones for
internet access.
Logging and Monitoring: Se ng up logging to track traffic and monitor for suspicious ac vi es.
Upda ng Rules: Regularly upda ng firewall rules to adapt to new threats and changes in the network
infrastructure
2) Explain Public Key Infrastructure with an example.

Public Key Infrastructure (PKI) is a framework for managing digital keys and cer ficates. It involves the use of a
pair of cryptographic keys (public and private) for secure communica on. Components of PKI include:

Cer ficates: Digital documents that bind a public key with an iden ty, issued by a Cer ficate Authority (CA).
Cer ficate Authority (CA): A trusted en ty that issues and manages digital cer ficates.
Registra on Authority (RA): Verifies the iden ty of en es reques ng cer ficates.
Example: A user wants to send a secure email. The user's email client generates a private-public key pair, and
the public key is sent to the CA for cer fica on. The recipient can verify the sender's iden ty using the
cer ficate and decrypt the email using their private key.

3) Define a virus and describe the phases of a virus.

Defini on:
A virus is a type of malicious so ware that a aches itself to a host program and can replicate itself, spreading
to other programs or systems.

Phases of a Virus:

Dormant Phase: The virus is idle and does not take any ac on un l triggered by some event.
Propaga on Phase: The virus copies itself to other programs or files.
Triggering Phase: The virus ac vates based on a specific condi on, such as a date or event.
Execu on Phase: The virus performs its intended malicious ac vity, such as corrup ng data or displaying
messages.

4) Explain Kerberos and its working model with a neat sketch.

Kerberos is a network authen ca on protocol that uses secret-key cryptography to authen cate users to
network services.

Working Model:

Authen ca on Service (AS): The client sends a request to the AS for a Ticket Gran ng Ticket (TGT).
Ticket Gran ng Service (TGS): The client sends the TGT to the TGS to request a service cket.
Service Ticket: The client uses the service cket to authen cate with the target service.
Sketch:

Client requests TGT from AS.

AS responds with TGT.
Client requests service cket from TGS using TGT.
TGS responds with service cket.
Client accesses the service using the service cket.
5) Write short notes on:

Trojan Horse: A malicious program disguised as legi mate so ware that, when executed, can give unauthorized
access or cause damage.
Brute Force A ack: An a ack where an a acker tries all possible combina ons of passwords or keys un l the
correct one is found.
BOT: A so ware applica on that runs automated tasks over the internet, o en used maliciously in botnets for
DDoS a acks or spamming.