Karunya University 2007 M.Com Accounting and Finance security in computing - Question Paper

Reg. No. ________
Karunya University
(Declared as Deemed to be University under Sec.3 of the UGC Act, 1956)

End Semester exam – November / December 2008

Subject Title: SECURITY IN COMPUTING Time : three hours
Subject Code: CA351 Maximum Marks: 100

ans ALL ques. (5 x 20 = 100 Marks)

1. Compulsory:

a. What is a Firewall? discuss in detail about kinds of Firewalls. (12)
b. Explain in detail about Spoofing with a relevant examples. (8)

2. a. Compare DES with AES. (8)
b. Explain in detail about AES Algorithm. (12)
(OR)
3. a. Write short notes on Cryptanalysis. (8)
b. Define the terms Confusion and Diffusion. (4)
c. Explain in detail about Digital Signatures. (8)

4. a. Write short notes on “CodeRed” Malicious Code. What it did? What effect it had? How it
worked? What was studied from that Malicious Code? (12)
b. Write short notes on Salami Attack. (8)
(OR)
5. a. Explain in detail about 3 kinds of control against program threats. (12)
b. Briefly define the 4 activities involved in configuration management (8)

6. a. Explain about the security requirements for databases . (10)
b. What is sensitive data? elaborate the factors that can make data sensitive? (10)
(OR)
7. a. Explain in detail about Inference issue. (10)
b. Briefly define different proposals for implementing multilevel security. (10)

8. a. What is security plan? discuss the contents of a security plan. (12)
b. What are the characteristics of a Good security policy? (8)
(OR)
9. a. Explain in detail about physical security (10)
b. What are the benefits of performing a risk analysis for creating a security plan? (10)

Earning:   Approval pending.