Maharashtra State Board of Technical Education 2009 B.E Information Technology Information Security - Question Paper

I~ ques. NO.1 is compu'lsory. rr/I'L/ 03
(2) Attempt any 4 ques. out of remaining 6 ques.. I~"t2 <:to 1.3 (3) All ques. carry equal marks. --.JG 0
(4) Draw neat diagrams wherever necessary.
1. (a) Distinguish betwen vulnerability, threat and control.
(b) discuss in detail the steps in risk analysis.
10
10
2. (a) elaborate covert channels and how are they created? In which cases issues 10
are created in covert channels?
(b) discuss what is spoofing? Write about various kinds of spoofing techniques. 10
3. (a) explain the similarities and differences ranging from signature based IDS and 10
heuristic based IDS. elaborate the limitations oJ IDS? .
(b) Compare various separation methods used as a basis for protection in OS. 10
State their uses and advantages.
4. (a) Compare the 2 encryption strategies-Link and end-to-end encryption used 10
as tools for network security, from all view points.
(b) discuss the role of Kerberos for supporting authentication in distributed systems. 10
5. (a) explain the design of multilevel secure databases. 10
(b) What is the Denial of service (attack)? What is the meaning of the term 10
'service' in DOS? What can possibly prevent DOS attacks?
6. (a) List majority security threats dealt with every level of OSI protocol stack. 10
(b) What is targeted malicious code? Write in brief about trap door and Salami 10
attack.
7. Write short notes on any 2 of the subsequent :-
(a) PGP and MIME
(b) SSH
(c) Virtual private networks
(d) D-DOS (Denial of service)
20

ii sth.ilf-(W-tikI-,-t* 2M I

g' CT3 SenCSfflll.

Con. 5454-09.    SeOWV

{3 Hours)

(1)    Question No, 1 is compulsory.

'fO\3c<fc> j-3o