#FOMRA Staff-Crypto Part-A QA & Part-B Q

8/9/2019 #FOMRA Staff-Crypto Part-A QA & Part-B Q

1/27

CRYPTOGRAPHY AND NETWORK

SECURITY

IT1352 IT 3rd yr

UNIT I

PART A

1.Write different types of Authentication & explain it.

1. Peer entity authentication, 2.Data authentication

Peer entity authentication: Provides for the corroboration of the identify of a peerentity in an association. It provided for use at the establishment of a connection. It

attempts to provide confidence that an entity is not attempting an unauthorized

replay of a previous connection.

2. Data authentication: Provides for the corroboration of the source of a data unit. It

does not provide protection against the duplication of data units. This type of

service supports applications like electronic mail where there are no priorinteractions between the communicating entities.

2.Define Access control.In the context of security ,access control is the ability to limit and control the access to

host systems and applications via communications links.

3.Dfine Data Confidentiality

It is the protection of transmitted data from passive attacks with respect to the content

of a data transmission, several levels of protection can be identified. The broadest serviceprotects all user data transmitted between two users over a period of time.

4.Write Connection Integrity with RecoveryIt provides for the integrity of all users data on a connection and detects any

modification, insertion ,deletion or replay of any data with in a entire data sequence, with

recovery attempted.

5.Define No repudiation origin and nonrepudiation destination.

Nonrepudiation origin:Proof that the message was sent by the specified party.


2/27

Nonrepudiation destination:

Proof that the message was received by the specified party.

6.Define Authentication.Authentication service in concerned with assuring that a communication is authentic.

7.Defie passive attacks and list its types?

Passive Attacks:

A Passive attack attempts to learn or make use of information from the system but

does not affect system resources.

Types:Passive Attacks are classified in to two types; they are

1.Release of message contents.

2.Traffic Analysis.

8.Define Traffic padding?

Traffic padding:The insertion of bits in to gaps in a data stream to frustrate traffic analysis attempts.

9.Define plain text?

Plain text:This is the original intelligible message or data that is fed in to the algorithm as input.

10.Define Encryption Algorithm?

Encryption Algorithm:

The Encryption algorithm performs various substitutions and transformations on the

plaintext.

11.Define secret key?

Secret Key:The secret key is also input to the encryption algorithm. The key is a value

independent of the plaintext.The algorithm will produce a different output depending on

the specific key being used at the time.

12.Define ciphertext?

Cipher Text:

This is the scrambled message produced as output. It depends on the plain textand the secret key. For a given message, two different keys will produce two different

ciphertexts. The ciphertext is an apparently random stream of data.

13.Define Decryption Algorithm?

Decryption Algorithm:

This is essentially the encryption algorithm run in reverse. It takes the cipher

text and the secret key and produces the original plaintext.


3/27

14.List the characteristics of cryptography.

1.The type of operations used for transforming plaintext to ciphertext.

2.The number of keys used.

3.The way in which the plaintext is processed.

15.List the two approaches to attack conventional encryption.

The two general approaches to attacking a conventional encryption scheme are :

1.Cryptanalysis.2.Brute-force attacks.

16.List the different types of attacks on encrypted messages.

1.Ciphertext only.

2.Known plaintext.3.Chosen ciphertext .

4.Chosen text.

17.List the different types of substitution techniques.

1.Caesar cipher.

2.Monoalphabetic ciphers.3.Playfair cipher.

4.Hill cipher.

5.Polyalphabetic cipher.

18 Distinguish Stream Ciphers and Block Ciphers.

Stream Ciphers: It is one that encrypts a digital data stream one bit or one byte at

a time.

Block Ciphers: It is one in which a block of plaintext is treated as a whole and used

to produce a cipher text block of equal length.

19.Define Decryption.

The translation of encrypted text or data(called cipher text)into original text or data

(plain text) Decryption also called as deciphering.

20.Differential Cryptanalysis.A technique in which chosen plaintext with particular XOR difference patterns are

encrypted. The difference patterns of the resulting cipher text provide information

That can be used to determine the encryption key.


4/27

21.Define Diffusion and Confusion

Diffusion:Cryptographic technique that seeks to obscure the statistical structure of the

plain text By spreading out the influence of each individual plain text digit over manycipher text Digits.

Confusion: Makes the relationship between cipher key and plaintext as complex as

possible

PART-B

1.Briefly explain the OSI Security Architecture.

Text Book :Cryptography and Network Security

Author :William Stallings

Page No : 7

1.Security Services

2.Authentication3.Data Confidentiality

4.Security mechanisms5.Security attacks

2.Explain Classical Encryption Techniques.



Page No : 24

1.Symmetric Cipher Model* Cryptography

* Cryptanalysis

2.Substitution Techniques

*Caser Cipher

*Monoalphabetic Ciphers

*Playfair cipher*Hill Cipher

*Polyalphebetic Cipher

3.Transposition Techniques

4.Rotor Machines


5/27

3.Explain Block Cipher Design Principles



Page No : 63

*DES Design Criteria*Design of Function F

1.Design criteria for F

2.S-Box Design

*Key schedule Algorithm

4.Write about AES Cipher and Triple DES.

Text Book :Cryptography and Network SecurityAuthor :William Stallings

Page No : 143 & 174

1.AES Architecture

2.AES S Boxes

3.AES Key Expansion4.Doubles DES

5.Triple DES TWO Keys

6.Triple DES THREE Keys

5.Explain Placement of Encryption Function



Page No : 202

1.Potential Location for Confidentiality Attacks

2.Link versus End to End Encryption

*Basic Approaches*Logical Placement of End to End Encryption Function


6/27

UNIT II

1.Write about Public key cryptography.

It provides a radical departure from all that has gone before .Public key algorithm arebased on mathematical functions rather than on substitution and permutation. More

important, public key cryptography is asymmetric involving the use of 2 separate

keys, in contrast to symmetric encryption ,which use only one key.The use of 2 keys hasprofound consequences in the areas of confidently ,key distribution and authentication.

2.Write about RSA Algorithm

The RSA algorithm can be used for both public keyencryption and digital signatures. Its security is based on the

difficulty of factoring large integers.

3.Write about Security of RSA:

The possible approaches to attacking the RSA algorithm are follows.

1.Brute force:

This involves trying all possible keys .

2.Mathematical attacks: There are several approaches, all equivalent in

effect to factoring the product of two primes.

3.Timing attacks: These depend on the running time of the

decryption algorithm.

4.Definitions of Trap-door one-way function

A mathematical function that is significantly easier to perform in one direction (the

forward direction) than in the opposite direction (the inverse direction). Concerning

trap-doors, the inverse direction is easy, given a certain piece of information (the trap

door), but difficult otherwise.

5 Define Elliptic curve cryptography

Elliptic curve cryptography (ECC) is an approach to public-

key cryptography based on the mathematics of elliptic curves.


7/27

6.Define one-way function:

A one-way function is a function which is easy to calculate

but hard to invert it is difficult to calculate the input to thefunction given its output. The precise meanings of "easy" and

"hard" can be specified mathematically. With rare exceptions,almost the entire field of public key cryptography rests on the

existence of one-way functions.

7.Write the Distribution of Public Keys.

Several techniques have been proposed for the distribution

of public keys.

1 .Public announcement

2 Publicly available directory

3 Public key authority4 Public key certificates

8. Define Diffie-Hellman Key Exchange

A cryptographic key exchange method developed by WhitfieldDiffie and Martin Hellman in 1976. Also known as the "Diffie-

Hellman-Merkle" method and "exponential key agreement," it

enables parties at both ends to derive a shared, secret keywithout ever sending it to each other. Using a common number,

both sides use a different random number as a power to raise the

common number. The results are then sent to each other. ...

9.What are the attacks can be identified in the context of

communication across a network?

1.Disclosure

2.Traffic analysis

3.Masquerade

4.Conten modification

5.Timing modification

6.Source repudiation

7.Destination repudiation


8/27

PART B

1.Explain briefly about the Distribution of public keys


Author :William StallingsPage No : 211

* Public Announcement of Public Keys

*Public Available Directory

*Public Key Authority

*Public key Certificates

2.Explain Diffie Hallman Key Exchange



Page No : 293

Algorithm: *Global Public Elements

* User A key Generation

* User B key Generation

*Generation of secret key by user A

* Generation of secret key by user B

3.Explain briefly Elliptic Curve Cryptography



Page No : 304

*Analog of Diffie Hallman Key Exchange

*Elliptic Curve Encryption and Decryption

*Security of Elliptic Curve Cryptography


9/27

4.Expalin Public key Cryptosystems with neat diagram



Page No : 259

1. Public key Cryptography

*Encryption

*Decryption

2. Public key Cryptanalysis

5.Explain with example of RSA Algorithm.


Page No : 268

*Description of the Algorithm

*Computational Aspects

*Encryption and *Decryption

*Key Generation

6.Explain the Security of RSA.



Page No : 274

1.Brute force

2.Mathematical attacks

3.Timing attacks

4.Factering problem


10/27

UNIT III

PART-A

1.What are the classes are available in Authentication Function.

1.Message encryption

2.Message authentication code

3.Hash function.

2.Define Message authentication code.

A public function of the message and a secret key that producesa fixed length value that serve as the authenticator.

3.Define Hash function

A public function that maps a message of any length into afixed length hash value which serve as the authenticator.

4.Write about Message Authentication Code.

An alternative authentication technique involves the use of a

secret keys to generate a small fixed size of block of dataknown as cryptographic checksum or Message AuthenticationCode.

5.Explain Hash function.

A variation on the message authentication code is the one way

hash function. As with the message authentication code,a hashfunction accepts a variable size message as input and produces a

fixed output referred to as hash code.

Or

A hash functionHis a transformation that takes an input m and returns a fixed-size

string, which is called the hash value h (that is, h =H(m)). Hash functions with justthis property have a variety of general computational uses, but when employed in

cryptography, the hash functions are usually chosen to have some additional

properties.


11/27

6.Explain purpose of hash function.

The purpose of hash function is to produce a fingerprint of a

file, message or other block of data.

7.What is message Authentication Code

A Message Authentication Code is a one-way hash computedfrom a message and some secret data. Its purpose is to detect if

the message has been altered.

8.What is the difference between a message authentication

code(MAC) and a one-way hash function?

The difference between a one-way hash and a MAC (Message authenticationcode), is that the hash verifies the uniqueness of a message or file. The MAC is usually

an encrypted hash, also used to verify the uniqueness of a message, but which only can be

verified if you know the secret key.

For example, say you have a list of the MD5 hashes of all your system files. If you verify

the MD5 values of the files periodically with this list, you could see which files havebeen changed or updated, by a virus, for instance. However, if a virus comes in your

system, and replaces a system file, it could also replace the MD5 value in your list with

the new one, and you wouldn't know this happened.

If you had a list of MACs, however, the virus could replace your system file, but it has no

way of replacing the hash, since it doesn't have the key to decrypt it.

PART-B

1.Explain with example of Authentication Functions



Page No : 313

*Message encryption*MAC (Message Authentication Code)

*Hash function


12/27

2.Briefly write about Security of Hash Functions



Page No : 335

1.Brute Force Attacks

*Hash functions

*MAC2.Cryptanalysis

3.Explain HMAC.



Page No : 372

*HMAC Design Objectives*HMAC Algorithm

*HMAC Security

4.Explain Digital Signatures verification briefly.



Page No : 380

*Define Digital Signature*Direct Digital Signature

*Arbitrated Digital Signature

5.Briefly explain about the Authentication Protocols



Page No : 384

1.Mutual Authentication*Simple relay

*Repetition that can be logged

*Backward without modification*Timestamps

*Challenge

2.Symmetric Encryption Approaches


13/27

UNIT-IV

PART-A

1.Write about use of IP Security.

To secure the network infrastructure from unauthorized monitoring and control of

network traffic and the need to secure end user to end user traffic using authenticationAnd encryption mechanism.

2.Explain Applications of IP Security.

1.Secure branch office connectivity over the Internet.2.Secure remote access over the internet

3.Establishing extranet and internet connectivity with partners.

4.Enhancing electronic commerce security.

3.Benifits of IP Security.

1. IP Security in a firewall is resistant to bypass if all traffic from the outside must use IPand the firewall is the only means of entrance from the internet into the organization.

2.IP Security can be transparent to end users. It provide security for individual users if

need

4.Write IP Security Documents.

1. Architecture2. Encapsulating Security payload.

3. Authentication header

4. Encryption algorithm5. Key management

6. Domain of interpretation.

5.Define IP Security Services.

IP Security provide Services at the IP layer by enabling a system to select required

security protocols, determine the algorithm to use for the service and put in place any

cryptographic keys required to provide the requested services.

6.Define selectors.

Security Policy Database entry is defined by a set of IP and upper-layer protocolField values called selectors.

7.Define security association.A key concept that appears in both the authentication and confidentiality mechanisms

For IP is the security association.

8.Explain the concept of Association.


14/27

Association is one way relationship between sender and receiver that affords security

services to the traffic carried on it.

9.Write the Parameters of SA.

1.SA Parameters Index

2.IP Destination Address.3. Security Protocol

10.Write any 4 selectors of SPD.

1.Destination IP address

2.Source IP address

3.User ID

4.Data sensitivity level

11.Explain Transport Mode.

It provides protection primarily for upper-layer protocols. That is transport mode

protection extends to the pay load of an IP packet.

12.Explain Tunnel Mode.

It provides protection to the entire IP packet. To archive this after the AH or ESP fields

are added to the IP packet, the entire packet plus security fields are treated as the payload

of new outer IP packet with new outer IP header.

13.Define SSL Architecture.

Secure Socket Layer is designed to make use of TCP to provide a reliable end-to-end

secure services is not a single protocol but rather two layers of protocols.

14.Define Connection.

A connection is a transport that provides a suitable type of service.

15.Write about SSL Session.

SSL Session is an association between a client and server. Sessions are created byHandshake Protocol.Session define a set of cryptographic security parameters, which

Can be shared among multiple connections.

16.Write the parameters of Session.

1.Session identifier

2.Peer certificate

3.Compression method4.Cipher spec

5.Master secret.


15/27

17. Write the parameters of Connection.

1.Server and Client random

2.Server with MAC secret3.Server write key

4.Client write key

5.Initialitation vectors

18.Define SSL Protocol

It provides two services for SSL connections.

1. Confidentiality

2.Message Integrity

19.Define Alert Protocol

It is used to convey SSL related alerts to the peer entity. As with other application that

use SSL ,alert message are compressed and encrypted, as specified by the current state.

20.Explain Change Cipher Protocol

It is one of the three SSL specific protocols that use SSL record protocol, and it is the

simplest.This protocol consists of single message,which consists of single byte with the

value 1.The sole purpose of this message is to cause the pending state to copied into thecurrent state ,which updates the cipher suite to be used on this connection.

21.Explain Handshake Protocol.

The most complex part of SSL is the Handshake Protocol.This protocol allows the

server and client to authenticate each other and to negotiate an encryption and MAC

algorithm and cryptographic keys to be used to protect data sent in SSL record.

22.Define Secure Electronic Transaction.

SET is open encryption and security specification designed to protect credit cardtransaction on the internet.

23.Write purpose of Dual Signature.

The purpose of Dual Signature is to link two messages that are intended for two differentrecipients.


16/27

24.Motivation Behind Kerberos

In a non-networked personal computing environment, resources and information can be

protected by physically securing the personal computer. In a timesharing computing

environment, the operating system protects users from one another and controls resources. In

order to determine what each user is able to read or modify, it is necessary for the timesharingsystem to identify each user. This is accomplished when the user logs in.

25.What is Kerberos?

Kerberos is a trusted third-party authentication service based on the model presented by

Needham and Schroeder. It is trusted in the sense that each of its clients believes

Kerberos' judgment as to the identity of each of its other clients to be accurate.Timestamps (large numbers representing the current date and time) have been added to

the original model to aid in the detection of replay. Replay occurs when a message is

stolen off the network and resent later.

26.What Does Kerberos Do?

Kerberos keeps a database of its clients and their private keys. The private key is a large

number known only to Kerberos and the client it belongs to. In the case that the client is a

user, it is an encrypted password. Network services requiring authentication register withKerberos, as do clients wishing to use those services. The private keys are negotiated at

registration.

27What are the Kerberos Software Components

The Athena implementation comprises several modules:

Kerberos applications library

encryption library

database library

database administration programs

administration server

authentication server

db propagation software

user programs

applications


17/27

28.How Kerberos Works

This section describes the Kerberos authentication protocols. As mentioned above, the

Kerberos authentication model is based on the Needham and Schroeder key distributionprotocol. When a user requests a service, her/his identity must be established. To do this,

a ticket is presented to the server, along with proof that the ticket was originally issued tothe user, not stolen. There are three phases to authentication through Kerberos. In the first

phase, the user obtains credentials to be used to request access to other services. In thesecond phase, the user requests authentication for a specific service. In the final phase,

the user presents those credentials to the end server.


18/27

29.Pretty Good Privacy.

PGP is a remarkable phenomenon. It provides a confidentially and authentication service

that can be used for electronic mail and file storage applications.

30.Cryptography Keys and Rings

PGP makes use of 4 types of keys: one time session symmetric keys, public keys, private

keys and pass phrase based symmetric keys

31.Session key Generation

Each session key is associated with a single message and is used only for the purpose of

encrypting and decrypting that message.

32.Define X.509 authentication service

It defines a frame work for the provision of the authentication services By X.509directory to its users. The directory may serve as a repository of public keycertificates of the type. The distributed set of servers that maintains a data base of

information about users. The information includes a mapping from user name to

work address, as well as other attributes and information about the users.

33.Write About One way authentication

One way authentication involves a single transfer of information from one user(A) to

another(B) and establishes the following.

1.The identity of A and that the message was generated by A

2.That the message was indented for B

3.The integrity and originality .

34.Define S/MIME.

Secure /Multipurpose Internet Mail Extension is a security enhancement to the MIME

Internet e-mail format standard, based on the technology from RSA Data Security.

S/MIME. Is defined in a number of documents ,most importantly RFC2630,2632,2633.

35.Multi purpose Internet Mail Extensions

This document provides links to information about Multipurpose Internet Mail

Extensions (MIME). MIME extends the format of Internet mail to allow non-US-ASCII

textual messages, non-textual messages, multipart message bodies, and non-US-ASCIIinformation in message headers.


19/27

36.Define S/MIME. Functionality.

In terms of general functionalitys/MIME is very similar to PGP.Both offer the ability to

sign and encrypt messages

37.Write different type of S/MIME. Functionality

1.Enveloped Data.

2.Signed Data

3 Signed and. Enveloped Data.

4.Signed Data .

38.te types of Multi purpose Internet Mail Extensions

1.Text Type

2.Multipart Type

PART-B

1.Explain briefly about X.509 Authentication service



Page No : 419

*Define X.509 Formats

*Certificates*Obtaining Users Certificate

1.Forwared certificate

2.Reverse certificate*Authentication Procedures

1.One way Authentication

2.Two way Authentication

2.Explain PGP (Pretty Good Privacy) with example.



Page No : 436

*PGP Cryptographic Function

*Confidently


20/27

*Confidently and Authentication

*Comparison

*E-Mail Compatibility*Segmentation and Reassembly

3.Write the Functions of Cryptographic Keys and Key Rings



Page No : 444

Keys

*Session Key Generation

*Key Identifiers

1.Timestamp

2.Message Digest3.Leading two octets of message digest

4.Key ID of senders public key

Key Rings

*Timestamp

*Key ID*Public Key

*Private Key

*User ID

4.Explain Secure /Multipurpose Internet Mail Extension(S/MIME).



Page No : 444

1.MIME Content Types

2.S/MIME Functionality

1.Enveloped data2.Signed data

3.Clear signed data

4.Signed & Enveloped data3.Cryptographic algorithm

4.S/MIME Messages


21/27

5.Explain S/MIME Certificate Processing



Page No : 469

*Key generation

*Registration

*Certificate storage and retrieval*Very Sign certificates

*Enhanced Security Services

6.Explain IP Security Overview with example.


Author :William StallingsPage No : 482

1.Applications of IPS

2.Benifits of IPS

3Routing Applications

7.Briefly explain IPS Architecture.



Page No : 485

1.IPS Documents*Architecture

*Encapsulating Security Payload(ESP)

*Authentication Header*Encryption algorithm

*Authentication algorithm

*Key management

*Domain of Interpretation2.IPS Services

3.Security Association

4. SA Selectors

8.Expalin briefly about Transport and Tunnel Modes.



Page No : 490


22/27

Transport Mode (end to- end communication between two hosts)

9.Explain Secure Socket Layer Architecture.


Page No : 531

1.Connection

2.Session

*Session identifier

*Peer certificate*Compression method

*Cipher spec

*Master secret

*Server write MAC secret*Server and Client Write Key

10.Write briefly about the SSL Record Protocol .



Page No : 533

1.Servicess

2.Change Cipher Spec Protocol.3.Alert Protocol

4.Handshake Protocol

UNIT-V

SYSTEM LEVEL SECURITY

PART-A

1.Define Passwords.

Password serves to authenticate the ID of the individual logging on the system .

2.Write different types of password selection techniques.

*User education*Computer generated password

*Reacting password checking

*Proactive password checking


23/27

3.Define Logic Bomb.

One of the oldest types of program threat, predating viruses and warms, is the logic

bomb. The logic bomb is code embedded in some legitimate program that is set toexplode when certain conditions are met.

4.Define Trojan HorsesTrojan Horses is useful program or command procedure containing hidden code that

when invoked ,performs some unwanted or harmful function.

5.Define Zombie

It is a program that secretly takes over another internet attached computer and then uses

that computer to launch attacks that are difficult to trace to the zombie creator .Zombie is

used in denial of services attacks, typically against targeted websites

6.Difine VIRUSES.

It is a program that can infect other programs by modifying them, The modification

includes a copy of the virus program, which can then go on to infect other programs.

7.What are the phases are involved in the virus spreading process.

1.Dormant phase

2.Propacation phase

3.Triggering phase

4.Execution phase

8.Explain virus structure.

Virus can be pretended or post pended to an executable program or it can be embeddedIn some other fashion. The key to its operation is that the infected program ,when

invoked ,will first execute the virus code and then execute the original code of the

program.

9.Write types of viruses.

1.Parasitic virus

2.Memory resident virus

3.Boot sector virus4.Stealth virus

5.Polymorphic virus

10.What do you mean by Polymorphic virus?

Polymorphic virus creates copies during replication that are functionally equivalent but

have distinctly different bit patterns.

11Define Macro Viruses

It is a platform independent .Virtually all of the macro viruses infect MS word

document .This Macro virus are easily spread and a very common method is E- mail.


24/27

12.What are the Auto executing Macros are available in the MS Word?

1. Auto execute2. Auto macro

3. Command macro

13.Define E-mail viruses

A more recent development in malicious software is the e-mail virus.The first rapidly

spreading e-mail viruses such as Melissa.

14.Explain antivirus approaches.

1.Detection:Once the infection has occurred determine that it has occurred and locate thevirus.

2.Identification:Once detection has been achieved identify the specific virus that has

Infected a program.

3.Removal: Once detection has been identified remove all traces of the virus from theinfected program and restore it to its original state .Remove the virus from all infected

systems so that the disease cannot spread further.

15.What are the Anti virus techniques are available ?

There are two Antivirus techniques are as follows.

1.Generic Decryption2.Digital Immune System

16.Define Generic Decryption.

Generic Decryption technology enables the antivirus program to detect easily even the

most complex polymorphic viruses, while maintaining fast scanning speeds.

17.Define Behavior-Blocking Software

Unlike heuristics or finger print based scanners, behavior-blocking software integrates

With the operating system of a host computer and monitors program behavior in real

time for malicious action. The Behavior-Blocking Software then blocks potentiallymalicious actions before they have a chance to affect the system.

18.Explain Firewall design principles

* Centralized data processing system ,with a central mainframe supporting a number of

directly connected terminals.

* LANs interconnecting PCs and terminals to each other and the mainframe.* Premises network, consisting of a number of LANs interconnecting PCs servers and

perhaps a mainframe.

19.Explain Firewall characteristics.


25/27

1.All traffic from inside to outside and vice versa must pass through the firewall.This

Is achieved by physically blocking all access to the local network except via firewall.

2.Only authorized traffic as defined by local security policy will be allowed to pass.

Various types of firewalls are used ,which implement various types of security polices.

3.The firewall itself is immune to penetration .This implies that use of system with a

secure operating system.

20.List the four general techniques that firewall use to control access.

1.Service control

2.Direction control

3.User control4.Behavior control

21.List the types of firewall

1.Packet Filtering Router2.Application Gateways

3.Circuit level Gateways

22.Define Packet Filtering Router

Packet Filtering Router applies a set of rules to each incoming IP packet and then

forwards or discards the packet. The router is typically configured to filter packets goingIn both directions. Filtering rules are based on information contained in a network

packet.

21.List the attacks that can be made on packet filtering routers .

1.IP address spoofing

2.Source routing attacks3.Tiny fragment attacks

22.Define Application level gateway

Application level gateway also called as proxy server, act as a relay of Application level

Traffic. This proxy server tend to be more secure than packet filters.

23.What do you meant by Bastion Host

A Bastion host is a system identified by the firewall administrator as a critical

Strong point in the network security .Typically the bastion host serves as a platform foran application level gateway.

PART-B

1.Explain Audit Records and Statistical Anomaly Detection.




26/27

Page No : 537

Audit Records

1.Native Audit Records

2.Detection specific audit records3.Action

4.Subject

5.Exception Condition6.Resource Usage

Statistical Anomaly Detection

1.Counter2.Gauge

3.Interval Timer

4.Resource utilization

2.Explain Distributed Instruction Detection.



Page No : 578

*Host agent module*LAN Monitor agent module

*Central manager module

3.Explain Markov Modal for Password Selection Strategies.



Page No : 586

4.Explain Different types of VIRUSES.



Page No : 604

1.E-Mail Viruses2.Macro Viruses

*Auto execute

*Auto macro*Command macro

3. Parasitic virus

4. Memory resident virus

5. Boot sector virus


27/27

6.Stealth virus

7. Polymorphic virus

5.Explain Trojan Horse Defense method briefly



Page No : 631

6.Explain the advanced Antivirus Techniques .



Page No : 610

1.Generic Decryption*CPU Emulator

*Virus signature scanner

*Emulation control module

2.Digital Immune System

*Integrated mail system*Mobile program system

7.Explain Fire Wall Characteristics .



Page No : 617

1.Service Control

2.Direction control

3.User control4.Behavior control

8.Explain the types of Firewall with suitable example.



Page No : 618

1.Packet filters

*Source IP address

*Destination IP address*Source and Destination Transport level address

*IP protocol field

*Interface2.Application level gateways

3.Circuit Level Gateway

#FOMRA Staff-Crypto Part-A QA & Part-B Q

Documents

Transcript of #FOMRA Staff-Crypto Part-A QA & Part-B Q