Mail & call us at:-
Call us at : 08263069601
Or
“ help.mbaassignments@gmail.com ”
To get fully solved assignments
Dear students, please send your semester & Specialization name here.
1. Dear students get fully solved SMU MSC IT Spring 2014 assignments
Send your semester & Specialization name to our mail id :
“ help.mbaassignments@gmail.com ”
or
Call us at : 08263069601
ASSIGNMENT
DRIVE Spring – 2017
PROGRAM MCA(REVISED FALL 2012)
SEMESTER 5
SUBJECT CODE & NAME MCA5042- Cryptography and Network Security
BK ID B2069
CREDITS 4
MARKS 60
Note: Answer all questions. Kindly note that answers for 10 marks
questions should be approximately of 400 words.
Q. No. Question Marks Total Marks
Question. 1. a) What is avalanche effect?
Answer: In cryptography, the avalanche effect refers to an attractive property of block ciphers and
cryptographic hash functions algorithms.
The avalanche effect is satisfied if:
The output changes significantly (e.g.,
b) Explain data encryption standard (DES).
2. Answer: The Data EncryptionStandardis a symmetric-keyalgorithmforthe encryptionof electronic
data. Although now considered insecure, it was highly influential in the advancement of modern
cryptography.
Developed in the early 1970s at IBM and based on an earlier design by Horst Feistel, the algorithm
wassubmittedtothe National Bureauof Standards(NBS) followingthe agency'sinvitationtopropose
a candidate for the protection of sensitive
Question. 2. a) List and explain the objectives of computer security.
Answer:Most of usunderstandhowlocks,barredwindows,litparkinglots,andloudbarkingdogscan
be usedtomake ouroffice buildingsmoresecure.Computersecuritycan,inmanyways,be compared
with these physical security approaches. But, as with anything else that we translate from the real
world to the computer world, we find that we must very firmly define our terminology and our
business needs before the computer version can either be understood or made to work. In this
chapter, we will define what computer security is and
b) What is the difference between passive and active security
threats?
Answer:Businessesandindividualsaroundthe globehave feltthe stingof cyberintruderswhoattack
organizational networks with relative impunity. Some attacks only deface a website, while others
resultinsignificantembarrassmentorfinancialloss.Whileitisalmostimpossibletostopsomeattacks,
itisimportantfororganizationstorecognizethe differencebetweenpassive attacksandactiveattacks
-- and the surprising risks of passive attacks.
Attack Motives: The motive for an attack depends on the
Question. 3. Explain the evaluation criteria for Advanced Encryption
Standard (AES).
Answer: The National Institute of Standards and Technology (NIST) started development of AES in
1997 whenit announcedthe needfor a successoralgorithmfor the Data EncryptionStandard (DES),
which was starting to become vulnerable to brute-force attacks.
This new, advanced encryption algorithm would be
Question. 4. a) What is key distribution?
Answer: In symmetric key cryptography, both parties must possess a secret key which they must
exchange priortousinganyencryption.Distributionof secretkeyshasbeenproblematicuntilrecently,
because it involved face-to-face meeting, use of a trusted courier, or sending the key through an
3. existing encryption channel. The first two are often impractical and always unsafe, while the third
depends on the security of a previous key exchange.
In public key cryptography, the key distribution of public keys is
Question. 5. a) Describe the four types of protocol of SSL.
Answer: SSL protocol, which was initially developed by Netscape, is the base for secure
communication in the internet today. SSL Being a big topic to cover in a single article/blog post, we
have tried to segregate different topics to be understood in SSL.
In this post, we will try to understand the Record Protocol in SSL, out of the four main layers in SSL,
which are mentioned below.
1. SSL Handshake Protocol
2. SSL Record Layer Protocol
3. SSL Change Cipher Spec
4. SSL alert Protocol
b) What is Transport Layer Security (TLS)? Explain.
Answer: Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both
frequentlyreferred to as "SSL", are cryptographic protocols that provide communications security
overa computernetwork.Several versionsof the protocolsfindwidespreaduse inapplicationssuch
as webbrowsing,email,Internetfaxing,instantmessaging,andvoice-over-IP(VoIP).WebsitesuseTLS
to secure all communications between their servers and web browsers.
Question. 6. a) Discuss intrusion detection.
Answer: An intrusion detection system (IDS) is a device or software application that monitors a
network or systems for malicious activity or policy violations. Any detected activity or violation is
typically reported either to an administrator or collected centrally using a security information and
eventmanagement(SIEM) system.A SIEMsystemcombinesoutputsfrommultiplesources,anduses
alarm filtering techniques to distinguish malicious activity from false alarms.
b) What do you mean by malicious software? Explain in detail.
4. Answer:Malware issoftware designedtocause harmtoacomputeranduser.Someformsof malware
“spy” on user Internet traffic. Examples include spyware and adware. Spyware monitors a user’s
location and if enabled, it can capture sensitive information, e.g., credit card numbers, promoting
identity theft. Adware also acquires user information, which is shared with advertisers and then
integrated with unwanted, triggered pop-up ads.
Worms and viruses behave differently, as they can quickly proliferate and undermine an entire
computer system. They also may perform unsavory
Dear students get fully solved SMU MSC IT Spring 2014 assignments
Send your semester & Specialization name to our mail id :
“ help.mbaassignments@gmail.com ”
or
Call us at : 08263069601