smartworld.asia smartzworld.

com

1. GROUP-A (SHORT ANSWER QUESTIONS)

Bloom’s Course
S. No. Questions
Taxonomy Level Outcome
UNIT-I
1 Explain security attacks? Understand 1,2
2 Enumerate traffic analysis? Knowledge 1,2
3 Categorize active attacks? Apply 1,2
4 Categorize passive attacks? Apply 1,2
5 Mention the key principles of security? Compare 1,2
6 Distinguish active and passive attacks? Understand 2
7 Enumerate the mechanisms implemented for confidentiality? Knowledge 2
8 List briefly categories of security mechanisms? Knowledge 2
9 Differentiate TCP and UDP session hijacking? Apply 2
10 Specify basic tasks for defining a security services? Compare 2
UNIT – II
1 Differentiate symmetric and asymmetric encryption? Apply 3,5
2 Define cryptanalysis? Knowledge 3
3 Compare stream and block ciphers with examples? Understand 3,4

Specworld.in jntuworld.xyz
smartworld.asia smartzworld.com

4 Enumerate design parameters of feistel cipher structure? Knowledge 3,4

5 Define product cipher? Knowledge 3,4
6 Lists block cipher modes of operation? Knowledge 3,4
7 Explain essential ingredients of symmetric cipher? Understand 3,4
8 Differentiate link and end-to-end encryption? Apply 3,4
9 Differentiate session key and master key? Apply 3,4
10 State advantages of counter mode? Understand 3,4
11 Specify the design criteria of block cipher? Compare 3,4
UNIT – III
1 Differentiate between private and public key? Apply 5
2 Enumerate uses of public key cryptography? Knowledge 5
3 Differentiate public key and conventional encryption? Knowledge 5
4 Explain the rules of public and private key? Understand 5
5 Explain the principles elements of a public key cryptography? Understand 5
6 Specify the application of public key cryptography? Compare 5
7 List four general characteristics of a scheme for distribution of
Knowledge 6
the public key?
8 Discuss about key management in public key cryptography? Understand 6
9 Discuss digital signatures? Understand 6
10 Explain about X.509 certificate? Understand 6
11 Differentiate simple and secure authentication dialogue in
Apply 6
Kerberos v4?
UNIT – IV
1 Define PGP? Knowledge 7
2 Explain why PGP is open source? Understand 7
3 List out notations used in PGP? Knowledge 7
4 List out services of PGP? Knowledge 7
5 Explain e-mail compatibility? Understand 7
6 Explain why does PGP generate a signature before applying
Understand 7
compression?
7 Examine how does PGP provide public key management? Knowledge 7
8 List MIME content types? Knowledge 8
9 Explain S/MIME? Understand 8
10 Explain the utility of a detached signature? Understand 8
UNIT – V
1 Enumerate applications of IPSEC? Knowledge 9
2 Examine services are provided by IPSEC? Knowledge 9
3 Explain parameters identify SA? Understand 10
4 Explain parameters characterize the nature of a particular SA? Understand 10
5 List encryption and authentication algorithms which are used
Knowledge 9
for AH and ESP?
6 Explain replay attack? Understand 9
7 Examine why does ESP include a padding field? Knowledge 9
8 List fields of AH? Knowledge 9
9 List disadvantages of Diffie Hellman key exchange algorithm? Knowledge 9

Specworld.in jntuworld.xyz
smartworld.asia smartzworld.com

10 List out applications of IPSEC? Knowledge 9

UNIT – VI
1 Explain protocols that comprise SSL? Understand 11
2 State alert codes of TLS protocol? Knowledge 11
3 State parameters that define SSL session state? Knowledge 11
4 Explain series of messages exchanged between client and
Understand 11
server in handshake protocol?
5 Differentiate SSL and TLS protocols? Apply 11
6 Explain services provided by SSL record protocol? Understand 11
7 State advantages of SET protocol? Knowledge 12
8 Explain dual signatures? Understand 12
9 Examine purpose of dual signatures? Knowledge 12
10 State SSL handshake protocol message types? Knowledge 12
UNIT – VII
1 Explain how sense network management architecture
Understand 13
considered integrated?
2 Explain key elements of the SNMP model? Understand 13
3 Explain usage of MIB? Understand 13
4 Examine auto-discovery in SNMP protocol? Knowledge 13
5 Summarize functions of a SNMP protocol? Understand 13
6 Prepare USM message parameters? Apply 13
7 Identify elements that comprise VACM? Knowledge 13
8 State classes of intruders? Knowledge 14
9 Collaborate different file access activities used for intrusion
Compare 14
detection?
10 Enumerate types of viruses? Knowledge 14
11 Examine how does a worm propagate? Knowledge 14
UNIT - VIII
1 Examine how biometrics used instead of password for
Knowledge 15
authentication?
2 Discriminate three benefits that can be provided by an intrusion
Examine 16
detection system?
3 Differentiate statistical anomaly detection and rule based
Apply 16
intrusion detection?
4 List files access activities used for intrusion detection? Knowledge 16
5 Demonstrate techniques used to avoid guessable password? Understand 15
6 List out design goals for a firewall? Knowledge 15
7 Demonstrate an application-level gateway? Understand 15
8 Discuss in the context of access control, what is the difference
Understand 15
between subjects and object?
9 Evaluate hoe firewall is different from intrusion detection
Examine 15,16
system?
10 Differentiate packet filter routing and a state full inspection
Apply 15,16
firewall?

Specworld.in jntuworld.xyz
smartworld.asia smartzworld.com

2. GROUP-B (LONG ANSWER QUESTIONS)

S. No. Questions Bloom’s Course

Taxonomy Level Outcome
UNIT – I
1 Describe the following
(a) Security attacks
Knowledge 1,2
(b) Security services
(c) Security mechanisms
2 Define cryptanalysis. Mention the types of cryptanalysis and in
Knowledge 1,2
detail the amount of information known to cryptanalytic?
3 Demonstrate model for internetwork security with neat
Understand 1,2
diagram?
4 Demonstrate how internet standards have been standardized by
Understand 1,2
using RFC?
5 Differentiate TCP and UDP session hijacking? Apply 1,2
6 Enumerate man in-middle attack in network? Knowledge 2
7 Discriminate how buffer overflow is categorized under
Examine 2
software weakness?
8 Demonstrate ARP attack in the network with an example? Understand 2
9 Enumerate the security goals and explain each with an
Knowledge 2
example?
10 Compare and contrast active and passive attacks? Understand 2
UNIT – II
1 Describe how Compile the process how RC4 decryption is
Compare 3
reverse of its encryption?
2 Justify how DES algorithm uses feistel cipher structure? Examine 3
3 Enumerate the principles of conventional encryption
Knowledge 3
algorithms?
4 Demonstrate how encryption is misused to attack the system? Understand 3
5 Recite round function evaluation in feistel cipher structure? Knowledge 3
6 Compare and contrast DES, 3-DES and AES? Understand 3
7 Illustrate the procedure of key distribution in conventional
Apply 3
encryption algorithms?
8 Illustrate how secure hash function is alternative to MAC? Apply 4
9 Enumerate the different steps of SHA to generate message
Knowledge 4
digest?
10 Formulate AES encryption and decryption process with neat
Compare 3,4
sketch?
UNIT – III
1 Discriminate the requirements that must be fulfilled by public
Examine 5
key cryptography for securing data in network?
2 Assess how to debug the RSA encryption algorithm? Examine 5
3 Demonstrate RSA public key encryption algorithm? Understand 5
4 Describe the following
Knowledge 6
a) Digital signature standard b) Elliptic curve cryptography
5 Compile how public keys are been certified in RSA and Diffie
Compare 5,6
Hellman key exchange algorithm?
6 Differentiate Kerberos v4 and Kerberos v5? Apply 6
7 List out management functions of PKIX and describe the
Knowledge 6
process in detail?

Specworld.in jntuworld.xyz
smartworld.asia smartzworld.com

8 Discriminate how X.509 certificate is revoked? Examine 6

9 Demonstrate use of realm and justify the usage? Invent the
Understand 6
context of Kerberos.
10 Illustrate approaches to secure user authentication in a
Apply 6
distributed environment?
UNIT – IV
1 Formulate on what basis Zimmermann has developed PGP for
Compare 7
e-mail security?
2 Enumerate all services of PGP and explain with neat sketch Knowledge 7
3 Generalize why inspite of symmetric key, public key and
private key, PGP uses three separate requirements what are Compare 7
those and explain why are they used?
4 Demonstrate the general format of PGP message with an
Understand 7
example?
5 Demonstrate the general structure of private key ring? Understand 7
6 Illustrate different approaches to public key management? Apply 7
7 Justify why S/MIME is a security enhancement to MIME
Examine 8
internet e-mail format standard?
8 Explain of MIME specification with an example? Understand 8
9 Demonstrate MIME transfer encoding techniques and
Understand 8
certificate processing?
10 Illustrate S/MIME message? Apply 8
UNIT - V
1 Discuss how IPESC encompasses three functional areas:
a) Authentication b) Confidentiality Understand 9
c) Key management
2 Discuss how HMAC message authentication code can be
Understand
applied to the entire original TP packet (tunnel mode)?
3 Discuss how HMAC message authentication code can be
Understand 9
applied to the entire original TP packet (transport mode)?
4 Examine how confidentiality is provided by an ESP? Knowledge 9
5 Mention different techniques defined by IPSEC for key
Knowledge 10
management?
6 Enumerate benefits and routing applications of IPSEC? Examine 9,10
7 Draw neat diagram of IP security architecture with detail
Examine 9
description?
8 Demonstrate following processes
(a)Authentication Header Understand 9
(b)Encapsulation security payload
9 Discriminate the process of combining security association is
Examine 10
achieved?
10 Examine how encryption and authentication algorithms are
used for following
Knowledge 9
(a)Authentication Header
(b)Encapsulation security payload
UNIT – VI
1 Demonstrate how SSL provide security services between TCP
Understand 11
application and application that use TCP?
2 Examine how SSL provide confidentiality using symmetric
Knowledge 11
encryption and message integrity using MAC?
3 Examine how TLS provide confidentiality using symmetric
Knowledge 11
encryption and message integrity using MAC?

Specworld.in jntuworld.xyz
smartworld.asia smartzworld.com

4 Discuss how SSL include protocol mechanisms and services to

Understand 11
enable two TCP users to determine the security?
5 Discuss how TLS include protocol mechanisms and services to
Understand 11
enable two TCP users to determine the security?
6 Discuss how SET is designed to protect credit card transactions
Understand 12
on the internet?
7 Discuss the threats on the web and the consequences and
Understand 11,12
counter measures?
8 List out SET transaction types .Explain payment processing,
Knowledge 12
purchase request, payment authorization and payment capture?
9 Demonstrate how SSL and TLS provide security on the web? Understand 11
10 Differentiate the process of security provided by SSL and
Apply 11,12
TLS?
UNIT - VII
1 Determine with description how SNMP provide proxy
Examine 13
configuration?
2 Analyze distributed network management configuration with an
Knowledge 13
example?
3 Compare and contrast SNMPv1 and SNMPv2 protocol data
Understand 13
unit?
4 Discuss the following
(a) SNMPv3 protocol architecture Understand 13
(b) SNMPv3 architecture
5 Draw a block diagram of traditional SNMP agent with
Apply 13
explanation?
6 Demonstrate process of command generator notification
Understand 13
generator with diagrams?
7 Justify intrusion into a computer system or network is one of
Compare 14
the most serious threats to security?
8 Enumerate intrusion techniques with description? Knowledge 14
9 Classify intruders with an explanation Apply 14
10 Give description of VACM and also explain elements of the
Compare 14
VACM model?
UNIT - VIII
1 Demonstrate how does the intrusion detection system work
when the contents of the network message are encrypted? At Understand 15,16
what level can this packet be read and analyzed?
2 Describe how hackers exploit vulnerabilities in the network-
Knowledge 15,16
based computing systems?
3 Analyze various approaches to prevention and detection from
Apply 15,16
unauthorized users?
4 Examine software threats to systems with a special emphasis
Knowledge 15,16
on viruses and worms?
5 Enumerate counter measure for viruses and worms? Knowledge 15,16
6 Discuss standard approach to the protection of local computer
Understand 15,16
assets from external threats?
7 Discuss firewall design principles and also explain techniques? Understand 15,16
8 Discuss how intrusion prevention is achieved through password
Understand 15,16
management?
9 Justify Intrusion provides early warning of an intrusion so that
Compare 15,16
defensive action can be taken to prevent or minimize damage?
10 Differentiate statistical anomaly detection and rule–based
Apply 15,16
intrusion detection?

Specworld.in jntuworld.xyz
smartworld.asia smartzworld.com

3. GROUP-III (ANALYTICAL QUESTIONS)

Bloom’s Course
S. No. Questions
Taxonomy Level Outcome
UNIT-I
1 Demonstrate the network model? Understand 2
2 Draw matrix that shows the relationship between security
Knowledge 1
mechanisms and attacks?
UNIT – II
1 Demonstrate RC4 key value will leave S unchanged during
initialization. That is , after the initial permutation of S, the
Understand 3
entries of S will be equal to the values from 0 through 255 in
ascending order?
2 Discuss the security implications of following centralization?
Key distribution schemes using an access control centre and/or
Knowledge 4
a key distribution centre have central points. vulnerable to
attack
3 Can RC4 be used in either CBC or EBC modes? Apply 3
4 RC4 has a secret internal state which is a permutation of all
possible values of the vector S and the two indices i and j
Apply 3
(a) Using a straightforward scheme to store the internal state,
how many bits are used?
UNIT – III
1 Consider RSA cipher with n=383*563=215629 and e=49.The
plain text, n, is encrypted with c=E (m) =m49modulo n. Show
Understand 5
that for each encrypted text c, E10(c) =c holds. Find a simple
way for a cryptanalyst to find the plain text m from c?
2 Consider a Diffie-Hellman scheme with a common prime q=11
and a primitive root $=2
(a) If user A has a public key YA=9, What is A’s private key
Knowledge 5
XA
(b) If user B has a public key YB=3, What is the shared secret
key k
3 Suppose we have a set of blocks encoded with RSA algorithm
and we don’t have the private key. Assume n-pq, e is the public
key. Suppose also someone tells us they know one of the plain Apply 5
text blocks has a common factor with n. Does this help us in
any way?
4 In public –key system using RSA, you intercept the cipher text
C=10 sent to a user whose public key e=5, n-35. What is the Apply 5
plaintext M?
5 Demonstrate the shortcomings of Kerberos version 4 and how
Understand 6
Are they addressed in version 5?
6 Suppose that, in PCBC mode, blocks Ci and Ci+1 are
interchanged during transmission. Show that this affects only Knowledge 6
the decrypted blocks Pi and Pi+1 but not subsequent blocks?
UNIT – IV

Specworld.in jntuworld.xyz
smartworld.asia smartzworld.com

Bloom’s Course
S. No. Questions
Taxonomy Level Outcome
1 PGP makes use of cipher feedback (CFB) mode of CAST-128,
whereas most symmetric encryption applications (other than
key encryption) use the cipher block chaining (CBC) mode. We
have
CBC: Ci = E(K, [Ci-1 ex-or Pi]);
Understand 7
Pi = Ci-1 ex-or D(K, Ci)
CFB: Ci = Pi ex-or E(K,Ci-1);
Pi = Ci ex-or E(K, Ci-1)
These two appear to provide equal security. Suggest a reason
why PGP uses the CFB mode?
2 In the PGP scheme, what is the expected number of session
Knowledge 7
keys generated before a previously created key is produced?
3 Consider radix-64 conversion as a form of encryption. In this
case, there is no key. But suppose that an opponent knew only
that some form of substitution algorithm was being used to Apply 7
encrypt English text and did not guess it was R64. How
effective would this algorithm be against cryptanalysis?
4 Demonstrate different cryptographic algorithms used in
Apply 7,8
S/MIME. Explain how S/MIME is better than MIME?
UNIT – V
1 Explain the different payloads of ISAKMP for authentication
Understand 9
and non- repudiation?
2 The IPSEC architecture document states that when two
transport mode SA’s are bundled to allow both AH and ESP
protocols on the same end-to-end flow, only one ordering of
security protocols seems appropriate: performing the ESP Knowledge 9
protocol before performing the AH protocol. Why is this
approach recommended rather than authentication before
encryption?
3 When tunnel mode is used, a new outer IP header is
constructed. For both IPV4 and IPV 6, indicate the relationship
of each outer IP header field and each extension header in the
outer packet to the corresponding field or extension header of Apply 9
the inner IP packet. That is, indicate which outer values are
derived from inner values and which are constructed
independently of the inner values?
4 In discussing AH processing, it was mentioned that not all of
the fields in an IP header are included in MAC calculation.
(a) For each of the fields in the IPV4 header, indicate
whether the field is immutable, mutable but predictable, or
Apply 9
mutable(zeroed prior to ICV calculation)
(b) Do the same for the IPV6 header
(c) Do the same for the IPV6 extension headers
In each case, justify your decision for each field
UNIT – VI
1 In SSL and TLS, why is there a separate Change Cipher Spec
Protocol, rather than including a change_cipher_spec message Understand 11
in the handshake protocol?

Specworld.in jntuworld.xyz
smartworld.asia smartzworld.com

Bloom’s Course
S. No. Questions
Taxonomy Level Outcome
2 Consider the following threats to web security and describe
how each is countered by a particular feature of SSL.
(a) Brute-Force Cryptanalytic Attack: An exhaustive search Knowledge 11
of the key space for a conventional encryption algorithm
(b) Reply attack: Earlier SSL handshake message are replayed
3 Consider the following threats to web security and describe
how each is countered by a particular feature of SSL.
(a) Man-in-Middle Attack: An attacker interposes during key
exchange, acting as the client to the server and as the Apply 11
server to the client
(b) IP Spoofing: Uses forged IP addresses to fool a host into
accepting bogus data
4 Consider the following threats to web security and describe
how each is countered by a particular feature of SSL.
(a) IP Hijacking: An active, authenticated connection between
two hosts is disrupted and the attacker takes the place of
one of the hosts
(b) SYN Flooding: An attacker sends TCP SYN message to Knowledge 11
request a connection but does not respond to the final
message to establish the connection fully. The attacked
TCP module typically leaves the “half=open connection”
around for a few minutes. Repeated SYN messages can
clog the TCP module
UNIT - VII
1 Why does SNMP use unreliable UDP datagram? What would
be the reason for the designer to choose UDP instead of TCP for Understand 13
the transport protocol for SNMP?
2 In SNMPv1, any object in an MIB is defined as having an MIB
Access Category, which can be assigned one of the following
values: read-only, read-write, write-only, and not-accessible. A
read is accomplished with a get or trap operation, and a write is
accomplished with a set operation. In the following table, fill in
each entry to show the access allowed
MIB Access Category SNMP Access Mode Knowledge 13
READ-ONLY READ-WRITE

3 RFC 2574 states that for a nonauthorative engine, the values of

msgAuthoritativeEngineBoots and
msgAuthoritativeEngineTime in an outgoing message header Apply 13,14
are set only if the message is to be authenticated by the
authoritative receiver. Why does this restriction make sense ?
4 For response message from an authoritative engine, the values
of msgAuthoritativeEngineBoots and
Apply 13,14
msgAuthoritativeEngineTime in outgoing message header are
always set. Why might this be so?
UNIT - VIII

Specworld.in jntuworld.xyz
smartworld.asia smartzworld.com

Bloom’s Course
S. No. Questions
Taxonomy Level Outcome
1 The question arises as to whether it is possible to develop a
program that can analyze a piece of software to determine if it is
a virus.
Program CV :=
{ ……
main-program :=
{ if D(CV) then goto next:
Else infect-executable; Understand 16
}
next:
}
In the proceeding program, infect-executable is a module that
scans memory for executable programs and replicates itself in
those programs. Determine if D can correctly decide whether
CV is a virus?
2 How does the behaviour-blocking software monitor the
Knowledge 15
program behaviour in real-time systems?
3 The necessity of the “no read up” rule for a multilevel secure
system is fairly obvious. What is the importance of the “no Apply
write down” rule?
4 Describe how firewall can be used to protect the network
against the following attacks.
(a) SMTP Server Hijacking( Unauthorized Relaying)
(b) Exploiting Bugs in Applications
Apply 15,16
(c) Bugs in Operating Systems
(d) ICMP Flooding
(e) Ping of Death
(f) Sub-seven Trojan

Specworld.in jntuworld.xyz