Network Security & Cryptography (CS 802 D)
Multiple Choice Questions
1. The principle of ___________ensures that only the sender and the intended recipients have
access to the contents of a message.
a. confidentiality b. authentication c. integrity d. access control
2. If the recipient of a message has to be satisfied with the identify of the sender, the principle
of _________ comes into picture.
b. Confidentiality b. authentication c. integrity d. access control
3. If we want to ensure the principle of ______ modified while in transit.
(a) confidentiality (b) authentication (c) integrity (d) access control
4. Allowing certain users specific accesses comes in the purview of
(a) confidentiality (b) authentication (c) integrity (d) access control
5. If a computer system is not accessible, the principle of _____________
(a) confidentiality (b) authentication (c) availability (d) access control
6. The four primary security principles related to a message are
(a) confidentiality, authentication, integrity and non-repudiation
(b) confidentiality, access control, non-repudiation and integrity
(c) authentication, authorization, non-repudiation and availability
(d) availability, access control, authorization and authentication
7. While creating a digital envelope, we encrypt the_____ with the ______ .
(a) sender's private key, one-time session key (b) receiver's public key, one-time session
key
(c) one-time session key, sender's public key (d) one-time session key, receiver's public
key
8. Symmetric key cryptography is _______ asymmetric key cryptography.
(a) always slower than (b) of the same speed as (c) faster than (d) usually
slower than
9. The _____ attack is related to authentication.
(a) interception (b) fabrication (c) modification (d) interruption
10. The ______ attack is related to integrity.
(a) interception (b) fabrication (c) modification (d) interruption
11. The ____________ attack is related to availability.
(a) interception (b) fabrication (c) modification (d) interruption
12. In _______ attacks, there is no modification to message contents.
(a) passive (b) active (c) both of the above (d) none of the above
13. In _____________ attacks, the message contents are modified.
(a) passive (b) active (c) both of the above (d) none of the above
14. Interruption attacks are also called as ___________ attacks.
(d) replay attacks
(a) masquerade (b) alteration (c) denial of service
15. DOS attacks are caused by ______________
(a) authentication (b) modification (c) fabrication (d) replay attacks
16. Virus is a computer
(a) file (b) program (c) database (d) application software
17. A worm ________ modify a program.
(a) does not (b) does (c) mayor may not (d) may
18. A_______ replicates itself by creating its own copies, in order to bring the network to a
halt.
(a) virus (b) worm (c) Trojan horse (d) bomb
19. Applets and ActiveX controls are side programs.
(a) client (b) server (c) database (d) none of the above
20. ActiveX controls are _________ secure as compared to applets.
(a) more (b) equally (c) far more (d) less
21. The language that we commonly use can be termed as
Academy of Technology
2
(a) pure text (b) simple text (c) plain text (d) normal text
22. The codified language can be termed as
(a) clear text (b) unclear text (c) code text (d) cipher text
23. In substitution cipher, the following happens.
(a) characters are replaced by other characters (b) rows are replaced by columns
(c) columns are replaced by rows (d) none of the above
24. Transposition cipher involves
(a) replacement of blocks of text with other blocks
(b) replacement of characters of text with other characters
(c) strictly row-to-column replacement
(d) some permutation on the input text to produce cipher text
25. Caesar Cipher is an example of
(a) Substitution Cipher (b) Transposition Cipher (c) Substitution as well as
Transposition Cipher (d) none of the above
26. Vernam Cipher is an example of
(a) Substitution Cipher (b) Transposition Cipher (c) Substitution as well as
Transposition Cipher (d) none of the above
27. Cryptanalyst is a person who
(a) devises cryptography solutions (b) attempts to break cryptography solutions
(c) none of these (d) both of these
28. Homophonic Substitution Cipher is _________ to break as compared to Mono-alphabetic
Cipher.
(a) easier (b) the same (c) difficult (d) easier or same
29. The process of writing the text as diagonals and reading it as sequence of rows is called as
(a)Rail Fence Technique (b) Caesar Cipher
(c) Mono-alphabetic Cipher (d) Homophonic Substitution Cipher
30. The mechanism of writing text as rows and reading as columns is called as_______
(a) Vernam Cipher (b) Caesar Cipher (c) Simple Columnar Transposition Technique
(d) Homophonic Substitution Cipher
31. Vernam Cipher is also called as
(a) Rail Fence Technique (b) One-time pad (c) Book Cipher (d) Running Key Cipher
32. Book Cipher is also called as
(a) Rail Fence Technique (b) One-time pad (c) Mono-alphabetic Cipher (d) Running
Key Cipher
33. Conversion of plain text into cipher text is called as
(a) encryption (b) decryption (c) cryptography (d) cryptanalyst
34. Conversion of cipher text into plain text is called as
(a) encryption (b) decryption (c) cryptography (d) cryptanalyst
35. _________ increases the redundancy of plain text.
(a) Confusion (b) Diffusion (c) Both confusion and diffusion (d) Neither confusion
nor diffusion
36. ______________ works on block mode.
(a) CFB (b) OFB (c) CCB (d) CBC
37. DES encrypts blocks of ________ bits.
(a) 32 (b) 56 (c) 64 (d) 128
38. There are _________ rounds in DES.
(a) 8 (b) 10 c) 14 (d) 16
39. _________is based on the IDEA algorithm.
(a) S/MIME (b) PGP (c) SET (d) SSL
40. A _______ is used to verify the integrity of a message.
(a) message digest (b) decryption algorithm (c) digital envelope (d) none of the above
41. When two different message digests have the same value, it is called as
(a) attack (b) collision (c) hash (d) none of the above
42. The final solution to the problem of key exchange is the use of_____
Academy of Technology
3
(a) passport (b) digital envelope (c) digital certificate (d) message digest
43. To solve the problem of trust, the ______is used.
(a) public key (b) self-signed certificate (c) private key (d) digital signature
44. SSL layer is located between_______
(a) transport layer, network layer (b) application layer, transport layer
(c) data link layer, physical layer (d) network layer, data link layer
45. Firewall should be situated_______
(a) inside a corporate network(b) outside a corporate network
(c) between a corporate network and the outside world (d) none of these
46. Firewall is a specialized form of a _________
(a) bridge (b) disk (c) printer (d) router
47. A packet filter examines_______ packets.
(a) all (b) no (c) some (d) alternate
48. _______ adapts itself to the changing conditions.
(a) Stateless static filter (b) Static packet filter
(c) Adaptive packet filter (d) Stateful packet filter
49. Application gateways are ___________ packet filters.
(a) less secure than (b) more secure than (c) equally secure to (d) slower
50. IPSec provides security at the _______________
(a) application (b)transport (c) network (d) session
51. If the sender encrypts the message with her private key, it achieves the purpose of
(a) confidentiality (b) confidentiality and authentication
(c) confidentiality but not authentication (d) authentication
52. In asymmetric key cryptography,_______ keys are required per communicating
(a) 2 (b) 3 (c) 4 (d) 5
53. The private key _______________________
(a) must be distributed (b) must be shared with everyone
(c) must remain secret with an individual (d) none of the above
54. If A and B want to communicate securely with each other, B must not know
(a) Xs private key (b) Xs public key (c) B's private key (d) B's private key
55. _________are very crucial for the success of asymmetric key cryptography.
(a) Integers (b) Prime numbers (c) Negative numbers (d) Fractions
5 Marks Questions
1. What is the difference between passive and active security threats?
2. What is the difference between an unconditionally secure cipher and a computationally
secure cipher?
3. Briefly define the Playfair cipher.
4. Explain different types of attacks with examples.
5. Explain Simple Columnar Transposition Technique of symmetric encryption. Convert
the text “ACADEMY OF TECHNOLOGY” with the key value 31254.
6. What is the difference between diffusion and confusion?
7. Explain the key generation process in DES.
8. What is the purpose of the S-boxes in DES?
9. Explain the avalanche effect.
10. What is the difference between differential and linear cryptanalysis?
11. What is a meet-in-the-middle attack?
12. Why is the middle portion of 3DES a decryption rather than an encryption?
13. What is a trapdoor one-way function?
14. What is a message authentication code?
15. What is the role of a compression function in a hash function?
16. What are the properties a digital signature should have?
17. What are the five principal services provided by PGP?
18. What is the utility of a detached signature?
19. What services are provided by IPSec?
20. List four techniques used by firewalls to control access and enforce a security policy.
21. What are some weaknesses of a packet-filtering router?
22. What is an application-level gateway?
23. What is a circuit-level gateway?
24. What is a salt in the context of UNIX password management?
25. What services are provided by the SSL Record Protocol?
26. What steps are involved in the SSL Record Protocol transmission?
27. How is SHTTP different from SSL?
28. Explain the concepts of key rings in PGP.
29. a) Discuss about the four basic principles related to the security of a
massage.
b) What is availability?
30. Explain digital signature. Provide a scheme for implementing digital signature
using public key cryptography.
31. What is cryptography? What is cryptanalysis?
32. Compare the characteristic of SHA -1 and MD-5 algorithms. What is a firewall?
33. Describe Diffie-Hellman symmetric key exchange algorithm.
15 Marks Questions
1. a. What do you mean by network security explain with a suitable model.
b. What is Brute-force attack? Explain.
c. What is Worm? What is the difference between Worm and Virus?
d. What is Trojan? What is Cookie?
e. What are the key principles of security?
2. Explain substitution, transposition cipher and product cipher.
b. Briefly define the Playfair cipher. Find the cipher text for the plain text “ACADEMY
OF TECHNOLOGY” using Playfair cipher technique. The key here is
“ADISAPTAGRAM”. Also find the decrypted cipher text.
3. a. What do you mean by asymmetric key encryption? Explain.
b. What is the difference between symmetric key encryption and asymmetric key
encryption?
c. Describe CBC mode of encryption process. What is Initialization Vector?
d. Discuss the idea of algorithm modes.
4. a. Distinguish between differential and linear cryptanalysis.
b. What is the difference between stream cipher and block cipher?
c. How can the same key be reused in triple DES?
d. What is key wrapping? How is it useful?
5. a. What are the key requirements of message digest?
b. What are the problems with exchanging of public keys?
c. Explain RSA algorithm.
d. ”Symmetric key cryptography is faster than Asymmetric key cryptography”- Justify.
6. a. What do mean by “Digital Signature”?
b. What is the difference between MAC and message digest?
c. What is the real crux of RSA?
d. What is the key size for Blowfish?
7. a. What is the purpose of the S-boxes in DES?
Academy of Technology
5
b. In the public-key system using RSA, you intercept the cipher text CT=10 sent to a
user whose public key is E=5, N=35. What is the plain text PT?
c. What are the roles of the public and private key?
d. In an RSA system, the public key of a given user is E=31, N=3599. What is the private
key of the user?
8. a. What are the three aspects of a 3-factor authentication?
b. What is SSO? Discuss its two approaches.
c. How MD5 algorithm works?
d. What is the difference between little-endian and big-endian format?
9. a. What protocols comprise SSL?
b. What is a dual signature and what is its purpose?
c. Give examples of applications of IPSec.
d. What services are provided by IPSec?
10. a. Why is the SSL layer positioned between Application layer and Transport layer?
b. Name the four key steps in the creation of a Digital certificate.
c. How is SHTTP different from SSL?
What are the problems associated with clear text passwords?
d.
11. a. List and briefly define three classes of intruders.
b. What are two common techniques used to protect a password file?
c. What is honeypot?
d. What is the salt in the context of UNIX password management?
12. a. What is firewall?
b. What are the three main actions of a packet filter?
c. List the characteristics of a good firewall implementation.
d. What are the limitations of a firewall?
e.
13. a) What are the different types of attacks against security?
b) How an application level attack is characteristically different from aq network
level attack?
c) Differentiate between an active attack and a passive attack?
d) Why do you use digital signature? What are digital certificates?
14. a) Different between a block cipher and a stream cipher.
b) state and explain RSA algorithm.
c) Explain how the diffie-Hellman key exchange algorithm might become
vulnerable.
15. a) explain the following:
i) Static web page
ii) Dynamic web page
iii) Active web page
b) Explain with a figure how secure sockets layer(ssl) is accommodated in TCP/IP
protocol suite.
c) Explain what are the three sub-protocol in SSL?
d) Explain the position of SHTTP in TCP/IP protocol suite.
16. a) Compare substitution cipher and transposition cipher. What is secure
DNS ? Give its utility.
b) What are viruses and antivirus ?
c) Describe IP security architecture in brief.
17. a) What is WEP?
b) Using RSA public key cryptography system with a=1,b=2,etc.If p=5,q=11,and
d=27,find e and encrypt(cad).
c) How is SSTTP different from SSL?
d) describe the functioning of Massage Authentication Code(MAC).
18. Write short notes of any three of the following.
a) Kerberos
b) PGP
c) Applet and active-X controls
d) DNS spoofing
e) Secure Electronic Transaction(SET)
19. a). How many rounds are there in DES?
b). Describe a single round of DES with block diagram.
c). What is Triple DEA? Why is it more secure than DES?
d). “Authentication can be achieved using DES.” – Comment on it.
20. a). What is electronic money?
b). What is SET? Explain with a suitable model.
c). How pre-master-secret and master-secret is prepared in SSL handshake protocol?
d). Describe he fields of SSL records protocol header.
21. a). Describe SHA-1(message digest) algorithm.
b). How SHA-1 is differing from Md5?
c). It is known that, in symmetric-key cryptography, it is difficult to share the same secret
between two communicating parties. How can public-key cryptography solve this
problem?
d). Give an example of a message authentication using symmetric-key and asymmetric-key
cryptography.
