Comp 424: Computer Security Question Paper
Comp 424: Computer Security
Course:Bachelor Of Science In Computer Science
Institution: Chuka University question papers
Exam Year:2013
CHUKA
UNIVERSITY
UNIVERSITY EXAMINATIONS
FOURTH YEAR EXAMINATIONS FOR THE AWARD OF BACHELOR OF SCIENCE IN COMPUTER SCIENCE
COMP 424: COMPUTER SECURITY
STREAMS: Y4S2 TIME: 2 HOURS
DAY/DATE: FRIDAY 26/4/2013 8.30 AM – 10.30 AM
INSTRUCTIONS:
• Attempt Question ONE and any other TWO Questions
• Marks are awarded for clear and concise answers
• Only the first THREE Questions attempted will be marked (Question one inclusive)
SECTION A- COMPULSORY
Question One (30 Marks)
(a) Describe the operation of digital signature algorithm (DSA) [5 Marks]
(b) Briefly describe the following control mechanisms to information security. [6 Marks]
(i) Administrative controls
(ii) Logical controls
(iii) Physical controls
(c) While giving examples, give THREE types of information that can be used for authentication. [3 Marks]
(d) List any THREE practical applications of public key cryptography. [3 Marks]
(e) Differentiate between identification and authorization as used in computer
security. Give an example to show how both techniques work. [4 Marks]
(f) In the context of secure transmission and cryptography, discuss the importance
of trust. [2 Marks]
(g) List TWO problems associated with password security. [4 Marks]
(h) While explaining what a Certificate Authority (CA) is, describe its role in public key infrastructure. [3 Marks]
SECTION B- ANSWER ANY TWO QUESTIONS FROM THIS SECTION
Question Two (20 Marks)
(a) Briefly describe FOUR main security requirements that cryptography addresses.
[4 Marks]
(i) Integrity
(ii) Availability
(iii) Authentication
(iv) Non- repudiation
(b) Briefly explain the operation of challenge authentication protocol (CHAP). Give one weakness with this protocol. [8 Marks]
(c) Compute systems may implement proactive or reactive approaches to ensure a secure password environment. Explain the main features of each approach highlighting their advantages and disadvantages and disadvantages. [4 Marks]
(d) Describe how Kerberos implements authentication and confidentiality. [4 Marks]
Question Three (20 Marks)
(a) Using an example to illustrate your answer show how diffie Hell man algorithm Exchanges a key over an insecure network. [5 Marks]
(b) Using a diagram, illustrate the SET dual signature and give its significance in an e-commerce transaction. [5 Marks]
(c) With the aid of a diagram show how three techniques secret key cryptography,
public key cryptography and hash function can be combined to provide confidentiality, authenticity and integrity of a message. [6 Marks]
(d) What are honey pots? How can they help in securing a network? [4 Marks]
Question Four (20 Marks)
(a) Using a diagram, give a detailed description of DES operation. Show how the sub keys are generated. [8 Marks]
(b) Briefly describing what war dialing is, give any two defenses against it. [4 Marks]
(c) Briefly describe password storage and authentication in UNIX. [4 Marks]
(d) Give any TWO hash code algorithms. [2 Marks]
Question Five (20 Marks]
(a) Briefly describe the operation of the following models;
(i) Pretty good privacy [5 Marks]
(ii) Kerberos [5 Marks]
(iii) Public key certificates. [4 Marks]
(b) Briefly describe the concept and importance of confusion, diffusion and avalanche effect and how cryptographic algorithms may achieve them. [6 Marks]
---------------------------------------------------------------------------------------------------------------------
More Question Papers
Exams With Marking Schemes
Popular Exams
Mid Term Exams
End Term 1 Exams
End Term 3 Exams
Opener Exams
Full Set Exams
Return to Question Papers