Bit2317:Computer Security Question Paper
Bit2317:Computer Security
Course:Bachelor Of Information Technology
Institution: Meru University Of Science And Technology question papers
Exam Year:2010
1
a. Outline the six steps of risk management in the correct order. (6 Marks) b. Briefly describe the following control mechanisms in the correct order. (6 Marks) i. Administrative controls ii. Logical controls iii. Physical controls c. While giving examples, give three types of information that can be used for authentication. (3 Marks) d. List any three practical applications of public key cryptography. (3 Marks) e. Differentiate between identification and authorization as used in computer security. (2 Marks) f. Briefly describe the role of diffusion and confusion in data encryption algorithms. (4 Marks) g. List two problems associated with password security. (4 Marks) h. What is a certificate authority? (CA) (2 Marks)
QUESTION TWO – 20 MARKS
a. Briefly describe what is involved in the following in relation to computer systems security. (8 Marks) i. Integrity ii. Availability iii. Authentication iv. Non-repudiation b. Briefly explain the operation of challenge authentication protocol (CHAP). Give one weakness with this protocol. (8 Marks) c. Differentiate between reactive password checking and proactive password checking. (4 Marks)
2
QUESTION THREE – 20 MARKS
a. Describe five major elements of SET transactions. (5 Marks) b. Illustrate using a diagram the SET dual signature and give its significance in an e-commerce transaction. (5 Marks) c. Show how the three techniques secret key cryptography, public key cryptography and hash function can be combined to assure confidentiality, authenticity and integrity of data in information systems. (6 Marks) d. Differentiate between a virus and a worm. (4 Marks)
QUESTION FOUR – 20 MARKS
a. Using a diagram, give a detailed description of DES operation. Show how the sub keys are generated. (8 Marks) b. Briefly describe how you can generate RSA key. (6 Marks) c. While describing what war dialing is, give any two defenses against it. (4 Marks) d. Give any two hash algorithms. (2 Marks)
QUESTION FIVE – 20 MARKS
a. Briefly describe the following models: i. Pretty good privacy (6 Marks) ii. Kerberos (6 Marks) iii. Public key certificates. (6 Marks) b. What is the importance of trust in the context of secure transmissions and cryptography? (2 Marks)
More Question Papers