Manipal Institute of Technology, Manipal

Department of Data Science and Computer Applications

Subject: DSE 3258- Data Privacy &Security
Make-up Examination
Class: VISEM DSE Max. Marks: 50 Date: 10.07.2023

Type:DES

QNo. Questions Mapped BL

COs

1A Q1. Explain the various security mechanisms which are incorporated into the CO 1 2
appropriate protocol layer in order to provide some of the OSI security services.
(4)

1B Q2. Explainthe steps of play fair cipher by considering today is a beautiful day" as CO 1 2
the plaintext and the key as "kaffee und tee".
(3)

CO 1 4
1C Q3. Raam has sent an encrypted message as "YKUIPNDOPRPIHP" with a key as
"MANIPAL" to Shyam. Raam has advised Shyam to decipher the given cipher
using the Monoalphabetic cipher. Help Shyam to decipher the given cipher by
convincing him of the advantage of the Monoalphabetic cipher over Caesar's
cipher. (3)

2A Q4. Analyse the various components of the AES algorithm. How do these CO 1 4
components work together to provide a high level of encryption security?
(5)

2B Q5. Explain the working mechanism of triple-DES encryption technique. CO 1 2

(3)

2C Q6. Calculate the private key value for p= 13, q = 17 and public key = 35 using Co 2 3
RSA.
(2)
3A Q7."A suspect in a criminal case has been arrested and their mobile device has Co3 2
been seized. The digital forensics team is tasked with recovering evidence from
the device, such as text messages, call logs, and location data. The team uses
specialized software to extract data from the device and analyse it for relevant
information, such as evidence of communication with accomplices or location data
that places the suspect at the scene of a crime". For this case study, write a digital
forensic examination report. (5)

3B Q8. Explain different scale of the data which can be used to analyse security CO 3 2
metrics. (3)
3C CO 4
Q9. Discuss impact of the following Privacy attacks over personal information
a. Malware attacks
b. Phishing. (2)
CO 2
4A Q10. Consider an elipticcurve Ezs (1, 1) over the prime field GF23. Assume a base
point G=(6, 19) and a private key nB =2. Performthe encryption operation with
the nonce value k = 2 using the point addition and multiplication method. (5)
CO 2 2
4B Q11. WVith an example, explain the role of a prime number and a primitive root in
the Diffie-Hellman key exchange protocol. (3)
2
4C Q12. Discuss the concept of a hash collision and its implications for hash
functions. (2)
data like CO 4 2
5A Q13. Explain the various disclosure control problems on highly identifiable
personal information such as names, addresses, social security numbers, and
medical records. (5)
2
5B Q14. Explain the difficulties of implementing null-map, k-map and wrong-map over CO 4
an anonymous data set. (3)

CO 4 4
5C Q15. Read the followingparagraph and answer the question
A
healthcare organization is exploring the use of patients' personal data for
research purposes. The organization wants to analyse the data to identify patterns,
trends, and potential correlations to improve healthcare outcomes and develop
personalized treatment plans. However, there are concerns about privacy, data
ownership, and the ethical implications of using sensitive personal information.
Evaluate the ethical considerations and potential risks associated with the use of
patients' personal data for research purposes in the healthcare industry. Provide
recommendations for mitigating these risks while ensuring the benefits of data
analysis are realized. (2)
 Manipal Institute of Technology, Manipal
Department of Data Science and Computer Applications
Subject: DSE 3258 - Data Privacy & Security
End Semester Examination
Max. Marks: 5O Date: 01.06.2023
Class: VI SEM DSE

Type: DES
Questions Mapped BL
QNo. COs

Priya CO 1 3
1A Q1. Help Ria to encrypt a message "safe message" and send to
length = 3,
using Hill Cipher by considering key as "ciphering" (assume the
A=0). (4)

CO 1 3
1B Q2. Demonstrate a playfair cipher for decrypting the ciphertext
"RBCQWDQBWETIBYHVWQZ" using a key as "kaffee und tee".
(3)

columnar CO 1 3
1C Q3. Fora given plain text "beautiful day", demonstrate single
transposition using "TODAY" as the key.
(3)

d4 CO 1 3
2A
bf
Sd
30
Q4. Perform AES mix column operation on the data
(5)

Q5. Explain the role of the Feistel network in the Data Encryyption Standard, CO 1 2
2B
and how does it contribute to the overall security of the encryption
scheme? (3)

CO 2 3
2C Q6. Calculate the ciphertext for plaintext '5' using RSA. Assume p = 3,
q=13, e =5. (2)

3A Q7. A bank suspects that a customer is engaging in fraudulent financial CO3 4

transactions and asks a digital forensics team to investigate. The team

examines the customer's account activity, such as transaction logs, and
 transfers to
frequent
such as uses digital
of behavior,
identifies suspicious patterns ATMs. The
team
to
withdrawals from can be used
offshore accounts or large evidence that a
techniques to collect case study, write
forensic tools and For this
for financial fraud. (5)
prosecute the customer CO 3
(GQM)
examination report. Goal-Question-Metric
digital forensic
example explain
3B Q8. With the help of an metrics. (3)
the security
approach for building CO4
personal
Privacy attacks over
following
Discuss impact of the
3C Q9.
information

a
Identity theft
over CO2 3
b. Eavesdropping (2) equationy²= x + X + 1
curve defined by the key nB
Q10. Consider
an elliptic
G= (13, 7) and a private
4A
GF23. Assume a base point additionand
the prime field operations using the point
following
=3. Perform the
multiplication method
a Calculate the public key. message PT=(17, 20)
encryption operation of the
b. Perform the
value k = 3. (5)
using the nonce
CO 2 3
the Diffie
to establish ashared secret key using
Q11. Alice and Bob want = 17 and
4B
protocol. They agree on a prime number p
Hellman key exchange =5, while Bob
root g =3. Alice chooses a secret integer a
a primitive
chooses a secret integer b=7.
A.
a. Calculate Alice's public key
b. Calculate Bob's public key B.
using the public keys. (3)
c. Determine the shared secret key
CO2
Keccak-256 are the
4C Q12. SHA-256 (Secure Hash Algorithm 256-bit) and 256
produces
two hashing algorithms which takes variable length input and the
Over
bits output. Assume that a SHA-256 hash operation performed "Hello
y=
input x ="Hello wold" and Keccak-256 hash operation over:
SHA-256 and
Manipal" are producing the same output. Does it mean
Keccak-256 are not collision resistant? Justify your answer. (2)
 applied by data CO 4 2
5A Q13. Explain the different levels of access restrictions
holders to person-specific data. (4)
mechanism of null-map, k-map CO 4 4
5B Q14. Compare and contrast the working
and wrong-map (3)

CO 4 4
the question
5C Q15. Read the following paragraph and answer
personal data from its patients,
Ahealthcare provider has collected
treatments, and insurance
including medical histories, diagnoses,
pool of data that can be
information. The provider has access to a large
and overall healthcare quality.
analysed to improve patient outcomes
there are concens about the privacy and security of patient data,
However,
unauthorized access.
as wellas the potential for misuse or healthcare
legal considerations that the
What are some of the ethical and
should take into account when using patients' personal data for
provider
analysis and research purposes? (3)
 Manipal Institute of Technology, Manipal
Department of Data Science and Computer Applications
Subject: DSE 3258- Data Privacy &Security
Test -1
Class: VSEM DSE Max. Marks: 15 Date: 13.03.2023

Questions Mapped BL
QNo.
COs

is the unauthorized movement or disclosure of sensitive CO 1 2

1 Q1.
information to a party, usually outside the organization, that is not authorized to have
or see the information. (0.5)
**databreach
cyber security
threat assessment

security
Q2. Identify the term which denotes the violation of principle if the computer is no CO 1 2
2
more accessible. (0.5)
**Availability
Confidentiality
Integrity
All of the options.

co 1
03. Which one of the following can be considered as the class of computer threats?
2
3
(0.5)
Phishing
**Dos Attack

Soliciting
none of the options

2
Q4. Which of the following correctly defines polygraphic substitution cipher? (0.5) CO 1

a substitution-based cipher which uses multiple substitutions at different positions

a substitution-based cipher which uses fixed substitution over entire plain text

**a substitution-based cipher in which substitution is performed over a block of letters

atransposition based cipher which uses fixed substitutionover entire plain text
 CO1

5
Q5. Columnar cipher falls under the category of? (0.5)
mono-alphabetic cipher
poly-alphabetic cipher
**transposition cipher
additive cipher shift left
CO 1
where one bit
number
6 Q6. In DES key generation, identify the rounds
operation is performed. (0.5)
**1, 2, 9, 16
1, 2, 4, 8
1, 4, 10, 14
1, 6, 10, 16 Generator CO 1
True Random Number function
generated by Pseudorandom
7 Q7. Can we use the bit stream output Generator (PRNG) and
Number
as a seed in Pseudo Random
(PRF) (0.5)
No. It is source of true randomness

**Yes. It is possible to use as seed

Pseudorandom function (PRF)
We can use only in (PRNG)
only in Pseudo Random Number Generator
We can use
substitution table of 16x16
bytes CO1
Encryption Standard (AES), one
Q8. In Advanced
containing -(0.5)
decryption
Equal Substitution of Given Plain
text for both encryption and
**Permutation of all 256 8-bit values
encryption
Equal Substitution of Given Plain text for
EqualSubstitution of Given Plain text for decryption 2
related keys can be CO02
Q9. In which public key cryptosystem algorithm, either of the twO
used for encryption, with the other used for decryption. (0.5)
Elgamal Public Key algorithm
**RSA Public Key algorithm
Any Public Key algorithm
None of the Public Key algorithm
10 Q10. Complexity of the ElGamal Cryptosystem based on-- (0.5) Co 2 2

**Hardness of Discrete Logarithm Problem

Selection of public and private key
Paricipants communication channel

Selection of generator over the multiplicative groupG

Type: DES

QNo. Questions Mapped BL

COs

1 Q11. Aadhya and Bhoomika are two friends. Aadhya wants to send a secret code to CO 2 3
Bhoomika. So, she decides to use the RSA algorithm to share the code. By assuming
p=7,q=7, and e=17, identify the steps of how the code "25" is encrypted and decrypted
at either of their ends. (2)
2 Q12. Explain the security need of Tripple DES in Symmetric Encryption. (2) CO 1 2

3 Q13. Explain the encryption rules of Playfair cipher by taking for example message as CO 1 2
"MIT MANIPAL" and the key as "ONLINE". (3)
Q14. Explain the working mechanism of function gin the AES 192 Key expansion CO 1 2
Algorithm, (3)
 Manipal Institute of Technology, Manipal
Department of Data Science and Computer Applications
Subject: DSE 3258 - Data Privacy & Security
Test - 2
Max. Marks: 15 Date: 20.04.2023
Class: VISEM DSE

Type: MCQ
Questions Mapped BL
QNo. COs

Bob. So, he obtains an algorithm that Co 2 2

1 Q1. Eve intends to break a signature signed by Which type of attack is this?
signature.
equivalent to Bob's signature and verifies the
(0.5)
** Universal forgery
Selective forgery
Existential forgery
Total break.

CO 2 2
Q2. In SHA-224 the size of the block is
bits. (0.5)
2

**512

64

128

224.
CO 3 2
message authentication code (MAC). (0.5)
3 03. ldentify the correct statement w.r.t
Sends a hash of messages.

** sends a keyed hash of the message.

encrypts using private key
none of these
CO 2 2
preimage resistance of a hash
Q4. ldentify the statement that justifies the secondary
function. (0.5)
to find y such that H(y) =h.
For any given hash value h, it is computationally infeasible
find y!= x with H(y)=H(y).
For any given block x, it is computationally infeasible to
find y!=x with H(y)=H(x).
** For any given block x, it is computationally infeasible to
such that H(x) = H(y).
It is computationally infeasible to find any pair of (x,y) with x!=y,
 CO 3
Q5. Raam is trying to access iamagoodwebsite.org having Home, About and Contact 2

tabs. When he clicked on the Contact tab, the browser redirects his page to
iamnotagoodwebsite. org. Which type of cybercrime is this attack? (0.5)
CryptoJacking
Hacking
**Pharming
SQL Injection
hotel room, Her card is obtained by Eva and
CO 3 2
6 Q6. Alice has lost the access card to her ldentify the type
she tries to enter Alice her room by disguising herself as Alice.
cybercrime performed by Eva. (0.5)
**identity theft
Cyberstalking
Phishing
None of these
CO 3 2
7 Q7. Components of Goals in GQM Model is -- (0.5)
Goal, Questions, Metrics
** Outcome, Elements, Perspective
Statement, Element, Metrics
Outcome, Questions, Perspective
what is the function of the CO3 2
8 Q8. In Elliptic Curve Diffie-Hellman (ECDH) algorithm,
generator point? (0.5)
It generates the public and private keys
** It is not used in ECDH algorithm

It generates the shared secret key

It performs the Diffie-Hellman key exchange

Q9. Which of the following is a question that can be answered using the GQMCO
approach in data privacy? (0.5)
What is the maximum speed at which data can be processed?
** How effective are our privacy controls at protecting personal data?
How can we improve the user experience of a privacy policy
What is the total amount of data collected by an organization?
10 Q10. What is the order of the point on an elliptic curve defined over a finite field Fp, if CO 2 2
pis a prime number and the point has coordinates (%,y)? (0.5)
It depends on the specific curve and point.
It is always equal to 2p.
It is always equal to p.
It can be any integer value less than p.

Type: DES

QNo. Questions Mapped BL

COs
11 Q11. Joy & Sons Co. have decided to build their own car manufacturing organization. As CO3 2
a security professional, what do you advise them to consider at the time of organization
planning to resist their company being ready for cyber-attacks?. (2)
12 Q12. Assume that two parties, A and B, agree to use a prime number p=11 and base g=2 CO 2 3
for their Diffie-Hellman key exchange. A chooses a secret key a=4,
and B chooses a
secret key b=3. Calculate the shared secret key that A and B will use for
their
communication, (2)
13 Q13. Shyam is advised to digitally sign a document before
His Boss asked him to attach a hash value of the communicating with his Boss.CO 2 2
document and send the digest and
document together to ensure the authentication of the document. Explain with aneat
diagram the document hashing considering the SHA-512 algorithm, (3)
14 Q14. Alice wants to send message M to Bob the which is
PM = (443, 253) over an elliptic curve encoded as the plaintext point CO 2 3
Ezs1(-1, 188). She must use Bob public key to
encrypt it. Suppose that Bob secret key is ng = 6, with the
then calculate the Bob public key. (3) generator point G =
(0, 376)