1.Which of the following is a primary goal of network security?
a) Increasing network speed
b) Reducing hardware costs
c) Protecting data integrity and confidentiality (Correct) ✔️
d) Enhancing user convenience
2.What does VPN stand for in the context of network security?
a) Virtual Private Network (Correct) ✔️
b) Very Private Network
c) Visual Processing Node
d) Vital Protocol Network
3.What is the purpose of a firewall in network security?
a) Encrypting data transmission
b) Blocking unauthorized access (Correct) ✔️
c) Boosting network performance
d) Expanding network coverage
4.Which protocol is commonly used for secure communication over a computer network?
a) HTTP
b) FTP
c) HTTPS (Correct) ✔️
d) UDP
5.In the context of network security, what does the term "phishing" refer to?
a) Manipulating hardware components
b) Sending malicious emails to deceive individuals (Correct) ✔️
c) Enhancing network speed
d) Configuring firewalls
6.Which of the following statements is true regarding a firewall?
A. Firewalls operate at the application layer of the OSI model.
B. Stateful inspection firewalls keep track of the state of active connections. (Correct) ✔️
C. Firewalls are primarily used for data backup.
D. Network Address Translation (NAT) is a type of intrusion detection system.
7.Which of the following is NOT a characteristic of a secure firewall?
a) Stateful inspection
b) Packet filtering
c) Encryption of all transmitted data (Correct) ✔️
d) Proxy services
8.A sender S sends a message m to receiver R, which is digitally signed by S with its private key. In this scenario, one or more of the following security violations can take place.
I. S can launch a birthday attack to replace m with a fraudulent message.
II. A third party attacker can launch a birthday attack to replace m with a fraudulent message.
III. R can launch a birthday attack to replace m with a fraudulent message.
Which of the following are possible security violations?
a) I and II (Correct) ✔️ b) I and III c) II and IV d) III ,II and I
9.In the RSA public key cryptosystem, the private and public keys are (e, n) and (d, n) respectively, where n = p*q and p and q are large primes. Besides, n is public and p and q are private. Let M be an integer such that 0 < M < n and f(n) = (p- 1)(q-1). Now consider the following equations.
I. M’= Me mod n M = (M’)d mod n II. ed ≡ 1 mod n
III. ed ≡ 1 mod f(n)
IV. M’= Me mod f(n)
M = (M’)d mod f(n)
Which of the above equations correctly represent RSA cryptosystem?
a) b) I and II c) d) I and III (Correct) ✔️ e) f) II and IV g) h) III and IV
10.A sender is employing public key cryptography to send a secret message to a receiver. Which one of t a) Sender encrypts using receiver’s public key (Correct) ✔️ b) Sender encrypts using his own public key c) Receiver decrypts using sender’s public key d) Receiver decrypts using his own public key
11.Consider the following two statements:
i. A hash function (these are often used for computing digital signatures) is an injective function. ii. encryption technique such as DES performs a permutation on the elements of its input alphabet. Which one of the following options is valid for the above two statements? a) Both are false b) Statement (i) is true and the other is false c) Statement (ii) is true and the other is false d) Both are true e) Pta nehi (Correct) ✔️ 12.Which of the following are used to generate a message digest by the network security protocols? (P) RSA (Q) SHA-1 (R) DES (S) MD5
a) P and R only b) Q and R only c) Q and S only (Correct) ✔️ d) R and S only 13.Suppose that everyone in a group of N people wants to communicate secretly with the N–1 others using symmetric key cryptographic system. The communication between any two persons should not be decodable by the others in the group. The number of keys required in the system as a whole to satisfy the confidentiality requirement is a) 2N b) N(N – 1) c) N(N – 1)/2 (Correct) ✔️ d) (N – 1)2 14.The minimum positive integer p such that 3p modulo 17 = 1 is a) 5 b) 8 c) 12 d) 16 (Correct) ✔️ 15.Exponentiation is a heavily used operation in public key cryptography. Which of the following options is the tightest upper bound on the number of multiplications required to compute bn mod m,0≤b,n≤m ?
a) O(logn) (Correct) ✔️ b) O(√n) c) O(n/logn) d) O(n) 16.MD5 is a widely used hash function for producing hash value of a) 64 bits b) 128 bits (Correct) ✔️ c) 512 bits d) 1024 bits
17.What is the primary purpose of a Key Distribution Center (KDC) in Kerberos?
A) Data encryption
B) User authentication (Correct) ✔️
C) Network monitoring
D) Firewall management
18.In public-key cryptography, which key is used for encryption?
A) Public key (Correct) ✔️
B) Private key
C) Symmetric key
D) Session key
19.Which of the following protocols is used for securing email communication?
a) SSL
b) TLS (Correct) ✔️
c) SHTTP
d) SET Fill in the Blanks
1.TLS is a cryptographic protocol designed to provide secure communication over a computer
network.
2. A firewall is a security mechanism that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
3. In the context of network security, the acronym IDS stands for Intrusion Detection System.
4. Intrusion Detection Systems (IDS) can be categorized into two types: Signature based and Anomaly based.
5.In a Virtual Private Network (VPN), tunneling protocol is used to create a secure and encrypted connection over the Internet.
6. Security handshake protocols aim to establish a secure communication channel by exchanging
cryptographic keys between parties.
7. Simulation is often used to test the strength and effectiveness of cryptographic techniques in various scenarios.
8. In the context of network security, SSL/TLS is a cryptographic protocol designed to provide
communication security over a computer network. (True/False):
1. A Virtual Private Network (VPN) provides a secure communication channel over an untrusted network such as the internet. - True
2. In a Denial of Service (DoS) attack, the attacker aims to gain unauthorized access to sensitive information. - False
3. Single Sign-On (SSO) allows a user to log in once and gain access to multiple systems without re- authenticating. – True
4. A digital certificate binds a public key to an individual, device, or service, providing a means of verifying identities in a secure manner. – True Question: Short Answer Type
1 What is the difference between symmetric and asymmetric key cryptography?
2. Define the term "packet filtering" in the context of firewall security.
3. Explain the concept of a Man-in-the-Middle (MitM) attack. Provide an example scenario and discuss how it can be mitigated.
4. Explain the concept of Intrusion Detection Systems (IDS) and provide an example of how they enhance network security.
5. If a bit error occurs in plain text block b1, how far does the error propagate in CBC mode of DES?
6. Provide an overview of symmetric key algorithms. What are the key types and modes used in these algorithms?
7. Give the structure of AES. Explain how Encryption/Decryption is done in AES
8. Use Vigenere Cipher with key HEALTH to encrypt the message “Life is full of surprises”
9. Justify the statement-“Message encryption by itself can provide a measure of authentication”
10. Explain the usage of digital signature algorithm (DSA) to perform signing and verifying operations.
11. If you have a message with 60 characters and you use a transposition cipher with a key of 5, how many different ways can the message be rearranged?
12. . Briefly explain the concept of biometric-based authentication and provide an example.
13. Explain the concept of a security token and how it enhances authentication in network security.
14.(a) Give the structure of AES. Explain how Encryption/Decryption is done in AES.
(b) Justify the statement-“Message encryption by itself can provide a measure of authentication
15. (a)Explain the architecture and security features of Kerberos for user authentication. Include an analysis of how Kerberos mitigates common security threats:
(b) Describe various types of biometric authentication methods and discuss their effectiveness and potential vulnerabilities in network security Question: Long Answer Type
1. Explain the concept of a Virtual Private Network (VPN) and its applications in enhancing network security. Discuss the key components of a VPN. 2. Discuss the importance of regular security audits in maintaining network security. Explain the steps involved in conducting a network security audit and provide examples of potential vulnerabilities that could be identified. 3. Describe the principles of the Defense-in-Depth strategy in network security. Provide examples of multiple layers of defense mechanisms. 4. Users A and B use the Diffie Hellman key exchange technique, a common prime q=11 and a primitive root alpha=7. (i) If user A has private key XA=3.What is A’s public key YA? (ii) If user B has private key XB=6 What is B’s public key YB? (iii) What is the shared secret key? Also write the algorithm.
5. Describe the steps in finding the message digest using SHA-512 algorithm. What is the order of finding two messages having the same message digest? 6. Suppose that everyone in a group of N people wants to communicate secretly with the N - 1 others using symmetric key cryptographic system. The communication between any two persons should not be decodable by the others in the group. How many number of keys required in the system as a whole to satisfy the confidentiality 7. In asymmetric key cryptography, RSA commonly uses key lengths of 1024, 2048, or 4096 bits. If you are using a 2048-bit RSA key, how many possible keys are there? 8. Discuss the potential pitfalls in security handshakes during the authentication process. Provide examples and suggest measures to mitigate these pitfalls. 9. Compare and contrast certificate-based authentication and password-based authentication. Highlight the strengths and weaknesses of each method. 10. Compare and contrast the cryptographic mechanisms employed in Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols, highlighting their respective strengths and vulnerabilities in ensuring secure communication over the internet. 11. A.) If you have a message with 60 characters and you use a transposition cipher with a key of 5, how many different ways can the message be rearranged?
B.) Suppose that everyone in a group of N people wants to communicate secretly with the N - 1 others using symmetric key cryptographic system. The communication between any two persons should not be decodable by the others in the group. How many number of keys required in the system as a whole to satisfy the confidentiality.
12. Users A and B use the Diffie Hellman key exchange technique, a common prime q=11 and a primitive root alpha=7. 5[CO4] [L2] a) If user A has private key XA=3.What is A’s public key YA? b) If user B has private key XB=6 What is B’s public key YB? c) What is the shared secret key? Also write the algorithm.
