COLLEGE OF SCIENCE AND TECHNOLOGY
SCHOOL OF ENGINEERING
DEPARTMENT OF ELECTRICAL AND ELECTRONICS ENGINEERING
END OF SEMESTER I EXAMINATIONS
ACADEMIC YEAR: 2017-2018EXAMINATION PERIOD: January
2018
YEAR OF STUDY:
4 SEMESTER:
SUBJECT CODE & NAME: CSC4262
NO. OF STUDENTS:
74
DATE OF SUBMISSION:
0722376478
Programme: Full Time
√
NETWORK SECURITY AND CRYPTOGRAPHY
]
DURATION: 2hrs
MAX. MARKS: 50
13/12/2017
NAME OF INTERNAL EXAMINER:
TEL: E-MAIL:
1
Dr Louis & Eng. Charles
C.DUHUJAMAHORO@ur.ac.rw
SIGNATURE:
Submitted
(i) Content
scheme
√
(ii) Main Exam Qns.(iii)
√
Marking
√
Head of Department:
Date:
Dr PHILBERT
MODULE INDICATIVE CONTENT
 Fundaments of contemporary cryptography
 Application of cryptographic techniques to provide essential
security services to modern communication networks.
 Mathematics background and number theorical reference problems
 Stream ciphers and block ciphers, pseudorandom number and
sequence generators
 Public key encryption
 Message authentication and Hash functions
 Digital signatures and authentication protocols.
 Key establishment and key management protocols
 Windows and open source operating system security
COLLEGE OF SCIENCE AND TECHNOLOGY
SCHOOL OF ENGENEERING
END OF SEMESTER I EXAMINATION DURING THE ACADEMIC YEAR
2017-2018
DEPARTMENT: Engineering
YEAR:
4
SEMESTER: 1
GROUP: ALL
MODULE: CSC4262 CRYPTOGRAPHY AND NETWORK SECURITY
DATE: 2016
TIME: 2hours
MAXIMUM MARKS = 50
INSTRUCTIONS
1. This paper contains FOUR (4) questions.
2. Answer THREE (3) Questions only:
Question ONE (1) from Section “A” is Compulsory and Answer any TWO
(2) from Section “B”
3. No written materials allowed.
4. Do not forget to write your Registration Number.
5. Write all your answers in the booklet provided
6. Do not write any answers on this questions paper.
7. The use of calculators is not allowed.
GOOD LUCK!
NETWORK SECURITY AND CRYPTOGRAPHY [CSC4262]
Duration: 2 hrs
Maximum Marks: 50
SECTION A
QUESTION 1 (Total= 20 marks)
a) Write the cipher of the plain text THE ELECTRICAL AND ELECTRONICS
ENGINEERING using
i) Ceaser cipher [2.5 Marks]
ii) Affine cipher with the key a=17, b=17 and m=26. [2.5 Marks]
iii) Playfair with the key PEACEFULLY. [2.5 Marks]
iv) Double columnar transposition with the key PEACEFULLY. [2.5 Marks]
1 6 10 
b) Check if the matrix K  5 1 2  ,m=26 can be used as a key for Hill cipher. If possible,


3 1 7 
use it to find the cipher of the plain text UNIVERSITIES. [5 Marks]
Note: If needed, use X as dummy character.
c) Write down the RSA algorithm [2.5 Marks]
d) In an RSA system, the public key of a given user A is e = 17, n= 1961. What is the private key
d of this user? (Hint: 1961 = 2025-64= 452 - 82= (45-8)(45+8) = 37 · 53 and each of these is
prime) [2.5 Marks]
SECTION B
QUESTION 2 (Total= 15 marks)
Assume that you are working for a business company such as telecommunication operator, Bank
or a government institution. Your organization is a networked enterprise that uses the Internet,
intranets, and other telecommunication networks to support business operations and
collaboration within the enterprise, and with their customers, suppliers, and other business
partners.
a) In the presence of potential threats and attacks, discuss the important security functional
elements/services [5 Marks]
b) Briefly, discuss the four primary categories of attacks to the company's network [5
Marks]
c) The main office of your company (e.g., located in Kigali) whishes to establish a
connection with a remote site (e.g., located in Rubavu) through an existing
telecommunication network infrastructure. An important/private information (e.g.,
money transfer) has to be exchanged between the main office and remote site, and this
information has to be kept secret from non-legitimate users. As a security expert, what
type of secure network would you suggest to implement to ensure that message is sent
and received with integrity in any network infrastructure? [5 Marks]
QUESTION 3 (Total= 15 marks)
a) Today, the interconnection of the PSTN networks of fixed and mobile phone systems and the
next generation network has increased the attack surface of the telecommunication networks.
Network operators or business companies should adopt a robust, managed security programme
to ensure that their networks are protected against malicious attacks. In this context, discuss the
ISO 27001 standard model which is applied to all information security management system
(ISMS) processes [5 Marks]
b) Assume that a user A transmits a file to user B through any network infrastructure. The file
contains sensitive information (e.g., payroll records) that is to be protected from disclosure.
User C, who is not authorized to read the file, is able to monitor the transmission and capture a
copy of the file during its transmission. Which type of attacker is user C? [5 Marks]
c) A network manager, D, transmits a message to a node, E, under its management. The
message instructs node E to update an authorization file to include the identities of a
number of new users who are to be given access to the network. User F intercepts the
message, alters its contents to add or delete entries, and then forwards the message to
node E, which accepts the message as coming from manager D and updates its
authorization file accordingly. Which type of attacker is user F? [5 Marks]
QUESTION 4 (Total= 15 marks).
a) Discuss the major steps involved in a network security design process cycle? [4 Marks]
b) Supposed that you have been hired to design a security system of a business company. One can
divide network security technologies/techniques according to the way they implement the required
security functional elements. In this context, discuss network security technologies
with their
respective security techniques or examples of mitigation techniques that can secure network by
considering functional elements. [8 Marks]
c) In brief, discuss the remote access network security requirements [3 Marks]