Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Exam Specimen - Personal Web Server

advertisement 
CITY UNIVERSITY OF HONG KONG
Course Code and Title: DCO20230 Internet Security
Session: Semester B, 200X-200Y
Time Allowed: Two Hours
This paper has Six pages.
Instructions to Candidates:
(A) Answer ALL questions in Section A.
(B) Answer Three questions in Section B.
Materials, aids & instruments permitted to be used during examination:
Portable battery operated calculator
1
Section A: This is a compulsory Question.
[25 marks]
a)
Briefly describe computer security together with three objectives.
[5 marks]
b)
You are assigned to design a new server room to house six servers in a
windowless room that is located at the end of corridor. List two items that you
will consider to install in this room to prevent fire. Support your suggestions with
brief explanation.
[6 marks]
c)
Given the plaintext is 3D 4F 2E 15 (32 bits) in hexadecimal and the key is 2F 3E
(16 bits) 16 bits, determine the ciphertext in hexadecimal if exclusive-or is
applied for this encryption.
[10 marks]
d)
Security Socket Layer (SSL) is commonly used in transport layer to encrypt
messages between server and browser. Briefly explain why SET (Secure
Electronic Transaction) is still needed.
[4 marks]
2
Section B
Question 1
Choose three questions out of five.
[25 marks]
a)
State the purpose of IPSEC.
[3 marks]
b)
A plaintext checksum is used for a security system as follows. The checksum will
then encrypted. A hacker finds that the checksum for $123 and $654 will produce
the same value. He then modifies the content of data. State a proposal to fix this
problem.
[6 marks]
c)
It is claimed that keyed hash is more secure, explain with a diagram why it is
difficult for the hacker to reproduce one-way hash value.
[8 marks]
d)
When sending out a message, we can either apply for cryptographical checksum,
cryptographical encryption or both. Use an example to differentiate
cryptographical checksum from cryptographical encryption.
[8 marks]
3
CITY UNIVERSITY OF HONG KONG
Course Code and Title: DCO20230 Internet Security
Session: Semester B, 200X-200Y
Time Allowed: Two Hours
This paper has Four pages.
Instructions to Candidates:
(A) Answer ALL questions in Section A.
(B) Answer Three questions in Section B.
Materials, aids & instruments permitted to be used during examination:
Portable battery operated calculator
4
Section A: This is a compulsory Question.
a)
[25 marks]
Briefly describe computer security together with three objectives.
[5 marks]
Computer security is a protection that is afforded to an information system in
order to attain the applicable objectives or preserving the integrity, availability
and confidentiality of information system resources
b)
You are assigned to design a new server room to house six servers in a
windowless room that is located at the end of corridor. List two items that you
will consider to install in this room to prevent fire. Support your suggestions with
brief explanation.
[6 marks]
The two items are smoke detectors and fire extinguisher.

The use of smoke detectors is to detect fire to alert the people.
 To place a fire extinguisher (ideally non-water based) near the server room is
to extinguish fire.
[2
c)
Given the plaintext is 3D 4F 2E 15 (32 bits) in hexadecimal and the key is 2F 3E
(16 bits) 16 bits, determine the ciphertext in hexadecimal if exclusive-or is
applied for this encryption.
[10 marks]
The key is:
00101111 00111110
The binary pattern of 3D 4F 2E and 15 is:
00111101 01001111 00101110 00010101
The ciphertext is:
00111101 01001111 00101110 00010101
(plaintext)
00101111 00111110 00101111 00111110
(key)
Use
Exclusiveor
00010010 01110001 00000001 00101011
or 12 71 01 2B in hexadecimal
d)
Security Socket Layer (SSL) is commonly used in transport layer to encrypt
messages between server and browser. Briefly explain why SET (Secure
Electronic Transaction) is still needed.
[4 marks]
5
SSL is a general purpose protocol to safeguard server and browser, while SET is a
specialised protocol for safeguarding credit-card-based transaction. SSL is
insufficient to provide protection between user, merchant and banks, as a pair of
keys is used to encrypt and authenticate the message, while SET provides more
secure measure as two pairs of keys for encryption and authentication separately
are used.
[4 marks with clear differentiation between SET and SSL, 2 marks if the
explanation is correct but not clear enough, 0 if explanation is incorrect.]
6
Section B
Choose three questions out of four.
Question 1 [25 marks]
a)
State the purpose of IPSEC.
[3 marks]
IPSE is a general purpose of security protocol at the IP layer to protect traffic
between hosts over the Internet.
[3 marks for clear explanation and 0 mark without mentioning the IP layer]
b)
A plaintext checksum is used for a security system as follows. The checksum will
then encrypted. A hacker finds that the checksum for $123 and $654 will produce
the same value. He then modifies the content of data. State a proposal to fix this
problem.
[6 marks]
We can apply one-way hash to fix the above problem. One-way hash function is
checksum like functions, but is explicitly designed so that an attacker cannot
construct a forged message (false) message that yields the same result. One-way
hash functions try to generate a fingerprint of data. The function is sensitive to
any change in the data.
[6 marks showing that students understand the limitation of checksum and the
application of one-way hash]
7
b)
It is claimed that keyed hash is more secure, explain with a diagram why it is
difficult for the hacker to reproduce one-way hash value.
[8 marks]
The block diagram is shown as follows. Unlike simple hash function, it combines
the secret key of the sender.




The data being sent combines the secret key.
The sender appends a secret key to the message contents and compute a one-way
hash.
The sender then sends the message data plus the hash.
The recipient uses the same key to re-compute and validate the hashed value.
[4 marks for correct diagram and 4 marks for explanation. Deduce 1 mark for each
incorrect item in the diagram]
c)
When sending out a message, we can either apply for cryptographical checksum,
cryptographical encryption or both. Use an example to differentiate
cryptographical checksum from cryptographical encryption.
[8
marks]
Cryptographical checksum detects changes in a protected message. It will not
apply to the data, but append a checksum that is encrypted to seal the message
against changes.
Cryptographical encryption is to encrypt the data being sent.
For example, Alice is ending a data $123 to Bob. The system should detect the
checksum of $123 and find that it is 412. Alice will send a message containing
8
$123 + encrypted value of 412 (say t&6). Bob will receive the message $123 and
he will then re-compute the checksum and use the same key to encrypt to see
whether it produce t&6, it means there is no change. In the above case, the
message $123 can be encrypted as well.
9
Related documents
Quiz-Input/Output/Processing
Quiz-Input/Output/Processing
Example Biological Level of Analysis Test
Example Biological Level of Analysis Test
Midterm exam 2014
Midterm exam 2014
Explain how human activities on a floodplain can increase the
Explain how human activities on a floodplain can increase the
Linear system culminating
Linear system culminating
Drawing a Cubist portrait in coloured pencil
Drawing a Cubist portrait in coloured pencil
Computer Applications in Business
Computer Applications in Business
AZ 2502 2500
AZ 2502 2500
Genetics 302 - Winter 2007 - Assignment 1
Genetics 302 - Winter 2007 - Assignment 1
Download
advertisement