Beruflich Dokumente
Kultur Dokumente
______________________________________________________________________
INSTRUCTIONS TO STUDENTS:
1. This examination contains FOUR (4) questions and comprises FIVE (5) printed
pages (including cover page).
If you have used more than one answer book, please tie them together with the string
provided.
Question 1
(i) Having a strong algorithm to generate the ciphertext is one of the criteria
to consider an encryption scheme as computationally secure.
(5 marks)
(ii) When a virus goes through the triggering phase, it will place a copy of
itself into another program or into certain system areas.
(5 marks)
(iii) In the UNIX password management, the use of salt would greatly
increase the difficulty of offline dictionary attack.
(5 marks)
(a) Explain what it means by security mechanism means and highlight the different
specific security mechanisms defined by X.800.
(11 marks)
(b) Apply symmetric encryption technique to outline: what are some of the important
requirements to note concerning algorithms and keys?
(10 marks)
(c) Use symmetric encryption technique to determine the ways in which the secret
keys can be distributed between two communication parties.
(4 marks)
Question 3
(a) Demonstrate how message authentication can be achieved using hash function
with a secret value. Illustrate your answer with the aid of a diagram. Explain how
does the secret value provide the additional protection?
(10 marks)
(b) Apply the symmetric and public-key system techniques to explain how secure
communication can be provided between two parties. Illustrate your answer with
the aid of appropriate diagram(s), showing clearly the steps involved.
(15 marks)
(iii) Examine the IDS approach one may recommend, are there any intrusions
that are difficult to detect? Illustrate your answer with an example.
(5 marks)
(b) Apply packet filter router as firewall in the first line of defence against external
intruders. Suppose a TCP email connection is set up between a user agent and a
server program. The server listens on TCP port 25 for incoming connection
requests. The user end of the connection is on a TCP port number above 1023.
The following packet filter rule set has been implemented to allow inbound and
outbound traffic:
Given that the host’s IP address is 172.16.1.1, an e-mail was sent from a remote
host with IP address 192.168.20.40. Additionally, a user on the host also tries to
send an e-mail to the server on the remote system. The four typical packets for
this scenario are as follow: