Sie sind auf Seite 1von 5

ICT211e

Examination – January Semester 2017

Encryption Techniques and Systems


Security
Wednesday, 17 May 2017 4:00pm – 6:00pm

______________________________________________________________________

Time allowed: 2 hours


______________________________________________________________________

INSTRUCTIONS TO STUDENTS:

1. This examination contains FOUR (4) questions and comprises FIVE (5) printed
pages (including cover page).

2. You must answer ALL questions.

3. This is a Closed Book examination.

4. All answers must be written in the answer book.

At the end of the examination


Please ensure that you have written your examination number on each answer book used.

Failure to do so will mean that your work cannot be identified.

If you have used more than one answer book, please tie them together with the string
provided.

THE UNIVERSITY RESERVES THE RIGHT NOT TO MARK YOUR


SCRIPT IF YOU FAIL TO FOLLOW THESE INSTRUCTIONS.

ICT211e Copyright @ 2017 SIM University Page 1 of 5


Examination – January Semester 2017
Answer all questions. (Total 100 marks)

Question 1

(a) Comment on the following computer security concepts, by answering TRUE or


FALSE with justification:

(i) Having a strong algorithm to generate the ciphertext is one of the criteria
to consider an encryption scheme as computationally secure.
(5 marks)

(ii) When a virus goes through the triggering phase, it will place a copy of
itself into another program or into certain system areas.
(5 marks)

(iii) In the UNIX password management, the use of salt would greatly
increase the difficulty of offline dictionary attack.
(5 marks)

(b) Comment on the confidentiality, integrity and availability requirements of a


telephone switching system that routes calls through a switching network based
on the telephone number requested by the caller. You may make your own
assumptions.
(6 marks)

(c) Is it possible a system may provide confidentiality without necessarily providing


Integrity, and vice versa?
(4 marks)

ICT211e Copyright @ 2017 SIM University Page 2 of 5


Examination – January Semester 2017
Question 2

(a) Explain what it means by security mechanism means and highlight the different
specific security mechanisms defined by X.800.
(11 marks)

(b) Apply symmetric encryption technique to outline: what are some of the important
requirements to note concerning algorithms and keys?

(10 marks)

(c) Use symmetric encryption technique to determine the ways in which the secret
keys can be distributed between two communication parties.
(4 marks)

Question 3

(a) Demonstrate how message authentication can be achieved using hash function
with a secret value. Illustrate your answer with the aid of a diagram. Explain how
does the secret value provide the additional protection?
(10 marks)

(b) Apply the symmetric and public-key system techniques to explain how secure
communication can be provided between two parties. Illustrate your answer with
the aid of appropriate diagram(s), showing clearly the steps involved.
(15 marks)

ICT211e Copyright @ 2017 SIM University Page 3 of 5


Examination – January Semester 2017
Question 4

(a) Demonstrate understanding of an intrusion detection system (IDS) by answering


the following questions:

(i) What are the motivation factors of having such a system?


(4 marks)

(ii) Briefly describe the TWO (2) approaches to intrusion detection.


(4 marks)

(iii) Examine the IDS approach one may recommend, are there any intrusions
that are difficult to detect? Illustrate your answer with an example.
(5 marks)

(b) Apply packet filter router as firewall in the first line of defence against external
intruders. Suppose a TCP email connection is set up between a user agent and a
server program. The server listens on TCP port 25 for incoming connection
requests. The user end of the connection is on a TCP port number above 1023.
The following packet filter rule set has been implemented to allow inbound and
outbound traffic:

Rule Direction Source Destination Protocol Destination Action


Address Address port
A In External Internal TCP 25 Permit
B Out Internal External TCP >1023 Permit
C Out Internal External TCP 25 Permit
D In External Internal TCP >1023 Permit
E Either Any Any Any Any Deny

Given that the host’s IP address is 172.16.1.1, an e-mail was sent from a remote
host with IP address 192.168.20.40. Additionally, a user on the host also tries to
send an e-mail to the server on the remote system. The four typical packets for
this scenario are as follow:

Packet Direction Source Destination Protocol Destination Action


Address Address port
1 In 192.168.20.40 172.16.1.1 TCP 25 ?
2 Out 172.16.1.1 192.168.20.40 TCP 1234 ?
3 Out 172.16.1.1 192.168.20.40 TCP 25 ?
4 In 192.168.20.40 172.16.1.1 TCP 880 ?
Table Q4(b)

ICT211e Copyright @ 2017 SIM University Page 4 of 5


Examination – January Semester 2017
(i) For each of the packets given in Table Q4(b), determine which is
permitted or denied and which rule is used in each case.
(8 marks)

(ii) Someone from the outside world (123.1.2.3) attempts to open a


connection from port 3650 on a remote host to the Web proxy server on
port 8080 on one of your local hosts (172.16.3.4), in order to carry out
an attack. Typical packets are as follows:

Packet Direction Source Destination Protocol Destination Action


Address Address port
5 In 123.1.2.3 172.16.3.4 TCP 8080 ?
6 Out 172.16.3.4 123.1.2.3 TCP 3650 ?

Discuss whether such an attack would be successful?


(4 marks)

----- END OF PAPER -----

ICT211e Copyright @ 2017 SIM University Page 5 of 5


Examination – January Semester 2017

Das könnte Ihnen auch gefallen