Institute for Design of Electrical Measuring Instruments (IDEMI) Course: ISM (Information Security Management) Module: Network Security,

Vulnerability Assessment and Penetration Testing Date: 7th April 2012 Time: 3hrs Total Marks: 100 Instructions: All questions are compulsory Draw diagrams where necessary Objectives (Each question carry 2 marks) 1. Which one is not a form of steganalysis? a. Detecting suspect information streams b. Protecting hidden information c. Disabling or destroying hidden information d. Extracting hidden information 2. Snort is an a. Intrusion Prevention System b. Intrusion Detection System c. Antivirus d. Anti-Spyware 3. Encryption is a process of a. Converting a plaintext into a key b. Converting a plaintext into human readable form c. Converting a plaintext into cipher text d. Converting a plaintext into hash 4. Hashing is a. One-way encryption b. Two-way encryption c. Manual testing d. Automated testing 5. We can perform automated testing using a. Metasploit b. Acunetix Web Vulnerability Scanner c. Nmap d. Norton Antivirus 6. Which type of cryptography supports one key for encryption and one key for decryption? a. Public Key Cryptography b. Secret Key Cryptography c. Hashing d. None of these

7. Which of the following tools is used for performing hashing? a. Hashdeep b. Hashmaster c. Zeus d. THC Hydra 8. ____ server is a server that creates a secure tunnel connection. a. RADIUS b. VPN c. Tunnel d. Authentication 9. A system that monitors traffic into and out of a network and automatically alerts personnel when suspicious traffic patterns occur, indicating a possible unauthorized intrusion attempt is called a(n) __________________. a. IPS b. IDS c. Firewall d. Antivirus Software 10. In an IP packet header, the ____ is the address of the computer or device that is to receive the packet. a. Source address b. Flag c. Destination address d. Total length 11. What TCP port is used by Telnet? a. 80 b. 110 c. 23 d. 72 12. Ports up to _______ are called well-known ports. a. 1500 b. 2000 c. 1023 d. 1024 13. _______________ is an error-checking procedure performed in the trailer section of an IP packet. a. CRC b. ACK c. FQDN d. FIN 14. Zone Alarm is an example of ___________ a. Firewall b. IDS c. Antivirus d. File Integrity Checker 15. The IDS which scans the entire network is termed as

16.

17.

18.

19.

20.

a. NIDS b. HIDS c. Antivirus d. MalwareBytes Kerberos is an authentication protocol that is used for a. Directory services b. FTP c. HTTPs d. RADIUS Which is of the following is used for removing loopholes in the system? a. Hotfixes b. Patches c. Upgrades d. Antivirus Which of the following is used for making the system up-to-date? a. Hotfixes b. Patches c. Upgrades d. Antivirus Cryptography is done to save the a. Confidentiality b. Integrity c. Availability d. Authentication DES contain a. 62 quadrillion keys b. 72 quadrillion keys c. 82 quadrillion keys d. 92 quadrillion keys Subjective Types (Each question carry 10 marks)

1. 2. 3. 4. 5. 6.

What is a firewall? What are its types based on its mechanisms? What is an IDS? What are its types? Explain with appropriate block diagram? Define encryption and decryption? Write down the steps for DES Algorithm? What is PKI? Explain the entities of PKI in detail? What is Digital Certificates? Explain X.509 v3 Certificate format? Explain the concept of Hashing with an example?