0% found this document useful (0 votes)
29 views4 pages

unit 5 A &B (1)

Uploaded by

Nafiza Banu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
29 views4 pages

unit 5 A &B (1)

Uploaded by

Nafiza Banu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

UNIT V SECURITY PRACTICE AND SYSTEM SECURITY

PART A
1)What is Email security?
It refers to the collective measures used to secure the access and content of
an email account or service. An email service provider implements email
security to secure subscriber email accounts and data from hackers - at rest and in
transit

2)What are the services provided by PGP services.


• Digital signature
• Message encryption
• Compression
• E-mail compatibility
• Segmentation

3) Why E-mail compatibility function in PGP needed?


Electronic mail systems only permit the use of blocks consisting of ASCII text. To
accommodate this restriction PGP provides the service converting the row 8-bit
binarystream to a stream of printable ASCII characters. The scheme used for this
purpose isRadix-64 conversion.

4) Name any cryptographic keys used in PGP?


 One-time session conventional keys.
 Public keys.
 Private keys.
 Pass phrase based conventional keys.

5)Define S/MIME.
Secure / Multipurpose Internet Mail Extension(S/MIME) is a security enhancement to
the MIME internet E-mail format standard, based on technology from RSA Data
security.
6)What is IP security in cryptography?
The IP security (IPSec) is an Internet Engineering Task Force (IETF) standard suite of
protocols between 2 communication points across the IP network that provide data
authentication, integrity, and confidentiality. It also defines the encrypted, decrypted
and authenticated packets.
7) Define Web security.
Web application security is the process of securing confidential data stored online
from unauthorized access and modification. Security threats can compromise the data
stored by an organization is hackers with malicious intentions try to gain access to
sensitive information.
8) What is security association?
A security association (SA) is the establishment of shared security attributes between
two network entities to support secure communication.

9) What does Internet key management in IPSec?


Internet key exchange (IKE) is a key management protocol standard used in conjunction
with the Internet Protocol Security (IPSec) standard protocol. It provides security for Virtual
Private Networks (VPNs) negotiations and network access to random hosts.

10)What are the two security services provided by IPSec?


 Authentication Header (AH)
 Encapsulating Security Payload (ESP)

11) What are the fields available in AH header?


 Next header
 Payload length
 Reserved
 Security parameter

12)Define virus. Specify the types of viruses?


A virus is a program that can infect other program by modifying them the modification
includes a copy of the virus program, which can then go on to infect other program.
Types:
 Parasitic virus
 Memory-resident virus
 Boot sector virus
 Stealth virus
 Polymorphic virus
 Sequence number Integrity check value

13)List the 3 classes of intruder?


Classes of Intruders
 Masquerader
 Misfeasor
 Clandestine

14)List the design goals of firewalls?


i)All traffic from inside to outside, and vise versa, must pass through the firewall.
ii)Only authorized traffic, as defined by the local security policy, will be allowed to
pass.
iii)The firewall itself is immune to penetration.

15)List out the four phases of virus.


 Dormant phase
 Propogation phase
 Triggering phase
 Execution phase
16)What is worm?
A worm is a program that can relicate itself and send copies from computer to
computer across network connections.

17) What is Bastion host?


Bastion host is a system identified by firewall administrator as critical strong
point in network security.

18) What is a trusted software?


Trusted software a system that enhance the ability of a system to defend against
intruders and malicious programs by implementing trusted system technology.

19)List Four general techniques of firewall.


 Security control
 Direction control
 User control
 Behaviour control

20)What are theThree types of firewall?


 Packet filter
 Application level gateway
 Circuit level gateway.

21) List approaches for intrusion detection.


 Statistical anamoly detection
 Rule based detection

22)What is intruder?
n intruder is an attacker who tries tog an unauthorized access to a system.

23)What is Zombie?
A Zombie is a program that securely takes over another internet-attached computer and
then uses that computer to launch attacks are difficult to trace the Zombie’s creator.
PART B

1)Explain about Electronic Mail security in detail.


2) Explain the operational description of PGP.
3) Write Short notes on S/MIME.
4) Write brief note on IP Security.
5)Write brief note on Web Security.
6) Write short notes on Intrusion Detection.
7) Explain the technical details of firewall and describe any three types of firewall with neat
diagram.
8) Define virus. Explain in detail.
9) Describe trusted system in detail.
10) Define intrusion detection and the different types of detection mechanisms, in detail.
11) Explain the types of Host based intrusion detection. List any two IDS software available.
12) What are the positive and negative effects of firewall?
13) Describe the familiar types of firewall configurations.
14) Explain the firewall design principles
15) Name some viruses & explain it.

You might also like