Module 1: Introduction & Number Theory

Conceptual & Short Questions:

1. Define cryptography.

2. What is the difference between plaintext and ciphertext?

3. What is the need of cryptography?

4. Define active vs. passive attacks.

5. List and explain types of attacks (e.g., cipher-text only, known-plaintext, chosen-plaintext).

6. Explain the OSI security architecture: services, mechanisms & attacks.

7. What are confusion and diffusion? How do they achieve security?

8. Explain substitution ciphers (mono- and polyalphabetic) with examples.

9. Explain transposition ciphers (keyed, keyless) with examples.

10. Explain Vigenère cipher with example.

11. Explain Playfair cipher with example.

12. Explain Hill cipher with example.

13. What is steganography? How is it different from encryption?

14. What is brute-force attack?

15. List various types of security applied on a database. (from Q1b in PDF1)

Module 2: Block Ciphers & Public-Key Cryptography

Conceptual & Short Questions:

1. Describe the Feistel cipher structure.

2. Explain DES algorithm (block size, key size, expansion, S-boxes, attacks).

3. Explain modes of block ciphers: ECB, CBC, CFB, OFB, CTR. (ECB & CBC explicitly)

4. Describe Triple DES.

5. Describe AES algorithm.

6. Write a short note on Blowfish.

7. Write a short note on RC5.

8. Differentiate symmetric vs. asymmetric encryption.

10. Explain RSA algorithm (key generation, encryption/decryption).

11. Explain ElGamal algorithm.

12. Describe the knapsack algorithm.

13. What is key management? Why is it important?

14. Explain Diffie-Hellman key exchange and its need.

Computational Tasks:

• Hill cipher: Encrypt “short” using key “hill.” (PDF1 Q3b)

• Playfair cipher:

o Encrypt “The key is hidden under the door” with keyword “domestic.” (PDF2 Q3b)

o Encrypt “The algorithm name is playfair cipher” with keyword “example.” (PDF6
Q2b)

• RSA exercises:

o Given p=7, q=17, E=5, encrypt P=5 and decrypt the ciphertext. (PDF1 Q4a)

o User A (public key = (7, 119)), User B (public key = (13, 221)): compute both private
keys; A sends m=10 to B, produce ciphertext; formulate authentication key. (PDF2
Q2a)

Module 3: Cryptographic Hashes, Message Digests & Digital Certificates

Conceptual & Short Questions:

1. Define hash function and MAC.

2. What is the difference between a hash function and a MAC?

3. Explain MD5 algorithm.

4. Compare MD5 vs. SHA-1 vs. SHA-256.

5. Explain HMAC.

6. What is CMAC?

7. What properties are required for a secure hash function? (PDF2 Q6c)

8. What is a digital certificate?

9. Explain X.509 certificate format & use of digital signature.

Module 4: Digital Signature Schemes & Authentication Protocols

Conceptual & Short Questions:

1. Define digital signature.

2. Differentiate digital signature vs. digital certificate. (PDF1 Q1f)

3. Differentiate digital vs. handwritten signatures.

4. Explain RSA digital signature scheme.

5. Explain ElGamal digital signature.

6. Explain Schnorr signature.

7. Explain DSS (Digital Signature Standard).

8. Explain the Needham-Schroeder protocol. (PDF1 Q5b)

9. What is Kerberos? How does it authenticate?

10. What services does PGP provide?

Module 5: System Security

Conceptual & Short Questions:

1. What are the security features of an operating system? (PDF1 Q2b)

2. Explain memory & address protection. (PDF2 Q2b / PDF6 Q4b)

3. Explain file protection mechanisms.

4. Describe user authentication methods.

5. What are Linux & Windows vulnerabilities? (PDF2 Q6b)

6. What are the requirements of database security? (PDF2 Q1d)

7. Explain multilevel database security.

8. What are inference attacks?

Module 6: Web Security

Conceptual & Short Questions:

2. Explain the role of cookies. (PDF1 Q1c)

3. Describe session hijacking & prevention. (PDF2 Q5a)

4. What is clickjacking? (PDF6 Q1e)

5. What is phishing & its types? (PDF2 Q1e)

6. Explain SSL/TLS: protocols, handshake, record, change-cipher spec. (PDF2 Q3a / PDF4
Q5a)

7. Differentiate SSL vs. IPsec.

8. Explain HTTPS vs. HTTP. (PDF1 Q3a)

9. What is SSH? Explain its role. (PDF1 Q3a)

10. What is DNS attack/spoofing? (PDF4 Q6c/d)

11. Explain Secure Electronic Transaction (SET).

12. What is a firewall? Types & layers. (PDF1 Q1d / PDF6 Q6a)

13. What is penetration testing? (PDF1 Q5a)

Repeated Questions (All Variants)

1. Substitution techniques

2. Feistel cipher structure

3. Symmetric vs. Asymmetric encryption

4. RSA algorithm

5. Digital signature

6. MD5 vs. SHA

7. HMAC

8. SSL/TLS protocols

9. Passive vs. Active attacks

Short/2-Mark Questions (Extracted)

• Define cryptography.
• Plaintext vs. ciphertext.

• Need of cryptography.

• Brute-force attack.

• Transposition technique.

• Types of cryptography.

• MAC (Message Authentication Code).

• Digital certificate.

• X.509.

• AES (expand).

• DES (define).

• Key distribution.

• Integrity.

• Message authentication.

• Tunneling.

Unmatched but Relevant

• Cross certification.

• PGP services.

• Kerberos details.

• SET (Secure Electronic Transaction).

• IPsec transport vs. tunnel mode.

• Firewall architecture.