NIELIT Question Paper : B Level Course Network Management & Information Security

Institute : National Institute of Electronics and Information Technology (nielit.gov.in)
Course : B Level Course
Subject Code/Name : B5.3-R4/ Network Management And Information Security
Document Type : Old Question Paper
Location : India
Website : nielit.gov.in

Download Model/Sample Question Paper :
January 2012 : https://www.pdfquestion.in/uploads/nielit.in/7093-jan12B53-R4.pdf
JULY 2012 : https://www.pdfquestion.in/uploads/nielit.in/7093-jul12B53-R4.pdf
January 2013 : https://www.pdfquestion.in/uploads/nielit.in/7093-jan13B53-R4.pdf
JULY 2013 : https://www.pdfquestion.in/uploads/nielit.in/7093-jul13B53-R4.pdf
January 2014 : https://www.pdfquestion.in/uploads/nielit.in/7093-jan14B53-R4.pdf
July 2014 : https://www.pdfquestion.in/uploads/nielit.in/7093-jul14B53-R4.pdf

Network Management & Information Security Sample Paper :

B5.3-R4 :
NOTE:
Time: 3 Hours
Total Marks: 100
1. a) A password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly. Give your suggestion to have a strong password policy in your organization.

Related : NIELIT Question Paper B Level Course Software Project Management : www.pdfquestion.in/7092.html

b) What are the differences between secret key and public key cryptography?
c) Risk assessment is the process of quantifying the probability of a harmful effect to computer network. What are the ways to asses or determine risk in network?
d) Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP). What are the applications of it? Write down benefits of it.
e) A virtual private network (VPN) is a network that uses primarily public telecommunication infrastructure. How can VPN be implemented in a campus?
f) Once Internet Authentication Service (IAS) has authenticated the user, it can use a few authorization methods to verify that the authenticated user is permitted to access the network resource. Briefly write down these authorization methods.
g) How does Computer Viruses spread in internet? (7×4)

2. a) What are the attributes of Information security?
b) Firewall prevents unauthorized access to personal network. What are different types of firewalls? Describe each briefly. (10+8)

3. a) What are the types of Network Security Attacks? Explain each briefly.
b) Write the steps of Message Digest 5 (MD-5) algorithm. (12+6)

4. a) With respect to cyber law, explain who are white Hat Hacker and Black Hat Hacker?
b) Write RC4 algorithm for stream cipher.
c) Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. How does PGP encryption work? (6+6+6)

5. a) Explain Diffe-Hellman Key Exchange algorithm. How can the attack in the middle be performed?
b) The Kerberos authentication protocol verifies the identity of network users. What are the steps performed by Kerberos to authenticate user? (10+8)

6. a) What do you mean by cryptanalysis? Give an example.
b) Explain following terms with respect to network security
i) IP spoofing
ii) Server spoofing
iii) DNS poisoning
c) Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet. What kinds of messages are exchanged between client and server to ensure security of data? (5+6+7)

7. a) What are the areas of cyber crime?
b) Public Key Cryptography (PKC) is an arrangement that binds public keys with respective user identities by means of a certificate authority. What does it consist of? How does Public and Private Key Cryptography Work?
c) Risk management reduces risk of the system. What are the principles and processes of risk management? (6+6+6)

B5.3-R4 Network Management & Information Security- July 2012 :
1. a) How can be IPSec used for creating VPN?
b) What is triple DES with two keys? How is it better than double DES?
c) What do you mean by linear crypto analysis? Explain briefly.
d) List four techniques used by firewalls to control access and enforce a security policy.
e) With respect to integrity and confidentiality security services, explain types of web security threats, consequences and countermeasures.
f) List and briefly define four techniques used to avoid guessable passwords.
g) Risk assessment forces an organization to consider the range of potential threats and vulnerabilities it faces. Justify the statement. (7×4)

2. a) Explain the general idea behind challenge response entity authentication.
b) Explain IP address spoofing, source routing attack and tiny fragment attack that can be made on packet-filtering routers with appropriate countermeasures. (6+12)

3. a) Explain why modern block ciphers are designed as substitutions ciphers instead of transposition ciphers. Explain DES cipher.
b) What do you mean by message authentication code and message digest?
c) Explain how confidentiality and authentication can be achieved using Public-key Cryptosystem. (8+4+6)

4. a) Explain the working of stream cipher RC-4.
b) What is S/MIME? Explain its functions. (10+8)

5. a) Explain Public Key Infrastructure Architectural Model, their key elements and management function that potentially need to be supported by management protocols.
b) What are various classes of intruders? Explain each briefly. (9+9)