-I ..

,
". - .,. t c.. on /2943-05._,

( 3 Hours ) Total Marks =

.~. (1) Q. No. 1 is compulsory~

(b)
(d)
3) ( 2)
((6)
4)
5) Attempt any four out of remaining six questions.
(c)
(a) Assume any suitable data wherever required but justify the same.
Figures to the right indicate full marks.
Answers to questions should be grouped and written together.
Use legible handwriting.' Use'a blue/black ink pen to write answers.

Distinguish among vulnerability, threat and control.

Can a database contain two identical records without a negative effect
on the integrity of the database!? WhY' or why not?
Explain how a fence register is used for reLocating a user's program.
Compare Copyriqht, Patent and Tr~de Secret Protection.

(a) What is access control? How different is it from availability ?

(b) What are the requirements for database security? Briefly examine each
of the requirements.
( c:) Consider a program to accept and tabulate votes
tn an elector.
Who might want to attack the prog::-am?What.. types of harm m.i.ghtthey
want. to cause? What kinds of vulnerabilities miqht they exploit to
cause harm ?

(a) What is the security purpose for the fields, such as sequence number '.of
an IPSec packet ?
(b) UNDO is a recovery operation for databases. It is a command that
obtains information from a transaction log and resets the elements of a
database to their values before a particular transaction is performed.
Describe a situation in wryich an UNDO command would be useful.
(c) Explain why asynchronous I/O activity is a problem with many memory
protection schemes, including base/bounds and paging. Suggest a
solution to the problem.

(a) List two disadvantages of using physical separation in a computing

system. List two disadvantages of using temporal separation in a
computing system.
(b) Explain Encryption in a multilevel se~ure database management system.
(c) Comparison between the several types of firewalls, such as packet
filtering, Stateful inspection, Application proxy, Guard, Personal
firewall.

I Ie) (b)
(c)
(b)
(a)
(a) Comparison between Lj nk and End-to-End encryption in terms of security
within hosts, Role of user and implecentation concerns.
Explain secure E-mail systems with examples.
List the characteristics of a good firewall implementation. What are
the limitations of a firewall?
Ii
What is the IP spoofing attack ? I'v'hy is it
not easy to detect IP
spoofing attacks?
What is the Denial of Service (DOS) attack? What is the meaning of the
term 'service' in DOS? Hhat can possibly>prevent DOS attacks ?
Explain the term 'Risk Analysis'. List the basic steps of risk
analysis.

Write a details notes on (any two) :-

(a) Kerberos.
(b) Intrusion detection systems.
(c) Contents of a security plan.