CIT3134/TCS3274 INFORMATION SYSTEMS

SECURITY
Assessment details
COURSE WORK ASSIGNMENT-1
Due date:

21st April 2015 ( Tuesday)

Value:

25% of Total Assessment

Expected Learning Outcomes Assessed

This assignment tests your ability to research specific topics and report on your
findings. You should be able to:
Implement triple DES encryption technique by illustrating with an
example;
Distinguish between block cipher and stream cipher;

The concept of asymmetric encryption technique.

Understanding of message authentication and hash.

Understand the concept of Firewall and the types;

The function of DMZ;

Instructions
Answer ALL the questions below. Follow the word limit (if applicable) as
instructed in each given question. It is advisable to conduct research (via any
international journals/text books/reference books) and apply relevant diagram(s)
(wherever necessary) before attempting to answer.
Question 1
i.
With the reference of Figure Q1 (i) below, explain the concept
of triple DES. Use appropriate example for discussion.

Figure: Q1(i)
ii.

(10 marks)

What is the difference between block cipher and a stream

1

CIT3134 / TCS3274 / Information Systems Security

cipher?

(5 marks)
(5 marks)

iii.

Why the middle portion of 3DES a decryption rather than an

encryption?

Question 2
i.
What is the recent development of Message Authentication
Code? Why hashing is required in it? Explain with example.
ii.
iii.

(10 marks)

What is the difference between the software based and hardware

based firewall?

(5 marks)

What is a DMZ network and what types of systems would you

expect to find on such networks?

(5 marks)

Marking Criterion
Questions are of equal value. No more than a page of text-processed work is
expected for each answer. Proper referencing is required and marks will be
deducted for not following referencing guidelines. Handwritten work will be
returned unmarked.
REMARKS: [EXAMINER COMMENTS]

Student ID
:
Student Name :

CIT3134 / TCS3274 / Information Systems Security

Questions
Q1
(20 marks)
i.

Assessment area

Marks
allocated

Ability to explain the concept of Triple DES.

An example to show the working of encryption and
decryption using
Triple DES.

5
5

ii
Ability to show the concept of block cipher.
Ability to show the concept of stream cipher.
iii

Student's
marks

2
2
5

Explained the justification of decryption key in between of

two and encryptions.
1
Proper citation & referencing
Q2
(20 marks)
i

Provided definition of Message authentication code

Used literature review to illustrate the new development in
Message Authentication Code.

Availability of relevant examples to support the discussion.

ii

Clearly defined hardware based firewall.

Clearly defined software based firewall.

2.5
2.5

iii

Clear explanation of DMZ network.

Given a network diagram to illustrate the function of DMZ.

1
3

Proper citation & referencing

Total (upon 40 marks)

Late submission ( 0 working day(s) X 5
marks)
Final Total (upon 40 marks)
25% Assessment Contribution

CIT3134 / TCS3274 / Information Systems Security