INFORMATION SECURITY IV Year B.Tech. IT I - Sem JNTUH R-18
Unit - I: Security Fundamentals
Differentiate between active and passive attacks, providing examples of each.
Explain the CIA triad (Confidentiality, Integrity, Availability) in detail, and discuss how security services protect against threats to each.
Describe the Kerberos authentication protocol and its role in network security.
Compare and contrast symmetric and asymmetric encryption, giving real-world applications of each.
Explain the concept of differential and linear cryptanalysis, and their impact on the strength of block ciphers like DES.
Unit - II: Public Key Cryptography and Message Authentication
Explain the working principle of the RSA algorithm, including key generation and encryption/decryption processes.
Discuss the challenges of key management in public key cryptography and different approaches to address them.
Compare and contrast Diffie-Hellman key exchange with RSA key exchange, highlighting their advantages and disadvantages.
Explain the importance of hash functions in message authentication and digital signatures.
Differentiate between SHA-1 and SHA-256 hash functions, and discuss their suitability for different security applications.
Unit - III: Digital Signatures and Email Security
Explain the concept of a digital signature and its role in ensuring message integrity and non-repudiation.
Compare and contrast the Digital Signature Standard (DSS) with RSA signatures.
Describe the working principle of PGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extensions) for email security.
Discuss the challenges of spam filtering and phishing attacks in email security.
Explain the importance of certificate authorities and their role in verifying digital signatures and identities.
Unit - IV: IP Security and Web Security
Describe the architecture of the IP Security (IPSec) protocol suite, including the roles of AH (Authentication Header) and ESP (Encapsulating Security Payload).
Explain the concept of Security Associations (SAs) in IPSec and how they are used to manage encryption keys and security parameters.
Discuss the importance of secure socket layer (SSL) and transport layer security (TLS) in securing web communications.
Explain the Secure Electronic Transaction (SET) protocol and its role in ensuring secure online payments.
Describe the different types of web attacks, such as SQL injection and cross-site scripting (XSS), and how to mitigate them.
Unit - V: Network Intrusion and Defense
Explain the different types of intruders, including hackers, crackers, and social engineers.
Describe the different types of malware, such as viruses, worms, and Trojan horses, and their impact on system security.
Explain the working principle of firewalls and their role in network security.
Discuss the different types of firewalls (packet filtering, stateful, application-level) and their strengths and weaknesses.
Explain the concept of intrusion detection systems (IDS) and their role in identifying and responding to security threats.
Post a Comment