Professional Documents
Culture Documents
ENG757s2 EX2
ENG757s2 EX2
ENG757s2CommunicationsSecurity
Exam
2hours
Instructions: Answerallquestions
AdditionalInformation: Thisisaclosedbookexam
Provided: Nil
Calculators: CasioFX85SeriesorCasioFX83Series
Examiners: DrSalemAljarehandDrShikunZhou
ExternalExaminer: ProfAndrewNix
ENG757s2CommunicationsSecurity
Academicyear201213Page2of3
1. (a) Explicitlydistinguishbetweenthefollowingsecurityterms:
(i) UnconditionalsecurityandComputationalsecurity.
[4Marks]
(ii) Diffusionandconfusion.
[4Marks]
(iii) KerberosauthenticationserverandKerberosticketgrantingserver.
[4Marks]
(b) Eve intercepted the following ciphertext that was communicated between Bob and
Alice.Ifsheknowsthattheciphertextisencipheredusingmonoalphabeticsubstitution,
answerthefollowingquestion.WhyItwouldnotbeappropriateforEve to useaone
letter frequency attack (statistical attack) to decipher this ciphertext? Give three
differentreasons.
Theinterceptedciphertextis:ONHOVEJHWOBEVGWOCBWHNUGBLHGBGR
[6Marks]
2. BobwantstocreatehisownRSApairofkeys,hestartstheprocessbychoosingp=5,q=11
andd=23.
(a) Show all the steps of creating the pair of keys. Your answer must include all the
calculationstepsincludingthestepsforcalculatingthemultiplicativeinverse.
[10Marks]
(b) Identifyallfigures(selectedorcalculated)thathemustkeepsecretandfiguresthathe
needstomakepubliclyavailable?
[3Marks]
(c) Isthereanysecurityproblemwiththegivenvaluesforpandq?Justifyyouranswer.
[4Marks]
ENG757s2CommunicationsSecurity
Academicyear201213Page3of3
3. (a) Whatisafirewallsystemandwhataremainaspectsofevaluatingafirewallsystem.
PleaserefertoGuarddogfirewallwithcomparingtoanyWindowsbasedfirewall.
[11Marks]
(b) Whataretheformalevaluationandmainevaluationmethodologies?
Listatleasttwonamesofformalevaluationcriteriaandchooseonetodiscuss.
[6Marks]
4. (a) Discussthemajorsecuritythreatsauniversitycampusnetwork(withconnectionsto
theInternet)couldface,anddiscussmajorcountermeasurestothosesecuritythreats
andkeeptheuniversity'sdatasafe.
[10Marks]
(b) i:WhatareVPNs?
ii:WhywouldanorganizationwanttoimplementaVPNifitalreadyhasimplementeda
firewall (that does not include VPN capabilities) to secure all its assets within the
organization?
iii:HowdoesimplementingaVPNhelpsavemoneyforanorganization?
[8Marks]