UNIT 4- 2 MARKS
1. Define Kerberos.
Kerberos is an authentication service developed as part of project Athena at MIT. The
problem that Kerberos address is, assume an open distributed environment in which users at
work stations wish to access services on servers distributed throughout the network.
2. What is Kerberos? What are the uses?
Kerberos is an authentication service developed as a part of project Athena at MIT.Kerberos
provide a centralized authentication server whose functions is to authenticate servers.
3. What 4 requirements were defined by Kerberos?
Secure
Reliable
Transparent
Scalable
4. In the content of Kerberos, what is realm?
A full service Kerberos environment consisting of a Kerberos server, a no. of clients,
no.of application server requires the following:
The Kerberos server must have user ID and hashed password of all participating
users in its database.
The Kerberos server must share a secret key with each server. Such an environment
is referred to as “Realm”.
5. What is the purpose of X.509 standard?
X.509 defines framework for authentication services by the X.500 directory to its
users.X.509 defines authentication protocols based on public key certificates.
6. List the 3 classes of intruder?
Classes of Intruders
Masquerader
Misfeasor
Clandestine user
7. Define virus. Specify the types of viruses?
A virus is a program that can infect other program by modifying them the modification
includes a copy of the virus program, which can then go on to infect other program. Types:
Parasitic virus
Memory-resident virus
Boot sector virus
Stealth virus
Polymorphic virus
Metamorphic virus
8. What is application level gateway?
An application level gateway also called a proxy server; act as a relay of application-level
traffic. The user contacts the gateway using a TCP/IP application, such as Telnet or FTP, and
the gateway asks the user for the name of the remote host to be accessed.
9. List the design goals of firewalls?
All traffic from inside to outside, and vice versa, must pass through the
firewall.
Only authorized traffic, as defined by the local security policy, will be
� allowed to pass.
The firewall itself is immune to penetration.
10. What are the steps involved in SET Transaction?
The customer opens an account
The customer receives a certificate
Merchants have their own certificate
The customer places an order.
The merchant is verified.
The order and payment are sent.
The merchant requests payment authorization.
The merchant confirm the order.
The merchant provides the goods or services.
The merchant requests payment.
11. What is dual signature? What it is purpose?
The purpose of the dual signature is to link two messages that intended for two different
recipients. To avoid misplacement of orders.
12. What is the need for authentication applications?
Security for E-mail
Internet protocol security
IP address security.
13. What do you mean by SET? What are the features of SET?
SET is an open encryption and security specification designed to protect credit card
transaction on the Internet.
14. Write any 3 hash
algorithm?
MD5 algorithm
SHA-I
RIPEMD-160 algorithm.
15. List out the four phases of virus.
Dormant phase
Propogation phase
Triggering phase
Execution phase
16. What is worm?
A worm is a program that can replicate itself and send copies from computer to computer
across network connections. it also perform some unwanted function. The network worm
programs use network connections to spread from system to systems
17. What is Bastion host?
Bastion host is a system identified by firewall administrator as critical strong point in
network security. Serves as platform for application level/ circuit level gateways.
18. What is trusted software?
Trusted software a system that enhances the ability of a system to defend against intruders
and malicious programs by implementing trusted system technology.
19. Four general techniques of firewall.
Security control
Direction control
� User control
Behaviour control
20. Three types of firewall.
Packet filter
Application level gateway
Circuit level gateway.
21. List down the firewall configuration
Screened host firewalls-single homed bastion
Screened host firewall system( dual-homed bastion)
Screened subnet firewall system
22. List approaches for intrusion detection.
Statistical anomaly detection
Rule based detection
23. What is intruder?
An intruder is an attacker who tries to an unauthorized access to a system.
24. What is mean by SET? What are the features of SET?
Secure Electronic Transaction (SET) is an open encryption and security specification
designed to protect credit card transaction on the internet.
Features are:
a). Confidentiality of information
b). Integrity of data
c). Cardholder account authentication
d). Merchant authentication
25. What is Zombie?
A Zombie is programs that securely takes over another internet-attached computer and then
uses that computer to launch attacks are difficult to trace the Zombie’s creator.
26. What is firewall and list its characteristics?
It means of protecting a local system (or) network of system from network based security.
1. Physically blocks all access to local network except via firewall
2. Only authorized traffic will be allowed to pass
3. It is immune to penetration
27. Illustrate when the certificates are revoke in X.509.
1. The user’s private key is assumed to be compromised.
2. The user is no longer certified by this CA. Reasons for this include that the subject’s name
has changed, the certificate is superseded, or the certificate was not issued in conformance
with the CA’s policies.
3. The CA’s certificate is assumed to be compromised.
15 MARKS
1. What is Kerberos? Explain how it provides authenticated service.
2. Explain the format of the X.509 certificate.
3. Explain the technical details of firewall and describe any three types of firewall with neat
diagram.
4. Write short notes on Intrusion Detection.
5. Define virus. Explain in detail.
6. Explain Secure Electronic Transaction with neat diagram.
7. What is a trusted system? Explain the basic concept of data access control in trusted
systems. (8)
