CNS Question Bank

Two Marks Questions:

1. Define Cryptography:
Cryptography is the practice of securing communication and data by converting information
into a code to prevent unauthorized access.

2. What is a Security Mechanism?

A security mechanism is a method or process used to protect information and systems from
threats by ensuring confidentiality, integrity, and availability.

3. Name Any Two Types of Security Attacks:

o Interception: Unauthorized access to data during transmission.

o Modification: Altering data during transmission or storage.

4. Define Cryptanalysis:
Cryptanalysis is the study and process of analyzing cryptographic systems to find weaknesses
or break encryption without having the key.

5. Define Block Cipher:

A block cipher is an encryption method that processes a fixed-size block of plaintext at a time
and converts it into ciphertext using a secret key.

6. What is Feistel Structure?

Feistel structure is a symmetric encryption structure used in many block ciphers, where the
plaintext is split into two halves, and operations are performed on the halves multiple times
using a round function.

7. What is Triple DES?

Triple DES (3DES) is an encryption method that applies the DES algorithm three times to
each data block to increase security.

8. What is the Key Length of IDEA?

The key length of IDEA (International Data Encryption Algorithm) is 128 bits.

9. What is the Purpose of Key Distribution?

The purpose of key distribution is to ensure that the keys used for encryption and decryption
are securely exchanged between parties.

10. Define Euler’s Theorem:

Euler’s theorem states that if aaa and nnn are coprime (i.e., their greatest common divisor is
1), then aϕ(n)≡1mod na^{\phi(n)} \equiv 1 \mod naϕ(n)≡1modn, where ϕ(n)\phi(n)ϕ(n) is
Euler's totient function.

11. What is Public-Key Cryptography?

Public-key cryptography uses a pair of keys: a public key for encryption and a private key for
decryption, enabling secure communication without sharing a secret key.
12. What is Key Management?
Key management is the process of generating, exchanging, storing, and handling
cryptographic keys securely during their lifecycle.

13. Define Diffie-Hellman Key Exchange:

The Diffie-Hellman key exchange is a cryptographic method that allows two parties to
securely exchange a secret key over a public channel.

14. What is a Hash Function?

A hash function is a mathematical function that takes an input (or "message") and returns a
fixed-size string of bytes, typically a digest, which is unique to that input.

15. Define Message Authentication Code:

A Message Authentication Code (MAC) is a short piece of information used to verify the
integrity and authenticity of a message.

16. Mention One Weakness of MD5:

One weakness of MD5 is its vulnerability to collision attacks, where two different inputs
produce the same hash value.

17. What is a Digital Signature?

A digital signature is a cryptographic technique used to verify the authenticity and integrity of
a digital message or document, providing proof of origin and non-repudiation.

18. Expand DSS:

DSS stands for Digital Signature Standard, which is a set of standards used for generating and
verifying digital signatures.

19. Define S/MIME:

S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for encrypting and
digitally signing email messages.

20. What is a Security Association?

A Security Association (SA) is a relationship between two or more entities that defines how
they will communicate securely, including encryption and authentication methods.

21. Expand SET:

SET stands for Secure Electronic Transactions, which is a protocol for securing credit card
transactions over the internet.

22. Define a Firewall:

A firewall is a network security system that monitors and controls incoming and outgoing
network traffic based on predetermined security rules.

23. What is a Trusted System?

A trusted system is a system designed to provide a high level of security and assurance that its
operations and data remain confidential and intact.

24. List Two Types of Security Threats Caused by Viruses:

o Data Corruption: Viruses can corrupt files or data on the infected system.
 o System Performance Degradation: Viruses may consume system resources, causing
the system to slow down or crash.

25. Define Prime and Relative Prime Numbers:

o Prime Number: A prime number is a natural number greater than 1 that has no
positive divisors other than 1 and itself (e.g., 2, 3, 5, 7).

o Relative Prime Numbers: Two numbers are relative primes if their greatest common
divisor (GCD) is 1, meaning they have no common divisors other than 1.

Seven Marks Questions:

1. Explain Various Types of Security Attacks with Examples:

2. Describe Substitution and Transposition Techniques with Examples:
3. Explain RSA Algorithm with an Example
4. Explain Diffie-Hellman Key Exchange Algorithm
5. Define MAC. How is it Different from Hash Function?
6. Describe the Working of MD5 Algorithm:
7. What are the Applications of Digital Signatures?

o Email Security: Digital signatures are used to verify the authenticity and integrity of
email messages.

o Software Distribution: To ensure that software downloads have not been tampered
with, digital signatures verify the integrity and source of the software.

o Legal Documents: Digital signatures authenticate the signatories of digital

documents, ensuring that the document has not been altered after signing.

8. Explain Kerberos Authentication Protocol:

9. What is the Role of X.509 in Directory Authentication
10. Explain Architecture and Features of IP Security (IPSec):
11. Explain S/MIME and its Role in Email Security:
12. Write a Short Note on Firewall Design Principles:
13. Explain PGP Architecture and Working in Securing Electronic Mails:
14. Write a Detailed Note on Different Types of System Intrusions, Viruses, Worms, and
Threats:
 o System Intrusions: Unauthorized access or attacks aimed at exploiting system
vulnerabilities.

o Viruses: Malicious programs that attach themselves to files and spread when the file
is executed.

o Worms: Self-replicating programs that spread across networks, often without user
interaction.

o Trojan Horses: Malicious programs disguised as legitimate software, often causing

harm when executed.

o Threats: Examples include phishing, DDoS attacks, and ransomware.

15. Define Hash Function. How is it Different from MAC?

o Hash Function: A hash function generates a fixed-size output (digest) from an input
of any size. It is commonly used for data integrity verification.

o Difference from MAC: A MAC involves a secret key in its generation process,
while a hash function only involves the input data. This makes MAC more secure for
authentication purposes.

Fifteen Marks Questions:

1. Explain the Data Encryption Standard (DES) in Detail Along with Its Structure,
Strengths, and Weaknesses:
 2. Compare MAC and Hash Functions. How Does Authentication Using Hash Functions
Work?

Answered above

o Authentication Using Hash Functions:

 In systems where hash functions are used for authentication (e.g., password
storage), the hash of a message is compared to a stored hash. If both hashes
match, the data is considered authentic.

 Common techniques like HMAC (Hash-based Message Authentication

Code) use hash functions along with a secret key to provide authentication.

3. Describe MD5 and SHA Algorithms in Detail. Compare Their Structure and Security:

Md5 above and sha is here

 4. What is a Digital Signature? How is It Implemented Using RSA? Explain with an
Example:

o Digital Signature: A digital signature is a cryptographic technique used to verify the

authenticity and integrity of a digital message or document. It is based on asymmetric
cryptography, where the sender uses their private key to sign the message, and the
recipient uses the sender's public key to verify the signature.

o Implementation Using RSA:

1. Key Generation: The sender generates a public-private key pair using RSA.

2. Signing Process:

 The sender generates a hash of the message using a hash function

(e.g., SHA).

 The sender then encrypts the hash value with their private key to
create the digital signature.

3. Verification Process:

 The recipient receives the message and the digital signature.

 The recipient generates the hash of the received message.

 Using the sender's public key, the recipient decrypts the digital
signature to obtain the hash value.
  If the decrypted hash matches the generated hash, the signature is
valid.

o Example: Alice sends Bob a signed document. Alice hashes the document, signs it
with her private key, and sends both the document and the signature. Bob, using
Alice’s public key, verifies that the document has not been altered and that it came
from Alice.

5. Explain in Detail Digital Signature Standard (DSS) and Its Components:

o DSS Overview: The Digital Signature Standard (DSS) defines a set of cryptographic
algorithms used to generate and verify digital signatures. The primary algorithm used
in DSS is the DSA (Digital Signature Algorithm), developed by the U.S. National
Security Agency (NSA).
 6. Explain the Architecture and Protocols Used in IP Security (AH and ESP):

Above answered

7. Explain in Detail How Secure Socket Layer (SSL) Works. Compare SSL and TLS:
 8. Explain PGP Architecture and Working in Securing Electronic Mails:

Answered above.