Define subjects, objects and access rights in access control with suitable examples. How role based access control is different from attribute based access control? [10]
2.
Describe the roles of relying parties, attribute providers and identity providers in Open Identity Trust Framework. [5]
IT Security Management, Risk Assessment and Security Auditing
1.
Discuss various methods of risk treatment during security risk analysis. [5]
Legal and Ethical Issues
1.
Briefly describe the status of cyber law in Nepal. [5]
Malicious Software
1.
Define zombies, rootkits and Trojans. [5]
Message Authentication
1.
How hash value is generated by the SHA-2 hash function. [5]
2.
Define interception, repudiation and incapacitation with examples. [5]
Symmetric and Asymmetric Encryption Algorithms
1.
Consider p=11 and q=7 in a RSA cryptosystem. i. What is a public key pair (e, n)? ii. What is a private key pair (d, n)? iii. What is ciphertext for M=6? [10]
2.
Discuss how encryption and decryption is done in the DES algorithm. [10]
3.
What is the use of S-box in DES? Illustrate S-box operation with an example. [5]
4.
Write Rabin Miller Algorithm for primality testing. Test whether 341 is prime or not using the algorithm. [5]
User Authentication
1.
How online and offline dictionary attacks are done in password based authentication systems? [5]