UNIVERSITY EXAMINATIONS: 2017/2018
EXAMINATION FOR THE DEGREE OF BACHELOR OF SCIENCE IN APPLIED
COMPUTING
BAC3306 NETWORK SECURITY
FULL TIME/PARTTIME
DATE: AUGUST 2018 TIME: 2 HOURS
INSTRUCTIONS: Answer Question One & ANY OTHER TWO questions.
QUESTION ONE
a) Discuss the security provisions as envisaged in the OSI Security Architecture framework.
[10 Marks]
b) Describe four properties of the hashing function. [4 Marks]
c) Describe in detail the Diffie-Hellman exchange of keys [6 Marks]
d) Alice suspects she is currently being the target of a Man-In-The-Middle attack, and she
decides to hire you as a network security expert for advice. Can she be able to carry out
transactions in a network with access to the internet? Discuss [10 Marks]
QUESTION TWO
a) What is a block cipher? [2 Marks]
b) Explain the two best known general attacks against block ciphers? [4 Marks]
c) Describe three protocol weaknesses in Kerberos [6 Marks]
d) List and explain FOUR goals of Burglar Alarm [8 Marks]
QUESTION THREE
a) Using a well labeled diagram, Discuss the TWO paradigms of deploying IDS in network
security. [8 Marks]
b) Explain TWO IDS data source paradigms [2 Marks]
c) IDS cannot replace Firewall, and Anti-virus. Discuss [5 Marks]
d) State and explain FIVE objectives of an IDS [5 Marks]
QUESTION FOUR
a) Describe the CIA as used in Network Security [6 Marks]
b) Discuss various implementation of CIA in Network security [12 Marks]
c) List TWO important issues addressed by public-key cryptography [2 Marks]
QUESTION FIVE
a) Define “Honey pot [1 Mark]
b) Outline FIVE goals of Honey Pot. [5 Marks]
c) Briefly describe TWO types of Honey pots [4 Marks]
d) Differentiate the following as used in network Security;
i. RSA Vs ECC [1 Mark]
ii. Diffie-Hellman Vs IPSec [1 Mark]
iii. SSL Vs TLS [1 Mark]
iv. MD5 Vs HTTPS [1 Mark]
v. DES Vs AES [1 Mark]
e) Briefly discuss how security is implemented in the following; [5 Marks]
i. PGP
ii. S/SMIME
