Define subjects, objects and access rights in access control with suitable examples. How role based access control is different from attribute based access control?[10]
2.
Describe the roles of relying parties, attribute providers and identity providers in Open Identity Trust Framework.[5]
IT Security Management, Risk Assessment and Security Auditing
1.
Discuss various methods of risk treatment during security risk analysis.[5]
Legal and Ethical Issues
1.
Briefly describe the status of cyber law in Nepal.[5]
Malicious Software
1.
Define zombies, rootkits and Trojans.[5]
Message Authentication
1.
How hash value is generated by the SHA-2 hash function.[5]
2.
Define interception, repudiation and incapacitation with examples.[5]
Symmetric and Asymmetric Encryption Algorithms
1.
Consider p=11 and q=7 in a RSA cryptosystem. i. What is a public key pair (e, n)? ii. What is a private key pair (d, n)? iii. What is ciphertext for M=6?[10]
2.
Discuss how encryption and decryption is done in the DES algorithm.[10]
3.
What is the use of S-box in DES? Illustrate S-box operation with an example.[5]
4.
Write Rabin Miller Algorithm for primality testing. Test whether 341 is prime or not using the algorithm.[5]
User Authentication
1.
How online and offline dictionary attacks are done in password based authentication systems?[5]