Semester : SEMESTER 8
Subject : Principles of Information Security
Year : 2019
Term : OCTOBER
Branch : COMPUTER SCIENCE AND ENGINEERING
Scheme : 2015 Full Time
Course Code : CS 472
Page:2
14
15
16
17
18
19
a)
b)
a)
b)
a)
b)
a)
b)
a)
b)
a)
b)
௦)
H192073 Pages: 2
object. What is the effect of using the following lattice with this policy?
root
ഹ് ನು
uidl uid2
PART C
Answer any two full questions, each carries 9 marks.
How does buffer overflow vulnerability occur? How does a canary variable
detect buffer overflow attack?
What is software vulnerability? What are the common types of software flaws
that lead to vulnerability?
Explain various Internet propagation models for worms.
Explain about code red worms.
What are topological worms? Explain any 2 Topological worms.
Differentiate between stored and reflected XSS.
PART D
Answer any two full questions, each carries 12 marks.
How is security enhanced in UMTS when compared to GSM?
How is encryption of messages between cell phone and base station achieved in
GSM?
Explain various security threats associated with RFID systems.
What are the various elements in XML Encryption? Explain.
How is data protection achieved in WEP? What are its drawbacks.
Explain dual signature with respect to SET.
With an example, explain SAML assertion.
Page 2of 2
(5)
(4)
(6)
(3)
(5)
(4)
(8)
(4)
(6)
(6)
(6)
(3)
(3)