XIBMS – Information Security XIBMS – Information Security Set No.1 Discuss about (a) security attacks (b) security services (c) security mechanisms. (a) Explain the rule-based intrusion detection? (b) Discuss about data access control. Explain the AES algorithm? (a) What is Radix-64 format? Explain how both PGP and S/MIME perform the Radix-64 conversion is performed. (b) Describe the five principal services that Pretty Good Privacy (PGP) provides. (a) What are the web security considerations (b) What are the key features of SET? (c) What are the elements involved in SET? Explain? (a) Discuss the key elements included in the model of network management used for SNMP? (b) Explain the functional enhancements made in SNMPV2 over SNMPV1. (a) How does the encapsulating security payload work? (b) How are the secure keys distributed in IPSec? (a) Explain the procedure involved in RSA public-key encryption algorithm? (b) Explain what Kerberos is and give its requirements.   Set No.2 (a) Explain the SNMP community facility? (b) Explain the phases of a virus? Discuss about the public key management in PGP? (a) What are the limitations of a firewall? Explain. (b) What are two default policies that can be taken in a packet filter if there is no match to any rule? Which is more conservative? Explain with example rule sets of both the policies? (a) What are the requirements for the use of a public key certificate scheme? (b) Briefly explain the X.509 authentication service. (a) Explain the buffer overflow attack with an example? (b) Explain the format string vulnerability? (a) Explain about the authentication header? (b) Explain the transport and tunnel modes of ESP? (a) In SSL and TLS, why is there a separate Change Cipher Spec Protocol, rather than including a change cipher spec message in the Handshake Protocol? (b) Explain the significance of dual signature in SET? 