Scribd
Upload
44 views

NSC Exam Paper Spring 2019

Uploaded by

Benihime Aratame
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
44 views

NSC Exam Paper Spring 2019

Uploaded by

Benihime Aratame
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Network Security and Cryptography

06 March 2019

Examination Paper

Answer ALL questions.

Clearly cross out surplus answers.

Time: 3 hours

The maximum mark for this paper is 100.

Any reference material brought into the examination room must be


handed to the invigilator before the start of the examination.
Answer ALL questions

Marks
Question 1

a) Encryption is used to convert readable plain-text to cypher-text to ensure it is 2


obscured if it is intercepted. State the TWO (2) mechanisms used during this
process.

b) DES is a symmetric encryption algorithm approved by the U.S. government in 4


1977. State what the acronym DES stands for and briefly state THREE (3)
features of DES.

c) Symmetric encryption and asymmetric encryption have one fundamental 1


difference. Briefly state what how they differ.

d) The RSA (Rivest, Shamir and Adleman) Algorithm involves three steps. State 3
the THREE (3) steps.

Total 10 Marks

Question 2

a) Public Key Infrastructure (PKI) is a security architecture that has been introduced 3
to provide an increased level of confidence for exchanging information. There
are three essential components of PKI. One of these is a Digital Certificate.
Explain what is meant by the term Digital Certificate.

b) Public Key Infrastructure Encryption (PKI) is one of the other essential 2


components. Give TWO (2) examples of how it is used.

c) There are two ways to generate a Digital Certificate (DC). One of these is using 2
a popular encryption software called PGP, which provides the user with the ability
to generate their own digital certificate. State what the acronym PGP stands for
and who else can generate the digital certificate.

d) Explain what is meant by the term Revocation with regards to Digital Certificates. 3

Total 10 Marks

Page 2 of 6
Network Security and Cryptography © NCC Education Limited 2019
Marks
Question 3

a) Produce a diagram to demonstrate how Transport Level Security (TLS) fits with 6
other common Internet protocols in a protocol stack. Your diagram should be
illustrated by showing named protocols.

b) Internet Protocol Security (IPSec) provides security at the IP layer for other 2
TCP/IP protocols and applications to use. One IPSec Core Protocol is the IPSec
Authentication Header (AH). State TWO (2) actions the AH provides.

c) TLS is typically implemented as Secure Sockets Layer (SSL). What is an SSL 2


Connection?

Total 10 Marks

Question 4

a) When issuing Digital Certificates (DC), public Certification Authorities (CAs) will 3
include information in the key usage field of the certificate to state what the
private key may be used for. State THREE (3) possible purposes the private key
may be used for.

b) Data in Digital Certificates (DC) should conform to the ITU (IETF) standard 3
X.509. State THREE (3) types of information that should be included to ensure
the data in the certificate conforms to the standard.

c) Explain the process a Certificate Authority will go through to verify a digital 3


certificate (DC).

d) State the purpose of a Registration Authority when used by a Certificate 1


Authority.

Total 10 Marks

Page 3 of 6
Network Security and Cryptography © NCC Education Limited 2019
Marks
Question 5

a) Networks are vulnerable to many threats. Unauthorised access is the biggest 3


threat. Explain THREE (3) common causes of unauthorised access.

b) Operating systems such as Windows, IOS and Linux are commonly used in most 2
industries and businesses. State TWO (2) reasons why using a common
operating system may make your network vulnerable.

c) As part of vulnerability prevention port scanning can be carried out to ensure that 3
ports are not left open, and therefore vulnerable to attack. There are many types
of port scanning. Most use TCP, however, UDP (User Datagram Protocol) Scans
are also used. Explain how a UDP Scan is carried out.

d) UDP is considered less reliable than TCP Scans. State TWO (2) reasons why it 2
is considered less reliable.

Total 10 Marks

Question 6

a) Authentication is required for most systems to ensure that the user and the 6
system are protected. Levels of authentication are increased depending on the
security level required. Commonly banking systems now use Three-factor
authentication. State the THREE (3) factors that need to be used to gain access
with examples for each factor:

b) State TWO (2) disadvantages of using Multi-Factor systems. 2

c) Biometric data is often used to form part of the authentication process for 2
systems. When registering biometric data, measurements are taken. Explain
how these measurements are managed and recorded.

Total 10 Marks

Page 4 of 6
Network Security and Cryptography © NCC Education Limited 2019
Marks
Question 7

a) NAT is used as part of Access Control for networks. State what the acronym 2
NAT stands for and what it is used for.

b) Explain how Dynamic NAT is used and state one advantage of using it. 3

c) NAT is considered to provide a level of security. Explain how NAT provides 3


security to a network.

d) NAT can aid Network Administration. State TWO (2) ways in which it may do 2
this.

Total 10 Marks

Question 8

a) Explain how a VPN uses the following: 4


▪ Connections
▪ Datagrams
▪ Firewalls
▪ Protocols

b) A VPN creates a secure tunnel between the remote user and the business. 3
Draw a diagram to show how the remote user uses a VPN to connect to the
business. You should label the components of your diagram.

c) A VPN performs four key functions. One of the functions is Authentication, 3


validating that the data was sent from the user. State the other THREE (3) Key
functions.

Total 10 Marks

Page 5 of 6
Network Security and Cryptography © NCC Education Limited 2019
Marks
Question 9

a) Use of wireless networks in the home are common place. Wireless Equivalent 2
Privacy (WEP) is the original component of the IEEE 802.11 standard. However,
it had some weaknesses. State TWO (2) weaknesses of WEP.

b) Name the IEEE standard 802.11i 1

c) Counter Mode with Cipher Block Chaining Message Authentication Code 5


Protocol (CCMP) is an encryption protocol that forms part of the 802.11i standard
for wireless local area networks (WLANs). State TWO (2) advantages of using
CCMP and THREE (3) services it provides.

d) State TWO (2) reasons why Pre-shared Key (PSK) Mode is often used in the 2
home or small offices.

Total 10 Marks

Question 10

a) The use of passwords alone can make a system vulnerable to attack. State 1
ONE (1) way a password can be accessed, other than using an attack.

b) Two common attacks used to crack passwords are Dictionary attacks and Brute 3
force attacks. State which one you feel is the greatest risk to most systems if
used and explain why you have chosen this option.

c) Mark is a new Head teacher at a school you work for as Network Manager. Mark 6
is quite knowledgeable regarding computer systems and networks. He has
asked you to write a report stating the preventative measures you use to protect
the school’s network against vulnerabilities. Provide THREE (3) measures you
would include in your report with a brief supporting explanation of how they help
to prevent vulnerabilities occurring.

Total 10 Marks

End of Paper

Page 6 of 6
Network Security and Cryptography © NCC Education Limited 2019

You might also like