QP Code: 122751

M.A.M. SCHOOL OF ENGINEERING

(An Autonomous Institution, Affiliated to Anna University, Chennai)
SIRUGANUR, TIRUCHIRAPPALLI – 621 105
B.E./B.Tech. DEGREE END SEMESTER THEORY EXAMINATIONS - NOV / DEC 2024
Sixth Semester
Electronics and Communication Engineering
CCS354 – NETWORK SECURITY
Regulations 2021
PART A (10 × 2 = 20 Marks)
No Answer All Questions CO BTL
What is encryption and decryption?
Answer:
Encryption and decryption are processes that convert data into a secret code to
protect it from unauthorized access:
Encryption
01 CO1 BTL2
The process of converting readable data into an unreadable format, also known as
ciphertext.
Decryption
The process of converting ciphertext back into its original readable format, also known
as plaintext.
Define Digital signature.
Answer:
A digital signature is a mathematical technique used to validate the authenticity and
02. integrity of a digital document, message or software. It's the digital equivalent of a CO1 BTL1
handwritten signature or stamped seal, but it offers far more inherent security. A
digital signature is intended to solve the problem of tampering and impersonation in
digital communications
Discuss about the role of X.509 certificates in key management.
Answer:
With the help of Abstract Syntax Notation, the X.509 certificate format uses an
associated public and private key pair for encrypting and decrypting a message.
03. CO2 BTL2

Once an X.509 certificate is provided to a user by the certified authority, that certificate
is attached to it like an identity card. The chances of someone stealing it or losing it are
less, unlike other unsecured passwords.
What is meant by asymmetric encryption?
Answer:
Asymmetric encryption, also known as public-key cryptography, is a type of
04. CO2 BTL1
encryption that uses a pair of keys to encrypt and decrypt data. The pair of keys
includes a public key, which can be shared with anyone, and a private key, which is
kept secret by the owner.
Mention the advantages of network access control.
05. CO3 BTL1
Answer:

Page 1 of 19
QP Code: 122751

By improving cybersecurity and compliance, NAC protects businesses from malware,

ransomware, and unauthorized access to sensitive data. These solutions offer total
network visibility, instant user profiling, guest networking management, internal
access management, and network management.
Explain briefly about SSH.
Answer:
06. The Secure Shell (SSH) protocol is a method for securely sending commands to a CO3 BTL2
computer over an unsecured network. SSH uses cryptography to authenticate and
encrypt connections between devices.
State the role of S/MIME in electronic mail security.
Answer:
Secure/Multipurpose Internet Mail Extensions, or S/MIME, is an internet standard to
digitally sign and encrypt email messages. It ensures the integrity of email messages
07. remains intact while being received. CO4 BTL1

By using digital signatures, S/MIME provides for authentication, message integrity, and
non-repudiation of origin. In addition, S/MIME includes encryption that strengthens
privacy and data security for electronic messaging.
Recall the purpose of domain keys identified mail.
Answer:
08. A DKIM record benefits receivers by informing them of emails that may contain CO4 BTL1
malicious or spam content. It also validates that the data included in the DKIM
signature was not changed in transit.
List down some of the characteristics of firewall.
Answer:
A firewall's key characteristics include: packet filtering, traffic filtering, intrusion
09. detection, network address translation (NAT), policy-based access control, logically CO5 BTL1
segregating network traffic, visibility and control, various protection levels, ability to
block unauthorized access, and the capability to only allow authorized data packets to
pass through based on defined rules.
Give an outline about the cloud security.
Answer:
Cloud security refers to the practices and technologies used to protect data,
10. CO5 BTL1
applications, and infrastructure hosted on cloud computing platforms from
unauthorized access, breaches, and other cyber threats, ensuring the confidentiality,
integrity, and availability of sensitive information in a cloud environment.
PART B (5 × 13 = 65 Marks)
No Answer All Questions Marks CO BTL
Discuss in detail about the conventional cryptography and public key
cryptography and explain the differences between them with an
example.
11. (a) Answer: (13) CO1 BTL2
Conventional encryption, also called as symmetric encryption or
single-key encryption is a type of cryptographic system which uses a
single key to both encrypt the message and decrypt it. It involves

Page 2 of 19
QP Code: 122751

transforming plaintext into ciphertext which is to be decrypted only by

the intended receiver. Public-key encryption, also known as
asymmetric encryption, is a type of encryption scheme which instead
of a single key, uses a pair of keys – a public key and a private key. The
public key is used to encrypt a message and the private key is then
used to decrypt the message.

Key
– The key used in the conventional encryption scheme is typically
referred to as a secret key which is shared by both sender and receiver
and must be kept secret by the systems involved in the encryption and
decryption processes. If this secret key is disclosed, the
communications will be compromised. The two keys used for public-
key encryption are referred to as the public key and the private key.
The public key is used to encrypt the messages and can be shared
freely among the users, but the private key is kept secret and is only
known to the recipient, used to decrypt the messages.

With the conventional encryption model, both the sender and the
receiver must know the secret key ahead of time and they have to
agree on the key before transmission, which raises security concerns
and a problem of trust, especially when it comes to authentication and
integrity checking. It’s hard to keep the key secret when the
encryption and decryption happens in different locations. Public-key
encryption, on the other hand, is more secure because the pair of keys
is based on prime numbers of long length meaning there is infinite
number of possibilities for keys.

(Or)

Page 3 of 19
QP Code: 122751

Illustrate the role of hash functions in cryptography and explain how it

is used to achieve data integrity and security.

A hash function in cryptography is like a mathematical function that

takes various inputs, like messages or data, and transforms them
into fixed-length strings of characters. Means the input to the hash
function is of any length but output is always of fixed length. This is
like compressing a large balloon into a compact ball.

The importance of this process lies in its generation of a unique

"fingerprint" for each input. Any minor alteration in the input
results in a substantially different fingerprint, a quality known as
"collision resistance."

Hash functions play a crucial role in various security applications,

including password storage (hash values instead of passwords),
digital signatures, and data integrity checks. Hash values, or
message digests, are values that a hash function returns. The hash
function is shown in the image below −
11. (b) (13) CO1 BTL2

Key Points of Hash Functions

 Hash functions are mathematical operations that "map" or
change a given collection of data into a fixed-length bit string that is
referred to as the "hash value."
 Hash functions have a variety of complexity and difficulty
levels and are used in cryptography.
 Cryptocurrency, password security, and communication
security all use hash functions.

Examine about the remote user authentication principles and explain

how it is achieved.
User authentication is the cornerstone of cybersecurity, acting as the
gatekeeper that verifies the identity of individuals attempting to access
resources. Whether it’s logging into an operating system, accessing a
12. (a) remote server, or completing online transactions, robust authentication (13) CO2 BTL4
mechanisms protect sensitive information and uphold the integrity of
systems.
This article delves into the principles of user authentication, how it
works, its application in operating systems, and the principles governing
remote user authentication.
Page 4 of 19
QP Code: 122751

Remote User Authentication Principles

Remote user authentication refers to verifying the identity of users
accessing a system or network from a remote location. This is crucial in
today’s era of remote work and cloud computing, where users often
access resources over public or less-secure networks.
Core Principles
Confidentiality
 Ensuring that credentials and authentication data remain
confidential during transmission.
 Achieved using encryption protocols like SSL/TLS.
Integrity
 Ensuring that authentication data is not altered during
transmission.
 Hashing and cryptographic checksums are often used.
Mutual Authentication
 Both the user and the system verify each other’s identities.
 Prevents man-in-the-middle attacks.
Resilience
 Systems should resist common threats such as replay attacks,
phishing, and brute-force attacks.
Authentication Protocols for Remote Access
 Kerberos: A secure protocol using ticket-based authentication.
 RADIUS: Centralized authentication for remote users.
 OAuth: Widely used for granting third-party applications access
without exposing user passwords.
 Public Key Infrastructure (PKI): Uses digital certificates and
keys for secure remote authentication.
Examples of User Authentication
1. Operating Systems:
 Windows Hello: Biometric authentication for Windows devices.
 Linux PAM (Pluggable Authentication Modules): Modular
authentication in Linux systems.
2. Websites and Applications:
 Social media logins requiring passwords or 2FA.
 Banking apps with fingerprint or facial recognition.
3. Enterprise Systems:
 Use of SSO and MFA for accessing enterprise resources.
4. Devices:
 Smartphones with fingerprint scanners or facial recognition.
 Smart locks that require authentication via a mobile app.
5. Cloud Services:
 Cloud platforms like AWS and Azure requiring multi-factor
authentication.
(Or)
Analyse the principles and components of Kerberos systems and
12. (b) explain how it provides authenticated service in detail with suitable (13) CO2 BTL4
examples.
Page 5 of 19
QP Code: 122751

Kerberos provides a credible security solution for businesses of all

sizes. But how does Kerberos authentication work, exactly?

Kerberos uses symmetric key cryptography and a key distribution

center (KDC) to authenticate and verify user identities. A KDC
involves three aspects:

1. A ticket-granting server (TGS) that connects the user with

the service server (SS)
2. A Kerberos database that stores the password and
identification of all verified users
3. An authentication server (AS) that performs the initial
authentication

During authentication, Kerberos stores the specific ticket for each

session on the end-user's device. Instead of a password, a Kerberos-
aware service looks for this ticket. Kerberos authentication takes
place in a Kerberos realm, an environment in which a KDC is
authorized to authenticate a service, host, or user.

Kerberos authentication is a multistep process that consists of the

following components:

1. The client who initiates the need for a service request on the
user's behalf
2. The server, which hosts the service that the user needs
access to
3. The AS, which performs client authentication. If
authentication is successful, the client is issued a ticket-granting
ticket (TGT) or user authentication token, which is proof that the
client has been authenticated.
4. The KDC and its three components: the AS, the TGS, and the
Kerberos database
5. The TGS application that issues service tickets.

Elaborate on the IP security architecture with neat diagram and the services
offered by IPSec.

IPsec provides security mechanisms that include secure datagram

authentication and encryption mechanisms within IP. When you invoke IPsec,
IPsec applies the security mechanisms to IP datagrams that you have enabled
13. (a) in the IPsec global policy file. Applications can invoke IPsec to apply security (13) CO3 BTL6
mechanisms to IP datagrams on a per-socket level.

Figure shows how an IP addressed packet, as part of an IP datagram,

proceeds when IPsec has been invoked on an outbound packet. As you can
see from the flow diagram, authentication header (AH) and encapsulating
security payload (ESP) entities can be applied to the packet. Subsequent
sections describe how you apply these entities, as well as authentication and
Page 6 of 19
QP Code: 122751

encryption algorithms.

IPsec Applied to Outbound Packet Process

Shows the IPsec inbound process.

IPsec Applied to Inbound Packet Process

Page 7 of 19
QP Code: 122751

(Or)
Discuss how SSL, TLS and HTTPS standards are used for secure
transmission of data over the network.
Data Encryption

TLS/SSL and HTTPS are designed to encrypt data transmitted between

a user’s browser and a web server. This encryption ensures that the
data remains unreadable to unauthorized parties even if intercepted.

13. (b) (13) CO3 BTL6

Authentication
TLS/SSL and HTTPS provide a level of authentication. Users can verify
the identity of a website through the SSL/TLS certificate installed on
the web server. This certificate is issued by a trusted Certificate
Authority (CA), assuring users that they communicate with a
legitimate website.

Data Integrity
Page 8 of 19
QP Code: 122751

These security protocols ensure that the data exchanged between the
user and the web server remains intact and unaltered during
transmission. Any tampering with the data would be detected.

Differences
Scope
TLS/SSL is a broader term encompassing various cryptographic
protocols and security measures. HTTPS, conversely, refers to the
secure version of the HTTP protocol.

Usage
TLS/SSL can secure various types of network communication beyond
just web browsing. It’s utilized in email, file transfer, and more. HTTPS,
however, is exclusively designed for securing web traffic.

Implementation
TLS/SSL operates at the transport layer of the OSI model, ensuring
security for all applications using it. HTTPS, on the other hand,
operates at the application layer and secures only web-related
communication.

Port
TLS/SSL typically uses port 443 for secure communication, while
regular HTTP uses port 80. The port number indicates the type of
protocol being used.

Advantages of TLS/SSL and HTTPS

Understanding the advantages of TLS/SSL and HTTPS is crucial for
appreciating their significance in online security.

Advantages of TLS/SSL
Data Privacy
TLS/SSL ensures that sensitive information, such as login credentials,
payment details, and personal data, remains confidential and
protected from eavesdropping.

Authentication
Websites with SSL/TLS certificates inspire trust. Users can verify a
site’s authenticity by checking for the padlock icon in the address bar
or examining the certificate details.

Data Integrity
TLS/SSL guarantees that data remains unaltered during transmission,
preventing data corruption or tampering by malicious actors.

Compatibility
TLS/SSL is widely supported across various platforms and browsers,
Page 9 of 19
QP Code: 122751

making it a versatile solution for secure communication.

Making use of the PGP cryptographic functions, explain how security

features are offered in electronic mails in detail.
Answer:
PGP works through a combination of cryptography, data compression,
and hashing techniques. It is similar to other popular encryption
methods such as Kerberos, which authenticates network users, secure
sockets layer (SSL), which secures websites, and the Secure File
Transfer Protocol (SFTP), which protects data in motion.

PGP uses the public key system in which every user has a unique
encryption key known publicly and a private key that only they know.
A message is encrypted when a user sends it to someone using their
public key, then decrypted when the recipient opens it with their
private key. It combines private-key and public-key cryptography and
the use of symmetric and asymmetric key technology to encrypt data
as it travels across networks.

PGP follows a three-step process:

PGP generates a huge, one-time-use public encryption algorithm that

cannot be guessed, which becomes the random session key.
The session key is then encrypted using the recipient’s public key,
14. (a) (13) CO4 BTL3
which protects the message while being transmitted. The recipient
shares that key with anyone they want to receive messages from.
The message sender submits their session key, then the recipient can
decrypt the message using their private key.
Encrypting entire messages can take a long time, but PGP encrypts it
using a faster algorithm. PGP compresses plaintext data, which saves
on disk space and transmission time, as well as reinforces
cryptographic security. The public key is used to encrypt the shorter
version that encrypted the full message. Both are sent to the recipient,
who uses their private key to unlock the shorter key, then decrypt the
full message.

PGP uses efficient algorithms that create a mathematical summary

known as a hash to send digital signatures. The hash code, which can
be usernames and other digital data, is encrypted by the message
sender’s private key. The recipient uses the message sender’s public
key to decrypt the hash, and if it matches that sent by the sender, then
it confirms that the message was securely received.

There are two public key versions of PGP:

Rivest-Shamir-Adleman (RSA): RSA is one of the first public-key

Page 10 of 19
QP Code: 122751

cryptosystems, which encrypts a short key created using the

International Data Encryption Algorithm (IDEA). This sees users
create and publish public keys based on two prime numbers, which
are required for anyone to decode, and use the message-digest
algorithm (MD5) to create a hash code.

The RSA algorithm is effectively considered unbreakable, to the point

where it has been used in highly sophisticated malware strands such
as CryptoLocker. However, it is a fairly slow algorithm, which means it
is not appropriate for encrypting user data.

Diffie-Hellman: The Diffie-Hellman version enables two users to

generate shared private keys through which they can exchange data
on insecure channels. It encrypts the message with a short key using
the CAST algorithm and the Secure Hash Algorithm (SHA-1) to create a
hash code.
(Or)
Identify how the wireless network security can be provided and
explain it with suitable examples.
Answer:
Wireless network security is a subset of network security that involves
designing, implementing, and ensuring security on wireless computer
networks to protect them from unauthorized access and breaches. It
involves strategies designed to preserve the confidentiality, integrity,
and availability of wireless networks and their resources. Effectively
implementing proper security strategies prevents threats like
interception, data theft, and denial-of-service attacks from occurring.

To improve the security of your wireless network, explore the several

types of network security protocols, the ways you can strengthen Wi-
Fi networks, and the security measures targeted for particular
14. (b) settings. Also, examine the tools and solutions available for increasing (13) CO4 BTL3
your network resilience.

Wireless security creates layers of defense by combining encryption,

authentication, access control, device security, and intrusion detection
to defend against illegal access and ensure network security. The
process begins with the wireless network’s encryption methods like
WPA2 or WPA3 being activated to scramble data transfers. With this
step, the data is unreadable to unauthorized parties, even if
intercepted.

Users or devices wanting to connect to the network would be

prompted to verify their identities to confirm the legitimacy of the
connection request, usually via a password. Access control rules then
specify the users or devices permitted to access the network and the

Page 11 of 19
QP Code: 122751

level of access based on user roles, device kinds, and explicit access
rights.

The process continues by securing network devices via maintaining

antivirus software, updating operating systems, and restricting the
usage of administrator credentials to prevent unwanted access. The
integrated intrusion detection and prevention systems (IDPS) and
other tools monitor the network for any unusual activity or security
breaches. These systems detect and respond to unauthorized access
attempts, malware infections, and other threats in real time.

Specifically, wireless security involves the following:

Conduct encryption: Converts data into a code that can be read only by
authorized users with the appropriate key.
Authenticate users and devices: Processes validated identities of
individuals and devices that attempt to connect to the network.
Apply access control rules: Define which users or devices can connect
to the network and what degree or level of access they have.
Secure devices: Includes identifying trusted devices connecting to any
network and sets any policies in other integrated security tools.
Integrate with IDPS and other tools: Catch and block suspicious
activities and security breaches in the network.

Explain in detail about the types of firewalls and discuss how firewalls
help in developing a security framework for an organization.
Answer:
A firewall is a network security device designed to monitor, filter, and
control incoming and outgoing network traffic based on
predetermined security rules. The primary purpose of a firewall is to
establish a barrier between a trusted internal network and untrusted
external networks.

Firewalls come in both hardware and software forms, and they work
by inspecting data packets and determining whether to allow or block
15. (a) (13) CO5 BTL2
them based on a set of rules. Organizations can configure these rules to
permit or deny traffic based on various criteria, such as source and
destination IP addresses, port numbers, and protocol type.

Understanding firewalls and network security

Firewalls are the bedrock of network security, shielding the network
from unauthorized access. They prevent bad actors — hackers, bots,
and other threats — from overloading or infiltrating a private network
to steal sensitive data.

Traditionally, firewalls regulate traffic by forming a secure perimeter

Page 12 of 19
QP Code: 122751

around a network or computer. This prevents anyone from accessing

network resources if they aren’t authorized to do so. Without this
protection, virtually anybody could enter and do as they please.

Today's cybersecurity landscape demands a layered approach. While

firewalls remain a cornerstone of network defense, advanced threats
require additional security measures. The rise of cloud computing and
hybrid work environments further highlights the need for
comprehensive security solutions.

Fortunately, cutting-edge firewall technologies with AI-powered

services are bringing network security up to speed. Combining the
strengths of traditional tools with the innovative capabilities of new
solutions, modern firewall vendors help organizations defend against
even the most complex attack strategies.

What Does A Firewall Do?

Firewalls protect against malicious traffic. They’re strategically
positioned at the network edge or in a data center, allowing them to
closely monitor anything attempting to cross this boundary.

This visibility also allows a network firewall to granularly inspect and

authenticate data packets in real time. This involves checking the data
packet against predefined criteria to determine whether it poses a
threat. If it fails to meet the criteria, the firewall blocks it from entering
or leaving the network.

Firewalls regulate both inbound and outbound traffic, protecting the

network from:

External threats such as viruses, backdoors, phishing emails, and

denial-of-service (DoS) attacks. Firewalls filter incoming traffic flows,
preventing unauthorized access to sensitive data and thwarting
potential malware infections.

Insider threats like known bad actors or risky applications. A firewall

can enforce rules and policies to restrict certain types of outgoing
traffic, which helps identify suspicious activity and mitigate data
exfiltration.
Firewall vs antivirus explained
What’s the difference between firewall and antivirus software?
Firewalls focus on controlling network traffic and preventing
unauthorized access. By contrast, antivirus programs target and
eliminate threats at the device level. More specifically, their key
differences include:

Scope: Antivirus software is primarily an endpoint solution, meaning

Page 13 of 19
QP Code: 122751

it’s installed on an individual device. Firewalls mainly deploy at the

network level, but some organizations install hosted firewalls directly
on an endpoint for extra protection.

Functionality: Firewalls monitor traffic, blocking malicious data before

it enters the network (or endpoint). Antivirus tools scan the local
environment for signs of malware, ransomware, and other infectious
attacks.
Enterprises normally deploy both firewalls and antivirus programs. As
complementary solutions, they each provide essential protective
layers for safeguarding business assets.

Firewall Functions: NAT And VPN

Network Address Translation (NAT) and Virtual Private Network
(VPN) are two distinct technologies, each with its own set of functions
related to network security and connectivity. While NAT is primarily
associated with address translation for routing purposes, VPNs are
used to create secure, encrypted connections over the internet.

NAT
NAT changes the destination or source addresses of data packets as
they pass through a firewall. This allows multiple devices to connect to
the internet using the same IP address, which helps protect the private
network from direct exposure to external threats.

In an office environment, each employee uses their own computer or

mobile device to access the internet for browsing, emailing, and
accessing cloud services. Despite each device having its own private IP
address within the company's internal network, all outbound traffic
appears to external networks as originating from the same public IP
address assigned to the company. As a result, it’s harder for potential
attackers to identify and target individual devices.

VPN
A VPN is a type of proxy server. Therefore, it serves as a barrier
between a computer or network and the internet, receiving all web
requests before forwarding them to the network.

VPNs are common and extend the private network across a public
one, such as the internet. This allows users to securely transmit data as
if their devices were directly connected to the private network. The
connection establishes an encrypted tunnel between remote devices
and the corporate network, enabling secure access.

This function is especially useful in a hybrid environment. Remote

employees can leverage VPNs to access corporate networks and
critical applications regardless of where or how they’re working.
Page 14 of 19
QP Code: 122751

(Or)
Discuss about Intrusion Detection Systems (IDS) in detail with suitable
diagram.
Answer:
An Intrusion Detection System (IDS) is a security tool that monitors a
computer network or systems for malicious activities or policy
violations. It helps detect unauthorized access, potential threats, and
abnormal activities by analyzing traffic and alerting administrators to
take action. An IDS is crucial for maintaining network security and
protecting sensitive data from cyber-attacks.

An Intrusion Detection System (IDS) maintains network traffic looks

for unusual activity and sends alerts when it occurs. The main duties of
an Intrusion Detection System (IDS) are anomaly detection and
reporting, however, certain Intrusion Detection Systems can take
action when malicious activity or unusual traffic is discovered. In this
article, we will discuss every point about the Intrusion Detection
System.

What is an Intrusion Detection System?

A system called an intrusion detection system (IDS) observes network
traffic for malicious transactions and sends immediate alerts when it is
observed. It is software that checks a network or system for malicious
15. (b) activities or policy violations. Each illegal activity or violation is often (13) CO5 BTL2
recorded either centrally using an SIEM system or notified to an
administration. IDS monitors a network or system for malicious
activity and protects a computer network from unauthorized access
from users, including perhaps insiders. The intrusion detector learning
task is to build a predictive model (i.e. a classifier) capable of
distinguishing between ‘bad connections’ (intrusion/attacks) and
‘good (normal) connections’.

Working of Intrusion Detection System(IDS)

An IDS (Intrusion Detection System) monitors the traffic on a
computer network to detect any suspicious activity.
It analyzes the data flowing through the network to look for patterns
and signs of abnormal behavior.
The IDS compares the network activity to a set of predefined rules and
patterns to identify any activity that might indicate an attack or
intrusion.
If the IDS detects something that matches one of these rules or
patterns, it sends an alert to the system administrator.
The system administrator can then investigate the alert and take
action to prevent any damage or further intrusion.
Classification of Intrusion Detection System(IDS)
Intrusion Detection System are classified into 5 types:

Page 15 of 19
QP Code: 122751

Network Intrusion Detection System (NIDS): Network intrusion

detection systems (NIDS) are set up at a planned point within the
network to examine traffic from all devices on the network. It
performs an observation of passing traffic on the entire subnet and
matches the traffic that is passed on the subnets to the collection of
known attacks.
Host Intrusion Detection System (HIDS): Host intrusion detection
systems (HIDS) run on independent hosts or devices on the network. A
HIDS monitors the incoming and outgoing packets from the device
only and will alert the administrator if suspicious or malicious activity
is detected.

PART C (1 × 15 =15 Marks)

No Answer All Questions Marks CO BTL
Appraise on Cloud Security and IoT security with suitable examples
and neat diagram.
Answer:
Cloud Computing is a type of technology that provides remote services
16. (a) (15) CO5 BTL5
on the internet to manage, access, and store data rather than storing it
on Servers or local drives. This technology is also known as Serverless
technology. Here the data can be anything like Image, Audio, video,
documents, files, etc.

Page 16 of 19
QP Code: 122751

Need of Cloud Computing :

Before using Cloud Computing, most of the large as well as small IT
companies use traditional methods i.e. they store data in Server, and
they need a separate Server room for that. In that Server Room, there
should be a database server, mail server, firewalls, routers, modems,
high net speed devices, etc. For that IT companies have to spend lots of
money. In order to reduce all the problems with cost Cloud computing
come into existence and most companies shift to this technology.

IoT Security is based on a cybersecurity strategy to defend against

cyberattacks on IoT devices and the vulnerable networks they are
linked to. There is no built-in security on IoT devices, as IoT devices
behave without being noticed by traditional cybersecurity systems
and transport data over the internet in an unencrypted manner, IoT
security is necessary to assist in avoiding data breaches.

Security was not considered during the design of IoT devices. The
constant diversity and expansion of IoT devices and communication
channels raises the possibility that cyber attacks may target your
company.

What is IoT Security?

IoT security is a technology area that particularly focuses on
protecting connected devices and networks in IoT. The act of
protecting these devices and making sure they don't bring risks into a
network is known as IoT security. Attacks are likely to occur to
anything linked to the Internet at some time. From the Internet of
Things devices, Attackers may utilize remote access to steal data by
using a variety of strategies, including credential theft and
vulnerability exploitation.
Or
16. (b) Interpret about the concept of Network Access Control (NAC) and its (15) CO3 BTL5

Page 17 of 19
QP Code: 122751

implementation, including IEEE 802.1X Port-Based Network Access

Control.
Answer:
802.1X network access control (NAC) enables administrators to
provide uniform access control across wired and wireless networks. It
is widely deployed on campus and branch enterprise networks, and is
comprised of two major elements:
802.1X protocol—An IEEE standard for port-based network access
control (PNAC) on wired and wireless access points. 802.1X defines
authentication controls for any user or device trying to access a LAN or
WLAN.
NAC—A proven networking concept that identifies users and devices
by controlling access to the network. NAC controls access to enterprise
resources using authorization and policy enforcement.
Problems 802.1X Network Access Control Address
The impact of wireless network access, mobility, bring your own
device (BYOD), social media, and cloud computing on enterprise
network resources is huge. This expanded mobility increases exposure
to network threats and digital exploitation, as shown in the following
figure. Using 802.1x helps you improve your ingress security in this
type of environment while lowering your total cost of ownership.

There are many ways to deploy a NAC, but the essentials are:
 Pre-admission control—Blocks unauthenticated messages.
 Device and user detection—Identifies users and devices with pre-defined
credentials or machine IDs.
 Authentication and authorization—Verifies and provides access.
 Onboarding—Provisions a device with security, management, or host-
checking software.
 Profiling—Scans endpoint devices.
 Policy enforcement—Applies role and permission-based access.
 Post-admission control—Enforces session termination and cleanup.
802.1X provides L2 access control by validating the user or device that is
attempting to access a physical port.

Page 18 of 19
QP Code: 122751

Page 19 of 19