NATIONAL INSTITUTE OF BUSINESS MANAGEMENT

BSc (Hons) Computing-2nd Year [HIGHER DIPLOMA IN SOFTWARE ENGINEERING] (HDSE20.1F/CO)

SOFTWARE SECURITY
20th August, 2021, 09:00 am - 11:00 am
( 2 Hours 0 Minutes )
Answer all questions.
Calculators are NOT allowed.

1.
a. Explain the importance of encryption in software security.
(5 Marks)
b. What is the main difference between symmetric encryption and asymmetric
encryption?
(3 Marks)
c. What is the difference between Private key and public key used in asymmetric
encryption?
(3 Marks)
d. Name one currently used algorithm for :
a. Symmetric encryption scheme
b. Asymmetric encryption scheme
(6 Marks)

e. Explain how public key and private key is used in encryption and decryption of an
important message.
(8 Marks)
2.

a. What are the levels of data security?

(6 Marks)
b. What is mean by cross site scripting?
(5 Marks)
c. What is mean by authorization?
(5 Marks)

Page 1 of 2
 d. What is mean by authentication?

(5 Marks)
e. What are the attacks of access control?
(4 Marks)

3.

a. Name the two common techniques used to protect a password file?

(5 Marks)

b. What is a Cookie?
(5 Marks)
c. What is the DOS attack?
(5 Marks)
d. What is DDOS attack?

(5 Marks)

e. Define FIVE countermeasures to secure a database and its operations.

(5 Marks)
4.

a. Explain different HTTP methods of REST protocol communication?

(5 Marks)

b. What are the 3 mechanisms of Data Validations?

(5 Marks)

c. What are the best practices which you can use for input validations? Explain your
answer based on few scenarios.
(5 Marks)

d. How is Encryption different from Hashing?

(5 Marks)

e. What is a Firewall and why is it used?

(5 Marks)

Page 2 of 2