‫ميحرلا نمحرلا هللا‬ ‫بسم‬

SUDAN INTERNATIONAL UNIVERSITY

Kassala Center [Engineering College]
Faculty of Engineering (Computer Engineering)

Networks Security Final Exam

Dr. Amir Ahmed Omer Yousif Time: 3Hours Date: …...-04-2024
*##############################################################################################################*

Name:…………………….…………………………. Index No:……………………..

Answer 5 Questions from these 6 Questions:

*##############################################################################################################*

Question 1:
a) Briefly describe the processes of encryption and decryption in relation to
cryptography.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………….
b) What is the difference between Symmetric and Asymmetric key encryption?
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
………………………………………………………………………………………………….
c) Suppose you decide to use a 10-bit key. How many combinations are there?

…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………

--*1*--
*##############################################################################################################*

Question 2:

a) James and Alexander are having a debate about Public Key Infrastructure (PKI).
James says that it is simply a way of authenticating users. However, Alexander
argues that it is a type of encryption algorithm. They have asked you to decide who
is correct.

Briefly outline the purpose of PKI. You should also explain what is meant by a
certificate authority and digital certificate.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
……….
b) Are James’s and Alexander’s opinions about Public Key Infrastructure correct or
incorrect? For each opinion, you should provide ONE (1) reason for why it is either
correct or incorrect.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
………………………………………………………………………………………………………………………….
c) Briefly explain what is meant by a password audit.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
……………………….…………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………

--*2*--
*##############################################################################################################*

Question 3:

a) IPsec is a suite of protocols for securing networks. Briefly outline how it

providesconfidentiality, integrity and authentication.

…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
………………….
b) Briefly explain what is by an Authentication Header (AH) and an
EncapsulatingSecurity Payload (ESP).
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………
c) Draw a diagram to show where IPSec fits in the TCP/IP model.

…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
……………………………………………………………………………………………………………….

d) Discuss TWO (2) alternative methods of authentication and outline ONE

(1) advantage or disadvantage of each method.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………...

--*3*--
*##############################################################################################################*

Question 4:

a) Explain what is meant by a digital signature and describe how it is

generated.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
….……………………………………………………….
b) Does a digital signature ensure the entire message is encrypted? You
shouldprovide ONE (1) reason to support your answer.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
c) Name the IETF standard for email security and briefly outline what
additionalsecurity it provides in addition to digital signatures.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………….……………………………………………
…………………………………………………………………………………………………………………………
…
d) Explain what is meant by a vulnerability assessment in the context of
networksecurity and provide THREE (3) reasons why it is important.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………

--*4*--
*##############################################################################################################*

Question 5:

a) Explain what is meant by the term firewall in network security and

discuss how itis used in network architectures.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
….………………………………………………………………………………………………………………………
…………………………………………………………………………………………………

b) Firewalls use Access Control Lists (ACL). Explain what is meant by an

ACL and typical contents.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
….……………………………………………………….
c) Briefly describe the term vulnerability in the context of network security
and provide THREE (3) examples of vulnerabilities in a network.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
….……………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
………………………………………………………………………………………………

--*5*--
*##############################################################################################################*

Question 6:

a) Employees are increasingly connecting to company networks remotely

via mobiledevices such as laptops, tablets and smartphones. Remote
access needs to satisfy five essential requirements to be efficient and
secure. Identify and briefly explain each of these FIVE (5) requirements.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
….……………………………………………………….
b) There are several methods of achieving secure remote access. One
important method is to use a VPN. Explain if/ how a VPN achieves each
of the requirements in part (a)
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
c) Confidentiality, Integrity and Availability are core attributes in
security. Identify THREE (3) threats to a wireless network that could
compromise security. You should state the security attribute that is
compromised by each threat.
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………
………………………………………………………………………………………………………………….……
…………………………………………………………………………………………………………………………
…………………………………………………………………………………………………….
#*# ‫ مع تمنياتنا لكم جميعا بالوفيق والنجاح‬#*#
--*6*--