1. Reg. No. : LI | Question Paper Code : 20915 B.E,/B.Tech. DEGREE EXAMINATIONS, NOVEMBER/DECEMBER 2023 Fifth Semester Artificial Intelligence and Data Science CW 3551 - DATA AND INFORMATION SECURITY (Common to : Computer Science and Business Systems) (Regulations ~ 2021) Maximum : 100 marks Answer ALL questions. PART A — (10 x 2= 20 marks) Give the critical characteristics of Information, Differentiate direct and indirect attacks. List any five attacks that are used against controlled systems. Express the logic behind the use of online registration process to combat piracy. What requirements should a digital signature scheme should satisfy? List down the comparison of SHA parameters. What do you mean by S/MIME? What are the services provided by PGP? What is mean by SET? What are the features of SET? What is the difference between TLS and SSL security? PART B— (6 x 13 = 65 marks) (a) Mlustrate briefly about SDLC waterfall methodology and its relation in respeot to information security. Or (b) (@ _ Infer about Information Security Project Team. (i) Analyze the methodology which plays major role in the implementation of information security? How does a methodology improve the process?12. 13, 14. 16. 16. (@) ) @) ) @ (b) fa) (b) (@) b) (List the Computer Security Hybrid Policies and explain. (i) Deseribe the types of Computer Security. Or Mlustrate which management groups are responsible for implementing information security to protect the organization's ability to function. Depict Access control architecture for e-commerce company by assuming roles and responsibilities. Describe digital signature algorithm and show how signing and verification is done using DSS. Provide example for the same Or Explain the format of the X.509 certificate. Provide any one real time case study for the use of X.509 certificate Explain in detail about architecture of IP Security. Depict how email message could be sent secured with a neat example. Or Explain the operation description of PGP. Provide real time case study for understanding its real time working. Deseribe the SSL Architecture in detail and explain how it helps in maintaining secure end-to-end Communication, Or Describe the working of SET with neat diagram and elaborate its role in transaction processing. PART C—(1« 155 5 marks) Evaluate who decides how and when data in an organization will be used or controlled? Who is responsible for seeing that these wishes are carried out? Frame complete security model with Ipsec security and manage keys appropriately. Or How has the perception of the hacker changed over recent years? Compose the profile of a hacker today by depicting the violated techniques, algorithms and security protocols. te 20915