## Monday, October 29, 2012

### ANNA UNIVERSITY M.E. (CSE) - Second Semester NETWORK SECURITY QUESTION BANK

Question Bank
M.E. (CSE) - Second Semester
NETWORK SECURITY
UNIT-I
PART-A

1. What are active attacks? How is it classified?
2.  Differentiate cryptography and Stegnography with an example.
3. Mention the mechanism implemented by the confidentiality and traffic flow confidentiality services.
4. What is meant by services?
5. Define the following terms (a) Stream cipher (b) Block cipher.
6. Differentiate between mono alphabetic cipher and a poly alphabetic cipher.
7. What is meant by transpositional techniques?
8. What are the types of security threats?
9. Define decryption.
10. Define Ceaser cipher.
11. What is private key?
12.  Define cipher text.
13. List and briefly define categories of security mechanism.
14. Differentiate between active attack and passive attack.
15. Write a note on playfair cipher.
16. Why it is important to study the Feistal cipher?
17. Distinguish between diffusion and confusion.

PART-B
1.       What is meant by cryptanalysis? What are the types of cryptanalytic attacks and the amount of information known to cryptanalyst? What are the features of these attacks?
2.      Discuss in detail about the classical encryption techniques.
3.       Explain about model for network security.
5.      Compare and contrast substitution and transposition ciphers. Explain one method in each category.
6.      How simplified DES scheme is used for encryption/decryption? Discuss.
7.       Why DES algorithm is implemented? Explain in detail about the function about DES and compare it with simplified DES.

UNIT-II
PART-A

1. Specify the application of public key cryptography.
2. What is the purpose of S-boxes in DES?
3. How is S-box constructed?
4. Distinguish between stream and block ciphers.
5.      List three classes of polynomial arithmetic.
6.      Define plain text.
7.       Differentiate between plain text and cipher text.
8.      List out the types of cryptographic functions.
9.      What is Elliptic curve cryptography?
10.   Differentiate between public key encryption versus conventional encryption.
11.   Define authentication.
12.   What is modular arithmetic?
13.   Define Euler’s theorem.
14.   Mention the four possible approaches to attack the RSA algorithm.
15.   Write the purpose of Diffie –Hellman Key Exchange.
16. What is a public key certificate?
PART-B
1.       How is RSA algorithm used in encryption/Decryption? Discuss with example.
2.      Explain in detail about distribution of public key and secret key.
3.       Explain the concept of multiple encryptions with an example.
4.       What are the requirements for public key cryptography? What are the issues in public key cryptanalysis?
5.      Explain in brief about Elliptic Curve cryptography.
6.     Describe about groups, rings, modular arithmetic  and finite field.
UNIT-III
PART-A
1.       What are the requirements of a hash functions.
2.      Illustrate denial of service. Give an example.
3.       What are the properties of a hash function used in message authentication.
4.      Compare SHA-1 and MD5 algorithm.
5.      What is meant by message digest?
6.      List out the design objectives for HMAC.
7.       What are the three classes of message authentication functions?
8.      What is the need for mutual authentication protocol?
9.      What are the requirements of digital signature?
10.   List out the properties of digital signature.
11.   What are the key requirements of message digests?
12.   Draw the diagram of TCP segment.
13.   What is meant by brute force attack?
14.   Define birthday attack.
15.   What is web security?
16. Define CMAC.
PART-B
1. Explain simple hash function with example?
2. How hash functions are used in message authentication? Discus in detail about
simple hash functions  and block chaining techniques.
3. Explain the MD-5 and SHA-1 hashing functions with an example.
4.  Explain the digital signature algorithm with example and its application.
5. What are the different types of arbitrated digital signatures? Explain their operation and other features.
6. Describe HMAC algorithm.
7.Explian in detail about authentication function.

UNIT-IV
PART-A

1.       List out the reasons for using PGP.
2.      Why e-mail compatibility function in PGP needed?
3.       What is e-mail?
4.      Mention any two applications of IP security.
5.      Give the benefits of IP security.
6.      Specify the IP security services.
7.       What are the two aspects of key management in IPSec?
8.      Write the functions of S/MIME.
9.      What is IP spoofing?
10.   State the properties of digital signature.
11.   What is meant by session key component?
12.   Write about the benefits of IP security.
13.   Define SSL connection.
14.   What is Kerberos?
15.   Write the four notation for PGP.
16.    What are the uses of KDC?
17.   List out the header fields in MIME.
18. What are the address formats used in e-mail.?
PART-B
1. Briefly discuss about SSL architecture and SSL record protocol.
2. Explain the transmission and reception of PGP messages, with relevant flowcharts, in detail.
3. Explain about ESP format and transport modes of ESP.
4. Explain the implementation of  IPSec in detail.
5. How is secure electronic transaction implemented? Explain.
6. Explain in detail about key management in IP Security.
7. Describe about Secure Electronic Transaction.
UNIT-V
PART-A
1. What are the design goals of firewalls?
2. List out the limitations of firewall.
3. List out the current standards.
4. Write replay attack with an example.
5. What is trusted system? How is it useful?
6. What is the use of trusted system.
7. What is meant by tiny fragment attack? How can it be defeated?
8. Mention the principle of a packet filtering type of firewall.
9. List out the configuration of firewall.
10. What is  an encrypted tunnel?
11. List and briefly define three classes of intruder.
12. Draw the diagram of agent architecture.
13. What are the two common techniques used to protect a password file?
14. List out the four basic techniques for password selection strategies.
15. What is a honey pot?
PART-B
1.       What are the characteristics and capabilities of firewalls? Explain the  types of firewalls.
2.      Explain in detail about internet infrastructure security.
3.       Discuss in detail about the concepts of trusted systems and data access control.
4.      Explain in detail about prevention of Denial of Service attacks.
5.      Illustrate, with necessary diagrams, three common firewall configurations.

### ANNA UNIVERSITY ME DEGREE OPERATING SYSTEM QUESTION BANK

OPERATING SYSTEM
Question Bank
M.E. (CSE) - Second Semester
UNIT-I
PART A

1. State the purpose and goals of an operating system.
2. What are system calls?
3. What are the operating system services?
4. Define paging.
5. What is a context switching?
6. What is the purpose of command interpreter? Why is it usually separate from kernel?
8.      What is virtual machine architecture? What is the main advantage of this for OS designer and OS user?
1. Define a process.
2. What are a safe state and an unsafe state?
3. How can the system recover from deadlock
7. Distinguish between light weight process  and heavy weight process. What are the differences between user level threads and kernel supported threads?
PART B

1. Explain the following CPU scheduling algorithms with suitable example.
i.      i) SJF    ii) Priority    iii) Round Robin
2. Explain Semaphore in detail. Show the implementation of semaphore with readers-writers problem.
3. State clearly the four necessary conditions required for deadlocks to occur. Consider a system consisting of four resources of the same type that are shared by three processes, each of which needs at most two resources. Show that the system is deadlock free.
4. Explain the concept of cooperating processes. Bring out the significance of this concept through the implementation of a producer -consumer process.
5. What are the necessary conditions for deadlocks? Explain the methods for deadlock prevention?
6. Write short notes on
UNIT II
PART A

1. When do page faults occur? Describe the actions taken by the operating system when a page fault occurs.
2. What is paging?
3. What is the cause of thrashing?
4. Consider a logical address space of eight pages of 1024 words each, mapped on to a physical memory of 32 frames.
a.      How many bits are there in the logical address?
b.      How many bits are there in the physical address?
1. What is demand paging?
4. What is swapping?
5. What is internal and external fragmentation?
6. What are base and limit registers?
7. List out the functions of a dispatcher
8. What is deterministic modeling?
9. Define resource reservation?
10. What is a hashed page table?
11. Define roll in and roll out.
12. What is TLB hit and TLB miss?
13. PART B

1. Explain about page replacement algorithms with examples.
2. Describe in detail about free space management..
3. Describe about paging with a neat diagram.
4. Explain the structure of the paging hardware with translation look-aside buffer (TLB),with suitable diagram. Also give the significance of protection bit.
5. Discuss in detail about segmented memory management.
6.      Explain about the techniques for structuring the page table.
7.       Explain the basic concepts of segmentation

UNIT III

PART A

1. Mention any four attributes normally contained in a file.
2. List the two important characteristics of a disk.
3. What is C-SCAN scheduling?
4. Why scheduling is needed?
5. Why rotational latency is usually not considered in disk scheduling?
6. Mention the types of disk scheduling.
7. How the user interface is linked to the file system?
8. State the responsibilities of operating system in connection with the file management.
10. What is a bit vector?
11. Define hash table.
12. What are the various layers of a file system?
13. What are the design issues in file system
14. What is compaction?
15. What is dynamic storage allocation?
PART B

1. Explain any three schemes for defining the logical structure of a directory with suitable example.
2. With suitable example, explain the disk scheduling algorithms.
3. Explain briefly about the various access methods?
4.  Discuss about the allocation methods?
5. Write briefly about disk scheduling.
6. Explain in detail about I/O device management.
7. Why rotational latency is usually not considered in disk scheduling? How would you modify SSTF, SCAN and C-SCAN to include latency optimization?
UNIT IV
PART A

1. Define distributed file systems.
2. How swapping is done in distributed systems?
3. What are the reasons for building distributed systems?
4. What are hierarchical networks?
5. List different types of failures that are possible in a distributed system.
6. What do you mean by fault tolerant system? Give at least two reasons why the fault tolerance is different to implement?
7. What are RPC’s?
8. What is dynamic routing?
9. Define AFS.
10. What are the two approaches to verify the validity of cached data?
11. List the primary tasks of a microkernel.
12. Mention the four “management calls” provided for a thread.
PART B

1. Explain the various design issues in distributed system.
2. What are the benefits of distributed file system when compared to a file system in a centralized system?
3.  a) Explain briefly the “threads” in distributed systems.
b) Write a detailed note on distributed OS.
1. Write short notes on:
a) Data migration
b) Process migration
c) Computation migration
5. Describe about dynamic routing in distributed system.
UNIT V
PART A
1. What is i-node?
2. Give the significance of “vfork”system call.
3. What are pipes?
4. What is the use of fork and exec system calls?
5. What are filters?
6. What is interprocess communication?
7. What is PCB?
8. Explain memory management in LINUX
9. Explain about the process management in Linux
10. Discuss the design principles of LINUX OS
11. Under what circumstances filters and shell scripts are used.
12. What are device drivers?
13. Define kernel.
14. List out the components of Linux system.
15. What is a process model?
PART B
1.       Write in detail about the UNIX file system.
2.      a) What are signals? How are signals handled in UNIX?
3.       b) Write about process control blocks in the UNIX system.
4.      Explain in detail the memory management in UNIX.
5.      Discuss in detail about processes in UNIX.
6.      Explain the file structure in UNIX and the system calls for basic file manipulation.
7.       Explain in detail about file system structure.

### SOFTWARE ENGINEERING METHODOLOGIES ME CSE 2 MARKS QUESTIONS

SOFTWARE ENGINEERING METHODOLOGIES
Unit –I
2- Marks
1. Define software engineering.
Software engineering is the design, development and documentation of software by applying technologies and practices from computer science, project management, engineering, application domains, interface design and other fields.
1. Write short notes about  process.
Software process is a framework for the tasks that are required to build high-quality softwares. A common process framework is a small number of framework activities that are applicable to all software projects, regardless of their size or complexity.
1. Define planning.
Planning is the task required to define resources, timelines and other project related information.
1. State the importance of planning.
To provide a framework that enables software manager to make a reasonable estimate of resources, cost, and schedule.
Project outcomes should be bounded by 'best case' and 'worst case' scenarios.
Estimates should be updated as the project progresses.
1. State the difference types of software applications.
2. List out any 4 software engineering paradigms.
Waterfall model
Spiral model
Incremental model
WINWIN Spiral model
1. Define risk. Give its types.
A risk is a potential problem – it might happen, it might not. Risk analysis and management are a series of steps that help a software team to understand and manage uncertainity.

Types :
Project risks
Technical risks
1. Define cost estimation.
2. List the task regions in the Spiral model.
Customer communication
Planning
Risk analysis
Engineering
Construction and release
Customer evaluation
1. What are the drawbacks of spiral model?
i)                    Demands considerable risk assessment expertise and relies on this expertise for success.
ii)                  If major risk is not uncovered and managed, problems will occur.
1. What is System Engineering?
System engineering is an interdisciplinary activity involving teams drawn from different backgrounds. System engineering teams are needed because it is unlikely that any single engineer has sufficient knowledge and understanding to consider all the implications of system design decisions.
1. List the process maturity levels in SEIs CMM.
Level 1 – Initial
Level 2 – Repeatable
Level 3 – Defined
Level 4 – Managed
Level 5 - Optimizing
1. What are the steps followed in testing?
2. What is the use of CMM?
It defines key activities at different levels of process maturity. To determine an organization’s current state of process maturity, the SEI uses an assessment that results in a five point grading scheme.
1. Name the Evolutionary process Models.
2. What are the various types of traceability in software engineering?
Features traceability table
Dependency traceability table
Subsystem traceability table
Interface traceability table
1. What are the fundamental activities of a software process?
2. What are the umbrella activities of a software process?
-          Software  project tracking and control
-          Risk management
-          SQA
-          Formal technical reviews
-          Software configuration management
-          Reusability management
-          Document preparation
-          Measurement
1. What is risk refinement?
• Process of restating the risks as a set of more detailed risks that will be easier to mitigate, monitor, and manage.
• CTC (condition-transition-consequence) format may be a good representation for the detailed risks (e.g. given that then there is a concern that (possibly) ).
1. What is RMMM plan?
The RMMM plan documents all work performed as part of risk analysis and is used by the project manager. Once RMMM plan has been documented and the project has begun, risk mitigation and monitoring steps commence.

Unit-2
2- Marks.

1. What is software prototyping?
Software prototyping is a rapid software development for validating the requirements. It allows user to experiment with requirements and to see how the system supports their work.
1. What are the methods and tools for rapid prototyping?
-          4th generation techniques
-          Reusable software components
-          Formal specification and prototyping environments
1. What are the benefits of prototyping?
i)                    Prototype can serve as a basis for deriving system specification.
ii)                  Design quality can be improved.
iii)                System can be maintained easily.
iv)                System usability can be improved.
v)                  If any service is missing then that can be identified.
1. What are the prototyping approaches in software process?
a)      Evolutionary prototyping
b)     Throw-away prototyping
c)      Increment
1. What are the advantages of evolutionary prototyping?
i)        Fast delivery of the working system
ii)    Specification, design and implementation work in co-ordinated manner
1. What are the various Rapid prototyping techniques?
i)        Executable specification languages
ii)      Very high level languages
iii)    Application generators and 4G languages.
1. What is the use of User Interface prototyping?
i)                    User-interface management system provides basic user interface functionality such as menu selection, object display and so on.
ii)                  They are placed  between the application and the user interface and provide facilities for screen definition and dialogue specification.
1. What are the characteristics of SRS?
The SRS is produced at the culmination of the analysis task.
-          Introduction
-          Information description
-          Functional description
-          Behavioral description
-          Validation Criteria
-          Bibliography and Appendix
1. What are the objectives of Analysis modeling?
i)                    To describe what the customer requires
ii)                  To establish a basis for the creation of a software design
iii)                To define a set of requirements that can be validated once the software is built.
1. What is a state transition diagram?
A state transition diagram is basically a collection of states and events. The events cause the system to change its state. It also represents what actions are to be taken on occurrence of particular event.
1. What are the elements of Analysis model?
i)                    Data dictionary
ii)                  E-R Diagram
iii)                Dataflow diagram
iv)                State transition diagram
v)                  Control specification
vi)                Process specification.
1. What are the elements of design model?
i)                    Data design
ii)                  Interface design
iii)                Architectural design
iv)                Component-level design
1. Draw the structure of analysis model.
2. What is cardinality in data modeling?
Cardinality specifies how the number of occurences of one object is related to the number of occurences of another object.
1. What does modality in data modeling indicates?
Modality indicates whether or not a particular data object must participate in the relationship.
1. Write any three specification principles.
-          Separate functionality from implementation
-          Establish the context in which software operates by specifying the manner in which other system components interact with software.
-          Create a cognitive model rather than a design or implementation model
1. Differentiate between functional and behavioral description.
Functional Modeling and Information Flow (DFD)
• Shows the relationships of external entities, process or transforms, data items, and data stores
• DFD's cannot show procedural detail (e.g. conditionals or loops) only the flow of data through the software
• Refinement from one DFD level to the next should follow approximately a 1:5 ratio (this ratio will reduce as the refinement proceeds)
• To model real-time systems, structured analysis notation must be available for time continuous data and event processing (e.g. Ward and Mellor or Hately and Pirbhai)

Behavioral Modeling (STD)
• State transition diagrams represent the system states and events that trigger state transitions
• STD's indicate actions (e.g. process activation) taken as a consequence of a particular event
• A state is any observable mode of behavior
• Hatley and Pirbhai control flow diagrams (CFD) can also be used for behavioral modeling

1. Define requirement analysis.
This is the first technical step in the software process. It is at this point that a general statement of software scope is refined into a concrete specification that becomes the foundation for all software engineering activities that follows.
1. Define analysis modeling.
The analysis model is the first technical representation of a system. Analysis modeling uses a combination of text and diagrams to represent software requirements (data, function, and behavior) in an understandable way. Building analysis models helps make it easier to uncover requirement inconsistencies and omissions.
1. What is mean by data object? Give examples.

Unit-3
2- Marks
1. Define data abstraction.
It involves specifying a datatype or data object specifying legal operations on objects; representation and manipulation details are suppressed.
1. Define modularity.
The software is divided into seperately named and addressable components that are called modules. Creating such modules bring the modularity in software.
1. What is the benefit of modular design?
A modular design reduces complexity, facilitates change and results in easier implementation by encouraging parallel development of different parts of a system.
1. What is a cohesive module?
A cohesive module performs a single task within a software procedure requiring little interaction with procedures being performed in other parts of a program.
1. What are the different types of Cohesion?
Coincidentally cohesive
Logically cohesive
Temporal cohesive
Procedural cohesive
Communicational cohesion
Sequential cohesion
Informational cohesion
1. What are the various types of coupling?
Content coupling                          Stamp coupling
Common coupling                       Data coupling
Control coupling                           External coupling

1. What are the common activities in design process?
2. What are the benefits of horizontal partitioning?
-          Software that is easier to test
-          Software that is easier to maintain
-          Propagation of fewer side effects
-          Software that is easier to extend
1. What is vertical partitioning?
Vertical partitioning suggests the control and work should be disturbed top-down in program structure. It define separate branches of the module hierarchy for each major function.
1. What are the advantages of vertical partitioning?
Vertical partitioning structures are less likely to be susceptible to side effects when changes are made and will therefore be more maintainable.
1. What are the various elements of data design?
2. List the guidelines for data design.
3. Name the commonly used architectural styles.
Data-centered architectures
Data-flow architectures
Call and return architectures
Object-oriented architectures
Layered architectures.
1. What is a Real time system?
Real time system is a software system in which the current functionalities of the system are dependent upon results produced by the system and the time at which these results are produced.
1. How an effective module design can be achieved?
-          Functional independence
-          Cohesion
-          Coupling
1. State the importance of architecture plan.
2. What is DFD? State the importance of DFD.
A DFD is a graphical representation that depicts information flow and the transforms that are applied as data move from input to output.
The DFD may be used to represent a system or software at any level of abstraction.
1. Define software architecture.
The software architecture of a program is the structure or structures of the system, which compromise software components, the extenally visible properties of those components, and the relationships among them.
1. Define coupling.
Coupling is a measure of relative intedependence among modules. The degree of coupling is lowest for data communication, higher for control communication and highest for modules that modify  other modules.
1. Define architectural style.
Each style describes a system category that encompasses a set of components that performs a function required by a system and how components can be integrated to and from the system.
1. What is meant by transform mapping?
Transform mapping is a set of design steps that allow a DFD with transform flow characteristics to be mapped into a specific architectural styles.

Unit- 4
2- Marks

1. List the advantages of user interface design.
-          It creates a effective communication medium between a human and a computer
-          It begins with the identification of user, task and environmental requirements.
1. Define user interface design.
2. What are the steps are involved in user interface design?
3. List the different design models.
4. Write various golden rules available in user interface design.
i)                    Place the user in control
ii)                  Reduce the user’s memory load
iii)                Make the interface consistent
1. List the various design process in User interface design.
i)                    Creation of different models of system function
ii)                  The human-and-computer-oriented tasks that are required to achieve system function
iii)                Design issues that apply at all interface designs are considered.
iv)                Tools are used to prototype and umtimately implement the design model
v)                  Result is evaluated for quality.
1. What are the framework activities of design process?
i)                    User, task and environment analysis and modeling
ii)                  Interface design
iii)                Interface construction
iv)                Interface validation
1. Give short notes about SCM?
2. Define version control.
3. What are the different Interface Design Models available?
5. What is software configuration audit?
6. Define status reporting.
7. What is PDL?
8. Write two design issues in UID.
9. What are the various built-in mechanisms available in UIDS?
10. What are the implementation tools are available in UID?
11. Define system response time.
12. Define variability.

Unit-5
2- Marks

1.      What are the objectives of testing?
i)                    Testing is a process of executing a program with the intend of finding an error.
ii)                  A good test case is one that has high probability of finding an undiscovered error.
iii)                A successful test is one that uncovers an as-yet undiscovered error.
2.      What are the testing principles the software engineer must apply while  performing the software testing?
i)                    All test should be traceable to customer requirements.
ii)                  Tests should be planned long before testing begins.
iii)                Exhaustive testing is not possible.
iv)                To be most effective, testing should be conducted by an independent third party.
3.       What are the two levels of testing?
4.      What are the various testing activities?
Test plan
Test design
Test cases
Test procedure
Test execution
Test report.
5.      Write short note on black box testing.
It enables the software to derive sets of input conditions that will fully exercise all functional requirements for a program.
It uncovers a different class of errors than white box methods.

6.     What is equivalence partitioning?
It is a black box testing method that divides the input domain of a program into classes of data from which test cases can be derived.
7.      What is a boundary value analysis?
It is a test case design technique that complements equivalence partitioning. It leads to the selection of test cases at the “edges” of the classes.
8.     What are the reasons behind to perform white box testing?
White box tests focus on the program control structure.
It make use of program graphs to derive the set of linearly independent tests that will ensure coverage.
9.     What is cyclomatic complexity?
It is a software metric that provides a quantitative measure of the logical complexity of a program. The value computed for cyclomatic complexity defines the number of independent path in the basis set of a program.
10.  How to compute the cyclomatic complexity?
It is computed in one of 3 ways.
1.       The no. of regions of the flow graph correspond to the cyclomatic complexity
2.      Cyclomatic complexity V(G), for a flow graph G is defined as
V(G) = E – N + 2
E – no. of flow graph edges
N – no. of flow graph nodes.
3.       V(G) = P + 1
P – no. of predicate nodes.
11.  Distinguish between verification and validation.
Verification = refers to the set of activities that ensure that software correctly implements a specific function.
Validation = refers to a set of activities that ensure that the software that has been built is traceable to customer requirements.
Verification = “ Are we building the product right?”
Validation  = “ Are we building the product right?”
12.  What are the various testing strategies for conventional software?
i)                    Unit testing
ii)                  Validation testing
iii)                Integration testing
iv)                System testing
13.   Write about drivers and stubs.
14.  What are the approaches of integration testing?
-          Top down Integration
-          Bottom up testing
-          Sandwich testing or Hybrid Testing
16. What are the benefits of smoke testing?
Integration risk is minimized
The quality of the end-product is improved
Error diagnose and correction are simplified
Progress is easier to assess
17.  What are the conditions exists after performing validation testing?
The function or performance characteristics conform to specification
Derivation from specification is uncovered and a deficiency list is created.
18. Distinguish between alpha and beta testing.
The alpha test is conducted at the developer’s site by a customer. The software is used in a natural setting with the developer “looking over the shoulder” of the user and recording errors and usage problems. Alpha tests are conducted in a controlled environment.
The beta test is conducted at one or more customer sites by the end-user of the software. Unlike alpha testing, the developer is generally not present. Therefore, the beta testing is a “live” application of the softwar in an environment that cannot be controlled by the developer.
19. What are the various types of system testing?
-          Recovery testing
-          Security testing
-          Stress testing
-          Performance testing
20.  Define debugging.
Debugging occurs as a consequence of successful testing. Ie., when a test case uncovers an error, debugging is the process results in the removal of error.
21.  What are the common approaches in debugging?
i)                    Brute force
ii)                  Backtracking and
iii)                Cause elimination
22.  Write about the types of project plan.