Let’s be honest: Computer Security and Cryptography is the only subject where the “environment” is actively trying to break your code. In most engineering units, you’re fighting gravity or heat; here, you’re fighting a motivated, intelligent human adversary. It’s a game of move and counter-move.
Below is the exam paper download link
Past Paper On Computer Security And Cryptography For Revision
Above is the exam paper download link
If you’re staring down an upcoming exam, you’ve likely realized that knowing “what” AES stands for isn’t the goal. Your examiners want to know why you’d choose a Symmetric key over an Asymmetric one in a high-speed data stream, or how a Man-in-the-Middle (MITM) attack can bypass even the strongest encryption if your certificates are weak.
To help you think like both a defender and a breaker, we’ve tackled the big-ticket questions that define the security syllabus. Plus, we’ve included a direct link to download a full Computer Security and Cryptography revision past paper at the bottom of this page.
Your Security Revision: The Questions That Guard the Grade
Q: Why do we use Public Key Infrastructure (PKI) if Symmetric encryption is faster?
Symmetric encryption (like AES) is incredibly fast, but it has a “Key Distribution” problem. How do you get the secret key to someone across the world without an eavesdropper stealing it? Asymmetric encryption (RSA, Elliptic Curve) solves this. You use a Public Key to encrypt a “Session Key” and send that. Once the connection is established, you switch to Symmetric encryption for the actual data.
Q: What is the “Salt” in password hashing, and why is it necessary?
If two people use the password “P@ssword123,” their hashes will look identical in a database. A hacker using a Rainbow Table (a pre-computed list of hashes) can crack both at once. A Salt is a random string added to the password before it’s hashed. This ensures that even identical passwords produce completely different hashes, making bulk cracking impossible.
Q: How does a Digital Signature provide “Non-Repudiation”?
A Digital Signature isn’t just an image of your name. It’s a hash of the document encrypted with your Private Key. Because only you have that key, anyone with your Public Key can verify that only you could have sent it. “Non-repudiation” means you can’t later claim, “That wasn’t me,” because the math proves otherwise.
Q: What is the difference between a “Virus,” a “Worm,” and a “Trojan”?
This is a classic “Short Answer” favorite. A Virus needs a host file to hitch a ride on. A Worm is a standalone program that self-replicates across a network without human help. A Trojan is a “gift” that looks useful (like a free game) but contains a malicious payload hidden inside.
Strategy: How to Use the Past Paper for Maximum Gain
Don’t just read the PDF; try to break the scenarios provided. If you want to walk into that exam hall with an edge, follow this revision protocol:
-
The RSA Calculation: Look at the math-heavy questions. Practice calculating $n$, $phi(n)$, and the keys $e$ and $d$ with small prime numbers. If you can’t do the modular arithmetic by hand, you’ll get stuck on the bigger numbers in the exam.
-
The Attack Surface: When the paper describes a network, look for the “weakest link.” Is it an unpatched server? An unencrypted backup? Or a human being susceptible to Social Engineering?
-
The OSI Security Layer: Be ready to explain where security happens. Is it at the Network Layer (IPsec), the Transport Layer (SSL/TLS), or the Application Layer (PGP)?
Ready to Secure Your Future?
Computer security isn’t a destination; it’s a process of constant vigilance. The concepts of confidentiality, integrity, and availability (the CIA triad) are the pillars that keep the digital world from collapsing. By working through a past paper, you’ll see exactly how these high-level theories are applied to real-world vulnerabilities.
We’ve curated a comprehensive revision paper that covers everything from block ciphers and stream ciphers to firewalls and intrusion detection systems.
