Get premium membership and access revision papers, questions with answers as well as video lessons.
Got a question or eager to learn? Discover limitless learning on WhatsApp now - Start Now!

Cisy 431:Information Systems Security And Audit Question Paper

Cisy 431:Information Systems Security And Audit 

Course:Computer Science

Institution: Kenya Methodist University question papers

Exam Year:2010



FACULTY : SCIENCE AND TECHNOLOY

DEPARTMENT : CIS AND BIT

TIME : 2 HOURS

INSTRUCTIONS Answer Question ONE (compulsory) in Section A and any Other TWO Questions in Section B


SECTION A


Question 1

a) Define the following terms (4Marks)

i) Security

ii) Control

iii) Encipherment

iv) Data Integrity

b) There are a number of trust models employed by various cryptographic schemes list the three types of trust models (3Marks)

c) Web security many "layers" must work in concert to produce a functioning web-based system. with a diagram show the SSL protocol Stack (5Marks)

d) List the various types of cryptographic algorithm and explain why we use the three cryptographic algorithm (6Marks)

e) LIST the four phases of virus nature (4Marks)

f) With example show that Ka=Kb using Diffie-Hellman Algorithm (4Marks)

g) List the various types of firewalls (4Marks)


SECTION B


Question 2

a) Certificates and Certificate Authorities (CA) are necessary for widespread use of cryptography for e-commerce applications. Describe the contents of Certificates and explain the specific functions of the certificate (10Marks)

b) DES uses a 56-bit key, the 56-bit key is divided into eight 7-bit blocks and an 8th odd parity bit is added to each block. Using a diagram describe DES cryptographic algorithm (10Marks) Question 3 a) Describe OSI security architecture focus on security services (10Marks)

b) RSA''s mathematical hardness comes from the ease in calculating large numbers and the difficulty in finding the prime factors of those large numbers. Describe clearly the basic steps to create an RSA public/private key (10Marks)


Question 4

a) Describe the various types of IPS and IDS (10Marks)

b) Discuss Basic COBIT Principles and explain the benefits of implementing COBIT as a governance framework (5Marks)

c) Using a diagram show the four interrelated domains of COBIT (5Marks)


Question 5

a) CAAT refers to computer-assisted audit technique .As an IS auditor explain the benefits of using CAAT and list the Prerequisites for using Audit Software (10Marks)

b) Company X have hired you to perform IS Audit. Clearly describe the three types of Audit that you would likely perform. (10Marks)




More Question Papers

Enhance your teaching with our comprehensive Schemes of Work and Notes!

Popular Exams

Return to Question Papers    

© 2008-2024 by KenyaPlex.com. All Rights Reserved | Home | About Us | Contact Us | Copyright | Terms Of Use | Privacy Policy | Advertise