Get premium membership and access revision papers, questions with answers as well as video lessons.

Cisy 431:Introduction To Information Systems Security And Audit  Question Paper

Cisy 431:Introduction To Information Systems Security And Audit  

Course:Bachelor Of Computer Science

Institution: Kenya Methodist University question papers

Exam Year:2013



KENYA METHODIST UNIVERSITY

END OF 3''RD ''TRIMESTER 2013 (PT) EXAMINATION
FACULTY : COMPUTING & INFORMATICS
DEPARTMENT : COMPUTER SCIENCE AND BUSINESS INFORMATION
UNIT CODE : BBIT 433/CISY 431
UNIT TITLE : INTRODUCTION TO INFORMATION SYSTEMS SECURITY AND AUDIT
TIME : 2 HOURS




Instructions: Answer section A (compulsory) and any other two questions in section B.

SECTION A

Question One

Define the following terms.

(6mks)

Non-repudiation
Replay
Cyber bollying

With examples explain the following concepts as applied in OSL security architecture.

(4mks)

Access control
Integrity

Explain the three types of information system audit.

(3mks)

Explain how you can use (COBIT to provide IT governance.

(4mks)

Show how you can determine measure of risk.

(3mks)

Describe the three classes of intruders.

(6mks)

What are the main objectives of implementing SSL in web security? (4mks)

SECTION B

Question Three

Describe the various stages of information system auditing and format of writing audit report.

(10mks)

Explain the best approach in building a secure organization.

(10mks)

Question Four

What are the main three areas that are covered in an security architecture.

(8mks)

What are the three benefits that can be provided by intrusion detection systems and intrusion prevention systems.

(4mks)

Describe the steps in development systems disaster recovery strategy and plan (DRSP) that will ensure business continuity (BC) and availability of critical computing services.

(8mks)

Question Five

Discuss basic COBIT principle and explain the benefits of implementing COBIT as a governance framework.

(10mks)

Disaster recovery planning is a critical portion of a comprehensive information security program. Describe six phases that should be incident response IR plan.

(10mks)




More Question Papers

Enhance your teaching with our comprehensive Schemes of Work and Notes!

Popular Exams

Return to Question Papers    

© 2008-2024 by KenyaPlex.com. All Rights Reserved | Home | About Us | Contact Us | Copyright | Terms Of Use | Privacy Policy | Advertise