Get premium membership and access revision papers, questions with answers as well as video lessons.
Got a question or eager to learn? Discover limitless learning on WhatsApp now -
Start Now!
Bmit 416:It Security Ethics And Audit August 2009 Question Paper
Bmit 416:It Security Ethics And Audit August 2009
Course:Bachelor Of Business Management And Information Technology
Institution: Kabarak University question papers
Exam Year:2009
KABARAK UNIVERSITY
EXAMINATIONS
2008/2009 ACADEMIC YEAR
FOR THE DEGREE OF BACHELOR OF BUSINESS MANAGEMENT
& INFORMATION TECHNOLOGY
COURSE CODE: BMIT 416
INSTRUCTIONS:
Answer question ONE and any OTHER THREE questions.
QUESTION ONE [40MKS]
a) Give the appropriate answer for the following descriptions:
i. The measure to protect data during their transmission over a collection of
interconnected network is called…………. [1mk]
ii. The concealment of information/resource is ……….. [1mk]
iii. The acceptance of false data is ………. [1mk]
iv. A subject should be given only those privileges that it needs in order to
complete its task
[1mk]
b) Highlight the three problems of Access control Matrix [3mks]
c) Windows NT provides a user to read, write, execute, delete, change permission of or
take ownership of file or directory. These rights are called…… [1mk]
d) Briefly describe the password aging [2mks]
e) Give one advantage and one disadvantage of each of the following biometric
technologies
i. Hand geometry [2mks]
ii. Voice recognition [2mks]
iii. Face recognition [2mks]
iv. Signature [2mks]
v. Iris
[2mks]
f) Briefly describe the following computer security policies
i. Information flow policy [1mks]
ii. Confidentiality policy [1mks]
iii. Integrity policy [1mks]
g) When someone breaks into the computer system, that person takes advantage of
lapses in management, ………….., and …………… [2mks]
h) Decipher the following cipher text which was enciphered using the Caesar Cipher
i. TEBKFKQEBZLROPBLCERJXKBSBKQP [3mks]
ii. VHFUHW [2mks]
i) State and describe the three components of auditing system [3mks]
j) Describe the advantages of biometric encryption [6mks]
QUESTION TWO [20MKS]
a) Specific design principles underlie the design and implemention of mechanism for
supporting security policies. These principles built on the ideas of, ………….,
and…….
[2mk]
b) Briefly discuss four design principles for security mechanism [8mks]
c) Explain the following terms
i. Digital certificate
[2mks]
ii. Cryptosystem [2mks]
iii. Digital signature [2mks]
iv. Delay [2mks]
v. Revocation of Rights [2mks]
QUESTION THREE [20MKS]
a) You have been hired as a system administrator. You have received a hard disk from
your vendor for your new computer operating system. If you install it, what are some of
the assumption that you may make to improve the security of your system? [4mks]
b) Identify three basis of trust [3mks]
c) Research Into Secure Operating System (RISO) was prepared to aid in understanding
security issues in operating system and determine the level of effort to enhance their
system security. Identify the flaws according to RISOS [7mks]
d) Password guessing is the simplest attack against a password based authentication
system. In line with this statement:
i. State the Anderson’s formula [2mks]
ii. Let the passwords be composed of characters drawn from alphabets of 36
characters. Assume that one million guesses can be tested each minute. The
probability is 0.2 over a period of 180 day period. What is the minimum
password length that will give this probability [4mks]
QUESTION FOUR [20MKS]
a) Highlight the types of Audits [4mks]
b) Threat is a potential violation of security. Briefly explain the possible threat classes to
computer system [4mks]
c) Briefly describe the following audit stages
i. Preparing the audit [3mks]
ii. Gathering Evidence [3mks]
iii. Performing Audit test [3mks]
iv. Reporting the Results [3mks]
QUESTION FIVE [20MKS]
Highlight the ethical principles that affect IT professionals [4mks]
If one suffer loss through the breach of the Law of Confidence, what are the remedies
available [6mks]
State and explain the phases of best practice in business continuity planning [10mks]
More Question Papers
Popular Exams
Return to Question Papers