Get premium membership and access revision papers, questions with answers as well as video lessons.

Sit 302 : Information System Security  Question Paper

Sit 302 : Information System Security  

Course:Information And Communication Technology

Institution: Kenyatta University question papers

Exam Year:2010



KENYATTA UNIVERSITY
UNIVERSITY EXAMINATIONS 2008/2009
INSTITUTE OF OPEN LEARNING
EXAMINATION FOR THE DEGREE OF BACHELOR OF SCIENCE IN
INFORMATION TECHNOLOGY

SIT 302 :
INFORMATION SYSTEM SECURITY
=================================================================
DATE: THURSDAY 18TH FEBRUARY 2010
TIME: 8.00 A.M. – 10.00 A.M.

INSTRUCTIONS
Answer Question ONE and TWO Questions.

Question One

a)
Define the following terms:

i)
Security

ii)
Integrity
iii)
Risk
iv)
Logic bombs
v)
Backup






(5 marks)

b)
State and explain the five major goals of information security.
(10 marks)
c)
Why is information referred to as a strategic resource?

(2 marks)
d)
State and explain five controls that are suitable for database and files.
(10 marks)
e)
Explain why computer crime is referred to as white collar crime.
(3 marks)


Page 1 of 2

Question Two
a)
Identify any three risks to hardware and physical security techniques that can be put

in place to offer protection.





(6 marks)

b)
State and explain any three factors to be considered when developing any security

controls to ensure that they are cost-effective.



(6 marks)

c)
List any three physical security techniques that one can put in place to protect the

outputs.








(3 marks)

Question Three
a)
Identify any three risks to applications and data.



(6 marks)
b)
State and explain any three processing controls.



(6 marks)
c)
A detailed recovery contains three aspects. List these three aspects.
(3 marks)

Question Four
a)
i)
Define the term encryption

ii)
Differentiate between plaintext and ciphertext.


(3 marks)

b)
What do you understand by the term digital signature and how does it differ from

electronic signature.






(6 marks)
c)
Briefly explain the term digital certificate. State the parts of a digital certificate.











(6 marks)

Question Five
a)
Define the term computer fraud giving an example.


(3 marks)
b)
State and explain any three measures that one can put in place to minimize the risk of

unauthorized access.






(12 marks)
Page 2 of 2




More Question Papers

Enhance your teaching with our comprehensive Schemes of Work and Notes!

Popular Exams

Return to Question Papers    

© 2008-2024 by KenyaPlex.com. All Rights Reserved | Home | About Us | Contact Us | Copyright | Terms Of Use | Privacy Policy | Advertise