Scribd
Upload
31 views2 pages

Information Security (June2024)

Uploaded by

Steven Mbewe
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
31 views2 pages

Information Security (June2024)

Uploaded by

Steven Mbewe
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

INEORM ATION ANID COMMUNICATIONS UNIVERSrry

END OF SEMESTEREXAMINATION

Course Fundamentals of Information Security


Time Allowed 3 Hours
Date of ENamination : June 2024

Marks 60

INSTRUCTIONS

1. Please write asclearly as possible as illegible handwriting cannot be marked.


2. Number the answers to the questions clearly before answering
3. Follow instruction in each section
SECTION A: Answer all

1. Study the diagram below and answer the questions that follow.

Secret Same Key Secret


Key Key

A4$h*L@9.
T6=#/>B#1
Fncryption RO6/J2.>11 Decryption
1PRL39P20

Plaín Text Cipher Text Plain Text

a) Define encryption according to what youhave learnt in this course.


b) What type of encryption algorithm is shown in the diagram above? Give
areason for your answer.
c) With the mention of the keys involved, describe briefly how the above
pictured encryption type is achieved.
d) With relevant examples, show how substitution and transposition
techniques add security during communication.
2. The CIA Triad is a security model that
highlights key data security
objectives and serves as a guide for organizations in protecting sensitive
data from unauthorized access and data
exfiltration.
a) Discuss the CIA Triad model. oninart
b) What is required for a security expert to do to
ensure availability of
information?
c) How does access control help maintain the CIA Triad?
d) Define data Exfiltration with practical examples.
e) What is meant by non-repudiation in information security and why is
it important.

SECTION B: Answer All


1. Define Steganography.
2. What are the two main types of cryptography?
3. What is hashing? State any 3 hashing algorithms you have learnt.
4. What does AAA stand for in information security?
5. Define the following terms;
a) An exploit
b) A Vulnerability
c) A threat
6. Explain the 3 types of hackers.
7. What is a DDoS attack?

8. State any 3 threats to the cyberspace.


9. Define foot printing.
10. List the 5 phases involved in ethical hacking.
SECTION C: Answer any 3 questions

1. With the help ofa sketch diagram,describe howthesuccess of one hacking


phase is dependent on the previous counterpart.

2. Describe twointrusion detection techniques you have learnt inthis course.


What advantages lie in deploying both on the network infrastructure?

3. Compare substitution and transposition encryption techniques with an


exampleof a cipher for each technique.
4. In reference to the three password cracking techniques you have learnt,
show exactly how each arrives at a password with relevant examples.

You might also like