Scribd
Upload
12 views4 pages

Malware Analysis

malware analysis notes

Uploaded by

59yrn9qsmn
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12 views4 pages

Malware Analysis

malware analysis notes

Uploaded by

59yrn9qsmn
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Advanced Exam Paper: IT Audit and Security

Total Marks: 50

Time Allowed: 2 Hours

Section A: Multiple Choice Questions (10 Marks)


Each question carries 1 mark.

1. Which of the following best describes the concept of resilience in cybersecurity?

a. A system's ability to prevent all attacks

b. A system's ability to adapt, recover, and maintain operations during attacks

c. A system's reliance on firewalls and antivirus software

d. A system's adherence to compliance frameworks

2. When implementing Role-Based Access Control (RBAC), what is the most critical factor?

a. The number of roles created

b. Accurate mapping of roles to user responsibilities

c. Reducing system performance overhead

d. Automating role assignments

3. Which of the following would be the most effective measure to mitigate risks associated with

BYOD?

a. Disabling personal device usage

b. Using endpoint security and Mobile Device Management (MDM) tools

c. Allowing users to set their own security policies

d. Enforcing strict password requirements only


4. In penetration testing, which step is critical for ensuring that findings are actionable?

a. Conducting reconnaissance on the organization

b. Generating a detailed report with risk prioritization and mitigation recommendations

c. Exploiting every vulnerability detected

d. Avoiding communication with stakeholders until the test is complete

5. What is the main advantage of integrating AI-driven threat detection systems with traditional

firewalls?

a. Simplified network configurations

b. Predictive analysis for proactive defense against threats

c. Reduced need for encryption protocols

d. Eliminating human involvement in incident response

Section B: Short Answer Questions (10 Marks)


Each question carries 1 mark.

1. Explain how combining encryption and Role-Based Access Control (RBAC) enhances data

security.

2. How can risk assessments improve the effectiveness of a security policy?

3. Discuss the importance of user behavior analysis in preventing insider threats.

4. Why is it necessary to include third-party vendors in an organization's security audits?


5. Suggest strategies to mitigate human errors during incident response.

6. Describe how adaptive authentication mechanisms contribute to cybersecurity resilience.

7. Explain the role of a post-incident analysis report in improving future incident response plans.

8. How does cloud provider security certification (e.g., ISO 27001) impact organizational

compliance?

9. Suggest two innovative methods for improving physical security beyond CCTV and keycards.

10. Why is continuous monitoring essential in detecting zero-day vulnerabilities?

Section C: Scenarios (30 Marks)


Each scenario includes multiple questions.

1. **Scenario 1: Cloud Security and Compliance**

A company stores its critical financial data on a cloud platform. During a routine audit, it is

discovered that the cloud service provider lacks specific certifications for handling financial data.

**Questions:**

a. What risks does this pose to the organization? (2 Marks)

b. Suggest three steps the company should take to mitigate these risks. (3 Marks)

c. Propose a long-term strategy for ensuring compliance in cloud environments. (3 Marks)


2. **Scenario 2: Incident Response and Recovery**

A ransomware attack cripples a manufacturing company's operations, encrypting all production

data. The company has an incident response plan but has never conducted drills.

**Questions:**

a. What immediate actions should the organization take to contain the incident? (3 Marks)

b. How could the lack of incident response drills have contributed to the severity of the attack? (2

Marks)

c. Outline steps to improve the incident response plan post-attack. (3 Marks)

3. **Scenario 3: Insider Threat and Behavioral Analysis**

An employee with privileged access to critical systems has been behaving suspiciously, frequently

accessing sensitive files outside regular working hours. No security policy exists to address such

behavior.

**Questions:**

a. What potential threats does this situation pose to the organization? (2 Marks)

b. Suggest technical and non-technical measures to address and prevent such incidents. (3

Marks)

c. How can user behavior analytics tools help detect and mitigate insider threats? (3 Marks)

You might also like