Scribd
Upload
8 views

Scs 058 Computer System Security

This document outlines the examination details for the Computer System Security course at Murang’a University of Technology for the 2018/2019 academic year. It includes instructions for candidates, a breakdown of questions in two sections, and various topics related to computer security, such as virus phases, attacks, biometric systems, encryption tools, and risk analysis. The exam duration is 2 hours, and candidates are required to answer specific questions as per the instructions.

Uploaded by

brianshiaba33
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

Scs 058 Computer System Security

This document outlines the examination details for the Computer System Security course at Murang’a University of Technology for the 2018/2019 academic year. It includes instructions for candidates, a breakdown of questions in two sections, and various topics related to computer security, such as virus phases, attacks, biometric systems, encryption tools, and risk analysis. The exam duration is 2 hours, and candidates are required to answer specific questions as per the instructions.

Uploaded by

brianshiaba33
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

MURANG’A UNIVERSITY OF TECHNOLOGY

SCHOOL OF COMPUTINGAND INFORMATION


TECHNOLOGY
DEPARTMENT OF COMPUTER SCIENCE

UNIVERSITY ORDINARY EXAMINATION

2018/2019 ACADEMIC YEAR


THIRD YEAR FIRST SEMESTER EXAMINATION FOR DIPLOMA IN
INFORMATION TECHNOLOGY

SCS 058– COMPUTER SYSTEM SECURITY

DURATION: 2 HOURS

DATE: 26/4/2019
TIME: 9-11 A.M.

Instructions to candidates:

1. Answer question One and Any Other Two questions.


2. Mobile phones are not allowed in the examination room.
3. You are not allowed to write on this examination question paper.
Page 1 of 3
SECTION A: ANSWER ALL QUESTIONS IN THIS SECTION

QUESTION ONE (30 MARKS)

a) During its life cycle, a typical computer virus undergoes through 4 main phases.
Highlight these phases. (4marks)
b) State 3 kinds of attacks that can be used to compromise computer security. (3marks)
c) Biometrics security systems have been implemented to ensure authentication. Describe
what biometric system means and give three examples of biometric devices. (5marks)
d) Name three tools/softwares used for file encryption. (3marks)
e) Describe THREE ways that can be used to protect a computer against malicious soft
ware. (3marks)
f) The following are attacks launched on websites, explain what they are and how to secure
a website from both attacks. (4marks)
i) SQL injection
ii) Cross-site scripting
g) Firewalls play a major role in network security. Describe what a firewall is and give two
types / components of an ideal firewall. (4marks)
h) Differentiate between monoalphabetic and polyalphabetic substitution cipher
(4marks)
SECTION B – ANSWER ANY TWO QUESTIONS IN THIS SECTION

QUESTION TWO (20 MARKS)


a) State and explain the basic components of computer security (10marks)
b) Explain the relationship between vulnerability, threats and attacks as used in computer
security. (3marks)
c) Differentiate between patents and copyrights as used in computer systems security
(4marks)
d) State THREE examples of symmetric ciphers (3marks)

Page 2 of 3
QUESTION THREE (20 MARKS)
a) What are shortcomings of symmetric key cryptography? Describe at least three
(6marks)
b) With an aid of a diagram illustrate what is asymmetric (public key) cryptography
(5marks)
c) Digital signatures are used to ensure non-repudiation. Describe what they are and how
they work (3marks)
d) There are several classifications of viruses. Name and describe at least three
(6marks)

QUESTION FOUR (20 MARKS)


a) Risk analysis for computer security is adapted from more general management practices,
placing special emphasis on the kinds of problems likely to arise from security issues. By
following well defined steps, we can analyze the security risks in computing system.
Describe the steps involved in risk analysis. (12marks)
b) The key to a successful recovery after a security attack is adequate preparation. Data and
locally developed programs are more vulnerable because they cannot be quickly
substituted from another source. The following resources ensure the systems have been
reinstated. Briefly describe what each means. (8marks)
(i) Back – up
(ii) Off-site back up
(iii) Network storage
(iv) Cold site & Hot site

Page 3 of 3

You might also like