Get premium membership and access revision papers, questions with answers as well as video lessons.

Sit 302 Question Paper

Sit 302 

Course:Bachelor Of Science In Information And Technology

Institution: Kenyatta University question papers

Exam Year:2011




KENYATTA UNIVERSITY
UNIVERSITY EXAMINATIONS 2010/2011
SECOND SEMESTER EXAMINATION FOR THE DEGREE OF BACHELOR OF
SCIENCE (INFORMATION TECHNOLOGY)
SIT 302: INFORMATION SYSTEM SECURITY

DATE: Thursday 7th July, 2011

TIME: 2.00 p.m. – 4.00 p.m.
________________________________________________________________________
INSTRUCTIONS
Answer Question ONE and any other Two Questions

Question One (30 marks)
(a)
Define the following terms:
(i)
Integrity
(ii)
Authenticity
(iii)
Availability
(iv)
Confidentiality
(v)
Non-repudiation





(5 marks)
(b)
State and explain the four steps involved in the auditing process of an information
systems security.






(8 marks)
(c)
With aid of a suitable diagram explain the term defense in depth (5 marks)


(d)
State and explain the four characteristics of a good security policy document.

(8 marks)
(e)
Explain the following ethical philosophies:
(i)
Natural law
(ii)
Respect for persons




(4 marks)
Question Two (20 marks)
(a)
Explain why it is important to put into consideration the aspect of security in
information System Development Life Cycle.


(5 marks)

Page 1 of 2

(b)
In system development the System Development Life Cycle (SDLC), Implementation
is one the phases. In the light of this cycle discuss briefly what security issues are
involved in the acquisition and development phase.


(15 marks)
Question Three (20 marks)
(a)
Define the term:
(i)
Risk impact
(ii)
Risk exposure





(4 marks)
(b)
Explain in details what is involved in the risk analysis process.
(6 marks)
(c)
Explain five reasons that support the use of risk analysis as a tool in preparation for
creating a security plan





(10 marks)
Question Four (20 marks)
(a)
Explain the phases of audit process:
(i)
Audit planning and preparation
(ii)
Audit Objectives
(iii)
Performing the review
(iv)
Issuing the review report
(8 marks)
(b)
Suppose that you have been appointed as chief security officer with an organization.
You have been given the task of carrying out an audit on the information security
systems of the organization. Describe how you will go about in carrying out the task.
(12 marks)
Question Five (20 marks)
(a)
Explain the following terms:
(i)
Copyright
(ii)
Patent
(iii)
Trademark






(6 marks)
(b)
For any work to qualify for copyright it must meet the three criteria. State and
explain these three criteria’s.




(6 marks)
(c)
State and explain any four limitations on the rights that patent holder faces.
(8 marks)
…………………..
Page 2 of 2




More Question Papers

Enhance your teaching with our comprehensive Schemes of Work and Notes!

Popular Exams

Return to Question Papers    

© 2008-2024 by KenyaPlex.com. All Rights Reserved | Home | About Us | Contact Us | Copyright | Terms Of Use | Privacy Policy | Advertise