Bit 3102 Information System Security And Cryptography (Weekend) Question Paper

Bit 3102 Information System Security And Cryptography (Weekend) 

Course:Bachelor Of Science In Information Technology

Institution: Kca University question papers

Exam Year:2014



1
UNIVERSITY EXAMINATIONS: 2013/2014 ORDINARY EXAMINATION FOR THE BACHELOR OF SCIENCE IN INFORMATION TECHNOLOGY BIT 3102 INFORMATION SYSTEM SECURITY AND CRYPTOGRAPHY (WEEKEND) DATE: APRIL, 2014 TIME: 2 HOURS INSTRUCTIONS: Answer Question ONE and any other TWO QUESTION ONE
a) Define the following terms as used in security of Information Management systems
[6 Marks] i). An exposure ii). A Vulnerability ii). Threats
b) Public key infrastructure PKI manages public keys automatically through
the use of public certificates. State and describe the Functional roles of PKI entities [10 Marks]
c) A plain-text produced the following cipher-text, when Caesar cipher used
with (+5 ) key. Decipher the cipher-text [6 Marks] Cipher: QJY RD UJTUQJ LT
d) Briefly explain the following security services as used to provide protection to
business information system resources [8 Marks] i. Data confidentiality ii. Data integrity iii. Authentication
iv. Availability
2
QUESTION TWO
a) Define symmetric-key cryptography and describe five ingredients of a symmetric
encryption scheme [7 Marks]
b) Describe five roles of firewalls in computer security [5 Marks]
c) State and briefly explain 4 components of a good security policy for protecting an organization’s technology and information assets. [8 Marks]
QUESTION THREE
a) In computing, authentication mechanisms use any of three user qualities “something the user has”, “something the user knows”, “or “something the user is”. Explain each giving examples. [6 Marks]
b) Differentiate stream cipher from block cipher stating an example of each. [4 Marks]
c) Explain the desirable characteristics of Intrusion Detection System [10 Marks]
QUESTION FOUR
a) Differentiate the following methods of breaking ciphers: [8 Marks]
i. Cipher text only attack
ii. Known plain text attack
iii. Chosen plain text attack
iv. Chosen cipher text attack
b) Distinguish between symmetric and asymmetric cryptosystems and describe the
conditions which the public key cryptography must meet. [6 Marks]
c) Explain the vulnerabilities associated with password [6 Marks]
QUESTION FIVE
a) Risk analysis of an information management system involves the evaluation of system assets and their vulnerabilities to threats. Outline the five steps undertaken in risk analysis. [10 Marks]
b) Describe five common threats to both a computer system and the data being
processed. [10 Marks]






More Question Papers


Exams With Marking Schemes

Popular Exams


Mid Term Exams

End Term 1 Exams

End Term 3 Exams

Opener Exams

Full Set Exams



Return to Question Papers