Bct2306:Computer Security Question Paper
Bct2306:Computer Security
Course:Computer Technology
Institution: Meru University Of Science And Technology question papers
Exam Year:2010
QUESTION ONE – 30 MARKS
a. Define the following terms: (6 Marks)
i. Computer security
ii. Threat
iii. Vulnerability
b. Distinguish the following terms: (6 Marks)
i. Passive attacks and active attacks
ii. Masquerade and denial of service
iii. Logic bomb and Trojan horses
c. What is intrusion detection? (2 Marks)
d. Discuss the following intrusion detection methods. (6 Marks)
i. HIDS
ii. Signature based
iii. Anomaly based
e. Describe the following terminologies. (6 Marks)
i. Hash function
ii. Message digest
iii. Security policy
f. Discuss four problems with password. (4 Marks)
2
QUESTION TWO – 20 MARKS
Discuss the following computer security goals and provide control mechanisms: (20 Marks)
i. Confidentiality
ii. Integrity
iii. Authentication
iv. Availability
v. Non-repudiation
QUESTION THREE – 20 MARKS
Write short notes on the following encryption systems. (20 Marks)
i. Secrete key
ii. DES
iii. RSA
iv. Public Key
QUESTION FOUR – 20 MARKS
a. What is the principle of least privilege? Why is it important? (4 Marks)
b. Explain five threats which are posed by malicious software on a network. (10 Marks)
c. Which is generally safe (from a security point of view), a firewall with a default deny policy or a firewall
with a default allow policy? Why? (6 Marks)
QUESTION FIVE – 20 MARKS
a. Explain how digital signatures work. Why are hash functions used in digital signatures? Can they be
attacked? How? (10 Marks)
b. Describe two fundamentally different conceptual approaches that can be used for user authentication.
(8 Marks)
c. What is the difference between a virus and a worm? What do they have in common? (2 Marks)
More Question Papers