Bct2306:Computer Security Question Paper

Bct2306:Computer Security 

Course:Computer Technology

Institution: Meru University Of Science And Technology question papers

Exam Year:2011




QUESTION ONE – 30 MARKS
a. Define the following terms: (6 Marks)
i. Computer security
ii. Threat
iii. Vulnerability
b. Distinguish the following terms: (6 Marks)
i. Passive attacks and active attacks
ii. Masquerade and denial of service
iii. Logic bomb and Trojan horses
c. What is intrusion detection? (2 Marks)
d. Discuss the following intrusion detection methods. (6 Marks)
i. HIDS
ii. Signature based
iii. Anomaly based
e. Describe the following terminologies. (6 Marks)
i. Hash function
ii. Message digest
iii. Security policy
f. Discuss four problems with password. (4 Marks)
2
QUESTION TWO – 20 MARKS
Discuss the following computer security goals and provide control mechanisms: (20 Marks)
i. Confidentiality
ii. Integrity
iii. Authentication
iv. Availability
v. Non-repudiation
QUESTION THREE – 20 MARKS
Write short notes on the following encryption systems. (20 Marks)
i. Secrete key
ii. DES
iii. RSA
iv. Public Key
QUESTION FOUR – 20 MARKS
a. What is the principle of least privilege? Why is it important? (4 Marks)
b. Explain five threats which are posed by malicious software on a network. (10 Marks)
c. Which is generally safe (from a security point of view), a firewall with a default deny policy or a firewall
with a default allow policy? Why? (6 Marks)
QUESTION FIVE – 20 MARKS
a. Explain how digital signatures work. Why are hash functions used in digital signatures? Can they be
attacked? How? (10 Marks)
b. Describe two fundamentally different conceptual approaches that can be used for user authentication.
(8 Marks)
c. What is the difference between a virus and a worm? What do they have in common? (2 Marks)






More Question Papers


Popular Exams


Mid Term Exams

End Term 1 Exams

End Term 3 Exams

Opener Exams

Full Set Exams



Return to Question Papers