 |
SSS810S - SECURE SYSTEMS - 1ST OPP - JUNE 2022 |
|
|
1 Page 1 |
▲back to top |
nAmI BIAunIVE Rs ITY
OF SCIEn CE Ano TECHn OLOGY
Faculty of Computing and Informatics
Department of Computer Science
QUALIFICATION :
08BHIS- BACHELOROF COMPUTER SCIENCEHONOURS (INFORMATION SECURITY)
08BCHS- BACHELOROF COMPUTER SCIENCEHONOURS (SOFTWARE DEVELOPMENT)
QUALIFICATION CODE: 08BHIS; 08BHIS
LEVEL: 8
COURSE: Secure Systems
COURSE CODE: SSS810S
DATE: June 2022
SESSION: 1
DURATION: 2 hours
MARKS: 60
FIRST OPPORTUNITY EXAMINATION QUESTION PAPER
EXAMINER(S)
Mr. Mbaunguraije Tjikuzu
MODERATOR:
Mr. Ndangi Nashiku
THIS QUESTION PAPER CONSISTS OF 2 PAGES
(Excluding this front page)
INSTRUCTIONS
1. Answer ALL the questions.
2. Write clearly and neatly.
3. Number the answers clearly.
4. When answering questions you should be guided by the allocation
of marks. Do not give too few or too many facts in your answers.
PERMISSIBLE MATERIALS
1. None
|
|
2 Page 2 |
▲back to top |
Question 1
Accepting payment information introduces significant security and reliability considerations
for the system's design and organizational processes. Outline two (2) security and reliability
considerations you would consider when designing a system that accepts payment
information.
[4 marks]
Question 2
Outline three (3) costs reliability and security risks that can be introduced by outsourcing the
payment functionality of a system to a third party.
[6 marks]
Question 3
Differentiate between initial velocity and sustained velocity. How do the two (2) concepts
impact and influence the design of security and reliability in secure systems? [6 marks]
Question 4
Designing a system to be understandable, and maintaining that understandability over time,
requires effort. Outline three (3) reasons why understandability is important in secure system
design.
[6 marks]
Question 5
Explain what unmanaged complexity is? How does unmanaged complexity impact the
understandability of a system?
[4 marks]
Question 6
Outline two (2) disadvantages of allowing arbitrary rollbacks in a secure system design.
[4 marks]
Question 7
The Slashdot effect, also known as slashdotting, occurs when a popular website links to a
smaller website, causing a massive increase in traffic. This overloads the smaller site, causing
it to slow down or even temporarily become unavailable. This has the same effect as a denial-
of-service attack, albeit accidentally. To avoid these cascading failures, you can design your
system to instead degrade gracefully. Outline three (3) ways you can design your system to
respond by degrading gracefally.
[ 10 marks]
2
|
|
3 Page 3 |
▲back to top |
Question 8
Outline why it is important to consider the role of security when ranking services within an
organization in terms of criticality. ·
[4 marks]
Question 9
Outline at least three (3) advantages that automatic response to deteriorating conditions in a
system will have over human response/intervention.
[6 marks]
Question 10
Complexity often accumulates inadvertently, but this can lead to tipping-point situations
where a small and apparently innocuous change has major consequences for a system's
reliability or security. Outline and explain four (4) architecture decisions you can take to
make changes to your system easier?
[ 10 marks]
* **** ** * ** * * * ** * * * * *********END OF EXAM***********************************
3