 |
AIL811S - ADVANCED INTRUSION AND LOG ANALYSIS - 1ST OPP - JUNE 2023 |
|
|
1 Page 1 |
▲back to top |
nAmlBIA untVERSITY
OF SCIEnCE Ano TECHnOLOGY
FACULTY OF COMPUTING AND INFORMATICS
DEPARTMENT OF CYBERSECURITY
QUALIFICATION:BACHELOR OF COMPUTER SCfENCE(HONS DfGfTAL FORENSfCS)
QUALIFICATIONCODE: 08 BHDS
LEVEL:8
COURSE:ADVANCED INTRUSfON AND LOG ANALYSIS
COURSECODE: AIL811S
DATE: JUNE 2023
SESSION:THEORY
DURATION: 2 HOURS 30 MINUTES
MARKS: 70
EXAMINER(S)
FIRSTOPPORTUNITYEXAMINATION QUESTIONPAPER
DR ATTLEE M. GAMUNDANI
MODERATOR:
MR NDANGI NASHIKU
THIS QUESTIONPAPERCONSISTSOF 2 PAGES
(excluding this front page)
INSTRUCTIONS
1. Answer ALL the questions.
2. Write clearly and neatly.
3. In answering questions, be guided by the allocated marks.
4. Number your answers clearly following the numbering used in this
question paper.
1. None
PERMISSIBLEMATERIALS
|
|
2 Page 2 |
▲back to top |
Question 1
[10 Marks]
A user in your organisation has accidentally deleted an important file, and you need to recover
the data.
(a) What tools and techniques do you use to recover the file?
(b) How do you prevent similar incidents from occurring in the future?
Question 2
[10 marks]
A vendor has notified your organisation that a software vulnerability exists in one of the
applications you use.
(a) What steps do you take to patch the vulnerability?
(b) What steps do you take to prevent exploitation by attackers?
Question 3
[10 marks]
A user has reported receiving a phishing email, and you need to investigate the incident to
determine the scope of the attack.
(a) What steps do you take to investigate the email?
(b) How do you prevent similar attacks from occurring in the future?
Question 4
[10 marks]
An attacker has successfully exploited a vulnerability in your organisation's web application and
has gained access to sensitive data.
(a) What steps do you take to mitigate the attack?
(b) What steps do you take to prevent similar incidents from occurring in the future?
Question 5
[10 marks]
An employee has been terminated from your organization, and you need to ensure that their
access to company resources is immediately revoked.
(a) What steps do you take to ensure that the former employee's access is removed?
Page 2
|
|
3 Page 3 |
▲back to top |
Question 6
[10 marks]
Your organisation has recently experienced a ransomware attack, and critical data has been
encrypted.
(a) What steps do you take to recover the data and prevent similar incidents from occurring in
the future?
Question 7
[10 marks]
A security analyst has identified an unauthorised device on the company network.
(a) What steps do you take to investigate the device?
(b) How do you prevent unauthorised devices from accessing the network in the future?
*****ENDOFEXAMINATIOPNAPER*****
Page 3
|
|
4 Page 4 |
▲back to top |
nAmlBIA UnlVERSITY
OF SCIEnCE Ano TECHnOLOGY
FACULTYOF COMPUTING AND INFORMATICS
DEPARTMENT OF CYBERSECURITY
QUALIFICATION:BACHELOR OF COMPUTER SCIENCE(HONS INFORMATION SECURITY)
QUALIFICATIONCODE: 08 BHIF
LEVEL:8
COURSE:APPLIED CRYPTOGRAPHY
COURSECODE: APC811S
DATE: JUNE 2023
SESSION:THEORY
DURATION: 2 HOURS 30 MINUTES
MARKS: 70
EXAMINER(S)
MODERATOR:
FIRSTOPPORTUNITYEXAMINATION QUESTIONPAPER
DR ATTLEE M. GAMUNDANI
MR STANFORD MUSARURWA
THIS QUESTIONPAPERCONSISTSOF 2 PAGES
(Excluding this front page)
INSTRUCTIONS
1. Answer ALL the questions in Section A and Section B.
2. Write clearly and neatly.
3. In answering questions, be guided by the allocated marks.
4. Number your answers clearly following the numbering used in this
question paper.
1. None
PERMISSIBLEMATERIALS
|
|
5 Page 5 |
▲back to top |
SECTION A: 20 Marks [Answer all Questions]
Question 1: [10 Marks]
Scenario: You are a security analyst working for a government agency that needs to share classified
information with a foreign government.
(a) What type of encryption would you recommend for secure communication, and why?
[S marks]
(b) Discuss the potential legal and ethical implications of sharing classified information with a
foreign government.
[S marks]
Question 2: [10 Marks]
Scenario: You are a security consultant working for a multinational corporation that operates in
countries with different data protection laws.
(a) What factors would you consider when designing an encryption policy for the corporation?
[6 marks]
(b) How would you ensure compliance with different data protection regulations? [4 marks]
SECTION B: 50 Marks [Answer all Questions]
Question 3: [15 Marks]
Based on the foll~wing questions, identify a practical application of Cryptography and answer each
of the following questions precisely.
(a) What are the security requirements?
[4 marks]
(b) What are the application constraints which influence decision-making?
[2 marks]
(c) Which cryptographic primitives are deployed?
[2 marks]
(d) Which cryptographic algorithms and key lengths are supported?
[4 marks]
(e) How is key management conducted?
[3 marks]
Question 4: [15 Marks]
(a) Come up with practical examples that demonstrate the relationship between security services
provided by cryptography as outlined by the contrasting reviews below: -
i. Data Origin Authentication is a strong notion than Data Integrity.
[4 marks]
ii. Non-repudiation of a source is a stronger notion tha\\ Data Origin Authentication.
(\\
Page 2
|
|
6 Page 6 |
▲back to top |
(4 marks]
iii. Data Origin Authentication and Entity Authentication are different.
(4 marks]
(b) Complete the following table
(3 marks]
Symmetric Cryptosystem
Public-Key Cryptosystem
Relationship between Keys Encryption Key Decryption Key
Question 5: (20 MarksJ
(a) With detailE?dexplanations and clear workings, demonstrate how we may know how many bits
long a symmetric key should be, to guarantee a key space of at least one million.
(10 marks]
(b) How do stream ciphers and block ciphers differ in their response to errors? Please provide
examples of at least two specific errors and describe how the differences manifest in each case.
(6 marks]
(c) Stream ciphers have several attractive properties, which makes them the favoun:!d encryption
mechanism in several important applications. Identify and explain any two such attractive
properties.
(4 marks]
*****END OF EXAMINATION PAPER*****
Page 3