 |
SSS811S - SECURE SYSTEMS - 1ST OPP - JUNE 2025 |
|
|
1 Page 1 |
▲back to top |
nAm I Bl A UnlVERSITY
OF SCIEnCEAnDTECHnOLOGY
Facultyof Computingand
Informatics
Schoool f Computing
Departmentof Software
Engineering
13lucksonKaujeuaStreet
PrivateBag13388
Windhoek
NAMIBIA
T: •26~ 612072052
r: •264 61201 9052
E: dsc@)nust.na
W: www.nust.na
DEPARTMENTOF SOFTWAREENGINEERING
QUALIFICATIONB: ACHELOROF COMPUTERSCIENCE(HONSSOFTWAREDEVELOPMENT)
QUALIFICATIONCODE:08BCHS
LEVEL:8
COURSES: ECURESYSTEMS
COURSECODE:SSS811S
DATE:JUNE 2025
SESSION:THEORY
DURATION:3 HOURS
MARKS: 100
FIRSTOPPORTUNITYEXAMINATIONQUESTIONPAPER
EXAMINER(S)
DR ARPIT JAIN
MODERATOR:
MR VUYOLWETHUMDUNYELWA
THEQUESTIONPAPERCONSISTSOF 2 PAGES
(Including this front page)
INSTRUCTIONS
1. Answer ALL the questions.
2. Write clearly and neatly.
3. In answering questions, be guided by the allocated marks.
4. Number your answers clearly following the numbering used in this
question paper.
PERMISSIBLEMATERIALS
1. None
1
|
|
2 Page 2 |
▲back to top |
Question 1
(a) What is Cyber Kill Chain? Explain the attack example for each stage of the Cyber kill Chain with
the examples of defence techniques.
[10 Marks]
(b) How do the threat actors carry out their attack? Explain the attack methods.
[10 Marks]
Question 2
(a) How can organisations design effective frameworks to identify, manage, and mitigate insider
risks?
[10 Marks)
(b) While implementing the least privilege model, what are the best practices that need to be
followed?
[10 Marks)
Question 3
(a) What are the key characteristics that all changes should possessto remain effective, secure, and
sustainable in such a dynamic landscape?
[10 Marks)
(b) In a world where technology, threats, and business needs are constantly evolving, how can you
architect your infrastructure and operational processesto remain responsive and adaptive to
inevitable changes?
[10 Marks]
Question 4
(a) What kinds of incidents or errors require a recovery process?
(b) What are the common motivations behind cyberattacks?
[10 Marks)
[10 Marks]
Question 5
(a) Define Trojan Horse and its multi-stage lifecycle to achieve its objective.
[OS Marks)
(b) For each of the stages, suggest one specific defence mechanism that could prevent, detect, or
respond to the attack.
[OSMarks]
(c) Define the term blast radius in the context of securing the systems.
[OSMarks]
(d) Explain the key strategies to control and reduce the blast radius during a security breach.
[OSMarks]
---------------- END OF EXAMINATION----------------
2