Академический Документы
Профессиональный Документы
Культура Документы
Duration: 2 Hours
September 2017
Model Paper
Instructions to candidate:
This paper contains 4 questions. Answer all questions.
Total marks: 100.
This paper contains 4 pages including cover page.
Question 1 : Introduction to Computer Security (25 marks)
a) What is the difference between inside attacks and outside attacks security
attacks? Give one example of each attack.
[4marks]
b) Describe following objective of computer security.
i). Confidentiality
ii). Integrity
iii).Availability
[6 marks]
d) A comprehensive security strategy involves three aspects. Sate those three aspects.
[3 marks]
a) List four properties a hash function must have to be useful for message
authentication.
[4 marks]
b) Explain the importance of generating a unique digital signature for each digital
message rather than using the same signature for all messages.
[4 marks]
2
c) Describe the main differences between Substitution cipher encryption and
transposition cipher.
[4 marks]
e) What is the relationship between trust of the certificate and certificate class in
digital certificates?
[2 marks]
a) Describe three main malware propagations. Give one malware example for each
type of propagation.
[6 marks]
b) Describe each of the following types of malware.
Spyware
Adware
Keyloggers
Rootkit
[4 marks]
c) Describe the main differences among the four generations of antivirus software.
[8 marks]
d) Briefly discuss the following requirements that needs to be satisfied for effective
countermeasure against malwares.
[3 marks]
i). Minimal denial of service cost
ii). Transparency
iii).Global and local coverage
3
Question 4 : Security in conventional operating systems (25 marks)
a) Linux stores hashed passwords and a salt value for better security. Describe how
the system stores and verifies a password.
[5 marks]
b) Access control is a critical element in computer security. Describe three main
objectives of access control with respect to computer security.
[6 marks]
c) Workstation Specific account attacks are one of the vulnerabilities of using
password authentication in which the attacker keeps guessing the password of a
specific ID. Give two possible countermeasures to address the vulnerability.
[4 marks]
d) List three advantages and three disadvantages of Single Sign-On (SSO) systems.
[6 marks]
e) Write down one example for each means of authentication given bellow.
[4 marks]
i). Something the individual knows:
ii). Something the individual possesses:
iii).Something the individual is:
iv). Something the individual does: