Академический Документы
Профессиональный Документы
Культура Документы
Tuesday
DATE MODULE CODE CSE3216(3)
14 May 2019
INSTRUCTIONS TO CANDIDATES
a) Explain the above highlighted words giving one example for each.
[9 marks]
b) Describe the three keys areas used to evaluate the information security in an
organization.
[9 marks]
c) One of the threats to Information Systems is the Denial of Service attack (DOS). Using a
diagram explain the DOS attack.
[5 marks]
b) Elaborate on two benefits of having a Business Continuity Plan and Disaster Recovery
Plan in an organization.
[6 marks]
d) Explain two types of threat faced by organizations against their information systems
security.
[6 marks]
Page 1 of 2
Information Systems Security – CSE3216(3)
b) Differentiate between segregation of duties, job rotation and least privilege concept in
operations security.
[6 marks]
c) Explain the difference between a Discretionary Access Control and Mandatory Access
Control.
[7 marks]
a) Explain the operation of a biometric system in verification mode. Use block diagrams to
simplify the steps.
[8 marks]
b) Differentiate between
Page 2 of 2