Professional Documents
Culture Documents
MAY/JUNE 2014
LEVEL III
23 May 2014
Hours
INSTRUCTIONS TO CANDIDATES
Question 1
(a) The following refer to properties of data which need to be preserved, briefly
describe each of them.
(i) Confidentiality
(ii) Integrity
(iii) Availability
[3*2 marks]
(b) With reference to the terms listed in part (a), briefly describe how these
properties are preserved during data transmission. [6 marks]
Question 2
(a) Using a table, compare and contrast the following categories of cryptosystems:
Symmetric, Asymmetric and Hybrid Cryptosystems. [6 marks]
(b) Explain the steps involved in the RSA Encryption Algorithm. [6 marks]
(c) With the aid of a suitable block diagram show how DES work. [7 marks]
(d) Elaborate on two methods which can be used to make statistical analysis of
cipher text harder. [6 marks]
Question 3
(b) With the aid of 2 well-labeled diagrams explain how biometrics systems operate
in :
Question 3 (continued)
(c) False Acceptance Rate (FAR) and False Rejection Rates (FRR) are metrics used in
the efficiency of Biometric Readers. Describe each of these metrics and provide
one application where a system with a FRR is more desirable then one with a
high FAR. [3 marks]
(d) With the help of a properly labeled graph, explain how the optimal sensitivity of
a Biometric System can be determined. [2 marks]
Question 4
(a) Explain the purpose of an Information Security System Policy (ISSP) document
and why it is usually called a 'living document'. [5 marks]
(b) Describe 4 key components which should be present and elaborated upon in an
ISSP document. [10 marks]
(c) Discuss about five barriers to the effective implementation of the ISSP in an
organisation. [10 marks]
Page 2 of 2