Scribd Logo
Upload

Welcome to Scribd!

  • University of Mauritius: Faculty of Law and Management

    Uploaded by

    Deep Shi
    15 views3 pages

    Original Title

    CSE3216-5-2014-2

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    15 views3 pages

    University of Mauritius: Faculty of Law and Management

    Uploaded by

    Deep Shi

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    UNIVERSITY OF MAURITIUS

    FACULTY OF LAW AND MANAGEMENT

    SECOND SEMESTER EXAMINATIONS

    MAY/JUNE 2014

    PROGRAMME BSC (HONS) MANAGEMENT (MINOR : BUSINESS INFORMATICS) –

    LEVEL III

    MODULE NAME INFORMATION SYSTEM SECURITY

    DATE Friday MODULE CODE CSE 3216(5)

    23 May 2014

    TIME 13:30 – 15:30 DURATION 2 Hours

    Hours

    NO. OF NO. OF QUESTIONS


    4 4
    QUESTIONS SET TO BE ATTEMPTED

    INSTRUCTIONS TO CANDIDATES

    This paper consists of FOUR Questions.

    Answer ALL Questions.


    INFORMATION SYSTEM SECURITY – CSE 3216(5)

    Question 1

    (a) The following refer to properties of data which need to be preserved, briefly
    describe each of them.

    (i) Confidentiality
    (ii) Integrity
    (iii) Availability
    [3*2 marks]

    (b) With reference to the terms listed in part (a), briefly describe how these
    properties are preserved during data transmission. [6 marks]

    (c) Discuss two properties of Hash functions. [4 marks]

    (d) Elaborate on the importance of hash functions in the distribution of software


    over the Internet. [5 marks]

    (e) Differentiate between Cryptanalysis and Decryption. [4 marks]

    Question 2

    (a) Using a table, compare and contrast the following categories of cryptosystems:
    Symmetric, Asymmetric and Hybrid Cryptosystems. [6 marks]

    (b) Explain the steps involved in the RSA Encryption Algorithm. [6 marks]

    (c) With the aid of a suitable block diagram show how DES work. [7 marks]

    (d) Elaborate on two methods which can be used to make statistical analysis of
    cipher text harder. [6 marks]

    Question 3

    (a) Biometrics are increasingly common as an authentication mechanism. List and


    describe 4 properties of biometric features which make them usable for
    authentication purposes. [6 marks]

    (b) With the aid of 2 well-labeled diagrams explain how biometrics systems operate
    in :

    (i) Verification Mode


    (ii) Identification Mode
    [4 marks]
    Page 1 of 2
    INFORMATION SYSTEM SECURITY – CSE 3216(5)

    Question 3 (continued)

    (c) False Acceptance Rate (FAR) and False Rejection Rates (FRR) are metrics used in
    the efficiency of Biometric Readers. Describe each of these metrics and provide
    one application where a system with a FRR is more desirable then one with a
    high FAR. [3 marks]

    (d) With the help of a properly labeled graph, explain how the optimal sensitivity of
    a Biometric System can be determined. [2 marks]

    (e) Provide a brief description of the 4 components of Computer Forensic


    Procedures. [4 marks]

    (f) Firewalls are important components to guarantee security in Computer


    Networks. Explain what firewalls are and how they operate. [6 marks]

    Question 4

    (a) Explain the purpose of an Information Security System Policy (ISSP) document
    and why it is usually called a 'living document'. [5 marks]

    (b) Describe 4 key components which should be present and elaborated upon in an
    ISSP document. [10 marks]

    (c) Discuss about five barriers to the effective implementation of the ISSP in an
    organisation. [10 marks]

    - END OF QUESTION PAPER -

    Page 2 of 2

    You might also like