CST235/CSM335, SEM II, 2022-2023 | Assoc Prof Dr Aman Jantan

PRINCIPLES OF COMPUTER NETWORKS AND INFORMATION SECURITY

SEMESTER II 2022/2023

ASSIGNMENT 1 (10%)

CLO:

CLO4 Justify the use of various technologies, as well as the practice PO6 A3 EM2
of proper principles and ethics for the development of network
systems and information security.

KEY OBJECTIVES:

# DESCRIPTION
1 Propose appropriate solutions to the problem(s) based on the principles of information
security.
2 Justify the use of information security technologies as the solutions.

QUESTIONS:

1. In cybersecurity, the CIA refers to the CIA triad, a vision that concentrates on the balance
between the confidentiality, integrity, and availability of data under the protection of
your information security structure. The objective of the triad is to help institutions construct
their security strategy and develop policies and controls while also conforming as a
foundational starting point for any unknown use cases, products, and technologies..
Assume that a security model is needed for protection of information in your class. Using
the NSTISSC model,
i) examine each of the cells which are related to confidentiality and
ii) write a brief statement on how you would address the the related components
represented in that cell.
(20/100)

1
 CST235/CSM335, SEM II, 2022-2023 | Assoc Prof Dr Aman Jantan

2. (a) What are the three types of password attacks?

(12/100)

(b) What can a systems administrator do to protect against them?

(8/100)

3. (a) What are the three general categories of unethical and illegal behavior?
(12/100)

(b) What is the best method for preventing an illegal or unethical activity?
Give an example.
(8/100)

4. (a) What is the difference between a policy, a standard, and a practice?

(4/100)
(b) What are the three types of security policies and where would each be used?
(4/100)
(c) What type of policy would be needed to guide use of the
(i) Web?
(ii) E-mail?
(iii) Office equipment for personal use?
(12/100)

5. (a) What is physical security?

(4/100)
(b) What are the primary threats to physical security?
(4/100)
(c) ©How are they manifested in attacks against the organization?
(12/100)

2
 CST235/CSM335, SEM II, 2022-2023 | Assoc Prof Dr Aman Jantan

INSTRUCTIONS

1. For questions that require explanation, please try to answer each question in about 300 -
500 words only.
2. The answer script must be submitted in pdf format, with a new page for each question.
3. Use the provided submission link in the eLearning.
4. Name the pdf file sent in the following format:

NO_MATRIX-COURSE_CODE-ASSG1-Date

For example:

212742-CST235-ASSG1-07062022

SUBMISSION DEADLINE:

5. Week 5 (at the end of week 5). Check the submission link in the eLearning.
6. Due date for this assignment is Sunday 30th April 2022, 23:59:59. No extension will
be given. Please submit earlier than the deadline.