April
1999 QUESTION 4 Total Marks: 20 Marks |
Click here to access other
questions
GRADE A
|
| (a) | List two types of attack which are possible over communication lines. | [2] |
| One such attack is
receipt of a message from a masquerading sender. Another attack is the disclosure of
information to an unauthorized individual.
|
||
| (b) | Describe the security considerations associated with twisted pair and coaxial cable. | [4] |
| Twisted pair and
coaxial are both prone to wiretapping. An intruder can slice off the jacket and intercept
the message. The intruder can listen, tapping the message, recording it and play it back
later. Another area of security problem of twisted pair and coaxial is that the junction
boxes are points of vulnerabilities. A malicious individual can tap into the junction box
to tap the transmission.
|
||
| (c) | (i) List two services provided by a firewall. | [2] |
| One service provided
by a firewall is to prevent unauthorized interactive login from the outside world. Another service provided by a firewalls that is is a checkpoint where security and control functions can be imposed.
|
||
| (ii) List two drawbacks associated with firewalls. | [2] | |
| One drawback of a
firewall is that it cannot protect against viruses. Another drawback of a firewall is that
it cannot protect against data-driven attack.
|
||
| (d) | Describe how biometrics devices are used to provide positive identification. | [2] |
| Biometrics devices
works on the concept of something you are. It deals with the physiological or behavioral
traits of a person. The biometrics system has a database that contains records of a
person's physiological or behavioral traits depending on the devices used. n authorized
individual's traits are scanned in by the device. This information is read and translated;
and matched against the database. If a match is found, the person is authorized.
|
||
| (e) | Describe how each of the following provide access control services. | [2] |
| (i) Access control lists. | [2] | |
| An access control
lists contains a set of accounts, individuals, or processes with the associated level of
access for each. Base on this list maintained, appropriate level of restrictions can be
imposed. Hence, access is controlled.
|
||
| (ii) Logical networking controls. | ||
| In logical networking
controls, individuals, resources are separated into logical groups of subnetworks. An
access level or different access rights are imposed on each subnetwork. Individuals have
access and restriction based on which subnetwork that they belong to.
|
||
| (f) | Describe two forms of non-repudiation service. | [4] |
| There are two forms of
non-repudiation service. One form is non-repudiation with proof of origin. This service allow to verify that the identity of the origin is authentic. The other form is non-repudiation with proof of delivery. This service ensures that the message is delivered to the intended recipient.
|