|
(a) Other than the access control, identify
any three ways from which protection against software vulnerabilities
can be achieved. [3]
Any three of the following: (1 mark each)
- Use all software with full understanding of its potential threats
- Don’t use software from dubious sources
- Be suspicious of all results
- Maintain periodic complete backups of all system resources
(b) Identify four ways in which link
encryption and end-to-end encryption differ. [4]
With link encryption, the message is exposed
in intermediate nodes,
whereas with end-to-end encryption the message is encrypted at
intermediate nodes. (1 mark)
Link encryption is invisible to the user, whereas it is the user that
applies end-to-end encryption. (1 mark)
Link encryption is implemented in hardware, whereas end-to-end
encryption is implemented in software. (1 mark)
Link encryption, requires one key per host pair, whereas end-to-end
encryption requires one key per user pair. (1 mark)
(c) Explain any two security concerns
involved in wireless communication. [4]
- Signals are available in air, (1 mark)
any party with appropriate equipment can listen into
communication and able to retrieve information (1 mark)
- Signals are subject to natural interference, (1 mark)
such as rainfall and wind (1 mark)
(d) Identify any two benefits of preventing
unauthorised users or intruders from
obtaining physical access to a computer system. Classify each benefit
according to the nature of risk involved. [4]
- Prevent a malicious individual glancing
at a terminal screen, (1 mark)
it is associated with external information theft (1 mark)
- Avoid direct vandalism of some hardware components, (1 mark)
it is associated with External abuse of resources (1 mark)
|