| (a) |
Threats to system security can threaten confidentiality, integrity and availability. (i) Distinguish between these three categories of threat. [3 marks] (ii) Which category covers looking over the shoulder of the person at the terminal next to you and reading information on their screen? [1 mark] (iii) Which category covers an attack which swamps a network with millions of copies of the same email message? [1 mark] (iv) Which category covers a program that masquerades as a login screen, collecting user passwords? [1 mark] (v) Which category covers breaking in to a college administration computer and changing your academic record? [1 mark]
|
[7] |
| (b) |
Trojan horses, viruses and worms are three means of attacking computers by software. (i) Give an example of each means. [3 marks] (ii) What distinguishes trojan horses from viruses and worms? [1 mark] (iii) What distinguishes a virus from a worm?[1 mark]
|
[5] |
| (c) |
The RSA public-key cryptosystem uses
|
[3] |
| (d) |
Explain the similarities between written and digital signatures.
|
[5] |
| (e) |
Identify and give an example of three classes of means of proving one’s identity to an authentication system.
|
[3] |
| (f) |
What is meant by the term biometrics? State the most and the least secure biometric devices in use.
|
[3] |
| (g) |
What is the main objective of disaster recovery? Explain the different approaches used to achieve this objective. |
[4] |
mod
N for encryption, and 
mod
N for decryption. Which of E, D and N should be made public and which
kept secret, and why?