UNIVERSITY EXAMINATIONS: 2016/2017
EXAMINATION FOR THE DEGREE OF BACHELOR OF APPLIED
COMPUTING
BAC 2511 CYBER SECURITY
FULL TIME/PART TIME
DATE: AUGUST, 2017 TIME: 2 HOURS
INSTRUCTIONS: Answer Question One & ANY OTHER TWO questions.
QUESTION ONE [30 MARKS]
a) (i) Explain briefly why ethical hacking is necessary. 3 Marks
(ii) Outline the technical and non-technical skills of an ethical hacker 5 Marks
b) Differentiate between:
(i) Passive reconnaissance and active reconnaissance 2 Marks
(ii) Authenticity and Integrity 2 Marks
(iii) Suicide hackerand cyber terrorist 2 Marks
c) As a security professional, it may help you to defend against hackers and other
information security criminals if you recognize that they often consider their motivations
to be neither illicit nor unethical. Discuss any four ethics fallacies and their motivating
factors. 4 Marks
d) Discuss briefly any three major characteristics exhibited by most cyber criminals.
6 Marks
e) Explain briefly the three people involved in a cybercrime. 3 Marks
f) Explain any three common motives for committing cyber crimes 3 Marks
QUESTION TWO [20 MARKS]
a) With the aid of a diagram explain the procedure used by hackers in a typical botnet setup
10 Marks
b) With the aid of a diagram, outline the organized cyber crime organizational chart.
5 Marks
c) Explain the steps followed in creating a trojan to infect systems. 5 Marks
QUESTION THREE [20 MARKS]
a) Profilers draw inferences on about the criminal’s personality and other characteristics
based on what? 4 Marks
b) Explain any five responsibilities of an incident response team 5 Marks
c) Explain briefly the any five reasons why penetration testing is conducted 5 Marks
d) (i) What is a crimeware toolkit? 1 Mark
(ii) With the aid of a diagram, explain how the crimeware toolkit is used.
5 Marks
QUESTION FOUR [20 MARKS]
a) State any four myths about cybercriminals 4 Marks
b) Discuss briefly the activities in each of the phases of penetration testing. 6 Marks
c) What security issues arise from mobile App Stores? 4 Marks
d) (i) Discuss briefly what constitutes a computer crime. 2 Marks
(ii) Each type of evidence is important in a criminal investigation, because any piece
of evidence may have a enormous impact on the outcome of the case. Describe briefly
any four types of evidence. 4 Marks
QUESTION FIVE [20 MARKS]
a) (i) Briefly describe how a sniffer works. 3 Marks
(ii) With the aid of a diagram, describe the network components used for lawful
intercept. 4 Marks
b) With the aid of a diagram, describe the hacking cycle. 5 Marks
c) (i) What is computer fraud? 1 Mark
(ii) What are the four major categories of computer fraud? 4 Marks
(iii) What recent developments are contributing to increasing risk of computer fraud?
3 Marks
