UNIVERSITY EXAMINATIONS: 2017/2018
EXAMINATION FOR THE DEGREE OF BACHELOR OF SCIENCE IN
APPLIED COMPUTING
BAC 5106 HUMAN ASPECTS OF FORENSICS
FULLTIME/PARTIME
ORDINARY EXAMINATIONS
DATE: NOVEMBER, 2017 TIME: 2 HOURS
INSTRUCTIONS: Answer Question One & ANY OTHER TWO questions.
QUESTION ONE [30 MARKS]
a) What is forensic science and how does it differ from computer forensics? (2 Marks)
b) Cite FOUR reasons why human performance has become a pertinent issue in cyber
security forensic analysis. (4 Marks)
c) Explain how the following types of attacks are executed: (6 Marks)
i) Pretexting
ii) Online social engineering
iii) Reverse social engineering
d) Research shows that help desks are highly vulnerable to cyber crime.
i) Offer TWO reasons why this may be true (2 Marks)
ii) Identify FOUR ways in which help desk attacks can be prevented (4 Marks)
e) Security threats must be examined to assess how they can potentially affect the
organization. Identify FOUR kind of questions that can be posed to address each threat.
(4 Marks)
f) You have been appointed to be in charge of cyber security at a local bank. Design an attack
model using appropriate chart symbols. Accompanying your chart with reasonable
explanations. (8 Marks)
QUESTION TWO [20 MARKS]
a) Access controls can be classified as 1) discretionary, 2) mandatory or 3) nondiscretionary:
i) Explain each of these classifications (6 Marks)
ii) Identify THREE key aspects on which nondiscretionary controls are based (3 Marks)
b) Explain FOUR ways in which humans directly initiate and execute cyber crime (4 Marks)
c) Discuss the following system-specific policies for securing information assets:
i) Access control lists
ii) Configuration rules (4 Marks)
d) Cite THREE rules of thumb to be applied in selecting the preferred strategy for risk control
(3 Marks)
QUESTION THREE [20 MARKS]
a) Explain the goal of social engineering and identify THREE human attributes that support
social engineers (5 Marks)
b) Explain the following basic strategies for controlling risks that result from vulnerabilities:
i) Avoidance (2 Marks)
ii) Transference (2 Marks)
iii) Mitigation (2 Marks)
c) Cite any FIVE guidelines to protecting the privacy of computer users when investigating
cybercrime. (5 Marks)
d) Identify any FOUR circumstances in which an organization would decide to do NOTHING
in response to a possible security exploitation (4 Marks)
QUESTION FOUR [20 MARKS]
a) Describe the following exploits and use a real world scenario to illustrate how they can be
used to gain access to company information assets:
i) Contrived situation (3 Marks)
ii) Personal persuasion (3 Marks)
b) List FIVE areas that must be covered in a company’s information security policy (5 Marks)
c) Provide descriptions for the following mitigation plans and cite TWO steps from each plan:
i) Incident response plan (IRP)
ii) Disaster recovery plan (DRP)
iii) Business recovery plan (BCP). (9 Marks)
QUESTION FIVE [20 MARKS]
a) What is risk management? Explain and cite the primary deliverable (2 Marks)
b) Distinguish between “benchmarking” and “baselining” when identifying and managing risk
(4 Marks)
c) Explain how each of the following can increase the possibility of human compliance to
cyber crime: (6 Marks)
i) Diffusion of responsibility
ii) Trust Relationships
iii) Identification
a) Identify a 4-step plan that can help an organization defend itself against social engineering
attacks. Include all key issues in this 4-step plan (8 Marks)