BAC 5109 – HUMAN ASPECTS OF FORENSICS KCA Past Paper

UNIVERSITY EXAMINATIONS: 2019/2020
EXAMINATION FOR THE BACHELOR OF SCIENCE IN APPLIED
COMPUTING
BAC 5109: HUMAN ASPECTS OF FORENSICS
FULL TIME/PART TIME
ORDINARY EXAMINATIONS
DATE: MAY, 2020 TIME: 6 HOURS
INSTRUCTIONS: Answer ALL Questions
SECTION 2:

QUESTION TWO [20 MARKS]
You have been tasked by the board of a large organization to test the security awareness level
of the employees of the company. The attack vector that will be used is a USB carrying
malicious software. The goal with this scenario is to get the front desk receptionist to accept
your USB drive that has the malicious program on it. The program will auto load and scrape
her system for all information, such as usernames, passwords, email accounts, SAM files that
contain all the
passwords on the system, and more, copying it all to a directory on the USB drive.
Your pretext: you were attempting to drop off your CV before the deadline and on the way,
you spilled coffee all over your CV while avoiding a wreck less driver. You were dropping
off your daughter to school and didn’t have enough time to print out more copies as you were
close to the office and the deadline was approaching.
a) Using the scenario above, identify each key element of the communication module
and explain how each element would be effectively used in accomplishing the goal
(15 Marks)
b) List five sources of information gathering. (5 Marks)
SECTION 3:
QUESTION THREE [20 MARKS]
Cybercriminals use the same tools used by Cybersecurity professionals. As a Cyber and
Social Engineering expert, you should be familiar with some of these tools used to
investigate, mitigate and prevent attacks. Use your knowledge of Social Engineering tools to
answer the following questions:
a) i) How are Social Engineering tools categorized? (3 Marks)
ii) Provide 2 examples for each category. (6 Marks)
b) What is the Social Engineering Toolkit? (3 Marks)
c) i) Outline four prominent uses of the social engineering toolkit (4 Marks)
ii) Describe four methods can be used to employ a social engineering attack using the
social engineering toolkit? (4 Marks)

(Visited 93 times, 1 visits today)
Share this:

Written by