UNIVERSITY EXAMINATIONS: 2018/2019
EXAMINATION FOR THE DEGREE OF BACHELOR OF SCIENCE IN
APPLIED COMPUTING
BAC3216 INFORMATION SYSTEMS SECURITY POLICIES
FULL TIME/PARTTIME
DATE: DECEMBER 2018 TIME: 2 HOURS
INSTRUCTIONS: Answer Question One & ANY OTHER TWO questions.
QUESTION ONE
a) Explain why organizations advocate for information security policy (6 Marks)
b) Discuss the stages of an information security policy life cycle (8 Marks)
c) Describe the process of writing an effective policy (8 Marks)
d) Analyze how information security policy can be used to deal with threats and risks
(8 Marks)
QUESTION TWO
a) Explain the challenges posed by privacy policies in dealing with cybercrime (6 Marks)
b) Explain how intellectual property rights are covered in information security policies
(6 Marks)
c) Describe the various tools that can be used to enforce network security and email policies
(8 Marks)
QUESTION THREE
a) Discuss how encryption can be used to enforce policies organisations (8 Marks)
b) Discuss how disaster recovery and business continuity are facilitated in organizations
(12 Marks)
QUESTION FOUR
a) What advice would you give an organization concerning the following?
i. Audit and Compliance of security policies (4Marks)
ii. Acceptable Use Policies and Training /Awareness (4Marks)
iii. Enforcement and Effectiveness of security policies (4Marks)
b) Explain Cybercrime legislation as an integral part of information security (8 Marks)
QUESTION FIVE
a) Examine advantages and disadvantages of internet censorship as a way of enforcing
information security (8 Marks)
b) Discuss the role of International Cooperation in Cyber Crime (12 Marks)