UNIVERSITY EXAMINATIONS: 2017/2018
EXAMINATION FOR THE DEGREE OF BACHELOR OF SCIENCE IN
APPLIED COMPUTING
BAC3216 INFORMATION SYSTEMS SECURITY POLICIES
FULL TIME/PARTTIME
DATE: APRIL 2018 TIME: 2 HOURS
INSTRUCTIONS: Answer Question One & ANY OTHER TWO questions.
QUESTION ONE
a) Explain the importance of information security policy (6 Marks)
b) Discuss the stages of an information security policy life cycle (8 Marks)
c) Describe the process of writing an effective policy (8 Marks)
d) Analyze how information security policy can be used to deal with threats and risks
(8 Marks)
QUESTION TWO
a) Explain the implications of privacy policies in dealing with cybercrime (6 Marks)
b) Explain how intellectual property rights are addressed in information security policies
(6 Marks)
c) Describe the various tools that can be used to enforce network security and email policies
(8 Marks)
QUESTION THREE
a) Discuss the applicability of encryption and key management policies in organizations
(8 Marks)
b) Discuss how disaster recovery and business continuity are facilitated in organizations
(12 Marks)
QUESTION FOUR
a) What advice would you give an organization concerning the following?
i. Audit and Compliance of security policies (4Marks)
ii. Acceptable Use Policies and Training /Awareness (4Marks)
iii. Enforcement and Effectiveness of security policies (4Marks)
b) Explain Cybercrime legislation as an integral part of information security (8 Marks)
QUESTION FIVE
a) Examine advantages and disadvantages of internet censorship (8 Marks)
b) Discuss the role of International Cooperation in Cyber Crime (12 Marks)