UNIVERSITY EXAMINATIONS: 2017/2018
EXAMINATION FOR THE DEGREE OF BACHELOR OF SCIENCE IN
APLIED COMPUTING
BAC5106 HUMAN ASPECTS OF FORENSICS
FULLTIME/PARTTIME
ORDINARY EXAMINATIONS
DATE: APRIL, 2018 TIME: 2 HOURS
INSTRUCTIONS: Answer Question One & ANY OTHER TWO questions.
QUESTION ONE [30 MARKS]
a) Which attributes may prove the existence of a human-perpetrated digital crime or
connection to a crime? (4 Marks)
b) Identify any FIVE common situations in which computer forensics are applied. (5 Marks)
c) Which aspects of digital evidence that make it different from non-digital evidence?
(5 Marks)
d) Explain the following aspects which might make it possible to convert human data to
evidence: (6 Marks)
i) Admissible
ii) Authentic
iii) Accurate
e) Discuss any FOUR challenges that digital forensic investigators face (4 Marks)
f) Discuss TWO categories of cybercrime involving human subjects and outline examples
from each category (6 Marks)
QUESTION TWO [20 MARKS]
a) i) Explain the term “social engineering” and outline its main goal (2 Marks)
ii) Outline any FOUR social engineering strategies (4 Marks)
b) Social engineering attacks are harder to pre-empt because unexpected personality traits
enhance the possibility of successful social engineering. Discuss any FOUR such
personality traits (8 Marks)
c) Discuss how an investigator can protect the privacy of participants (6 Marks)
QUESTION THREE [20 MARKS]
a) After a digital attack, the following can occur for the sake of data recovery and litigation:
i) Incident response
ii) Forensics
iii) Audit
Explain each of these activities in detail (9 Marks)
b) Forensic technology is moving out of the “stand-alone disks” into the unknown. Identify
FIVE other sources of evidence in the digital world (5 Marks)
c) Reverse social engineering is a form of attack that is executed in three stages. Discuss these
stages (6 Marks)
QUESTION FOUR [20 MARKS]
a) i) Explain the concepts of “classification” and “clearance” (2 Marks)
ii) Discuss the issues involved in managing classified data (6 Marks)
b) Outline the risk management process that management can adopt to manage IT- related risks
in an organization (4 Marks)
c) Explain the following risk identification estimate factors: (8 Marks)
i) Likelihood
ii) Value of information assets
iii) Percent of risk mitigated
iv) Uncertainty
QUESTION FIVE [20 MARKS]
b) Describe the following human-based kinds of interactions intended to retrieve
organizational information: (6 Marks)
i) Impersonation
ii) Important user
iii) Third-party authorization
c) Discuss the procedure for conducting a digital forensic investigation involving human
subjects (8 Marks)
d) Help-desk attacks can take two different approaches. Explain each of these approaches,
clearly citing the ways of protecting help-desk personnel from each form (6 Marks)