UNIVERSITY EXAMINATIONS: 2018
EXAMINATION FOR THE DEGREE OF BACHELOR OF SCIENCE IN
INFORMATION TECHNOLOGY
BAC5207 INFRASTRUCTURE IN NATIONAL SECURITY AND
INTELLIGENCE
FULL TIME/PART TIME/DISTANCE LEARNING
DATE: DECEMBER 2018 TIME: 2 HOURS
INSTRUCTIONS: Answer Question One & ANY OTHER TWO questions.
QUESTION ONE [30 MARKS]
a) i) Identify 3 sources of intelligence information? (3 Marks)
ii) Explain two types of intelligence information and provide an example of each source.
(6 Marks)
b) Describe 4 motivating factors that can lead to terrorism and radicalization. (8 Marks)
c) i) When considering security for critical infrastructure, what are the core elements that
encompass a Defense in depth strategy? (3 Marks)
ii) What is SCADA and ICS? (2 Mark)
iii) What is defense in depth and how does it apply to the National Critical infrastructure
security? (8 Marks)
QUESTION TWO [20 MARKS]
a) What is the intelligence cycle? (4 Marks)
b) Outline and define the steps in the intelligence cycle. (8 Marks)
c) i) Define Intelligence. (2 Marks)
ii) Identify and explain the categories of intelligence (6 Marks)
QUESTION THREE [20 MARKS]
The earlier an attack is stopped, the better the results are for the organization and network
defenders. The less information that an attacker has about the network, the less likely that the
information will be used against it. Use this as a guideline to answer the following questions:
a) i) What is the cyber kill chain? (2 Marks)
ii) Identify and briefly describe each stage of the cyber kill chain in correct order.
(14 Marks)
b) In the diamond model, what four nodes are used to model an intrusion? (4 Marks)
QUESTION FOUR [20 MARKS]
a) List and describe 5 types of terrorism (10 Marks)
b) Terrorist groups are well organized. Their respective Organizations and structure go
through a cycle. Outline the process. (6 Marks)
c) Correctly identify four Vulnerabilities of National Critical Infrastructure to terrorism.
(4 Marks)
QUESTION FIVE [20 MARKS]
In critical infrastructure security, all standards organizations, regulations, and
recommendations indicate that a defense-in-depth strategy should be implemented.
a) Map out a Defense in Depth Perimeter you would apply in strategizing the security of a
critical infrastructure component along with the Corresponding Protective Measures
(10 Marks)
b) Protection of critical infrastructure against cyber-terrorism, faces complex challenges
among international states and organizations. Identify and outline these five challenges.
(10 Marks)