UNIVERSITY EXAMINATIONS: 2019
EXAMINATION FOR THE DEGREE OF BACHELOR OF SCIENCE IN
APPLIED COMPUTING
BAC5207 INFRASTRUCTURE IN NATIONAL SECURITY AND
INTELLIGENCE
FULL TIME/PART TIME/DISTANCE LEARNING
DATE: APRIL 2019 TIME: 2 HOURS
INSTRUCTIONS: Answer Question One & ANY OTHER TWO questions.
QUESTION ONE [30 MARKS]
a) What determines an effective dashboard for infrastructure security reporting metrics? Explain
your answer providing examples. (4 Marks)
b) i) What is Threat Intelligence? (2 Marks)
ii) Why is Threat Intelligence important? (3 Marks)
c) Describe four factors that can motivate an individual to become radicalized and take up
terrorism. (8 Marks)
d) i) When considering security for critical infrastructure, what are the core elements that
encompass a Defense in depth strategy? (3 Marks)
ii) What is SCADA and ICS? (2 Marks)
iii) What is defense in depth and how does it apply to the National Critical
infrastructure security? (8 Marks)
QUESTION TWO [20 MARKS]
a) Explain your understanding of the intelligence lifecycle by definition? (4 Marks)
b) Identify the steps of the intelligence lifecycle in their correct order. (4 Marks)
c) i) Define Intelligence. (2 Marks)
ii) Identify and explain the categories of intelligence (8 Marks)
QUESTION THREE [20 MARKS]
a) The earlier an attack is stopped, the better the results are for the organization and network
defenders. The less information that an attacker has about the network, the less likely that the
information will be used against it. Use this as a guideline to answer the following questions:
i) What is the cyber kill chain? (2 Marks)
ii) Identify and briefly describe each stage of the cyber kill chain in correct order.
(14 Marks)
b) In the diamond model, what four nodes are used to model an intrusion? (4 Marks)
QUESTION FOUR [20 MARKS]
a) List and describe 5 types of terrorism (10 Marks)
b) Terrorist groups are well organized. Their respective Organizations and structure go through
a cycle. Outline the process. (6 Marks)
c) Correctly identify four Vulnerabilities of National Critical Infrastructure to terrorism.
(4 Marks)
QUESTION FIVE [20 MARKS]
a) In critical infrastructure security, all standards organizations, regulations, and
recommendations indicate that a defense-in-depth strategy should be implemented.
i) Map out a Defense in Depth Perimeter you would apply in strategizing the security of a
critical infrastructure component along with the Corresponding Protective Measures
(10 arks)
b) Protection of critical infrastructure against cyber-terrorism, faces complex challenges among
international states and organizations. Identify and outline these five challenges. (10 Marks)
