UNIVERSITY EXAMINATIONS: 2021/2022
EXAMINATIONS FOR THE DEGREE OF BACHELOR OF SCIENCE IN
INFORMATION SECURITY AND FORENSICS / BACHELOR OF
SCIENCE IN APPLIED COMPUTING
BISF 3103/BAC 2316: CYBER SECURITY
FULL TIME/PART TIME
DATE: DECEMBER, 2021 TIME: 2 HOURS
INSTRUCTIONS: Answer QUESTION ONE AND ANY OTHER TWO questions.
QUESTION ONE – COMPULSORY [20 MARKS]
a) Discuss any five characteristics of Advanced Persistent Threats (APTs). 5 Marks
b) Vulnerabilities present in a system or network can be classified into several categories.
Discuss in detail any four of these categories. 4 Marks
c) Discuss in detail how you would defend your network against IDS evasion
attacks. 5 Marks
d) With the aid of a simple diagram, discuss the defence-in-depth strategy for securing an
organization’s data resources. 6 Marks
QUESTION TWO [15 MARKS]
a) Because of the extensive usage and implementation of Bring Your Own Device (BYOD)
policies in organizations, mobile devices have emerged as a prime target for attacks. Discuss in
detail the anatomy of a mobile attack. 10 Marks
b) Discuss any five recent OWASP Top Ten Web Application Security Risks. 5 Marks
QUESTION THREE [15 MARKS]
a) Discuss in detail the roles and applications of Cryptography in ensuring cyber security.
10 Marks
b) Discuss how Wireshark can be used as both an offensive tool and administrative tool.
5 Marks
QUESTION FOUR [15 MARKS]
Discuss cyber security through isolation and compartmentalization in terms of physical and
hardware isolation, virtual isolation, built-in sandboxes and application isolation, Whonix OS
and Qubes OS. 15 Marks
