QUESTION 1
(a) Explain network security. What are the types of security features used in client server types of network?
(b) What is the disparity sandwiched between authentication and authorization?
(c) What is the most effective biometric authorization technology today? What makes this technology (most) effective?
(d) Give one instance of behavioural biometric technology?
(e) What is a security policy and what are the basic rules when shaping a security policy?
(f) Depict the three types of policy listed below, and give one instance for each type?
- Enterprise Information Security Policy
- Issue Specific Security Policy
- System Specific Security Policy
QUESTION 2
(a) Describe briefly how firewalls protect network? Describe three methods firewall use, to control traffic flowing in and out of a network.
(b) List and briefly describe the 5 stages of a typical intrusion process on a computer network?
(c) What is the point of creating a DMZ during firewall implementation?
(d) Explain the use of SSL to secure a network?
(e) Give one motive why WPA encryption is preferred over WEP?
QUESTION 3
(a) State what you understand by symmetric encryption, public key encryption and hash functions.
(b) State the three deliberations that need to be addressed for encryption to be used effectively in networks?
(c) Illustrate the process of Kerberos Ticket Exchange, using diagram to illustrate your answer?
(d) Presume XYZ Software Company is facing a number of information security threats. Using the following table, Compute the SLE, ARO, and ALE for each threat.
