Professional Documents
Culture Documents
Exams Iis 2021
Exams Iis 2021
LO’s Module learning outcomes covered by this task(from the Module descriptor)
1 Describe the digital security landscape in the form of risks, threats, attacks, adversaries and security
needs
2 Discuss the different technologies that constitute the security mechanisms at various levels in a digitally
networked environment
3 Design and develop differing strategies used for security management and critically review their legal,
ethical and social implications
4 Present technical solutions to a non-technical audience in an industry standard format concepts
5 Explore the fundamental concept behind computer and network security particularly in relation to the
confidentiality, integrity and availability (CIA triangle)
Most businesses today face a lot of challenges when it comes to cyber attacks. Employees of
organizations using personal and official computing devices for work faces a lot of cyber security
challenges regularly. Businesses uses e-mail services, pay phones to interact with their costumers
constantly. These prospects comes with a lot of challenges and social engineering and phishing
approaches have become a critical weapon in the hands of cyber criminals against vulnerable
customers and employees. Malware are also regularly deployed by hackers to infiltrate systems or
collect critical data on targets.
Imagine you are a cyber security consultant within your organization producing services for small and
medium enterprise business as well as big corporations with peculiar problems as discussed earlier,
answer the following questions below.
i. Critically discus some effects of social engineering attacks to organisations and discuss
some current evolving trends of social engineering within the domain cyber security. 10
marks
ii. Social engineering has proven to be one of the commonest attacks in cyberspace. Discuss
why hackers normally engage Social Engineering in most of their activities. 10 marks
iii. Discuss the following types of malware and provide measures that can be taken to detect
and avoid them. 25 marks
a. Adware
b. Spyware
Assessment_task_V1.0/09_04_14
c. Trojan horse
d. Bots
e. Ransomware
iv. Discuss the role white hat, black hat and grey hat hackers play within the cyberspace and
their impact on organizations. Provide case example of activities that they are involved in.
15 marks
v. Discuss the following Operations security measures within an organisation. 25 marks
a. Protection from malware
b. Backup
c. Logging and monitoring
d. Information systems audit considerations
e. Technical vulnerability management
Guide
I. (i) Appropriate justification of points with clear and detailed example 6 marks
ii. (i) Appropriate justification of points with clear and detailed example 6 marks
iii. (i) Appropriate justification of points with clear and detailed example 3 marks each
iv. (i) Appropriate justification of points with clear and detailed example 3 marks each
v. (i) Appropriate justification of points with clear and detailed example 3 marks each
Assessment_task_V1.0/09_04_14
Question 2 (15 marks) 200-400 words per discussion.
Assuming you have been employed to lead a cyber security consultant for a company that performs
penetration testing and advice businesses from the report on how to avoid cyber attacks, use the
knowledge you have acquired in performing the following task on two different websites.
Using vega software, perform vulnerability assessment of site 1 and site 2 listed below. It is the same
site that can be accessed via http and https.
Site 1 : http://team.critacghana.com
Site 2: https://team.critacghana.com
i. Discuss the High, Medium and Low Risks results obtained from the reports generated by
Vega. Present technical solutions to a non-technical audience in an industry standard
format concepts based on your findings. Provide five recommendations for five critical
risks identified out of the scanning. 25 marks
ii. The connection with the HTTPS is encrypted using TLS_AES_256_GCM-SHA384, 256
bit keys, TLS 1.3. Discuss four advantages of using TLS 1.3. 20 marks
iii. Discuss three importance of performing Ethical hacking. 15 marks
iv. Discuss three implications of hacking websites without authorization. 15 marks
Guide
i. Discuss the High, Medium and Low Risks results obtained from the reports generated by Vega. 10
marks
(i) Appropriate justification of points with clear and detailed example 6 marks
(ii) Appropriate reference to support work 2 Marks
(iii) Originality of Presentation and avoidance of plagiarism 2 Marks
(i) Appropriate justification of points with clear and detailed example. 3 marks
(ii) Appropriate reference to support work. 1 Marks
(iii) Originality of Presentation and avoidance of plagiarism. 1Mark
Assessment_task_V1.0/09_04_14
ii.
iii.
Assessment_task_V1.0/09_04_14