SS1 ICT CA QUESTIONS AND ANSWERS

(1a) List three methods use to maintain Confidentiality

METHODS USED TO ENSURE CONFIDENTIALITY

1.      Encryption

2.      Access Control

3.      Steganography and Obfuscation

 

(1b) What is Steganography and Obfuscation

Steganography and Obfuscation: A third method you can use for confidentiality is steganography. It is the practice of hiding data within data.

 

(2a)List the (CIA) triad that forms the basis for the development of security systems.

1.      CONFIDENTIALITY

2.      PROVIDE INTEGRITY

3.      AVAILABILITY

 

(2b) What is Integrity?

 

INTEGRITY

Integrity provides assurances that data has not changed. This includes ensuring that no one has modified, tampered with, or corrupted the data.

 

(3a) List three techniques implemented to reduce risk

1.      Technical

2.      Administrative, and

3.      Physical

 

(3b) what is Technical controls ?

Technical Controls use technology to reduce vulnerabilities e.g the use of Antivirus, Firewall.

 

(4) Define (i) Administrative, and (ii) Physical

 

• Administrative controls: Day to day operations or monitoring to ensure no or little attacks occur. Some examples: creating security awareness and training, configuration management, and change management.

• Physical controls refer to controls you can physically touch.

 

(5) What is the different between Flowchart and Algorithm?

Flowchart a pictorial representation use for solving an algorithm.

Algorithm is a step by step procedure for solving a  problem.

(6) List three impacts of Computer security: Protection of File from unauthorized users, Data validation is required, lost of password can lead to data or information lost.

(7) What is a computer security: This is the act of protecting our system from authorized users using different techniques.  

(8) What is Encryption: Making data unreadable for the unauthorized user, give one example of how encryption works, and encrypting your file before sending your file on internet?

(9) List two techniques use to determine integrity

 Hashing you can use hashing techniques to enforce integrity. The relevant hashing algorithms, such as Message Digest 5 (MD5), Secure Hash Algorithm (SHA), and Hash- based Message Authentication Code (HMAC).

Digital Signatures, Certificates, and NonRepudiation You can also use digital signatures for integrity. A digital signature is similar in concept to a handwritten signature.

 (10) Describe how we can increase the availability of data and information in computer security.

We can improve the availability of data by Implementing redundancy and fault-tolerant methods to ensure high levels of availability for key systems. Additionally, organizations ensure systems stay up to date with current patches to ensure that software bugs don’t affect their availability.

Redundancy and Fault-Tolerant: Redundancy adds duplication to critical systems and provides fault tolerance. If a critical component has a fault, the duplication provided by the redundancy allows the service to continue without interruption.