KEMBAR78
Securing Operating System Question One | PDF | Cipher | Encryption
0% found this document useful (0 votes)
168 views4 pages

Securing Operating System Question One

The document discusses various topics relating to operating system security, including: 1) Defining operating system security and security policies, and describing authentication, file integrity, threat assessment, confidentiality, and security analysis. 2) The importance of implementing IT policies as an IT manager, including for access control lists and authenticating users. 3) Ensuring security of a company's web interface as a website master, and factors for a good user web interface. 4) Techniques for securing local and wide area networks from internet attacks.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
168 views4 pages

Securing Operating System Question One

The document discusses various topics relating to operating system security, including: 1) Defining operating system security and security policies, and describing authentication, file integrity, threat assessment, confidentiality, and security analysis. 2) The importance of implementing IT policies as an IT manager, including for access control lists and authenticating users. 3) Ensuring security of a company's web interface as a website master, and factors for a good user web interface. 4) Techniques for securing local and wide area networks from internet attacks.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

SECURING OPERATING SYSTEM

QUESTION ONE

a) Define operating system security.


b) What is a security policy and give relevant examples?
c) Briefly describe the following terms.
i. Authentication
ii. File integrity
iii. Threat Assessment
iv. Confidentiality
v. Security Analysis

QUESTION TWO

a) What do you understand by the term IT policy?


b) If you were appointed as an IT Manager for a commercial bank, why would you
implement an IT policy?
c) What do you understand the term Access Control lists (ACLS) and compose an
example?
d) Discuss the basic ways to authenticate a user.

QUESTION THREE

a) Differentiate between a web interface and a search engine.


b) As a website master, how can you ensure the security of a company’s web
interface?
c) Explain the factors that you would consider for a good user web interface.
QUESTION FOUR

a) Why is SSH implemented on a network from a Windows pc?


b) What’s the difference between Symmetric and Asymmetric encryption?
c) You see a user logging in as root to perform basic functions. Is this a problem?

1
d) If you were going to break into a database-based website, how would you do it?

2
QUESTION FIVE

a) With a well detailed diagrammatic illustration, discuss how you would secure a Local
Area Network from internet attacks.
b) Describe the CIA triangle architecture

QUESTION SIX

a) Discuss the major roles of an operating system and their applicability.


b) List the attack techniques of an operating system and describe the mitigation
measures.

QUESTION SEVEN

a) Define the term encryption


b) The definition above is among the security tools in the current emerging
technologies. Discuss the advantages and disadvantages of applying such a
technique.
c) Describe the five logical techniques of securing Operating systems.

QUESTION EIGHT

a) Discuss the major webserver security threats and their counter measures.

QUESTION NINE

a) Explain at least four requirements for computer protection and security mechanism.
b) Discuss ways of protecting web Interfaces.

QUESTION TEN

a) Write short notes on the following security measure levels


i. Physical
ii. Human

3
iii. Operating system
iv. Networking
b) Explain the program threats in operating system
c) Explain the system and network threats in OS

QUESTION ELEVEN

a) Differentiate between a Firewall and Intrusion Detection System (IDS)


b) Explain the following types of firewall
i. Packet Filtering
ii. Application Gateways/Proxies
iii. Circuit Level Gateway

QUESTION TWELVE

a) Discuss the term ACL


b) Implementing ACLs is a security measure in an organization, discuss
c) Write brief notes on the user rights

QUESTION THIRTEEN

a) Differentiate between Symmetric and Asymmetric (Public Key) encryption


b) Explain the following concepts: Man In the Middle attack, Kerberos
c) Encrypt the following plan text “WELL DONE” Key: 3
d) In Substitution Cipher Method each letter of the plain text is substituted (replaced)
with a different letter given in the cipher to create the cypher text. The cypher text
“OAZH HLEOLEXL ZH LEXKMVOLJ” was created using the table below, decrypt
the cypher text.

Plain C D E H I N P R S T Y
Cypher X J L A Z E V K H O M

You might also like