Security Management Exam for MSc Networking and Security at Cork Institute of Technology, Exams of Security Analysis

An examination paper for the security management module of the msc networking and security program at cork institute of technology. Instructions for the examination, duration, sitting, and requirements. The paper consists of four questions, covering topics such as security program, security governance, security and privacy in public cloud computing, and security configuration management.

Typology: Exams

2012/2013

Uploaded on 03/28/2013

bholaa
bholaa 🇮🇳

4.6

(9)

77 documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Page 1 of 3
CORK INSTITUTE OF TECHNOLOGY
INSTITIÚID TEICNEOLAÍOCHTA CHORCAÍ
Semester 1 Examinations 2010/11
Module Title: Security Management
Module Code: COMP9027
School: Mathematics and Computing
Programme Title: MSc in Networking and Security
Programme Code: KNSEC_9_Y5
External Examiner(s): Mr.Mark Deegan
Internal Examiner(s): Noreen Gubbins
Instructions: Answer Question ONE and TWO other questions
Duration: 2 hours
Sitting: Summer 2011
Requirements for this examination:
Note to Candidates: Please check the Programme Title and the Module Title to ensure
that you have received the correct examination paper.
If in doubt please contact an Invigilator.
pf3

Partial preview of the text

Download Security Management Exam for MSc Networking and Security at Cork Institute of Technology and more Exams Security Analysis in PDF only on Docsity!

CORK INSTITUTE OF TECHNOLOGY

INSTITIÚID TEICNEOLAÍOCHTA CHORCAÍ

Semester 1 Examinations 2010/

Module Title: Security Management

Module Code: COMP

School: Mathematics and Computing

Programme Title: MSc in Networking and Security

Programme Code: KNSEC_9_Y

External Examiner(s): Mr.Mark Deegan

Internal Examiner(s): Noreen Gubbins

Instructions: Answer Question ONE and TWO other questions

Duration: 2 hours

Sitting: Summer 2011

Requirements for this examination:

Note to Candidates: Please check the Programme Title and the Module Title to ensure

that you have received the correct examination paper.

If in doubt please contact an Invigilator.

Q1. General Questions

(a) Briefly outline what a Security Program entails. (10 marks)

(b) Critically appraise the benefits of implementing an Information Security Management System based on the ISO27001 standard. (10 marks)

(c) Briefly analyse four typical techniques used in security auditing. (10 marks)

(d) Outline a process an organisation may use to develop and maintain a viable contingency planning program for their IT systems. (10 marks)

Q2. Security Governance

(a) According to Forrester Research, the business value of “Information Security Is best articulated using The “Five R‟s” of a Risk-Oriented Program.” Discuss. (10 marks)

(b) Critically analyze what Security Governance should deliver to an organisation. (20 marks)

Q3. Security and Privacy in Public Cloud Computing

According to the Draft NIST Special Publication Guidelines on Security and Privacy in Public Cloud Computing January 2011 - ” Besides its many potential benefits for security and privacy, public cloud computing also brings with it potential areas of concern, when compared with computing environments found in traditional data centers.”

(a) Critically appraise the „security upside‟ and the „security downside‟ when outsourcing data, applications and infrastructure to a public cloud. (10 marks)

(b) Critically analyse what key security and privacy issues have long-term significance for Cloud Computing (20 marks)