

Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
An examination paper for the security management module of the msc networking and security program at cork institute of technology. Instructions for the examination, duration, sitting, and requirements. The paper consists of four questions, covering topics such as security program, security governance, security and privacy in public cloud computing, and security configuration management.
Typology: Exams
1 / 3
This page cannot be seen from the preview
Don't miss anything!


Q1. General Questions
(a) Briefly outline what a Security Program entails. (10 marks)
(b) Critically appraise the benefits of implementing an Information Security Management System based on the ISO27001 standard. (10 marks)
(c) Briefly analyse four typical techniques used in security auditing. (10 marks)
(d) Outline a process an organisation may use to develop and maintain a viable contingency planning program for their IT systems. (10 marks)
Q2. Security Governance
(a) According to Forrester Research, the business value of “Information Security Is best articulated using The “Five R‟s” of a Risk-Oriented Program.” Discuss. (10 marks)
(b) Critically analyze what Security Governance should deliver to an organisation. (20 marks)
Q3. Security and Privacy in Public Cloud Computing
According to the Draft NIST Special Publication Guidelines on Security and Privacy in Public Cloud Computing January 2011 - ” Besides its many potential benefits for security and privacy, public cloud computing also brings with it potential areas of concern, when compared with computing environments found in traditional data centers.”
(a) Critically appraise the „security upside‟ and the „security downside‟ when outsourcing data, applications and infrastructure to a public cloud. (10 marks)
(b) Critically analyse what key security and privacy issues have long-term significance for Cloud Computing (20 marks)