

Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
An exam paper for a cloud security module in the msc in networking and security and msc in software development programs at the cork institute of technology. The exam consists of six questions, each worth 25 marks, and covers topics such as host profiles, vmware vmotion, identity and access management standards, enisa's cloud computing information assurance framework, kpmg data lifecycle, and cloud auditing. The exam duration is 2 hours and is scheduled for summer 2012.
Typology: Exams
1 / 3
This page cannot be seen from the preview
Don't miss anything!


Semester 2 Examinations 2011/
Module Code: COMP
School: Science & Informatics
Programme Title: MSc in Networking and Security MSc in Software Development
Programme Code: KNSEC_9_Y KSDEV_9_Y
External Examiner(s): Dr David White Internal Examiner(s): Ms Gemma O’Callaghan
Instructions: Answer any 4 questions. All questions carry 25 marks.
Duration: 2 Hours
Sitting: Summer 2012
Requirements for this examination:
Note to Candidates: Please check the Programme Title and the Module Title to ensure that you have received the correct examination paper. If in doubt please contact an Invigilator.
Question 1: Explain the use of Host Profiles when discussing Configuration/Change Management for virtualisation. [7 marks]
What is your understanding of VMware’s vMotion technology? Discuss how an attacker could launch a vMotion attack on data confidentiality. [18 marks]
Question 2: Evaluate the following Identity and Access Management Standards for Enterprise a) SAML (Service Assertion Mark-up Language) b) SPML (Service Provisioning Mark-up Language) c) XACML (eXstensible Access Control Mark-up Language) d) Oauth (Open Authentication) [16 marks]
Outline some of the challenges faced when implementing IAM in the cloud. [9 marks]
Question 3: ENISA have put together the “Cloud Computing Information Assurance Framework” for assessing moves to the cloud. It covers a large number of risk areas. Discuss in detail, the following areas of that framework: a) Personnel Security b) Supply Chain Assurance c) Audit Logs d) Physical Security [25 marks]