Diploma in Information and Communication Technology (ICT)

Year 1 – Introduction to Information Security

Examination Paper

 Time Allowed: 2 Hours

 Total Marks: 100

 Instructions:

1. Answer ALL questions.

2. Ensure clarity and precision in your answers.

3. Each question carries the marks indicated.

Section A: Basic Concepts and Terminology

(Answer all questions in this section)

(Total: 20 Marks)

1. Define the following terms related to information security:

o (i) Confidentiality

o (ii) Integrity

o (iii) Availability

o (iv) Authentication
(4 marks)

2. Differentiate between cybersecurity and information security with appropriate examples.

(4 marks)
 3. Explain the concept of social engineering and give two examples of social engineering
attacks.
(4 marks)

4. Briefly describe the role of firewalls in protecting a network.

(4 marks)

5. Identify and explain any two types of malware.

(4 marks)

Section B: Threats, Vulnerabilities, and Risk Management

(Answer all questions in this section)

(Total: 30 Marks)

6. Identify and explain the difference between threats, vulnerabilities, and risks in
information security.
(5 marks)

7. Describe any three common network security threats faced by organizations today.
(6 marks)

8. Discuss phishing attacks and explain two methods that individuals and organizations can
use to protect themselves from phishing.
(6 marks)

9. Explain the concept of multi-factor authentication (MFA) and describe how it enhances
security in an organization.
(5 marks)

10. Discuss the importance of data encryption and provide an example of how encryption is
used to secure data transmission over the internet.
(8 marks)
Section C: Security Policies, Legal, and Ethical Issues

(Answer all questions in this section)

(Total: 30 Marks)

11. Describe the key components of a good information security policy for an organization.
(6 marks)

12. Explain the role of security awareness training in minimizing human error in information
security breaches.
(4 marks)

13. What is the General Data Protection Regulation (GDPR)? Briefly discuss its importance
in the context of protecting personal data.
(6 marks)

14. Explain the concept of ethical hacking and discuss its significance in modern
cybersecurity practices.
(6 marks)

15. Discuss the legal and ethical issues involved in the unauthorized access of computer
systems, referencing cybercrime laws in Kenya.
(8 marks)

Section D: Practical Security Measures and Technologies

(Answer all questions in this section)

(Total: 20 Marks)

16. Describe the purpose of an Intrusion Detection System (IDS) and differentiate between
network-based IDS and host-based IDS.
(5 marks)
 17. Outline two best practices for securing wireless networks in an organizational
environment.
(4 marks)

18. Explain how virtual private networks (VPNs) work and discuss their role in ensuring
secure communication.
(6 marks)

19. List and briefly explain three security measures that can be implemented to protect an
organization's physical infrastructure.
(5 marks)

End of Examination

This exam is structured to cover key areas of information security, including fundamental
concepts, practical security measures, and ethical/legal considerations, while adhering to high
examination standards.

4o

You said:

Generare 20 short answer questions each with 2-4 marks

ChatGPT said:

ChatGPT

Diploma in Information and Communication Technology (ICT)

Introduction to Information Security

Short Answer Questions

 Total Marks: 50
 Instructions: Answer all questions. Each question carries the marks indicated.

1. Define information security.

(2 marks)

2. State two main objectives of information security.

(2 marks)

3. What is the principle of confidentiality in information security?

(2 marks)

4. Explain the term 'encryption'.

(2 marks)

5. Differentiate between a threat and a vulnerability.

(3 marks)

6. Name two examples of social engineering attacks.

(2 marks)

7. Explain the role of a firewall in network security.

(3 marks)

8. What is the purpose of two-factor authentication (2FA)?

(3 marks)

9. What is malware? Provide one example.

(3 marks)

10. Mention two common types of malware.

(2 marks)

11. Briefly explain what a phishing attack is.

(2 marks)

12. What does the term 'data integrity' refer to in information security?
(2 marks)
 13. List two advantages of using a Virtual Private Network (VPN).
(2 marks)

14. What is the role of an Intrusion Detection System (IDS)?

(3 marks)

15. Define the term 'risk' in the context of information security.

(2 marks)

16. Why is security awareness training important for organizations?

(3 marks)

17. State the difference between ethical hacking and malicious hacking.
(3 marks)

18. Give two examples of physical security measures for protecting IT infrastructure.
(2 marks)

19. What is the role of a backup in information security?

(2 marks)

20. Briefly describe the concept of multi-factor authentication (MFA).

(3 marks)

These questions are designed to assess basic knowledge and understanding of key information
security concepts, providing a comprehensive range of short-answer questions.

4o

You said:

generate 20 essay questions each with 10 marks. the questions should be application questions
and should test the understanding of security threats and prevention measures

ChatGPT said:

ChatGPT

Diploma in Information and Communication Technology (ICT)

Introduction to Information Security

Essay Questions

 Total Marks: 200

 Instructions: Answer all questions. Each question carries 10 marks.

1. Discuss how a company can prevent data breaches by implementing appropriate access
control mechanisms. Provide examples of tools and techniques.
(10 marks)

2. Analyze how firewalls and intrusion detection/prevention systems (IDS/IPS) work

together to secure a network from external threats. Use practical scenarios in your
answer.
(10 marks)

3. Describe how phishing attacks occur and outline effective prevention methods that
organizations can use to reduce the risk of phishing. Provide examples of real-world
consequences of successful phishing attacks.
(10 marks)

4. Explain how encryption helps in safeguarding sensitive information during transmission

and storage. Provide a practical example of how encryption is used in online banking.
(10 marks)

5. Discuss the risks posed by malware, including viruses, worms, and ransomware, and
propose measures to protect an organization’s systems from malware infections.
(10 marks)

6. A company is concerned about insider threats. Explain what insider threats are and
recommend measures the company can take to detect and prevent them.
(10 marks)

7. Evaluate how multi-factor authentication (MFA) can be used to enhance security in

online services such as email and cloud storage. Provide examples of situations where
 MFA can prevent unauthorized access.
(10 marks)

8. Describe how social engineering attacks exploit human psychology to compromise

security. Propose training and awareness programs that can be implemented to prevent
such attacks.
(10 marks)

9. Explain how distributed denial-of-service (DDoS) attacks can disrupt online services, and
recommend strategies an organization can use to mitigate the effects of DDoS attacks.
(10 marks)

10. Analyze how organizations can use network segmentation to prevent the spread of
cyberattacks within their network. Provide examples of how this strategy is applied in a
real-world environment.
(10 marks)

11. A company is setting up remote work for employees. Discuss the potential security risks
associated with remote work and recommend measures to ensure the security of remote
access.
(10 marks)

12. Discuss the role of a security operations center (SOC) in identifying, preventing, and
responding to cyberattacks. Provide examples of tools and technologies used by SOC
teams.
(10 marks)

13. Explain the concept of zero-day vulnerabilities and discuss strategies that organizations
can implement to mitigate the risks associated with such vulnerabilities.
(10 marks)

14. Analyze how ransomware attacks have evolved and suggest ways organizations can
protect themselves against ransomware. Include backup and recovery strategies in your
answer.
(10 marks)
 15. Explain how cloud computing introduces new security challenges. Recommend measures
that cloud service providers and clients should take to ensure the security of cloud-based
systems and data.
(10 marks)

16. Discuss how artificial intelligence (AI) and machine learning (ML) can be used to
enhance cybersecurity defenses against evolving threats. Provide practical examples of
AI/ML-based security solutions.
(10 marks)

17. Examine how security patch management helps in preventing system vulnerabilities from
being exploited. Discuss the importance of timely patching and how organizations can
implement effective patch management processes.
(10 marks)

18. Describe how an organization can use penetration testing (ethical hacking) to identify and
address vulnerabilities in its systems. Include a discussion of the types of penetration
testing and their importance.
(10 marks)

19. Evaluate the security risks associated with the use of Internet of Things (IoT) devices and
suggest methods to secure IoT environments from cyberattacks.
(10 marks)

20. Discuss how organizations can use security information and event management (SIEM)
systems to detect and respond to security incidents. Provide examples of how SIEM tools
contribute to threat detection and mitigation.
(10 marks)

These essay questions are designed to assess students' ability to apply their knowledge of
security threats and prevention measures in practical, real-world scenarios, encouraging critical
thinking and problem-solving.

4o
You said:

generate more application and role play questions

ChatGPT said:

ChatGPT

Diploma in Information and Communication Technology (ICT)

Introduction to Information Security

Application and Role-Play Questions

These questions are designed to test the application of information security concepts through
real-world scenarios and role-playing, providing a deeper understanding of security threats and
preventive measures.

1. As the IT security manager of a company, your network has been hit by a ransomware
attack that has encrypted critical business files. Explain the steps you would take to
recover from the attack and ensure that it doesn't happen again.
(10 marks)

2. You are a security consultant hired to improve the cybersecurity defenses of a small
business. The business currently uses outdated security software and has no clear policy
on password management. Recommend a comprehensive security plan that addresses
these weaknesses.
(10 marks)

3. Imagine you are an IT administrator at a university. A student reports a phishing email

that appears to come from the university's administration office. What actions would you
take to investigate the report, mitigate any potential risks, and educate the campus on
phishing prevention?
(10 marks)
4. You are a network administrator tasked with securing a new office building’s wireless
network. The building will house sensitive business operations. Explain the steps you
would take to ensure the wireless network is secure from both internal and external
threats.
(10 marks)

5. As part of the IT security team in a hospital, explain how you would protect patient data
(e.g., medical records) from both internal and external threats, while ensuring that doctors
and nurses have easy access to the information they need to provide care.
(10 marks)

6. Role-Play: You are the IT support person for a large corporation. A senior executive calls
you, panicked, because they accidentally clicked on a suspicious link in an email.
Describe how you would guide them through securing their account and checking for any
signs of compromise.
(10 marks)

7. You are the CISO of a company planning to migrate its data to the cloud. Management is
concerned about the security risks involved. Prepare a report explaining the potential
risks and detailing the measures you would implement to ensure data security during and
after the migration.
(10 marks)

8. You have been asked to present to a group of new employees about the importance of
password security. Develop a presentation script that highlights common password
vulnerabilities and best practices for creating and managing strong passwords.
(10 marks)

9. Your company has just installed a new Intrusion Detection System (IDS). As the lead
security analyst, you need to explain to your team how to respond to alerts generated by
the IDS, including how to differentiate between true positives and false positives.
(10 marks)

10. A recent audit revealed that your organization lacks a formal incident response plan. As
the IT security manager, outline the key components of an incident response plan and
 explain how it can help mitigate the impact of a cyberattack.
(10 marks)

11. Role-Play: You are conducting a security awareness training session for employees. One
of the employees does not understand the importance of updating their devices regularly.
How would you explain the security risks associated with outdated software, and how
would you encourage them to adopt good update practices?
(10 marks)

12. Your organization is under a distributed denial-of-service (DDoS) attack that is

overwhelming your website. As the lead network engineer, outline the immediate actions
you would take to mitigate the attack and prevent future occurrences.
(10 marks)

13. You are part of the IT team of a financial institution. A customer has reported
unauthorized transactions on their account. Explain the steps you would take to
investigate and secure the affected account, and how you would prevent similar incidents
in the future.
(10 marks)

14. Role-Play: As the head of security, you're presenting to the company's board of directors
about the need to invest in stronger cybersecurity measures. Convince the board why
investing in cybersecurity is crucial by using recent examples of companies that suffered
breaches due to inadequate security.
(10 marks)

15. You are the system administrator for a large corporation. A colleague from the HR
department calls you to report that their computer is running unusually slow, and strange
pop-ups have appeared. Describe how you would investigate and resolve the issue,
suspecting it could be a malware infection.
(10 marks)

16. You are working for a company that processes sensitive customer information. A
disgruntled employee is suspected of unauthorized access to customer data. Outline the
steps you would take to investigate the employee's actions and secure the company’s
 data.
(10 marks)

17. Role-Play: You are tasked with leading a simulated phishing attack within your
organization to test employee awareness. Describe how you would conduct the exercise
and how you would use the results to improve your company’s security training program.
(10 marks)

18. Your company is transitioning to a bring-your-own-device (BYOD) policy for

employees. As the IT security officer, explain how you would implement security
policies to ensure that personal devices used for work do not compromise corporate data.
(10 marks)

19. You are a security consultant for a small retail company that uses an outdated point-of-
sale (POS) system. Provide a detailed explanation of the risks posed by using such a
system and suggest steps to enhance the security of their payment processing system.
(10 marks)

20. Role-Play: You are a manager in charge of responding to a data breach in a healthcare
facility. How would you communicate the breach to stakeholders, including patients,
while managing the technical aspects of the breach response?
(10 marks)

These application and role-play questions challenge students to apply theoretical knowledge to
real-world scenarios, testing their ability to solve security issues and demonstrate a strong
understanding of information security in practice.

4o

You said:

generate more role play questions that test basic understanding of security threats

ChatGPT said:

ChatGPT
Diploma in Information and Communication Technology (ICT)

Introduction to Information Security

Role-Play Questions (Testing Basic Understanding of Security Threats)

These role-play questions are designed to test students’ basic understanding of common security
threats and their preventive measures in practical, real-life scenarios.

1. Role-Play: You are working in the IT department of a small business. An employee

receives an email claiming to be from the CEO, asking for sensitive company data. The
email looks suspicious. Explain how you would verify the email’s legitimacy and guide
the employee on handling such phishing attempts.
(10 marks)

2. Role-Play: A colleague reports seeing a USB drive lying in the office parking lot and
wants to plug it into their computer to check for the owner’s details. Explain the potential
security risks of this action and suggest a safe approach for handling found USB drives.
(10 marks)

3. Role-Play: As part of your job in an IT support role, an employee calls to inform you that
they have forgotten to lock their computer before leaving their workstation. Outline the
potential security risks of leaving a computer unlocked and how to encourage good
security habits within the workplace.
(10 marks)

4. Role-Play: You are part of a security awareness training team, and you’re tasked with
explaining to new employees why strong passwords are important. Describe how you
would demonstrate the dangers of weak passwords and provide tips on creating secure
passwords.
(10 marks)

5. Role-Play: A user on your network reports that their system is running unusually slow
and they suspect malware might be involved. Describe the steps you would take to
 investigate the issue and prevent the malware from spreading.
(10 marks)

6. Role-Play: You are the IT support person for a small company. One of your coworkers
tells you they are unable to access certain files on the network, and it seems like their
access has been blocked. Explain how you would identify if this is due to a ransomware
attack and what actions you would take to prevent further damage.
(10 marks)

7. Role-Play: A colleague asks you to share your work login credentials so they can quickly
access a file while you're on leave. Explain why sharing passwords is a security risk and
suggest alternative methods for sharing work resources securely.
(10 marks)

8. Role-Play: You are responsible for conducting a training session on email security for a
group of employees. During the session, one employee says they frequently open
attachments from unknown senders. Demonstrate how you would explain the risks of
doing so and suggest safer practices for handling email attachments.
(10 marks)

9. Role-Play: A coworker mentions that they have been using the same password across all
their accounts, both personal and professional. Explain the risks of password reuse and
provide advice on how to manage passwords more securely.
(10 marks)

10. Role-Play: You are tasked with helping a team of employees identify signs of a possible
insider threat. How would you explain to them what an insider threat is and what
behaviors or actions might indicate that one exists in the organization?
(10 marks)

11. Role-Play: During a routine security audit, an employee is found using an unsecured Wi-
Fi connection to access company files remotely. Explain the risks of using unsecured
public Wi-Fi and suggest secure alternatives for remote access.
(10 marks)
12. Role-Play: Your organization experiences a minor data breach due to a phishing attack.
You are responsible for informing employees about what went wrong. How would you
explain the incident to the team and suggest steps to prevent similar attacks in the future?
(10 marks)

13. Role-Play: You are a new IT intern, and during your first week, you notice a colleague
walking away from their computer without logging out. Explain how you would address
the situation and why logging out is important for security.
(10 marks)

14. Role-Play: A coworker has set up automatic social media logins on their work computer.
Explain the security risks of using social media on work devices and provide alternatives
to maintain personal and professional account separation.
(10 marks)

15. Role-Play: As an IT administrator, you are asked to guide employees on the dangers of
downloading software from unverified sources. How would you explain the risks
involved, such as malware, and suggest safe practices for installing software?
(10 marks)

16. Role-Play: A user reports that their personal information was exposed after responding to
a fake job offer email. Explain how phishing attacks work and how they could have
verified the legitimacy of the job offer before responding.
(10 marks)

17. Role-Play: You are asked to run a security awareness meeting for staff about the dangers
of clicking on shortened URLs (e.g., bit.ly links). Demonstrate how you would explain
the risks and guide the team on how to safely handle shortened links.
(10 marks)

18. Role-Play: A coworker frequently uses the same device for work and personal activities.
Explain the potential security threats this practice introduces and suggest ways to keep
work and personal activities separate for better security.
(10 marks)
19. Role-Play: A new employee asks why it’s necessary to lock their mobile phone with a
passcode when accessing work emails. Describe the risks of not securing mobile devices
and suggest additional ways to safeguard work data on mobile phones.
(10 marks)

20. Role-Play: You are helping a colleague who has just joined the organization. They are
not familiar with how to detect secure websites when browsing online. Explain how to
identify whether a website is secure (e.g., HTTPS, certificates) and why it's important.
(10 marks)