Scribd
Upload
9 views1 page

Assignment # 2 IS

The document outlines an assignment on the fundamentals of information security, focusing on key concepts such as the CIA Triad, types of cyberattacks, and encryption methods. It includes a case study on a phishing attack, requiring analysis of prevention strategies, countermeasures, and employee awareness messaging. Additionally, it discusses cybersecurity tools and the significance of security policies within organizations.

Uploaded by

fatimaaftabfsd
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
9 views1 page

Assignment # 2 IS

The document outlines an assignment on the fundamentals of information security, focusing on key concepts such as the CIA Triad, types of cyberattacks, and encryption methods. It includes a case study on a phishing attack, requiring analysis of prevention strategies, countermeasures, and employee awareness messaging. Additionally, it discusses cybersecurity tools and the significance of security policies within organizations.

Uploaded by

fatimaaftabfsd
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 1

Fundamental of Information Security

Assignment # 2

Q1. Define the CIA Triad in information security. Explain each component with one real-life
example.
(3 Marks)

Q2. What are the common types of cyberattacks (at least five)? Explain each with a brief
example or case.
(4 Marks)

Q3. Differentiate between symmetric and asymmetric encryption. Give one use-case where
each is preferable.
(3 Marks)

Section B: Applied Case Study & Analysis (10 Marks)

Q4. Case Study:


Your organization recently suffered a phishing attack where multiple employees clicked on a
malicious link, compromising their login credentials. As the security officer, you are asked to:

a) Identify how the attack could have been prevented.


b) Suggest technical and non-technical countermeasures.
c) Draft an awareness message for employees about phishing.

(5 Marks)

Q5. List and explain any three tools or technologies used in modern cybersecurity (e.g.,
firewalls, IDS, antivirus, MFA, etc.). Mention how they help mitigate specific types of threats.
(3 Marks)

Q6. Explain the importance of security policies in organizations. Provide two examples of
policies commonly implemented.
(2 Marks)

You might also like