0F SCIEI'ICE FIND TECHNOLOGY COURSE CODE: DSD821S EXAMINATION QUESTION PAPER MR. ISAAC NHAMU DR. AMELIA PHILLIPS. (Excluding this front page)

Transcription

1 I I'IHITIIBIR UI'IIVERSITY 0F SCIEI'ICE FIND TECHNOLOGY FACULTY OF COMPUTING AND INFORMATICS DEPARTMENT OF COMPUTER SCIENCE QUALIFICATION: BACHELOR OF COMPUTER SCIENCE HONOURS (INFORMATION SECURITY) QUALIFICATION CODE: OSBHIS LEVEL: 8 COURSE: Database Security and Data Protection COURSE CODE: DSD821S DATE: NOVEMBER 2017 SESSION: 1 DURATION: 3h0urs MARKS: 100 EXAMINATION QUESTION PAPER EXAMINER(S) MR. ISAAC NHAMU MODERATOR: DR. AMELIA PHILLIPS THIS QUESTION PAPER CONSISTS OF 6 PAGES (Excluding this front page) INSTRUCTIONS DWNH Answer ALL the questions. Write clearly and neatly. Number the answers clearly. When answering questions you should be guided by the allocation of marks in H. Do not give too few or too many facts in your answers. PERMISSIBLE MATERIALS 1. Non programmable Scientific Calculator.

2 15 SECTION A (Multiple Choice questions marks) 1. When introducing a database into an organization, a(n) impact is likely because the database approach creates a more controlled and structured information flow and thus affects people, functions, and interactions. a. cultural c. technical b. managerial d. operational 2. As a manager, the DBA must concentrate on the dimensions of the database administration function. a. control and planning c. policies and standards b. conflict and problem-resolution d. security and privacy 3. are more detailed and specific than policies and describe the minimum requirements of a given DBA activity. a. Guidelines c. Procedures b. Standards d. Documentation 4. All users must have passwords is an example of a. a. rule c. standard b. policy d. procedure 5. The is responsible for ensuring database security and integrity. a. database programmer c. data administrator b. systems analyst d. database security officer 6. activities cover all tasks directly related to the day to day operations and its applications. of the DBMS a. Backup and recovery c. Performance monitoring and tuning b. System support d. Security auditing and monitoring 7. security breaches include database access by computer viruses and by hackers whose actions are designed to destroy or alter data. a. Dangerous c. Corrupting b. Preserving d. Authorized 1 Page

3 Some common physical security practices found in large database installations include secured entrances, password-protected workstations,, closed circuit video, and voice recognition technology. a. drug testing c. electronic personnel badges b. fingerprinting d. retina scans Classifying users into according of controlling and managing the access privileges to common access needs facilitates the DBA s job of individual users. a. user groups c. authorization schemes b. sections d. policy definitions 10. A(n) access. data dictionary is automatically updated by the DBMS with every database a. dynamic c. passive b. active d. static 11. A(n) serves as the basis for planning, development, and control of future information systems a. access plan b. active data dictionary c. information systems architecture (ISA) d. security policy 12. A is a named collection of settings resource a given user can USE. that control how much of the database a. user c. profile b. role (:1. Manager 13. User access management is a subset of. a. password protection c. data integrity b. authorization management d. managerial control 14. Several DBMS packages contain features that allow the creation of a(n) which, automatically records a brief description of the database operations performed by all users. a. change tracker c. paper trail b. digital footprint d. audit log 2 Page

4 15. At the level of middle management, the database must be able to. a. represent and support the company operations as closely as possible b. deliver the data necessary for tactical decisions and planning c. produce query results within specified performance levels cl. provide access to external and internal data to identify growth opportunities and to chart the direction of such growth SECTION B Question 1 a. Using their definitions, distinguish between Data Validation and Data Verification. [2] b. Giving examples describe the following verification, validation and testing techniques: [8] i. Informal ii. iii. iv. Formal Static Dynamic Question 2 a. Distinguish between data perturbation and output perturbation. [2] b. State two technics for data perturbation, and two for output perturbation. [4] c. Outline two general limitations of perturbation technics. [4] Question 3 a. Describe and provide examples of the following three types of problems that can occur in a multiuser environment when concurrent access to the database is allowed. [9] i. Dirty read ii. iii. Non-repeatableread Phantom read b. What is Serialisabitlity and why is it important? [4] c. Describe how you would identify if schedules are conflict serializable or not. [2] 3 Page

5 sql Question 4 a. Describe three types of authentication that are allowed by the Oracle DBMS. Describe one disadvantage or advantage of each type of authentication. [9] function is found on b. In Oracle Database llg, the verify_function_llg password verification file. utlpwdmg in $ORACLE_HOME/rdbms/admin. Write a script for the verify_function_llg to following DSD8218 profile: on the Lock out accounts for users who make more than 6 failed login attempts for the same 12 hours. Expire passwords for users after 3 months of using password and allow them 10 days grace period before they can change their password. Allow the users to reuse their passwords after 6 months. Do not limit the number of times they can reuse their passwords. [10] By executing this script utlpwdmg. sql, it will attach the function to the profile DSD82lS, which is the profile used by students taking the Database security class. Comment on the SECURITY of the script. [6] 4 Page

6 Question 5 Study the following passage that was taken from the Data Breach Today website and answer the questions that follow below the passage. Clinic Pays Ransom after Backups Encrypted Situation Spotlights Tough in Attack Decisions Healthcare Entities Can Face After Ransomware Strikes huonh OO\IO\U'I In an Oct. 13 statement, Namaste Health Care in Ashland, Missouri, a clinic with one physician and two other clinicians, reveals that during the weekend of Aug , an unknown cyberattacker gained improper access into Namaste's computer systems and appears to have remotely accessed Namaste's file server." The cyberattacker "appears to have not only accessed and potentially viewed information contained on that file server but also then launched a ransomware virus/attack on the file share server, which resulted in the encryption of Namaste's data that was housed on that server as ofaug. 14, the clinic says Upon learning of the attack on Aug. 14, the clinic says it immediately "disabled the unauthorized user's access and took the computer systems offline, and with the assistance of our IT contractor, we worked to investigate, eliminate and remediate the malware attack on the systems." The clinic says it "terminated any further remote access permissions pertaining to the system, and we then subsequently paid the cyberattacker's ransom demand in order to obtain the decryption key and restore the encrypted data." Namaste's office manager, who asked not to be named, tells Information Security Media Group that the clinic had backups, but those were encrypted in the attack as well We could've rebuilt [our systems] but that would've taken three or four weeks, disrupting care delivery, she says. By paying the ransom and then using the decryption key provided by the extortionists to restore systems and recover all data, Namaste limited the disruption to only about a day-and a half," she adds "We were back running a day after we got the de encryption key," she says, declining size ofthe ransom. to reveal the The IT firm assisting Namaste in the remediation told the clinic its files were encrypted using a "lock extension, the clinic's office manager says Namaste appears to have experienced a problem often faced by other organizations. it is not uncommon for backups to also be subject to ransomware, says Kate Borten, president of privacy and security consulting firm, The Marblehead Group O 31 "This situation is avoidable," she says. "The purpose of backups is to enable recovery, notjust from a minor blip in a system, but also from a major event such as a natural disaster or a ransomware attack. Backups should be separated from their source, whether on physical media stored at a distance or in the cloud." 5 Page

7 Source: All questions below refer to the Data Breach Today article on page 5. a. From the article, and your understanding of security threats and security vulnerabilities, identify two actions/items that can be classified as threats and two that can be classified as vulnerabilities. [4] b. With reference to paragraph 2, lines 4 and 5 describe at least 2 risks that would result from the breach. [4] c. With reference to paragraph 3 line 11, describe three ways that the IT contractor would do to, eliminate and remediate the malware attack on the systems, besides what is stated in the next paragraph (4). [6] d. Despite what is mentioned in lines 17 22, give two reasons why paying a ransom would be discouraged. [4] e. Paragraph 10. List at least two types of backups the authorities could have implemented that could have averted the situation. [4] f. Still on paragraph 10. What alternative measures can be taken to manage the vulnerability of the clinic s system? Identify 3. [3] <<<<<<<<<<< END OF PAPER >>>>>>>>>> 6 Page