IT Security and Risk Management
June 2024 Examination
1. Differentiate between vulnerabilities, threats, and countermeasures in information security.
How do organizations identify and address vulnerabilities? Illustrate how a firewall plays an
important role in protecting networks from unauthorized access. (10 Marks)
2. Explain the importance of security awareness training for employees within an organization.
How can a strong security awareness culture contribute to mitigating cybersecurity risks?
Discuss the role of employees in maintaining the security of information systems and the potential
consequences of a lack of security awareness among staff members. (10 Marks)
3. A multinational e-commerce company, E-ShopX, is preparing for its annual flash sale event,
which attracts millions of online shoppers. As a cybersecurity analyst hired by E-ShopX, you are
tasked with ensuring the security of the company’s systems and infrastructure during this critical
period.
Malicious Code Incident:
a. Scenario: On the eve of the flash sale, several customers report unusual behavior on the EShopX
website, such as unexpected redirects, pop-up ads, and slow performance
As the cybersecurity analyst, how would you investigate the reported incidents to determine if the
website has been compromised by malicious code? Outline the steps you would take to identify,
isolate, and mitigate the malicious code to ensure the security and integrity of the website for the
upcoming flash sale. (5 Marks)
b. Scenario: As the flash sale approaches, E-ShopX becomes a prime target for cyberattacks,
including denial of service (DoS) attacks aimed at disrupting the website’s availability and
causing financial losses.
As the cybersecurity analyst, what proactive measures would you implement to protect EShopX’s
systems and infrastructure from potential denial of service (DoS) attacks during the flash
sale event? Describe the strategies and technologies you would deploy to detect, mitigate, and
respond to DoS attacks in real-time to ensure uninterrupted service for online shoppers. (5
Marks)