Part 2 – Short answer questions
Your task in this section is to prepare a response to each of the questions. Please refer to the marking guide when preparing your response to see what criteria will be used to assess your work and your progress towards the learning outcomes.
- a) Research into the different types of bio-metric systems which are currently available for access control systems. Briefly describe the techniques and technologies used for each type and discuss the advantages and disadvantages for the three types below. Give an example application when each type could be used:
- Fingerprint
- Hand Geometry
- Iris Recognition
[5 marks]
- b) Other than security concerns, privacy is considered a core value and is recognized either implicitly or explicitly as a fundamental human right. Privacy-enhancing technologies (PETs) can be defined as technologies that enforce legal privacy principles in order to protect and enhance the privacy of users of information technology. Research and discuss three PETs which can be used on the Internet. Use examples to illustrate your answer. [5 marks]
- Wireless sensor networks (WSNs) can be described as a network of nodes that makes a collaborative effort in sensing data around its periphery and its surrounding environment. Research into the area of WSNs and understand the WSN architecture and protocol stack. Discuss three different types of threats and vulnerabilities which can be used to attack the WSN. Give your recommendations on how the threats and vulnerabilities can be mitigated for the WSN. [5 marks].
Rationale
This assessment task will assess the following learning outcomes:
- be able to justify the goals and various key terms used in risk management and assess IT risk in business terms.
- be able to critically analyse the various approaches for mitigating security risk, including when to use insurance to transfer IT risk.
- be able to critically evaluate IT security risks in terms of vulnerabilities targeted by hackers and the benefits of using intrusion detection systems, firewalls and vulnerability scanners to reduce risk.