Announcements Last Post
Announcement SoC Curricula 09/30/2017 01:08PM
Announcement Demarcation or scoping of examinations and assessment 02/13/2017 07:59AM
Announcement School of Computing Short Learning Programmes 11/24/2014 08:37AM
Announcement Unisa contact information 07/28/2011 01:28PM
Exam paper
January 21, 2012 11:50AM
This exam was more than I could have handled.confused smiley Some of the questions I couldn't even write a decint answer. I have manage to scrap enough marks together that can qualify for a pass.

Just to make sure, I'm busy checking up a few of the questions asked that were too weird to be true. In particular, the one question, regarding physical security, I have a problem with. The only section in the prescribed book that handles the topic is section 8.4, which is marked "read" in tut 101. According to the exam tut, quoting "as stipulated in tutorial letter 101 section 4, the sections marked as “read” are important background knowledge, but you will not be examined on these sections i.e. there will be no questions on the sections marked as “read” in the exam."

We are talking about 10 marks, too much to throw away. I think I'm going to contact the lecturer on Monday just to make sure.

Then the other weird ones: "the underpinnings of a trusted operating system." What de hell did they mean by that?! And then, I cannot remember the question correctly, but I think it was concerned about the "vulnerabilities of an operating system." or something. Also trying to make sense of that one.
Re: Exam paper
January 21, 2012 02:13PM
It looks like a number of students feel the same about this question (there's a topic in the Unisa discussion forum). It had me stumped too, lol.
avatar Re: Exam paper
January 21, 2012 03:52PM
The underpinnings of a trusted operating system was a bit of a cheap shot. It was wanting the information on pg 243.

The vulnerabilities in programming was also in a "READ ONLY" section.

I felt we got screwed in every angle on this subject.
1. Poor communication from the lecturer regarding exam material (he said learn everything. Most lecturers say this, but can give pointers).
2. No official assignment solutions (just student submitted answers. The solution to assignment 2 in particular, I found a many errors)
3. Putting sections explicitly stated that werent to be in the exam, in the exam (the one solid piece of info given about the exam was false)
4. The sheer volume of the material, and no two exam papers being the same, meant we had to study everything.
Re: Exam paper
January 26, 2012 09:10AM
@Ivan: the underpinnings question also threw me (although there is information on it in the textbook). I emailed Mr. Dembskey the questions outside the syllabus and he said he'd mark appropriately. I am hoping this means that we will be penalized for those questions and that it applies to all students across the board.

@SCag: The fact that I found the COS408D (data structures and algorithms) exam easier thatn INF431L is saying something! The volume of work also caught me. It me to leave out some sections when studying for exams. sad smiley Thankfully the textbook itself was awesome. smiling smiley I think my assignment 1 was used as the solution. I hope it was up to scratch.
avatar Re: Exam paper
January 26, 2012 05:42PM
@Hack--it: Your assignment 1 solutions were indeed, up to scratch. You did a good job there.
However, I disagree about the textbook. I found there to be a few omissions from the textbook that really should be in a post grad text book. It was too broad in scope.

In truth, I think they should actually split this subject into two. A COS version, and an INF version. The COS version will be all about security programming, perhaps code a basic virus, the theory and a bit of application of programming security.
The INF version, more theory like it currently is. With some application of some of the concepts. Perhaps some penetration testing. Not just the classes of vulnerabilities, but the vulnerabilities themselves (this section was omitted from our syllabis. We did not even have to read it.)
Re: Exam paper
January 30, 2012 11:00AM
@SCag: I think splitting the subject would have been great. I agree that it did feel like a-bit-of-everything. It would have been great if there were subjects focusing on particular areas in security e.g. intrusion detection with more in-depth focus.

Hehe I'm biased concerning the text book. smiling smiley Started an affair of sorts with security a year or so ago and never looked back.
avatar Re: Exam paper
January 30, 2012 11:58AM
I am also passionate about security. Started my security blog a few months back. Which is how a spotted relevant omissions. The INF subject would be stuff that a security professional would need to know, such as intrusion detection. Removing the programming security stuff will leave enough room to go in to those sections in greater detail(although they too need to know how viruses work, eg. in penetration testing). The COS subject would be stuff a programmer needs to know when programming secure systems.

It gets a bit silly when the computer networks subject (COS430) went into far more detail about security than INF431 did.
Re: Exam paper
January 30, 2012 01:13PM
Security is these days a very important concept, and the sad part is that you must do honours to get acedemic exposure in this field for the very first time. You only receive a broad set of definitions of everything. I'm not yet an expert in this field, but I also feel it can expand seriously to really cover the topic from both sides. i.e splitting it into INF and COS modules. It's sad that you pick up more security stuff in COS430 (from a TCP/IP suite perspective), than from this module. After doing this moduling I still have no idea about some detailed inner workings of Intrustion Dection Systems, just to give an example.
avatar Re: Exam paper
January 30, 2012 01:43PM
Quote

from a TCP/IP suite perspective
While this is the reason for the security section in COS430, for the most part, most of it is straight up security, not necessarily anything to do with networking. The sections in INF431 mentioned briefly what some things were, and the basics of how they work (if even that). The equivalent sections in COS430 covered in detail how they work.

Quote

you must do honours to get acedemic exposure in this field for the very first time
And unfortunately, will not help you get a job in the field either. All security jobs require a combination of experience and industry certifications.
Re: Exam paper
January 31, 2012 11:20AM
And then COS430 got dropped. I'm still upset about that... On that note, which COS subjects are a good fit for security? I'm looking at the machine learning or ontology engineering as potential subjects to take along with my INF subjects this year. Would have taken formal logic then logic-based reasoning but their exams times clash with INF subjects.
avatar Re: Exam paper
January 31, 2012 11:53AM
I was surprised that COS430 was dropped, networking is important and is directly applicable in work environment. Most of the other subjects are not really.
Ontology engineering would probably be a good fit for security. Other than that, anything that has programming. But if you are wanting to get in to security, you should look at doing industry certifications.

I am currently learning for EC councils CEH, and will eventually work towards CISSP
Sorry, only registered users may post in this forum.

Click here to login