QUESTION
a) Differentiate between the following key terms used in any e-banking security system:
(i) Authentication v/s Authorisation
(ii) Data Confidentiality v/s Data Integrity
(iii) Access control v/s Auditing
b) (i) Outline briefly how biometric systems work and differentiate between physiological biometrics and behavioural biometrics.
(ii) Give TWO examples of each biometric measurement above that can be used to identify a person.
c) (i) E-banking has unique characteristics that may increase an institution's overall risk profile and the level of risks associated with traditional financial services particularly strategic, operational, legal and reputational risks. Outline these unique e-banking characteristics.
(ii) Outline the importance of backup, recovery and business continuity procedures in an e-banking environment.
d) Explain the importance of honeynet and honeypots in the risk assessment phase of security risk management.