4) Identify and explain the five essential components of a disaster recovery plan (DRP).(5 marks)

3) Differentiate between the term’s vulnerability, threat, and risk. Provide one example for each to support your answer.(5 marks)

2) Name and explain five types of cyber attackers including examples.(5 marks)

1) Define the term cybersecurity and explain its primary goals.(5 marks)

7) Discuss the role of social engineering in cyber-attacks. Provide examples of techniques used and how users can be trained to identify them.(10 marks)

6) Discuss the importance of regulatory compliance in cybersecurity. Refer to at least two Acts or policies applicable in South Africa.(10 marks)

5) Explain the CIA Triad in detail. Provide examples of how each component may be compromised during a cyber-attack like the SAA incident.(10 marks)

10) Critically discuss the legal, ethical and business implications of the SAA attack.

Focus your response on:

•The Protection of Personal Information Act (POPIA)

•Ethics of data handling

•Customer and stakeholder trust

•National Key Point designation (15 marks)

9) Assume you are the cybersecurity consultant brought in post-incident.

Recommend a comprehensive cybersecurity strategy for SAA that addresses:

• Risk assessment

• Cyber hygiene and awareness

• Network security enhancements

• Incident response improvements

• Regulatory compliance (15 marks)

8) Using the SAA case, analyze the key steps taken by the organization after detecting the attack.

In your answer, refer to:

• The disaster recovery process

• Business continuity measures

• Incident response protocols

• The role of digital forensic investigators  (20 marks)