1 - Theory of Computer Science / 1.4 Security
|
|
Exam Questions - 1.4 Security
Example Question 1
Reveal Answers
6
(a) Question 6 (a) asks you to explain what is meant by three security terms. The question is worth 6 marks but only two marks can be giver for each term.
Answers
(a) Question 6 (a) asks you to explain what is meant by three security terms. The question is worth 6 marks but only two marks can be giver for each term.
Answers
Virus
Any two from
Any two from
Any two from
Any two from
- Program / software that replicates / copies itself
- Can delete or alter files / data stored on a computer
- Can make the computer "crash" / run slow
Any two from
- Malicious code / software installed on a user's hard drive / actual web server
- This code redirects user to a fake website (without their knowledge)
- To obtain personal / financial information / data
Any two from
- Legitimate-looking emails sent to a user
- As soon as recipient opens/clicks on the link in the email / attachment
- ...The user is directed to a fake website (without their knowledge)
- To obtain personal / financial information / data
Example Question 2
Example Question 3
Reveal Answers
9
(a)
Question 9 (a) Asks you to explain what a denial of service attack is. The question is worth 2 marks so you will need to make at least 2 points.
The following points are worth 1 mark each (Max 2)
Answer
(b)
Part (b) of question 9 asks you to give and explain two other threats when using the internet. You must remember to explain the threats that you give as there is 1 mark available for the name and 1 mark for the description.
Answers
Viruses
Hacking / Cracking
Phishing
Pharming
Spyware / Key logger
(a)
Question 9 (a) Asks you to explain what a denial of service attack is. The question is worth 2 marks so you will need to make at least 2 points.
The following points are worth 1 mark each (Max 2)
Answer
- A large number of requests are sent to the network / server all at once
- Designed to flood a network / server with useless traffic / requests
- The network / server will come to a halt / stop trying to deal with all the traffic / requests
- Prevents users from gaining access to a website / server
(b)
Part (b) of question 9 asks you to give and explain two other threats when using the internet. You must remember to explain the threats that you give as there is 1 mark available for the name and 1 mark for the description.
Answers
Viruses
- Software that replicates
- Causes loss / corruption of data // computer may "crash" / run slow
Hacking / Cracking
- Illegal / unauthorized access to a system / data
Phishing
- A link/ attachment sends user to a fake website (where personal data may be obtained
Pharming
- Malicious code installed on user's hard drive / computer
- User is redirected to a fake website (where personal data may be obtained)
Spyware / Key logger
- Send / relay key strokes to a third party
Example Question 4
Example Question 5
Reveal Answers
8
(a) Question 8 (a) asks for a description of how SSL and Firewalls can help to keep a companies data safe. There are 4 marks available here. 2 marks can be given for SSL and 2 marks can be given for Firewall points.
Answers
SSL Protocol
Two points from
Firewall
Two points from
(b)
Part (b) requires you to identify methods otherthan a firewall that a company can use to keep their data safe:
Answers
(a) Question 8 (a) asks for a description of how SSL and Firewalls can help to keep a companies data safe. There are 4 marks available here. 2 marks can be given for SSL and 2 marks can be given for Firewall points.
Answers
SSL Protocol
Two points from
- Uses encryption
- Encryption is asymmetric / symmetric . both
- makes use of (public and private) keys
- Data is meaningless (Without decryption key)
Firewall
Two points from
- Helps prevent unauthorized access // helps prevent hacking
- Checks that data meets criteria
- Acts as a filter for incoming and outgoing data // blocks any unacceptable data
(b)
Part (b) requires you to identify methods otherthan a firewall that a company can use to keep their data safe:
Answers
Example Question 6
Example Question 7
Reveal Answers
8
(a) Question 8 (a) Asks you to list three different ways that data could accidentally be damaged.
Each of the following points would be worth 1 mark (max 3)
Answers
(b) Question 8 (b) asks you to list 3 other applications that make use of SSL.
Each of the following points would be worth 1 mark (max 3)
Answers
(a) Question 8 (a) Asks you to list three different ways that data could accidentally be damaged.
Each of the following points would be worth 1 mark (max 3)
Answers
- Human error e.g deleting / overwriting
- Physical Damage
- Power faliure / surge
- Hardware faliure
- Software crashing
(b) Question 8 (b) asks you to list 3 other applications that make use of SSL.
Each of the following points would be worth 1 mark (max 3)
Answers
- Online shopping // Online payment systems // online booking
- Email
- Cloud based storage
- Intranet / extranet
- VPN
- voIP // voice conferencing
- Instant messaging // social networking // online gaming
Example Question 8
Reveal Answers
(c) Question (c) asks you to identify and describe three other ways that online banking is made safer. You must remember to explain each point if you wish to gain full marks. 1 mark is awarded for the method and 1 mark is awarded for the description.
Answers
Strong password
Biometric device
TLS // Encryption
Authentication (card reader at home) / Mobile security code / two - step verification
Use of drop down boxes
Proxy server
Answers
Strong password
- To make it difficult to hack an account
Biometric device
- To use data that is difficult to fake as a password
TLS // Encryption
- To make data meaningless if intercepted
- To encrypt data that is exchanged (TLS only)
- More secure than SSL (TLS only)
- To help prevent unauthorised access to an account
- Blocks any requests that do not meet / match the criteria
Authentication (card reader at home) / Mobile security code / two - step verification
- To add another level of identification
Use of drop down boxes
- So key loggers cannot record the key presses
Proxy server
- To divert attack away from the main system
Example Question 9
Reveal Answers
4
(a) Question 4 (a) Asks for a description of Phishing and Pharming. The whole question is worth 4 marks so 2 points should be given for each term.
Answers
Phishing
(b) Part (b) asks you to list 2 other security threats. Each of the following points would be worth 1 mark (Max 2)
Answers
(c) Part (c) asks you to list two methods to proect your online systems. Each of the following points would be worth 1 mark (Max 2)
Answers
(a) Question 4 (a) Asks for a description of Phishing and Pharming. The whole question is worth 4 marks so 2 points should be given for each term.
Answers
Phishing
- A Legitimate looking email is sent to a user
- The email will encourage the user to click a link / open an attachment
- The link will redirect a user to a legitimate looking web page (To steal personal info)
- A Malicious code is installed on a user's hard drive / server
- The code will cause a redirection to a legitimate looking web page (To steal personal info)
(b) Part (b) asks you to list 2 other security threats. Each of the following points would be worth 1 mark (Max 2)
Answers
- Hacking
- Cracking
- Virus
- Denial of Service
- Malware
- Spyware
(c) Part (c) asks you to list two methods to proect your online systems. Each of the following points would be worth 1 mark (Max 2)
Answers
- Firewall
- Proxy Server
- Anti-virus
- Anti-malware
- Anti-spyware
- Username and password