12 - Past Paper Simulation -System Security(I)#1

 1. This is when an attacker types in all possible passwords and passphrases until the correct one is found.(1 mark)

 2. This is known as a way of overloading a website with unwanted traffic. (1 mark)

 3. Staff in a big medical research company use strong passwords to protect systems. Explain, with reference to system security, three other ways that the surgery could protect the system and ensure patient data is safe (6 marks)

 4. Javan has chosen the password "jav" for ease of remembering. Explain why this is not suitable and suggest alternatives (2 marks)

 5. A private college centre stores student and research data on the network. The college is concerned about the security of their data. Identify three errors that college staff could make (to endanger security) and what could be done to prevent it? (6 marks)

 6. An extremely succesfull football-coaching company has set up all its computers in a local area network (LAN). Explain two measures that the company will need to ensure the security of the network (2 marks)

 7. A top security company is creating a power point that will outline the top four things that any company,school or organisation can do to ensure that they are keeping their systems secure. Can you state these four things in your answer (4 marks)

 8. Security on a computer can be provided directly by the operating system or by using utility programs. Give an example of an operating system (1 mark)

 9. What is a utility program? Give one example of a utility program that could be used for security. (2 marks)

 10. Identify and describe two methods by which the operating system can provide additional security directly. (2 marks)

 11. This is a form of social engineering which is designed to acquire sensitive information such as username, passwords and card details.(1 mark)

 12. These are rules and also known as a AUP (Acceptable Use Policy) (1 mark)

 13. This is where an attacker can execute malicious (often coded) statements using software which controls a database management system. (1 mark)

 14. Read the excerpt below and fill in the three blanks. Use commas to separate your answers (3 marks)
________________ is watching over a users automated teller machine 
or cash machine and recording their personal identification number.

_________________ is carried out face to face and used believable 
scenarios to trick people into giving up personal information.

_________________:This type of software is also known as malicious

Write your answers for the above fill in the blanks
seperated by commas.

e.g: apple,banana,carrot

 15. This relies on human interaction and commonly involves tricking users into breaking normal security procedures. (1 mark)