Define the term cyber security. [2]
Define the term cyber security. [2]
Tap/click to reveal
The {processes / practices / technologies} designed to protect {networks / computers / programs / data} ✓
from {attack / damage / unauthorised access} ✓
Explain how penetration testing can be used to improve a network's cyber security. [2]
Tap/click to reveal
A penetration test can be carried out to identify potential weaknesses in the network's cyber security. ✓
The organisation can then use this information to patch or fix the weaknesses. ✓
State the difference between the two types of penetration test, and explain which one would be more useful to protect against an insider attack. [3]
Tap/click to reveal
In a black-box penetration test, the ethical hacker is not given any information about the network. ✓
In a white-box penetration test, the ethical hacker is given normal access to the network. ✓
Thus a white-box test would be carried out, because in an insider attack the insider knows about the network ✓
Explain how removable media devices could be a potential security threat to a network. [3]
Tap/click to reveal
They allow users to copy malware onto a computer, ✓
which can then spread through the network. ✓
They also allow users to steal data from the network ✓
Explain how phishing emails work. [2]
Tap/click to reveal
Phishing emails are used to trick people into divulging sensitive information, like passwords, ✓
by pretending to be legitimate organisations like the victim's bank. ✓
Explain how a firewall can prevent attacks on a school's network. [2]
Tap/click to reveal
The firewall stops malware and spyware from entering or leaving the network ✓
by inspecting incoming and outgoing packets and blocking anything suspicious. ✓
Suggest two requirements an organisation could impose on passwords to ensure that they are strong. [2]
Tap/click to reveal
Any two from:
• Using a mix of characters (uppercase, lowercase, numbers, symbols) ✓
• Minimum length requirement ✓
• Make the users change their passwords regularly ✓