Exam style questions
Download a pdf version of the test
Use the space below each question or a pen and paper to write your answer. When complete click the button for the answer and mark scheme.
NOTE: Answers typed into the browser will not be retained if you leave the page or refresh
Questions
Explain what pharming is. (2 marks)
Pharming is where a hacker edits the DNS lookup to send users to a fake site that looks like the site they really wanted.(1) This is then used to gather the personal details of the user.(1)
Explain what is meant by weak and default passwords and the risk they present. (3 marks)
Default passwords are ones that are assigned automatically. Lists of these may be available online.(1)
Weak passwords are ones that are easily cracked.(1)
Both of these present the risk of an intruder gaining access to the network where they may steal data or do further damage.(1)
Explain the risk posed by misconfigured access rights (2 marks)
If a user gets given more permission than they should have they may view or copy data they shouldn't be able to see(1) or install malware or do other damage.(1)
SecureTech is a company that provides white box penetration testing services. Explain how the service they would provide their clients (3 marks)
They would get some basic information about and credentials for the system from the client.(1) They woud use this information to attempt to get access to sensitive parts of the network.(1) Then report back their findings
to the client so they can improve their security.(1)
Explain what phishing is and give two signs you can use to help spot phishing. (4 marks)
Phishing is when a large number of emails or text messages are sent to random people(1) in an attempt to get them to give up personal iformation or download malware.(1) Signs that an email message may be phishing:
strange senders address; bad spelling and grammar; request for personal info or to download something; not addressed personally; seeks a quick response. Any two for 1 mark each. Allow reasonable alternatives.
Explain what blagging is. (2 marks)
Blagging is the act of creating and using an invented scenario to engage a targeted victim(1) in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances.(1)
Explain the similarities and differences between trojans and viruses (3 marks)
Both are forms of malware.(1) Viruses self replicate and trojans don't.(1) Trojans provide a back door to access your computer or network but viruses do not.(1)
Explain what a CAPTCHA is and why they exist and give an example of how one might work. (3 marks)
A test that checks whether a user is human.(1) They exist to prevent DDOS attacks where people program bots to flood a website with traffic.(1) You might be asked to identify a word that is written strangely or select all the bicycles or traffic lights from a picture.(1)
Explain how biometrics can be used to secure devices like phones. (3 marks)
Biometrics is the use of physical attributes to identify people.(1) Devices can be secured with a thumbprint, voiceprint, or faceid(1) and when someone goes to use it another scan is taken and compared to the one held on file.(1)
Any 8 points