1.

Describe four strategies that you could use to minimise the dangers of using social networking
sites to make new friends.
Any four from:

Know how to block and report unwanted users,

Never arrange to meet anyone alone

Always tell an adult first when arranging to meet someone

Always meet in a public place

Avoid inappropriate disclosure of personal data/set privacy settings/Avoid giving email address or phone
number when chatting

Avoid inappropriate disclosure of your own name/Avoid giving your full name

Avoid giving your address

Avoid giving your school name

Avoid displaying a picture in school uniform

Do not display pictures taken at home/Do not display pictures taken of the school with the name
attached/Do not send pictures/videos of yourself to strangers

Ensure that the person you are befriending has very secure privacy settings

Check profiles before contacting people

Verify person’s contact details with other trusted people/friends

2. Complete the following sentences.

The action of sending emails to fraudulently obtain another person’s bank details is called

(a) .......................................................Phishing....................................................... [1]

The action of illegally installing malicious code which redirects a person to a fraudulent website with
the purpose of obtaining that person’s bank details is called
(b) ....................................................Pharming.................................................................... [1]

(c) Unsolicited bulk emails are

called ................................................Spam.............................................................................. [1]

The action of sending text messages to fraudulently obtain another person’s bank details is called
(d) .....................................................Smishing..................................................................... [1]

3. John is working on a school History project and saves his work. He is told by one of his teachers
that the school network has been infected by a computer virus.
 (a) Explain what is meant by a computer virus and give examples of how a computer virus can affect
a computer.
Max two from:
A virus is a piece of software/program code that infects a computer
…attaches itself to files
…and has the ability to replicate itself.

Max three from:

Causes computer to crash/shut down It can delete/corrupt data/files
Causes the computer operations to run slowly/become unusable
Makes software/OS unusable
Fills up the computer memory/hard disk
Can corrupt/erase contents of hard disk

(b) John copies his History project from the school network onto his home computer using a pen
drive. There are many ways his home computer can become infected by a computer virus.
Describe three ways in which John could protect his home computer from being infected.

Three from:
Scan the pen-drive as it is inserted into his computer
Use an anti-virus software to scan his computer hard drive
Do not use media from an unknown source
Install/download up-to-date anti-virus software and activate/update anti-virus software/use up-
to-date antivirus

( c) The computer virus has attached itself to a file that John does not want to delete. Describe what
John should do to remove the threat of the computer virus infecting other files

Two from:
Identify the virus using anti-virus software/scan the file
Option given to delete or quarantine the file
Software quarantines the virus infected file so the virus cannot be activated
Delete the virus/clean/disinfect the file
Check the quarantined file to see if it is safe to open

4. A teacher is allowing her students to use the internet, including emails, to find information for a
Geography project.
(a) Describe three strategies that students should use to stay safe when on the World Wide Web.

Three from:
Only use websites recommended by the teacher
Only use websites ending in .gov, .ac, .org, .edu
Use a learner friendly search engine
Use appropriate search conditions
(b) Describe three strategies that students should use to stay safe when sending and receiving
emails.

Three from:
Only email people already known to you/do not reply to spam emails
Think before opening an email from an unknown person
Never email the school’s name
Never use personal details in emails
Never send a picture of the student in school uniform
Only use contact us from a known website
Scan all attachments before downloading them/do not open attachments from unknown people
Check the email address is correct before sending
Check the content of the email before sending

5. There are several security issues surrounding the use of smartphones. These include smishing
and pharming.
(a) Describe different security measures that can be put into place to stop smishing or
pharming attacks.
Smishing
One from:
Never text back to unknown sender
Never respond to any of these types of texts
Never click on any links within the text message
Never give out personal information in a text
Don’t allow your mobile phone number to be included in call lists
Blocking unfamiliar texters/numbers [1]

Pharming:
One from:
Use up to date anti-virus/anti-pharming/anti-spyware software
Check address bar for strange web addresses
Keeping DNS servers patched and up to date
Use up to date firewall services on DNS servers

(b) Cookies are sometimes seen as a security threat when in reality they are only a nuisance.
Explain, using an example, what cookies are and why they are important to companies.

One from:
A small text file sent/downloaded to a user’s web browser when they visit a web site [1]
Two from:
Store information about the visit and are used the next time the user visits the site
Remember the user’s details
Remember the user’s preferences
Remember items a user bought
 Remember passwords
Remember what they searched for
Target products
Offers a tailored experience for users

6. Sukhjit has just discovered a large amount of spam emails in her inbox and is worried it may be a
phishing attempt.
(a) Explain some other dangers of opening spam emails.
Any three from:
Spam email may contain viruses/spyware/malware/key loggers…
… an example of what viruses/spyware/malware/key loggers/pharming can do
If you open and reply to spam emails then the spammer knows the email address is active
Spam can fill up the inbox
(b) Spam is sometimes associated with phishing emails.
Describe how Sukhjit would recognise a phishing email

Any four from:

Check the name of sender matches the content of the email
Check any URL link matches the content of the email
Might contain grammar/spelling mistakes
Check plain text
Check the message is not an image
Check if the message is asking for personal information
Might contain unexpected attachments
Urgent/too good to be true
Not address the user by name/generic name used
Might be in your SPAM emails/alerted by service provided

7. Dhanesh has accidentally downloaded a file containing a virus.

(a) Describe the possible effects on Dhanesh’s computer system if he opens the file.

Any two from:

Replicates itself and can fill the computer’s memory/hard disc with unwanted data
Can communicate with other systems
Causes computer to crash It can delete/corrupt data
Causes the computer operations/system/processes to run slowly/become unusable Makes
software/OS unusable
Can corrupt/erase contents of hard disc

(b) Describe how Dhanesh can help prevent his computer from downloading viruses from the
internet.

Any three from:

Run up to date anti-virus software/Install anti-virus software
 Do not download files/attachments from email addresses that you do not recognise
Do not download files/games/software from untrusted/unfamiliar website
Scan all emails before opening
Check/scan attachments to emails for viruses
Avoid opening spam emails

8. Key-loggers are thought to be security risks but they can be used to monitor and track the use of
employees on a computer system.
(a) Describe how a key-logger monitors computer usage.

Any two from:

− A key-logger records the key strokes of a person using the computer
− Transfers / transmits the data back to the supervisor / manager
− The supervisor can then monitor what the employee has been doing / how hard they
have been working

(b) A small minority of employees in a company have been using the computers for non-
business use, so the company has had to introduce other methods of monitoring their use of
ICT.
Apart from key-logging list three other ways that employees could be monitored in their use
of ICT.

Any three from:

− Monitoring phone call usage
− Monitoring emails
− Monitoring the time spent on and websites visited
− Monitoring the use of printers / number of copies
− Monitoring where employees log in / log out
− Monitoring when employees log in / log out
− Monitoring failed log ins
− Monitor the amount of storage space used
− Monitoring where they send data to print

9. Describe how security can be improved in a WiFi network

Any two from:

Secure the wireless router/network with a strong password
Do not broadcast the wifi security key/SSID Enable WPA encryption
Disable remote administration to the router
Enable user management
Change from the default SSID
Use MAC address filtering/change the router IP address
Use wireless security software
10. Discuss the effectiveness of different methods which could be used to prevent unauthorised
access to a laptop computer

Examples of reliability of methods

User id and Password will…
…prevent users who do not know the password from gaining access
…will reject users who try to guess passwords (usually after 3 attempts)
Strong passwords using a mixture of alphabetic, alphanumeric and special characters…
…will be difficult to guess
Biometrics are unique and are almost impossible to duplicate…
…only the user who has those characteristics can access the laptop
Using biometrics means that passwords don’t have to be remembered
Laptops can now come with fingerprint scanner
Laptops can have built in retina identification

Examples of lack of reliability

Strong passwords can be difficult to remember
…can be easily forgotten
…can be easily disclosed to any user
Software for retina scan can malfunction
User can have fingerprints affected by injury/cut on a finger
Laptops with this technology tend to cost more
Low cost fingerprint technology tends to be inaccurate
Fingerprints can be copied by expert thieves

To be marked as a level of response:

Level 3 (7–8 marks)
Candidates will describe in detail the reliability and unreliability of at least two methods of
preventing unauthorised access to data. Examples will be given and will be appropriate. The
information will be relevant, clear, organised and presented in a structured and coherent
format. Specialist terms will be used correctly and appropriately.
Level 2 (4–6 marks)
Candidates will describe the reliability or otherwise of methods of preventing unauthorised
access to data. For the most part, the information will be relevant and presented in a structured
and coherent format. Examples will be given and will be mostly appropriate. Specialist terms will
be used appropriately and for the most part correctly.
Level 1 (1–3 marks)
Candidates will identify some of the methods of preventing unauthorised access to data.
Answers may be in the form of a list. There will be little or no use of specialist terms. Errors of
grammar, punctuation and spelling may be intrusive.
Level 0 [0 marks]
Response with no valid content