IGCSE Chapter8 Handout
IGCSE Chapter8 Handout
FOR
CHAPTER 8
SECURITY
AND
ETHICS
Past questions
© UCLES 2015 -2020
Page | 0
1 Choose six correct terms from the following list to complete the spaces in the paragraphs
below:
• encryption
• file name
• firewall
• HTML tags/text
• IP address
• protocol
• proxy server
• SSL certificate
• web server name
A user enters a URL. The web browser breaks up the URL into three components:
1 ........................................................
2 ........................................................
3 ........................................................
The web browser reads the ............................................................ from the selected page and
used between the computer and web server; this device uses a cache to store the website home
Page | 1
2 (a) Viruses, pharming and phishing are all examples of potential Internet security
Virus .........................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
Pharming ..................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
Phishing ....................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
[6]
(b) An online bank requires a client to supply an 8-digit code each time they wish to access their
account on the bank’s website.
(i) Explain why the bank has chosen to use this method of entering the 8 digits.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
[2]
Page | 2
(ii) Name and describe another measure that the bank could introduce to improve the
security of their website.
Name .................................................................................................................................
Description ........................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
[2]
Page | 3
3 (a) Four statements about cookies are shown in the table
(b) Five descriptions and five security issues are shown below.
[4]
Page | 4
4 (a) State what is meant by the term SSL.
...................................................................................................................................................
...................................................................................................................................................
...............................................................................................................................................[1]
(b) The following stages take place when a user wishes to access a secure website.
Put each stage in sequence by writing the numbers 1 to 6 in the column on the right. The
first one has been done for you.
Sequence
Stage
number
the encrypted data is then shared securely between the web browser
and the web server
the web server sends the web browser a copy of its SSL certificate
the web server will then send back some form of acknowledgement to
allow the SSL encrypted session to begin
Page | 5
5 Five computing terms are described below.
Software that anyone can download for free from the Internet
and then use without having to pay any fees. The usual
copyright laws apply and a user license is important.
................................................
Software that gives the user the chance to try it out free of
charge before actually buying it. The software is subject to the
usual copyright laws. As a rule, not all the features found in
the full version are available at this stage.
................................................
Page | 6
6 Some software can be described as free, freeware or shareware.
Tick (✓) the appropriate boxes in the table below to show which features apply to these three
types of software.
[3]
Page | 7
7 Secure socket layer (SSL) is used in the security of information on Internet websites.
State how it is possible for a user to know that a website is secure by looking at the web
address.
...................................................................................................................................................
...............................................................................................................................................[1]
(b) Describe three of the stages a web browser goes through to detect whether a website is
secure.
1 ...............................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
2 ...............................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
3 ...............................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
[3]
Page | 8
8 A bank offers an online service to its customers. The bank has developed a “SafeToUse” system
that asks each customer to enter four randomly chosen characters from their password each time
they log in.
The customer selects these four characters from drop-down boxes. For example:
nd
Please select the 2 character
th
5 character
th
6 character
th
8 character
(a) (i) Explain why it is more secure to use drop-down boxes rather than entering characters
using a keyboard.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
.......................................................................................................................................[2]
(ii) Give a reason why the system asks for four characters chosen at random.
...........................................................................................................................................
.......................................................................................................................................[1]
1 ...............................................................................................................................................
2 ...............................................................................................................................................
[2]
Page | 9
9 Six security issues and six descriptions are shown below.
[5]
Page | 10
10 (a) Five statements and three types of software are shown below.
Draw lines to connect each statement with the correct type of software.
Free software
Shareware
[3]
Page | 11
(b) Describe three ethical issues that should be considered when using computers.
1 ................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
2 ................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
3 ................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
[3]
Viruses: .....................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
Pharming: .................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
Spyware: ...................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
[6]
Page | 12
(d) Describe three tasks carried out by a firewall.
1 ................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
2 ................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
3 ................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
[3]
Page | 13
11 Six security terms and six statements are listed below.
Draw a line to match the security term with the most appropriate statement.
[5]
Page | 14
Page | 15
12 A company has a number of offices around the world.
Data is transmitted between the offices over the Internet. In order to keep the data safe the
company is using Secure Socket Layer (SSL) protocol and a firewall at each office.
Explain how SSL protocol and a firewall will keep the company’s data safe.
...................................................................................................................................................
...................................................................................................................................................
Firewall .....................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
[4]
(b) A company stores personal details of its customers on a computer system behind a
firewall. Explain, with reasons, what else the company should do to keep this data safe.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...............................................................................................................................................[6]
Page | 16
(c) When a customer enters the website, a message is displayed:
“RockICT makes use of cookies. By continuing to browse you are agreeing to our use of
cookies.”
Explain why the music company uses cookies.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
[2]
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
[4]
Page | 17
13 (a) Selma has some important personal information that she needs to email to her employer. She
wants to make sure that if the personal information is intercepted, it cannot be understood.
State how Selma could email her personal data more securely.
...................................................................................................................................... [1]
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...................................................................................................................................... [5]
Page | 18
14 Three security issues that could affect users online are phishing, pharming and
Phishing ...........................................................................................................................................
..........................................................................................................................................................
..........................................................................................................................................................
..........................................................................................................................................................
Pharming ..........................................................................................................................................
..........................................................................................................................................................
..........................................................................................................................................................
..........................................................................................................................................................
Spam ................................................................................................................................................
..........................................................................................................................................................
..........................................................................................................................................................
..........................................................................................................................................................
[6]
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...................................................................................................................................... [2]
(ii) Explain one method that could be used to increase the level of security provided by the
encryption.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...................................................................................................................................... [2]
Page | 19
15 (a) Lola is concerned about the risks to her computer when using the Internet.
She wants to use some security methods to help protect her computer from the risks.
Identify a security method she could use for each of the following risks. Each security
method must be different.
Describe how each security method will help protect Lola’s computer.
Description ........................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
[3]
(ii) Hacking
Description ........................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
[3]
(iii) Spyware
Description ........................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
[3]
Page | 20
(b) Lola is also concerned that the data she stores could be subject to accidental damage or
accidental loss.
(i) State three ways that the data Lola stores could be accidentally damaged or
accidentally lost.
1 ........................................................................................................................................
...........................................................................................................................................
2 ........................................................................................................................................
...........................................................................................................................................
3 ........................................................................................................................................
...........................................................................................................................................
[3]
(ii) Give two methods that Lola could use to help keep her data safe from accidental
damage or accidental loss.
1 ........................................................................................................................................
...........................................................................................................................................
2 ........................................................................................................................................
...........................................................................................................................................
[2]
Page | 21
16 A law company holds a lot of sensitive data about its clients.
Improvement 1 ..........................................................................................................................
...................................................................................................................................................
Explanation ...............................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
Improvement 2 ..........................................................................................................................
...................................................................................................................................................
Explanation ...............................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
[4]
Page | 22
17 An art gallery has a website that is used to display and sell art.
The gallery uses Secure Socket Layer (SSL) to provide a secure connection when selling
art. Describe the process of SSL and how it provides a secure connection.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [6]
True False
Statement
(3) (3)
Page | 23
(c) The art gallery is concerned about computer ethics relating to its website.
Explain what is meant by computer ethics and why the art gallery is concerned about
computer ethics.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [4]
Page | 24
18 A music company wants to send a new music file to many radio stations. It will send the music
file the day before the release date so that the radio stations can store the file ready for release.
The music company does not want the radio stations to be able to open the music file until 09:00
on the release date.
Identify two security measures and describe how each measure can be used to make sure the
music file cannot be opened until the release date.
Security measure 1 ..........................................................................................................................
Description .......................................................................................................................................
..........................................................................................................................................................
..........................................................................................................................................................
Description .......................................................................................................................................
..........................................................................................................................................................
..........................................................................................................................................................
[4]
Page | 25
19 Priya creates a website to sell her old comic books and superhero figures.
True False
Statement
(✓) (✓)
Cookies can be used to store a customer’s credit card details
Cookies can be used to track the items a customer has viewed on a website
[5]
To transmit the website data to the webserver she uses parallel duplex data
transmission. Describe how data is transmitted using parallel duplex data transmission.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [4]
...................................................................................................................................................
............................................................................................................................................. [1]
Page | 26
(e) Priya is concerned about a denial of service attack (DoS) occurring on her webserver.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
..................................................................................................................................... [4]
(ii) Give one security device that can be used to help prevent a denial of service attack.
..................................................................................................................................... [1]
Page | 27
20 When customers access Victoria’s website they will be given the message:
This website uses cookies. An explanation of their purpose can be found in our cookies policy.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
..................................................................................................................................... [2]
(ii) Explain why Victoria would use cookies as part of her website.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
..................................................................................................................................... [4]
Page | 28
21 A finance company is concerned that its employees are being distracted by using gaming
websites at work.
Explain how a firewall could help prevent this distraction.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [4]
(b) The finance company is also worried about the security of the data stored on its servers.
The company has decided to encrypt the data to improve the security.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [4]
Page | 29
(c) The finance company realises that its computer systems have been hacked.
The company thinks that spyware was used to obtain a user’s password.
Explain how spyware could have been used to obtain the user’s password.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [6]
(b) All modern smartphones can be secured with a biometric system that is built into the phone.
(i) Identify two biometric systems that would be suitable for securing a smartphone.
...........................................................................................................................................
..................................................................................................................................... [2]
(ii) Explain why modern smartphones are secured with a biometric system.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
..................................................................................................................................... [2]
Page | 30
22 Hans has a website selling comic books. Customers can create an account to buy the comic
books.
Customers may worry about keylogging software being used to gain unauthorised access to
their account.
(i) Describe how keylogging software can be used to gain unauthorised access to a
customer’s account.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
..................................................................................................................................... [4]
(ii) Identify a feature that Hans can add to the website to limit the threat of keylogging
software.
..................................................................................................................................... [1]
(b) Hans makes sure data transmission for his website is secure.
(i) State how customers can check that the personal details they enter into the website will
be transmitted securely.
...........................................................................................................................................
..................................................................................................................................... [1]
(ii) Explain how a customer’s browser checks that the website is secure.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
..................................................................................................................................... [4]
Page | 31
23 A company collects and stores data about its customers. The data is stored on a server in the
company’s office.
The data is encrypted using symmetric encryption before it is sent to the cloud storage.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [4]
(b) Give three other methods that can be used to secure the data in the office.
Method 1 ...................................................................................................................................
...................................................................................................................................................
Method 2 ...................................................................................................................................
...................................................................................................................................................
Method 3 ...................................................................................................................................
...................................................................................................................................................
[3]
Page | 32
24 Meena buys products for her business using the Internet.
The Transport Layer Security (TLS) protocol is used for transferring data when she buys
products.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
..................................................................................................................................... [2]
..................................................................................................................................... [1]
(iii) Identify another protocol that can be used to transfer data securely.
..................................................................................................................................... [1]
The browser uses a small file to store the details of the products she views. This allows the
website to display advertisements for other products she may like.
............................................................................................................................................. [1]
Page | 33
25 Uma is concerned about risks that she may encounter when using the Internet.
Two of the risks she is concerned about are phishing and pharming.
Give one similarity and two differences between phishing and pharming.
Similarity ...................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
Difference 1 ..............................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
Difference 2 ..............................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
[3]
(b) Identify two other risks that Uma could encounter when using the Internet.
Risk 1 ........................................................................................................................................
Risk 2 ........................................................................................................................................
[2]
(c) Uma uses a firewall to secure the data on her computer.
(i) Uma tells her friend that a firewall can only be software-based.
Correct
Incorrect
[1]
(ii) Describe how the firewall helps to keep Uma’s data secure.
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
..................................................................................................................................... [4]
Page | 34
26 Thomas has an online business that sells homemade furniture. He has a web server that hosts
his website for his business.
Thomas is worried about a denial of service (DoS) attack on his web server. Describe what
happens in a denial of service attack.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [3]
Page | 35
27 Edie uses a firewall to help prevent her children from accessing websites that she does not want
them to see.
Describe how the firewall helps prevent her children from accessing these websites.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [4]
(b) Edie is concerned that her children may download a virus when accessing websites.
State what is meant by a virus and explain what could happen if a virus was downloaded.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [3]
(i) Give two ways that her children can identify if a website is secure.
1 ........................................................................................................................................
2 ........................................................................................................................................
[2]
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
..................................................................................................................................... [4]
Page | 36
28 Clive has a laptop computer that he uses for his business. He enters a username and password
to log in to his laptop.
Clive is worried about spyware being used to find out his username and password.
Describe how spyware could be used to find out Clive’s username and password.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [4]
(b) The threat of spyware makes Clive concerned about typing a password to log in to his
laptop. Give an example of how Clive could log in securely without typing a password.
............................................................................................................................................. [1]
Page | 37