Year 9 – Cybersecurity Summative assessment answers

Save a copy

Summative assessment answers

Cybersecurity

1. Which UK law gives you the right to access the data an organisation stores on you?

A. The Freedom of Information Act

B. The Computer Misuse Act
C. The Data Protection Act
D. The Copyright, Designs, and Patents Act

2. When data has been processed and is meaningful, which of these has it become?

A. Information
B. Processed data
C. Identifiable data
D. Profiled

3. What is the purpose of the Data Protection Act?

A. To protect an organisation from hackers

B. To require organisations that store data on people to use it responsibility and
keep it safe
C. To act as a deterrent to cybercriminals who try to steal data on people
D. To prevent cybercriminals from spreading a virus

4. What is social engineering?

A Methods used by cybercriminals to deceive individuals into handing over

information
B. Hacking a system by taking control of someone else's computer
C. Using the computer of someone who has accidently left themselves logged on
D. A malicious attempt to disrupt a server or network by flooding it with internet
traffic

5. You receive an email from an unknown sender asking for money. The sender wants
you to respond to the email. There are no hyperlinks in the email, but it includes unusual
use of English and there are a number of spelling mistakes. What type of social
engineering attempt is this?

A. Shouldering
B. Phishing

Page 1 Last updated: 07-02-20

Year 9 – Cybersecurity Summative assessment answers

Save a copy

C. Spam
D. Blagging

6. Which of the following describes a name generator attack?

A. Software used to randomly create accounts that post to social media

B. Attackers create an online quiz to produce a name; the answers to the quiz
find out key pieces of information that can help them to answer the security
questions protecting people's accounts
C. An attack that makes multiple attempts to guess a username and password
D. A form of identity theft conducted online

7. ‘Gaining unauthorised access to or control of a computer system’ is a definition of

which type of cybercrime?

A. Hacking
B. Viruses
C. Social engineering
D. Phishing

8. What is the term for people who are paid to legally hack into computer systems with
the sole purpose of helping a company identify weaknesses in their system?

A. Ethical hackers
B. Legal hackers
C. Penetration testers (pen testers)
D. System administrators

9. What is the purpose of a DDoS attack?

A. To use multiple computers to flood a network or server with internet traffic in

order to disrupt service
B. To use a single computer to flood a network or server with internet traffic
in order to disrupt service
C. To use multiple computers to infiltrate a network in order to steal data or
to plant a virus
D. To use a single computer to infiltrate a network in order to steal data or to
plant a virus

10. Which of the following passwords would be the best defence against a brute force
attack?

A. peter1£@!

Page 2 Last updated: 07-02-20

Year 9 – Cybersecurity Summative assessment answers

Save a copy

B. Petertherabbit
C. P3tertherabb1t
D. P$tertherabb1t

11. Which one of the following UK laws would a DDoS attack violate?

A. The Freedom of Information Act

B. The Computer Misuse Act
C. The Data Protection Act
D. The Copyright, Designs, and Patents Act

12. Which of the following are types of malware? Tick all that apply.

Trojans

Worms

Anti-virus

Firewall

Ransomware

13. What is the definition of a computer virus?

A. Malicious software that self-replicates

B. Malicious software that disguises itself as something else
C. Malicious software that uses network bandwidth to deliberately disrupt the speed
of the network
D. Malicious software that monitors every keystroke the user makes

14. Which of the following is a method of verifying that a login attempt has been made
by the account owner?

A. CAPTCHA
B. Two-factor authentication
C. Installing a firewall
D. Setting user permissions

15. Software that checks incoming and outgoing traffic on a network to check for
malicious code is known as what?

A. Anti-virus
B. Anti-malware

Page 3 Last updated: 07-02-20

Year 9 – Cybersecurity Summative assessment answers

Save a copy

C. Firewall
D. Two-factor authentication

This resource is available online at ncce.io/cybs-saa. Resources are updated regularly — please check that
you are using the latest version.
This resource is licensed under the Open Government Licence, version 3. For more information on this
licence, see ncce.io/ogl.

Page 4 Last updated: 07-02-20