2 Name each of the potential security issues described in the five statements below:

Statement Security issue

The act of gaining unauthorised access to

a computer system ..................................................................................

Program code that can replicate itself with the

intention of deleting or corrupting files
stored in a computer ..................................................................................

A small file sent by a web server to a web browser;

every time the user visits the website,
data about user preferences is
collected ..................................................................................

The act of illegally changing the source code

of a program so that it can be
exploited for another use ..................................................................................

Malicious code installed on a user’s hard

drive or a web server which redirects
the user to a fake website without their
knowledge ............................................................................ [5]

4 The Henslows Diner is a local restaurant.

The Henslows Diner stores personal data on a computer. This computer is connected to the Internet
to allow the data to be backed up.
There is currently one security method in place to protect the data on the computer from
unauthorised access. This is a password.

Give two other security methods that could be added to improve the security of the data.
Describe how each method will keep the data safe.

Security method 1 .....................................................................................................................................

Description ……………………..................................................................................................................................

Page 1
 …………….....................................................................................................................................................

...................................................................................................................................................................

Security method 2 .....................................................................................................................................

Description ……………………..................................................................................................................................

…………….....................................................................................................................................................

……………................................................................................................................................................ [2]

Q2 2016-Nov,P12

9 (a) Explain what is meant by a denial of service attack.

.........................................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

.................................................................................................................................................... [2]

(b) Name and describe two other potential security threats when using the Internet.

Security threat 1 … … .......................................................................................................................

Description ……………................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

Security threat 2 ……........................................................................................................................

Description ……………................................................................................................................................

……...................................................................................................................................................

.................................................................................................................................................... [4]

Q3 2016-June, P12

8 Security of data is very important.

Three security issues are viruses, pharming and spyware. Explain what is meant by each issue.

Viruses: .....................................................................................................................................................

Page 2
 ...................................................................................................................................................................

...................................................................................................................................................................

...................................................................................................................................................................

Pharming: ................................................................................................................................................

...................................................................................................................................................................

...................................................................................................................................................................

...................................................................................................................................................................

Spyware: ..................................................................................................................................................

...................................................................................................................................................................

...................................................................................................................................................................

............................................................................................................................................................. [6]

(d) Describe three tasks carried out by a firewall.

1 ......................................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

2 ......................................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

3 ......................................................................................................................................................

.........................................................................................................................................................

.................................................................................................................................................... [3]

Q4 2015-Nov, P13

4 (b) The four statements below refer to firewalls and proxy servers.
Study each statement.
Tick (v") the appropriate column(s) to indicate whether the statement refers to a firewall
and/or a proxy server.
Statement Firewall Proxy server

Page 3
 Speeds up access of information from a web server by
using a cache

Filters all Internet traffic coming into and out from a

user’s computer, intranet or private network

Helps to prevent malware, including viruses, from

entering a user’s computer

Keeps a list of undesirable websites and IP addresses

(c) Explain three ways of preventing accidental loss or corruption of data.

1 ......................................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

2 ......................................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

3 ......................................................................................................................................................

.........................................................................................................................................................

.................................................................................................................................................... [6]

10 Choose five correct terms from the following list to complete the spaces in the sentences below:

 cypher text
 encryption algorithm
 encryption key
 firewall
 plain text
 proxy server
 symmetric encryption

....................................................................................... is a security system.

It uses the same ....................................................................... to encrypt and decrypt a message.

Before encryption, the message is called ...................................................................................... .

Page 4
 The ..................................................................................... processes the original message.

The output is known as ........................................................................... [5]

Q5 2015-Nov,P12

1 There are a number of security risks associated with using the Internet.

Name three of these risks. For each, state why it is a risk and describe how the risk can be
minimised.

Security risk 1 ………. ...................................................................................................................................

Why it is a risk ………...................................................................................................................................

...................................................................................................................................................................

...................................................................................................................................................................

How to minimise the risk ..........................................................................................................................

...................................................................................................................................................................

...................................................................................................................................................................

Security risk 2 ………....................................................................................................................................

Why it is a risk ………...................................................................................................................................

...................................................................................................................................................................

...................................................................................................................................................................

How to minimise the risk ..........................................................................................................................

...................................................................................................................................................................

...................................................................................................................................................................

Security risk 3 ………....................................................................................................................................

Why it is a risk ………...................................................................................................................................

...................................................................................................................................................................

...................................................................................................................................................................

How to minimise the risk ..........................................................................................................................

...................................................................................................................................................................

Page 5
 ............................................................................................................................................................. [9]

Q6 2015-June, P12
1 (a) Four statements about cookies are shown in the table below.

Study each statement.

Tick (✓) to show whether the statement is true or false.
Statement True False
they are a form of spyware
they are used only in advertising
they are used to track browser use
they act in the same way as a virus

Page 6
(b) Five descriptions and five security issues are shown below.

Draw a line to connect each description to the correct security issue.

Page 7
4 (a) State what is meant by the term SSL.

……...................................................................................................................................................

.........................................................................................................................................................

....................................................................................................................................................[1]

(b) The following stages take place when a user wishes to access a secure website.

Put each stage in sequence by writing the numbers 1 to 6 in the column on the right. The first
one has been done for you.

equence number
Stage
the encrypted data is then shared securely between the web browser and the
web server

the web browser attempts to connect to a website which is secured by SSL 1

the web server sends the web browser a copy of its SSL certificate

the web browser requests the web server to identify itself

the web server will then send back some form of acknowledgement to allow the
SSL encrypted session to begin

the web browser checks whether the SSL certificate is trustworthy; if it is, then
the web browser sends a message back to the web server

Q7 2015-June, P11

6 (a) Viruses, pharming and phishing are all examples of potential Internet security issues.

Explain what is meant by each of these three terms.

Virus ...............................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

Pharming ………................................................................................................................................

Page 8
 .........................................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

Phishing ..........................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

.................................................................................................................................................... [6]

(b) An online bank requires a client to supply an 8-digit code each time they wish to access their
account on the bank’s website.

Rather than ask the client to use a keyboard, they are requested to use an on-screen keypad
(shown on the right) to input the 8-digit code.
The position of the digits on the keypad can change each time the website is visited.

The client uses a mouse or touch screen to select each of the 8 digits.

2 5 1
(i) Explain why the bank has chosen to use this method of
entering the 8 digits.
6 8 3

9 0 4

...............................................................................................................................................

...............................................................................................................................................

.......................................................................................................................................... [2]

(ii) Name and describe another measure that the bank could introduce to improve the
security of their website.

Name .....................................................................................................................................

Description ...........................................................................................................................

Page 9
...............................................................................................................................................

...............................................................................................................................................

.......................................................................................................................................... [2]

Page 10
Q8 2014-June, P11

4 The diagram below shows a number of descriptions and terms used in computer security.

By drawing arrows, connect the correct description to the computer security term.

Q9 2013-Nov, P13

1 (b) Data being held is often referred to as Personal or Sensitive Personal data.

Give two examples of each type of data.

Personal Data

1 ……………........................................................................................................................................

.........................................................................................................................................................

Page 11
 2 …………...........................................................................................................................................

.........................................................................................................................................................

Sensitive Personal Data

1 ……………........................................................................................................................................

.........................................................................................................................................................

2 …………...........................................................................................................................................

.................................................................................................................................................... [4]

4 A customer logs on to a bank website so that she can access her account.

(a) The first thing she was asked to do was to give the 3rd, 4th and 7th character of her
password. This was done using drop-down boxes:

Give two reasons why the customer was asked to supply only 3 characters from her
password.

1 ……………........................................................................................................................................

.........................................................................................................................................................

2 …………...........................................................................................................................................

.................................................................................................................................................... [2]

(b) Authentication is a technique used in bank security to check that the customer is who they
say they are. This involves three pieces of information, other than the password, all related
to the customer.

Give three examples of suitable information:

1 ……………........................................................................................................................................

.........................................................................................................................................................

.........................................................................................................................................................

2 …………...........................................................................................................................................

Page 12
 .........................................................................................................................................................

.........................................................................................................................................................

3 ……………........................................................................................................................................

.........................................................................................................................................................

.................................................................................................................................................... [3]

Q10 2013-Nov, P12

1 Internet security is a major issue for many people. The following is a list of five typical security
issues:

 hacking
 pharming
 phishing
 spyware
 viruses

Choose three of these security issues.

For each one, describe the security issue and suggest a way of protecting against it.

Security issue 1 ……………………………………………………………………………………………………………………………………

Description of issue ……………………………………………………………………………………………………………………………..

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Method of protection ..………………………………………………………………………………………………………………………..

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Security issue 2 ……………………………………………………………………………………………………………………………………

Description of issue ……………………………………………………………………………………………………………………………..

…………………………………………………………………………………………………………………………………………………………….

Page 13
 …………………………………………………………………………………………………………………………………………………………….

Method of protection ..………………………………………………………………………………………………………………………..

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Security issue 3 ……………………………………………………………………………………………………………………………………

Description of issue ……………………………………………………………………………………………………………………………..

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Method of protection ..………………………………………………………………………………………………………………………..

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Q11 2013-June, P11

3 (a) Which of the following activities should always be regarded as security risks to
computer systems?

Indicate by ticking (“”) the Yes or No column.

Activity Yes No

chat rooms

cookies

pharming

virus

VoIP

7 Which five computer terms are being described below?

I. typing in the same data twice and the computer checks both sets of data to see if they
exactly match

……………………………………………………………………………………………………………………………………………………

II. Count of the number of bits before transmission which is sent with the transmission so that the
receiver can check to see whether the same number of bits have arrived

Page 14
 ……………………………………………………………………………………………………………………………………………………

Q12 2012-Nov, P12

7 (a) Lucy wrote: “I should validate the input into my database by typing in the same data
twice”.

Why was her statement incorrect?

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………… [3]

(b) She lost all her photographs when her computer crashed.

(i) What is meant by the term crashed?

………………………………………………………………………………………………………………………………………….

……………………………………………………………………………………………………………………………….…… [2]

(ii) How could she have avoided losing all her photographs?

………………………………………………………………………………………………………………………………………….

……………………………………………………………………………………………………………………………….…… [2]

(c) Lucy was sent an important attachment in an email, but couldn’t open it.

Give a reason why she couldn’t open the attachment.

……………………………………………………………………………………………………………………………………………………

…….…………………………………………………………………………………………………………………………………………[1]

(d) She decided to invest in a wireless (Wi-Fi) mouse and keyboard for her computer.

Give one benefit and one drawback of using wireless devices.

Benefit ….……………………………………………………………………………………………………………………………………

…….…………………………………………………………………………………………………………………………………………….

Drawback ………..…………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………… [2]

Page 15
 Q13 2012-June, P11
1 Video conferencing, Voice over Internet Protocol (VoIP) and instant messaging are all used as
c o m m u n i c a t i o n methods. Certain devices are essential to enable each of t h e s e
communication methods to be used.

Tick (“”) the appropriate cells in the table below to show which one or more devices are
essential for each method.

keyboard microphone speaker webcam

VoIP

video
conferencing
instant
messaging

2 Describe ways to guard against each of the following Internet security issues. (A different method
should be given in each case.)

Viruses …………………………………………………………………………………………………………………………………………………

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Hacking …………………….…………………………………………………………………………………………………………………………

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Spyware ………………………………………………………………………………………………………………………………………………

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Phishing ………………………………………………………………………………………………………………………………………………

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Tapping into wireless networks ……………………………………………………………………………………………………………

Page 16
 …………………………………………………………………………………………………………………………………………………………….

………………………………………………………………………………………………………………………………………………………. [5]

Q14 2011-June, P11

10 Jatinder uses Internet banking.

(a) Give one benefit and one drawback of using Internet banking.

Benefit .………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………………

Drawback ……………………………………………………………………………………………..……………………………………

……………………………………………………………………………………………………………………………………………… [2]

Page 17
Q15 2011-June, P12

6 FIVE security or data loss issues are shown on the left handside.

FIVE possible methods of data recovery or protection are shown on the right.

Match the definitions/descriptions on the left to the most appropriate method on the right by
drawing connecting arrows.

Q16 2011-June,P11

3 A worker at a company has to go through a logon procedure to gain access to her computer system.

The first thing she has to do is type in a user name and a password.

(a) Why is this done?

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………… [1]

(b) The password is typed in twice.

Page 18
 Why is this done?

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………… [1]

A menu then appears on her screen. She chooses to connect to the Internet.

(c) Describe two ways her computer system is protected against loss or corruption of files once
the computer system is connected to the Internet.

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………… [2]

(d) The worker leaves her computer system for a 10-minute break.

(i) From a health and safety aspect, why does she need to take a regular break?

………………………………………………………………………………………………………………………………………….

………………………………………………………………………………………………………………………………………….

………………………………………………………………………………………………………………………………………….

(ii) Apart from switching off her machine, how could she ensure her computer system was
secure whilst taking her regular break?

………………………………………………………………………………………………………………………………………….

………………………………………………………………………………………………………………………………………….

…….……………………………………………………………………………………………………………………………… [2]

Q17 2010-Nov, P11

15 A college secretary inputs data into fields on a computer screen as shown below:
Examination Result
Student Sex: Subject:
Today’s Date: Grade: Examination Result (%):

(a) Choose a suitable different validation check for each of the following:

(i) Student Sex which can be M or F only

Page 19
 ………………………………………………………………………………………………………………………………………….

………………………………………………………………………………………………………………………………………….

(ii) Today’s Date which must be written as, for example, 15/10/2010

………………………………………………………………………………………………………………………………………….

………………………………………………………………………………………………………………………………………….

(iii) The Examination Result which can be any number from 0 to 100

………………………………………………………………………………………………………………………………………….

……………………………………………………………………………………………………………………………….…… [3]

(b) Apart from validation, how would it be possible to ensure only certain data could be input
into each of the fields on the computer screen?

……………………………………………………………………………………………………………………………………………………

……………………………………………………………………………………………………………………………………………… [1]

(c) The secretary takes a ten minute break every hour.

(i) Apart from switching off, how can the secretary make sure the computer system is
secure whilst she takes a ten minute break?

………………………………………………………………………………………………………………………………………….

………………………………………………………………………………………………………………………………………….

(ii) From a health and safety aspect, why does the secretary need to take regular
breaks?

………………………………………………………………………………………………………………………………………….

……………………………………………………………………………………………………………………………………. [2]

Q18 2010-June, P11

4 A company is concerned about three aspects of the security of data stored in computer files:

 data corruption
 data loss
 illegal access to data

For each of the above, give one reason why it could occur and state one method of
prevention. Your reasons must be different in each case.

Page 20
 Data corruption
Reason: ……………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Data corruption
Prevention: ………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Data loss
Reason: ……………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Data loss
Prevention: ………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Illegal access to data

Reason: ……………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

Illegal access to data

Prevention: ………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………………………………………………………….

…………….………………………………………………………………………………………………………………………………………… [6]

16 A company has set up an Internet website to sell their electrical goods online.

(a) Give two features you would expect to see on the website.

1 ……………........................................................................................................................................

Page 21
 .........................................................................................................................................................

2 …………...........................................................................................................................................

.................................................................................................................................................... [2]

(b) Payments for goods can be made by credit/debit cards. Data from the cards is
encrypted.

(i) What is encryption?

………………………………………………………………………………………………………………………………………….

………………………………………………………………………………………………………………………………………….

(ii) Why is data encrypted?

………………………………………………………………………………………………………………………………………….

…….……………………………………………………………………………………………………………………………… [2]

(c) Apart from credit card fraud, people have other fears about buying from the Internet.

Describe one of these fears.

……………………………………………………………………………………………….………………………………………………….

……………………………………………………………………………………………….………………………………………………….

.................................................................................................................................................... [1]

Page 22