Level 3 Cambridge Technical in IT 05839/ 05840/ 05841/ 05842 Unit 3 Cyber security. Date Morning/Afternoon Time Allowed: 1 hour

Similar documents
Unit 3 Cyber security

THIS IS A NEW SPECIFICATION MODIFIED LANGUAGE

G055/IC. APPLIED INFORMATION AND COMMUNICATION TECHNOLOGY Networking Solutions ADVANCED GCE INSTRUCTIONS FOR CANDIDATES JUNE 2011

Monday 12 May 2014 Morning

Tuesday 9 June 2015 Morning

MATHEMATICS A A502/01 Unit B (Foundation Tier)

Friday 18 January 2013 Afternoon

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

Monday 11 June 2012 Morning

SPECIMEN A451 GENERAL CERTIFICATE OF SECONDARY EDUCATION COMPUTING. Duration: 1 hour 30 minutes. Unit A451: Computer systems and programming

Small businesses: What you need to know about cyber security

THIS IS A NEW SPECIFICATION

Protect yourself online

Small businesses: What you need to know about cyber security

This stimulus material must be used for the June 2015 examination session.

3 day Workshop on Cyber Security & Ethical Hacking

Cyber Essentials Scheme

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

Data Protection Act Bring your own device (BYOD)

Data Access Request Service

RELIGIOUS STUDIES B (PHILOSOPHY AND/OR APPLIED ETHICS) Philosophy 1 (Deity, Religious and Spiritual Experience, End of Life)

Information Security Addressing Your Advanced Threats

Friday 6 June 2014 Morning

Monday 28 January 2013 Morning

Friday 24 May 2013 Morning

National Cyber Security Month 2015: Daily Security Awareness Tips

THIS IS A NEW SPECIFICATION. This is a Closed Text examination. No textbooks or sources of information are allowed in the examination room.

The Ministry of Information & Communication Technology MICT

Cyber Security. Securing Your Mobile and Online Banking Transactions

External Supplier Control Requirements

Infocomm Sec rity is incomplete without U Be aware,

Internet threats: steps to security for your small business

OCR Level 2 CAMBRIDGE TECHNICAL

Wednesday 11 June 2014 Afternoon

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Tuesday 10 January 2012 Morning

10 Smart Ideas for. Keeping Data Safe. From Hackers

SENIORS ONLINE SECURITY

Tuesday 6 November 2012 Morning

Security Issues with Integrated Smart Buildings

OCR LEVEL 3 CAMBRIDGE TECHNICAL

TMCEC CYBER SECURITY TRAINING

How-To Guide: Cyber Security. Content Provided by

Information Security

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

DBC 999 Incident Reporting Procedure

Hot Topics in IT Security PREP#28 May 1, David Woska, Ph.D. OCIO Security

DATA AND PAYMENT SECURITY PART 1

The Business Case for Security Information Management

How To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device

10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group

Thursday 24 January 2013 Morning

OCR LEVEL 3 CAMBRIDGE TECHNICAL

Information Services. Protecting information. It s everyone s responsibility

Wednesday 20 June 2012 Afternoon

Tuesday 20 May 2014 Morning

Wednesday 19 June 2013 Afternoon

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover

Wednesday 23 January 2013 Morning

PREP Course #25: Hot Topics in Cyber Security and Database Security. Presented by: Joe Baskin Manager, Information Security, OCIO

Connect Smart for Business SME TOOLKIT

Cybercrime: risks, penalties and prevention

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

Friday 18 September PM 3.15 PM Time Allowed: 2 hours 15 minutes

Monday 11 June 2012 Afternoon

Information Security Baseline (minimal measures)

Monday 11 June 2012 Afternoon

AS Level in Business H031/02 The wider business environment Sample Question Paper SPECIMEN

Secure Your Information and Communication Technology Devices

A practical guide to IT security

Cyber Self Assessment

F733. GENERAL STUDIES Domain Exploration: Applying Synoptic Skills ADVANCED GCE. Tuesday 25 January 2011 Afternoon

Small Business Cybersecurity Dos and Don ts. Helping Businesses Grow and Succeed For Over 30 Years. September 25, 2015 Dover Downs

F242/CS. APPLIED BUSINESS Understanding the Business Environment ADVANCED SUBSIDIARY GCE. Monday 17 May 2010 Afternoon CASE STUDY

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

Information Incident Management Policy

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

IIABSC Spring Conference

Welcome to the Protecting Your Identity. Training Module

Top tips for improved network security

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media

3 Marketing Security Risks. How to combat the threats to the security of your Marketing Database

Information Security It s Everyone s Responsibility

10 Quick Tips to Mobile Security

Tuesday 14 May 2013 Morning

Cybersecurity Awareness. Part 1

A LEVEL. Delivery Guide H446 COMPUTER SCIENCE. Theme: Input, Output and Storage. April 2015

Welcome to this ACT webinar

Thursday 13 June 2013 Morning

Information Security Team

Data Security. So many businesses leave their data exposed, That doesn t mean you have to Computerbilities, Inc.

10 best practice suggestions for common smartphone threats

How to complete the Secure Internet Site Declaration (SISD) form

TLP WHITE. Denial of service attacks: what you need to know

Security Practices for Online Collaboration and Social Media

External Supplier Control Requirements

Monday 4 March 2013 Morning

Wednesday 12 June 2013 Morning

Transcription:

SAMPLE ASSESSMENT MATERIAL Level 3 Cambridge Technical in IT 05839/ 05840/ 05841/ 05842 Unit 3 Cyber security Date Morning/Afternoon Time Allowed: 1 hour You must have: The Insert (clean copy case study) INSTRUCTIONS Use black ink. Complete the boxes above with your name, centre number and candidate number. Answer all the questions. Write your answer to each question in the space provided. Do not write in the bar codes. INFORMATION The case study should be used to answer questions in Section A. The total mark for this paper is 60. The marks for each question are shown in brackets [ ]. Quality of extended response will be assessed in questions marked with an asterisk (*). This document consists of 12 pages. OCR 2015 Turn over

2 Answer all the questions. Section A This section relates to the case study. 1 (a) Describe what is meant by the term integrity of data in the context of data and network security.... [2] (b) Describe one way in which integrity of data could be compromised at Classic Cars.... [2] (c) (i) Identify two types of attacker, working alone, who would be interested in compromising the computer networks at Classic Cars. 1.... 2.... [2] (ii) For one of the attackers, identified in part (c)(i), identify two of their characteristics. Name of attacker: 1.... 2.... [2] OCR 2015 SPECIMEN

3 (iii) Explain one possible motivation for the attacker identified in part (c)(ii)................... [3] 2 (a) Identify two vulnerabilities that have the potential to be exploited at Classic Cars. 1.... 2.... [2] (b) Describe one example of an attack that could be performed against the networks at Classic Cars.... [2] (c)* Discuss possible impacts on Classic Cars of network security being breached. OCR 2015 SPECIMEN Turn over

4... [10] OCR 2015 SPECIMEN

5 3 (a) Recommend two software controls and two procedural controls that Classic Cars should use. Write your answers in the box below: Software controls Procedural controls 1. 1. 2. 2. [4] (b) Describe one measure that Classic Cars should take to prevent information on external devices being accessed without authorisation.... [2] (c) Identify one reason why Classic Cars should use an intrusion detection system on its network.... [1] OCR 2015 SPECIMEN Turn over

6 4 (a) The IT technicians at Classic Cars have identified malware on their network. Explain one action they should take in response.... [3] (b) Choose one category from the list below that describes the incident of the stolen external drive described in the case study. Enter a tick in the box next to your choice. Critical Significant Minor Negligible [1] (c) Justify your choice of category in part 4(b).... [4] OCR 2015 SPECIMEN

7 Section B You do not need the case study to answer these questions. 5 (a) Describe one potential cyber security issue associated with connecting your tablet or laptop to an unsecured Wi-Fi hotspot.... [2] (b) * Evaluate the preventative measures you could take when connecting your tablet or laptop to an unsecured Wi-Fi hotspot. OCR 2015 SPECIMEN Turn over

8... [8] 6 A member of your family has received the email shown below; it appears to have been sent from the IT Support Team of the organisation with whom they have an email account. Dear Sir/Madam, We have decided to delete inactive email accounts to create space for new email accounts. In order to continue using your email account you must send us the information listed below. If we do not receive this information from you immediately, your email account will be terminated. Surname: First name: Email username: Email password: Date of birth: Alternative email address: Click on the link at the end of this message to enter your information Please do not contact the IT Support department with any questions as we are too busy to respond. If you need further information, see the file attached to this email. (a) State what type of email this is likely to be.... [1] OCR 2015 SPECIMEN

(b) Identify three items in the email that suggest that this is not a genuine email. 9 1.... 2.... 3. [3] (c) Evaluate the likely impact on your family member if they were to click on the link in the email.... [6] END OF QUESTION PAPER OCR 2015 SPECIMEN Turn over

10 THIS PAGE HAS BEEN LEFT INTENTIONALLY BLANK OCR 2015 SPECIMEN

11 THIS PAGE HAS BEEN LEFT INTENTIONALLY BLANK OCR 2015 SPECIMEN Turn over

12 THIS PAGE HAS BEEN LEFT INTENTIONALLY BLANK Copyright Information: OCR is committed to seeking permission to reproduce all third-party content that it uses in its assessment materials. OCR has attempted to identify and contact all copyright holders whose work is used in this paper. To avoid the issue of disclosure of answer-related information to candidates, all copyright acknowledgements are reproduced in the OCR Copyright Acknowledgements Booklet. This is produced for each series of examinations and is freely available to download from our public website (www.ocr.org.uk) after the live examination series. If OCR has unwittingly failed to correctly acknowledge or clear any third-party content in this assessment material OCR will be happy to correct its mistake at the earliest possible opportunity. For queries or further information please contact the Copyright Team, First Floor, 9 Hills Road, Cambridge CB2 1GE. OCR is part of the Cambridge Assessment Group. Cambridge Assessment is the brand name of University of Cambridge Local Examinations Syndicate (UCLES), which is itself a department of the University of Cambridge. Oxford Cambridge and RSA Examinations is a Company Limited by Guarantee Registered in England Registered Office: 1 Hills Road, Cambridge, CB1 2EU Registered Company Number: 3484466 OCR is an exempt Charity OCR 2015. OCR 2015 SPECIMEN

SPECIMEN SAMPLE ASSESSMENT MATERIAL Cambridge Technicals in IT UNIT 3 Cyber security MARK SCHEME Duration: 1 hour MAXIMUM MARK 60 Version: 1 Date: 31/07/2015 This document consists of 9 pages

Unit 3 Mark Scheme SPECIMEN Section A Question Answer Marks Guidance 1 (a) Modification/change of data (1) without authorisation (1). 2 Points marking approach. Up to two marks for valid description. (b) Financial data could be modified/changed (1) as the permissions are not set to ensure managers have only read only access (1). Employees are allowed to use their own mobile devices (1) which could result in the data being lost (1) or accessed by unauthorised personnel (1). 2 Points marking approach. One mark for correct identification plus an additional one mark for valid description. (c) (i) Hacker (1) Employee (1) Former employee (1) Criminal (1) Hacktivist (1) (c) (ii) Hacker: any age (1), any social background (1), opportunist (1), intends to exploit vulnerabilities (1), uses various methods (1). Employee: current (1), contractor (1), work experience (1). Former employee: now works for a competitor (1), fired (1), contractor (1), work experience (1) Criminal: any age (1), any social background (1), could be working on behalf of someone else OCR 2015 2 2 Points marking approach. One mark for each correct identification up to a maximum of two identifications. 2 Points marking approach. One mark for each correct identification up to a maximum of two identifications.

Unit 3 Mark Scheme SPECIMEN Question Answer Marks Guidance (1), uses various methods (1). Hacktivist: any age (1), any background (1), uses various methods (1). (c) (iii) Hacker: to take control of the network (1), financial theft (1), data theft (1), theft of the blueprint (1), malware (1), denial of service (1), spy for a competitor (1), etc. Employee: financial theft (1), data theft (1), theft of the blueprint (1), malware (1), industrial espionage (1), etc. Former employee: financial theft (1), data theft (1), theft of the blueprint (1), malware (1), spy for a competitor (1), damage the network (1), revenge (1), challenge (1), etc. (1). Hacktivist: to protest against the organisation (1), to make a political point (1), to cause disruption (1). 2 (a) Staff using their own devices (1) Cloud storage (1) Wireless network (1) Video conferencing (1) Remote access (1) Staff accessing the system from home (1) Network hardware (1) Network software (1) (b) Key logging (1) where an attacker will be able to identify passwords (1). Spam (1) where an attacker could flood the 3 Points marking approach. One mark for correct identification plus an additional two marks for valid explanation. 2 Points marking approach. One mark for correct identification up to a maximum of two identifications. 2 Points marking approach. One mark for correct identification plus an additional one marks for valid description. OCR 2015 3

Unit 3 Mark Scheme SPECIMEN Question Answer Marks Guidance network with emails (1) and could potentially introduce viruses/malware (1). Botnet (1) where an attacker could instigate an infection of malicious software (1) unbeknown to the company (1) in order to control their network (1). (c)* Indicative content: Reputation of the organisation could be damaged. Customers could lose confidence in the organisation and take their custom elsewhere. Business could be disrupted. Loss of business - the organisation could lose so much business that it goes into administration. Expense - it could cost the organisation a considerable amount of money. Staff morale could be affected adversely. Data loss - financial, personal. Competitors could gain an advantage. 10 Levels of response marking approach. 7-10 marks 4-6 marks Has shown a detailed level of understanding by discussing the impacts on Classic Cars if network security is breached. The learner is able to provide a clear explanation of more than one impact and the consequence of these impacts. Relevant examples will be used to support discussion and ideas will be expressed clearly and fluently. There is a well-developed line of reasoning which is clear and logically structured. The information presented is relevant and substantiated. Has shown a good level of understanding by explaining the impact(s) on Classic Cars if network security is breached. Explanations may concentrate on either the impact or the consequence with limited depth in the expansions. Some examples used to support explanation may not be relevant and may at times detract from fluency of narrative. There is a line of reasoning presented with some structure. The information presented is in the most-part relevant and supported by some evidence. OCR 2015 4

Unit 3 Mark Scheme SPECIMEN Question Answer Marks Guidance 1-3 marks Has identified points relevant to impacts on organisations if network security is breached Limited use of examples to accompany description and ideas will be poorly expressed. 0 marks The information is basic and communicated in an unstructured way. The information is supported by limited evidence and the relationship to the evidence may not be clear. Nothing worthy of credit 3 (a) Software controls Firewalls (1) Anti-malware (1) Operating system updates (1) Patch management (1) Anti-spyware (1) 4 Points marking approach. One mark for each correct identification up to a maximum of four identifications. Procedural controls Access management (1) User accounts and permissions (1) Data backup (1) Remote working (1) Device management (1) Awareness (1) Training (1) (b) Encryption (1) would prevent unauthorised access to the information (1) as the information could be not be read (1). 2 Points marking approach. One mark for correct identification plus an additional one marks for valid description. OCR 2015 5

Unit 3 Mark Scheme SPECIMEN Question Answer Marks Guidance (c) To monitor the network (1) 1 For one mark: To alert to a security incident (1) To help to assess risks (1) Reports unusual patterns/behaviour (1) Monitors the system s resources (1) 4 (a) They could contact the Incident Response Team (1). The team will prioritise the incident (1) to contain the malware (1). The IRT will identify and mitigate vulnerabilities (1), eradicate the malware (1) and disinfect the network (1). The ITR will confirm the system is functioning normally after the incident (1). A cyber security incident report will be produced (1), which will facilitate a review and evaluation of the incident (1). 3 Points marking approach. One mark for correct identification plus an additional two marks for valid explanation. (b) Significant (1) 1 For one mark: (c) Customer/supplier/staff personal data could be compromised (1) resulting in identity theft (1), potential legal action (1) and loss of supplier and customer confidence (1). Blueprint of the new car has been stolen (1). This will result in loss of competitive advantage (1) and loss of income to Classic Cars (1) as it will have to spend time and money on a new design (1). 4 Points marking approach. Up to four marks for valid justification. OCR 2015 6

Unit 3 Mark Scheme SPECIMEN Section B Question Answer Marks Guidance 5 (a) Data/account information/passwords could be 2 Points marking approach. intercepted/hacked (1) if connected to an unsecure network (1). One mark for correct identification plus an additional one mark for valid description. A third party could mimic a real hotspot (1) and collect data from the device (1). Man-in-the-middle attack (1)/a third party between the user and the internet (1). WPA2 weak passwords can be hacked (1). (b)* Indicative content: Check the network name with the coffee shop staff. Visit websites that begin with https on every page because these sites are more secure. Download a virtual private network; this will create a more secure link between the device and the hotspot. Only connect to a secured hotspot/connect with a password. Check the type of Wi-Fi hotspot security. Choose WPA2. Enable firewall/block traffic. Do not do online banking/online shopping. 8 Levels of response marking approach. 7-8 marks 4-6 marks Has shown a detailed level of understanding by evaluating the preventative measures that could be taken. The candidate is able to provide a clear explanation of more than one measure and the consequence of these actions. Relevant examples will be used to support evaluation and ideas will be expressed clearly and fluently. There is a well-developed line of reasoning which is clear and logically structured. The information presented is relevant and substantiated. Has shown a good level of understanding by explaining preventative measure(s) that could be taken. Explanations may concentrate on either the measure or the consequence with limited depth in the expansions. Some examples used to support explanation may not be relevant and may at times detract from OCR 2015 7

Unit 3 Mark Scheme SPECIMEN Question Answer Marks Guidance fluency of narrative. There is a line of reasoning presented with some structure. The information presented is in the most-part relevant and supported by some evidence. 1-3 marks Has identified points relevant to preventative measures. Limited use of examples to accompany description and ideas will be poorly expressed. 6 (a) It is an example of a hoax email (1) It is a phishing email (1) 6 (b) Asking for password (1) Asking for personal details (1) Instructing the recipient to click on the link (1) Instructing the recipient to open the attachment (1) The information is basic and communicated in an unstructured way. The information is supported by limited evidence and the relationship to the evidence may not be clear. 0 Nothing worthy of credit marks 1 For one mark: 3 Points marking. One mark for each correct identification up to a maximum of three identifications. OCR 2015 8

Unit 3 Mark Scheme SPECIMEN Question Answer Marks Guidance 6 (c) Indicative content: 6 Levels of response marking approach. The sender s intentions could be to obtain personal data 5-6 Has evaluated the impact on family Financial loss marks member and given two or more examples. Password to other accounts 3-4 Has described possible impacts on family Identity theft marks member and given at least one example or has explained possible impacts on Malicious intention family member and given no examples. Find location 1-2 Has identified possible impacts on family Reduce confidence in using technology marks member. May be no example. 0 Nothing worth of credit. marks OCR 2015 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information