admin@kcseforecast.com

+2541026301456

Q&A- Security Threats and Controls

Q1.Peter has installed internet on his home computer in order to use it for browsing. State three ways in which he would prevent viruses from infecting his computer.                                                        (3 marks)

  • Installing the latest versions of antivirus software
  • Avoiding downloads from untrusted sites
  • Scanning removable storage media for viruses before use
  • Scanning attachments for viruses before opening or downloading

Q2.What are the likely causes of data and program loss in a computer                                (2 marks)

  • Computer viruses
  • Unstable power supply
  • Hard disk crash
  • Theft of data/programs

Q3.Viruses, pharming and phishing are all examples of potential Internet security issues. Explain what is meant by each of these three terms.

Virus

  • - program/software that replicates/copies itself
  • – can delete or alter files/data stored on a computer
  •  – can make the computer “crash”/run slow

Pharming -

  • malicious code/software installed on a user’s hard drive/actual webserver
  •  – this code redirects user to a fake website (without their knowledge)
  •  – to obtain personal/financial information/data

Phishing

  • - legitimate-looking emails sent to a user
  • – as soon as the recipient opens/clicks on the link in the email/attachment …
  • – … the user is directed to a fake website (without their knowledge)
  • – To obtain personal/financial information/data

Q4.What is audit trail?

A record showing who has accessed a computer system and what operations he or she has performed during a given period of time

Q5.What is data encryption?

  • Refers to the scrambling of data into unreadable form before transmission over a telecommunication media  OR
  • transformation of data from plaintext to ciphertext

Q6.Briefly describe the information Security principles or CIA triads

  • confidentiality - The principle of protection from unauthorized access or disclosure
  • Integrity - the principle of ensuring that unauthorized or undetected changes to data or system configurations do not occur.
  • Availability - the principle of ensuring that data and services remain accessible to authorized users at all times

 

Q7.Define Data Security

  • Is the protection of programs and data in computers and communications systems against unauthorized modification, access or disclosure
  •  

Q8.What is a computer virus?

A computer virus is a program designed to damage other programs or causes irregular behaviour in a computer system.

Q9.State the symptoms of a computer virus

  • Unfamiliar graphics or quizzical messages appear on the screen
  • Programs taking longer than usual to load
  • Less memory allowance than usual
  • Unusual error messages occurring more frequently

Q10.A virus is a specific category of malware. Describe three other different categories of malware.

Trojan (horse); a program which misleads the user into thinking it is another
piece of software which, when run, executes another program;
Spyware; a program which records data such as usernames and passwords on
a host system and forwards the information to a third party;
Adware; code embedded or attached to program files which will persistently
show adverts (that attempt to generate revenue);
Worm; code which will run autonomously and replicates itself on a host system;
Ransomware; a program that encrypts a user’s data to make it unreadable until
they pay for the key;
Remote Access Tool (RAT); allows access to control and monitor a computer
from a remote network location;
Rootkit; malware that has managed to gain ‘root’ admin privileges;
Bots/Zombies; a program installed on a computer that performs a job for the
remote owner of the bot/zombie such as sending spam or sending web requests
to perform a DOS or attack a computer system;
Scareware; malware that tells you something is wrong with your system in an
attempt to get you to make a purchase;
Keylogger; a program that monitors/records a user’s keystrokes in order to steal
passwords/confidential details

Q11.Explain why a firewall improves network security.

  • It prevents unauthorised access into the network (by checking IP/MAC address/packet content);
  •  It prevents unauthorised transmissions from inside the network to external locations;
  •  It monitors network traffic;
  • It makes sure that only the right/authorised traffic is allowed;
  • It opens/closes ports as necessary;

Q12.There are security concerns associated with cloud storage. (a) State one way in which providers of cloud storage could prevent security breaches by their own employees  (b) Explain why data on networks is encrypted

(a) One from:

  • Background checks
  • Access control
  • Physical security
  • User policies

(b) To prevent unauthorised access (1) so that data remains confidential (1) by making it unintelligible (1) because it is scrambled (1)

Q13.Define social engineering

  • Is where People are manipulated to divulge confidential information

Q14.State two reasons for carrying out software updates

  • To get the latest features
  • To update security features

Q15.Social engineering is where someone is tricked or manipulated into providing secure information or access to a secure system. Describe each of the following social engineering techniques.

Blagging

  • This is where a victim is tricked/persuaded by a fraudster to give their details or payment information for a false reason/purpose;

Phishing

  • This is where the victim receives and responds to communication that appears to be from a valid or known source but is in fact fraudulent. (It allows the fraudster to capture private information before the victim realises);

Shouldering

  • This is where someone watches and records\remembers a victim entering their pin or security information such as passwords. (They can then use this information to gain access to a system)

Q16.List two types of disaster recovery tools.

  • online storage
  • incremental backup
  • full backup
  • RAID (level 0, 1, 10)
  • uninterruptible power supply (UPS)

Q17.Describe what is meant by ‘RAID 10’.

  • RAID 10 is a combination of RAID 0 (zero) and RAID 1 (one)

Q18.How many hard disks are required to implement RAID 10?

  • 4 (four)

Q19.State ways in which a network manager can use to ensure that the network is secure

  • Encrypt network traffic
  • Use of Firewall(s)
  •  Anti-virus software
  • Password protect the database

Q20.Give four features of a Data Protection Act

  • data must be up to date
  •  data can only be read/used for the purpose for which it was collected
  • data must be adequate, relevant and not excessive
  • data must be accurate
  • data must be destroyed when no longer needed/don’t keep longer than necessary
  • data user must register what data stored
  • data must be used/collected fairly and lawfully
  • data must be held securely
  • data must be protected from accidental damage
  • only authorised personnel can have access to the data
  • fines are imposed for data mis-use
  • data should not be passed on to a third party without permission
  • a person can view data and have it changed/removed if incorrect

Q21.The data before encryption is known as .................................................. text. To scramble the data, an encryption .................................................., which is a type of .................................................., is used. The data after encryption is known as .................................................. text. Encryption prevents the data from being .................................................. by a hacker

The data before encryption is known as .......plain.................. text.
To scramble the data, an encryption ......................key.........................., which is a type
of ...................key............................, is used.
The data after encryption is known as ....................cipher............................. text.
Encryption prevents the data from being ......................understood...................... by a hacker

Q22.Joelle’s parent also uses the firewall to limit the websites that Joelle can access. Explain how the firewall is used to limit the websites that Joelle can access

(The parent can) set criteria for the websites she is allowed to visit such as a whitelist/blacklist of websites. The firewall will examine the data/traffic incoming and outgoing from her computer. If data is sent from a website that is not allowed, it will be blocked

Q23.Explain one drawback to a user if the program is distributed as freeware

The user is not allowed to access the source code so, they cannot tailor the software to their needs and  they cannot fix any bugs in it

The software is still covered by copyright

The user must get the owner’s permission to do anything beyond using it

Q24.Confidential information about the students is to be stored on the computer system. Explain the measures that can be taken to ensure that such information remains confidential.

- Passwords
- Hierarchy
- Only allow some staff to access student files
- Only some machines able to access
- Physical location of these machines
- Physical lock on machines
- Encrypted data in files
- Firewall if connected to the Internet

Q25.State two effects of a computer virus

  • memory used up/slows down computer/alters setting/systems failure
  • erases files/erases data/corrupts data/data needs restoring
  • infects other computers on the network
  • production loss/financial loss

Q26.State two ways of protecting computers against viruses.

  • do not allow outside floppy disks/CD’s/DVD’s
  • use disk free work stations
  • download/install and use anti virus software
  • scan hard disks regularly
  • update the anti virus program regularly
  • do not open file attachments from unknown sources/download
  • doubtful software from the Internet
  • do not use files that come from unknown sources
  • buy original software/do not buy pirated software
  • use firewalls

Q27.State two data protection rules that should be obeyed by all staff in a hospital.

  • data must be accurate/up-to-date
  • personal data must be registered
  • data must be used for the purpose that is registered for
  • if data is to be used for another purpose the registrar must be notified/
  • subject gives consent
  • patients must be able to see the data and have it changed if it is incorrect
  • processed fairly and lawfully
  • kept no longer than needed
  • kept secure
  • not transferred to other countries without protection

Q28.Describe how the database can be recovered from a system failure

  • backups/dumps of files
  • copy of files on CD/tape streamer
  • file generations

Q29.Describe how the database can be recovered from a system failure

  • mirrored hard disk/hot standby/second computer
  • re-run the old master file with the transaction file

Q30.Give three features of a data protection act.

  • data shall only be used for the specific purpose for which it was collected
  • data shall be adequate/relevant/not excessive
  • data shall be accurate/up to date
  • data shall not be kept any longer than necessary
  • individuals have the right to see data about them (and have it changed if inaccurate)
  • sufficient means taken for security/integrity of data
  • data shall not be transferred to a country with lower protection laws
  • data users must be registered

Q31.State three advantages of  biometric authentication

  • Protection against Password-related Vulnerabilities: Traditional password-based authentication methods are vulnerable to various risks, such as weak passwords, password sharing, or password theft.
  • Stronger Access Control: Biometric readers add an additional layer of access control to laptops. Even if someone gains physical possession of the laptop, they would still need the authorized user's biometric data to unlock it and access the data. This helps prevent unauthorized individuals from accessing sensitive information stored on the laptop,
  • Audit Trail and Accountability: Biometric authentication systems often come with built-in logging and auditing capabilities. This means that each time someone accesses the laptop using their biometric data, it can be recorded and associated with a specific user. This creates an audit trail, allowing organizations to track and monitor access to laptops and establish accountability in case of any security incidents or breaches.

Q32.What is meant by RAID technology?

RAID (Redundant Array of Independent Disks) technology refers to a method of combining multiple physical disk drives into a logical unit to improve performance, data availability, and data redundancy. RAID technology is commonly used in storage systems to provide fault tolerance, data protection, and increased storage performance.

The primary purpose of RAID is to create a more reliable and robust storage solution by spreading data across multiple drives and implementing various data redundancy techniques. This helps to mitigate the risk of data loss and system downtime in case of drive failures.

There are different levels or configurations of RAID, each offering different features and trade-offs. The most commonly used RAID levels are:

  1. RAID 0 (Striping): Data is split evenly across multiple drives, resulting in increased performance as data can be accessed from multiple drives simultaneously. However, there is no redundancy, so if one drive fails, data loss can occur.

  2. RAID 1 (Mirroring): Data is duplicated or mirrored across two drives, providing redundancy. If one drive fails, the other drive can still function and serve the data. RAID 1 offers data protection but does not offer increased performance.

  3. RAID 5 (Striping with Parity): Data and parity information are striped across multiple drives, providing both increased performance and fault tolerance. Parity information allows for the recovery of data in case of a single drive failure. RAID 5 requires a minimum of three drives.

  4. RAID 10 (Combination of Mirroring and Striping): RAID 10 combines elements of RAID 1 and RAID 0. It involves mirroring data across two sets of drives and then striping the mirrored sets for increased performance and fault tolerance. RAID 10 provides high levels of data redundancy and performance but requires a minimum of four drives.

Q33.State the symptoms of a computer virus

  1. Slow Performance: If your computer suddenly becomes significantly slower than usual, taking longer to boot up, open applications, or respond to commands, it could be a sign of a virus. Viruses can consume system resources, resulting in decreased performance.

  2. Frequent Crashes: If your computer frequently crashes, freezes, or experiences sudden system reboots without any apparent reason, it could be due to a virus. Some viruses can interfere with system stability, leading to unexpected crashes or instability.

  3. Unusual Pop-ups or Ads: If you start noticing an excessive number of pop-ups, advertisements, or banners appearing on your computer screen, especially when you're not browsing the internet, it might be an indication of adware or malware infection.

  4. Unwanted Modifications: Viruses can modify system settings or configurations without your consent. If you observe changes in your default browser homepage, new toolbars appearing, unfamiliar icons on the desktop, or altered settings, it could be a sign of a virus.

  5. Unusual Network Activity: If you notice excessive network traffic, unusual data transfers, or a sudden increase in data usage without any known reason, it could be an indication of a virus or malware actively communicating with external servers.

  6. Missing or Modified Files: Viruses can delete, encrypt, or modify files on your computer. If you find missing files or encounter unexpected changes in file sizes, names, or extensions, it could be a result of a virus infection.

  7. Disabled Security Software: Some viruses attempt to disable or circumvent antivirus or security software to avoid detection. If you notice that your antivirus program or firewall is deactivated, modified, or unable to update, it could be due to a virus compromising your security software.

  8. Unexpected Email or Message Activity: Viruses can use infected computers to send spam emails or messages to contacts in your address book without your knowledge. If your friends or colleagues report receiving suspicious or unexpected emails or messages from you, it could be a sign of a virus.

Q34.Describe how the denial of service strategy works to compromise the security of networks.

  • A denial of service strategy usually works flooding the target host or network with traffic until the target can’t respond or crashes. The targeted systems operations are affected when users are unable to access information systems and or network services

Q35.Jane has noticed the following problems with her computer  (2mks) It is taking a longer time to start up; It is often hanging; Applications are taking longer to load. State three possible causes of these problems and how they can be solved (3mks)

There could be several possible causes for the issues Jane is experiencing with her computer keyboard, including:

1. Software Issues
   - Cause: Outdated or corrupt system files, drivers, or operating system.
   - Solution:
     - Ensure the operating system and drivers are up-to-date.
     - Run a system file checker to repair any corrupted system files (e.g., on Windows, run "sfc /scannow" from the Command Prompt).
     - Consider reinstalling the operating system if issues persist.

2. Hardware Issues:
   - Cause: Physical damage or malfunction in the keyboard hardware.
   - Solution:
     - Check for physical damage or debris under the keys and clean the keyboard if necessary.
     - If cleaning doesn't help, consider replacing the keyboard with a new one.

3. Resource Overload:
   - Cause: The computer may be running too many background processes or lacking sufficient hardware resources.
   - Solution:
     - Close unnecessary background applications and processes to free up system resources.
     - Consider upgrading the computer's RAM, CPU, or storage if it's outdated and unable to handle current software demands.
     - Use task manager or activity monitor to identify and terminate resource-intensive processes.

4. Malware or Viruses:
   - Cause: Malicious software can slow down a computer, cause hanging, and delay startup.
   - Solution:
     - Perform a full system scan using reputable antivirus or anti-malware software to remove any threats.
     - Ensure that the operating system's security patches are up-to-date.

5. Disk Fragmentation:
   - Cause: Fragmented files can slow down the loading of applications and overall system performance.
   - Solution:
     - Run a disk defragmentation tool (e.g., Windows' built-in tool) to optimize file storage on the hard drive.
     - Consider upgrading to a solid-state drive (SSD) for faster application loading times.

6. Insufficient Storage:
   - Cause: If the hard drive is nearly full, it can cause slow performance.
   - Solution:
     - Free up space by deleting unnecessary files and programs.
     - Consider upgrading to a larger capacity hard drive or SSD if storage space remains an issue.

7. Background Processes and Startup Items:
   - Cause: Too many unnecessary programs running in the background or starting up with the computer.
   - Solution:
     - Disable or remove unnecessary startup items and background processes to improve startup time.
     - Use the Task Manager or System Preferences (on macOS) to manage startup items.

It's important to diagnose the specific cause of the issues Jane is facing by troubleshooting each potential problem one by one. In some cases, a combination of these solutions may be necessary to fully resolve the problems with her computer keyboard.