AQA Level 3 Technical Level IT: CYBER SECURITY Unit 6 Network and cyber security administration

*jUn19J* IB/M/Jun19/E5 J/507/6435 For Examiner’s Use Question Mark 1−5 6 7 8 9 10 11 12 13 14 15 16 17 TOTAL Thursday 16 May 2019 Morning Time allowed: 2 hours Materials For this paper you must have: • a ruler • a scientific calculator (non-programmable) • stencils or other equipment (eg flowchart stencils). Instructions • Use black ink or black ball-point pen. • Fill in the boxes at the top of this page. • Answer all questions. • You must answer each question in the space provided. Do not write outside the box around each page or on blank pages. • Do all rough work in this book. Cross through any work you do not want to be marked. • If you need more space use the additional pages at the back of this booklet. Information • The marks for questions are shown in brackets. • The maximum mark for this paper is 80. There are 50 marks for Section A and 30 marks for Section B. Both sections should be attempted. Advice • In all calculations, show clearly how you work out your answer. • Use diagrams, where appropriate, to clarify your answers. • You are expected to use a calculator where appropriate. • You are reminded of the need for good English and clear presentation in your answers. Please write clearly in block capitals. Centre number Candidate number Surname Forename(s) Candidate signature Level 3 Technical Level IT: CYBER SECURITY Unit 6 Network and cyber security administration 2 *02* IB/M/Jun19/J/507/6435 Do not write outside the Section A box Answer all questions in this section. 0 1 The General Data Protection Regulation (GDPR) relates to Tick () one box. [1 mark] control over personal data. employee disability discrimination. intellectual property and copyright. regulation of security technologies. 0 2 ISO/IEC 27000 is part of the Tick () one box. [1 mark] common vulnerability scoring system (CVSS) information security management system (ISMS) open web application security project (OWASP) penetration testing execution standard (PTES) 3 *03* Turn over ► IB/M/Jun19/J/507/6435 Do not write outside the 0 3 Reverse delta backup systems box Tick () one box. [1 mark] log every change in the source data. only contain complete system images. organise data based on changes occurring at fixed intervals. store a recent copy of the source data. 0 4 Which of these is a vulnerability scanner? Tick () one box. [1 mark] Modbus Honeypot Nessus SCADA Turn over for the next question 4 *04* IB/M/Jun19/J/507/6435 Do not write outside the 0 5 Which of the following might be used in a side channel attack? box Tick () one box. [1 mark] Electromagnetic radiation Overlapping Wi-Fi channels Unused port numbers Weaknesses in an algorithm 5 5 *05* Turn over ► IB/M/Jun19/J/507/6435 Do not write outside the 0 6 box . 1 Give two ways to identify that a website is theoretically secure. [2 marks] 1 2 0 6 . 2 State one benefit of a secure website compared to an insecure website. [1 mark] 0 7 Explain the role of an ethical hacker. [3 marks] Turn over for the next question 3 3 6 *06* IB/M/Jun19/J/507/6435 Do not write outside the 0 8 box In a disaster recovery plan, an organisation identifies the need to guarantee recovery of data if there has been a fire. Justify a method the organisation could use to back up 1.5 TB of data. [2 marks] 0 9 Explain how Distributed Denial of Service (DDoS) attacks a network. [3 marks] 2 3 7 *07* Turn over ► IB/M/Jun19/J/507/6435 Do not write outside the 1 0 box . 1 Explain how a virtual private network (VPN) improves network security. [3 marks] 1 0 . 2 A college has a security policy for VPN connections to the college network. Identify three statements the college might include in the security policy for VPN connections. [3 marks] 1 2 3 Turn over for the next question 6 8 *08* IB/M/Jun19/J/507/6435 Do not write outside the 1 1 box Explain the difference between mandatory access control (MAC) and discretionary access control (DAC). [2 marks] 1 2 A protocol analyser and a port scanner are two network monitoring tools. 1 2 . 1 Identify three pieces of information a port scanner can provide. [3 marks] 1 2 3 2 9 *09* Turn over ► IB/M/Jun19/J/507/6435 Do not write outside the 1 2 box . 2 Describe what a protocol analyser is used for. [3 marks] 1 2 . 3 Name two other network monitoring tools. [2 marks] 1 2 Turn over for the next question 8 10 *10* IB/M/Jun19/J/507/6435 Do not write outside the 1 3 box Bring Your Own Device (BYOD) refers to the policy of permitting employees to use personally owned devices in the workplace. Explain three precautionary measures an employer might need to enforce before allowing employees to BYOD. [6 marks] 1 2 3 6 11 *11* Turn over ► IB/M/Jun19/J/507/6435 Do not write outside the 1 4 One way of targeting critical infrastructure is to collect information about an employee box who has authorised access to the system. Discuss the types of information that might be collected about an employee to gain unauthorised access to the employer’s systems. Include where you might find that information. [6 marks] Turn over for the next question 6 12 *12* IB/M/Jun19/J/507/6435 Do not write outside the 1 5 box The objective of the Information Technology Infrastructure Library (ITIL) was to develop effective and efficient methods for the provision of IT services. Three of the main processes for the ITIL 2011 service strategy are: • Strategy Management for IT Services • Service Portfolio Management • Business Relationship Management. Explain the process objective for each of these main processes. [6 marks] Strategy Management for IT Services Service Portfolio Management Business Relationship Management 6 13 *13* Turn over ► IB/M/Jun19/J/507/6435 Do not write outside the Turn over for Section B box DO NOT WRITE ON THIS PAGE ANSWER IN THE SPACES PROVIDED 14 *14* IB/M/Jun19/J/507/6435 Do not write outside the Section B box Answer all questions in this section. 1 6 At the ENTZARUS headquarters, employees attach their laptops, tablets and mobile devices to the office network by using a wireless connection. You have been asked to develop a Wireless Communication policy for ENTZARUS. 1 6 . 1 Discuss the threats to company data and the measures you would include in the Wireless Communication policy to counter these threats. [12 marks] 15 *15* Turn over ► IB/M/Jun19/J/507/6435 Do not write outside the box 1 6 . 2 Give three ways a wireless network can be made more secure. [3 marks] 1 2 3 Turn over for the next question 15 16 *16* IB/M/Jun19/J/507/6435 Do not write outside the 1 7 box Cyber security is used to protect public and political infrastructures from attack. Discuss the reasons why a cyber attack might target public or political infrastructures. In your answer you should include: • the perpetrators of an attack • the potential targets of an attack • the objectives and potential rewards or consequences of an attack • the methods that could be used in a cyber attack. [15 marks] 17 *17* Turn over ► IB/M/Jun19/J/507/6435 Do not write outside the box END OF QUESTIONS 15 18 *18* IB/M/Jun19/J/507/6435 Do not write outside the If needed, use the following pages to continue your answers. Write the question box number beside your answer. 19 *19* IB/M/Jun19/J/507/6435 Do not write outside the box 20 *20* IB/M/Jun19/J/507/6435 Do not write outside the There are no questions printed on this page box DO NOT WRITE ON THIS PAGE ANSWER IN THE SPACES PROVIDED Copyright information For confidentiality purposes, from the November 2015 examination series, acknowledgements of third-party copyright material are published in a separate booklet rather than including them on the examination paper or support materials. This booklet is published after each examination series and is available for free download from after the live examination series. Permission to reproduce all copyright material has been applied for. In some cases, efforts to contact copyright-holders may have been unsuccessful and AQA will be happy to rectify any omissions of acknowledgements. If you have any queries please contact the Copyright Team, AQA, Stag Hill House, Guildford, GU2 7XJ. Copyright © 2019 AQA and its licensors. All rights reserved. *196AJ/507/6435*