AQA A-LEVEL SOCIOLOGY 7192/2 PAPER 2TOPICS IN
SOCIOLOGY MERGED QUESTION PAPER + MARK SCHEME 2025
Which of the following information security elements guarantees that the sender
of a message cannot later deny having sent the message and the recipient cannot
deny having received the message?
A Confidentiality
B Non-repudiation
C Availability
D Integrity CORRECT ANSWER B
A phase of the cyber kill chain methodology triggers the adversary's malicious
code, which utilizes a vulnerability in the operating system, application, or server
on a target system. At this stage, the organization may face threats such as
authentication and authorization attacks, arbitrary code execution, physical
security threats, and security misconfiguration.
Which is this phase of the cyber kill chain methodology?
A Reconnaissance
B Weaponization
C Exploitation
D Installation CORRECT ANSWER C
,Which of the following is a category of hackers who are also known as crackers,
use their extraordinary computing skills for illegal or malicious purposes, and are
often involved in criminal activities?
A Black hats
B White hats
C Suicide hackers
D Script kiddies CORRECT ANSWER A
John, a professional hacker, has launched an attack on a target organization to
extract sensitive information. He was successful in launching the attack and
gathering the required information. He is now attempting to hide the malicious
acts by overwriting the server, system, and application logs to avoid suspicion.
Which of the following phases of hacking is John currently in?
A Maintaining access
B Scanning
C Clearing tracks
D Gaining access CORRECT ANSWER C
Which of the following risk management phases involves selecting and
implementing appropriate controls for the identified risks to modify them?
A Risk tracking and review
,B Risk identification
C Risk treatment
D Risk assessment CORRECT ANSWER C
In which of the following incident handling and response phases are the identified
security incidents analyzed, validated, categorized, and prioritized?
A Incident recording and assignment
B Incident triage
C Containment
D Eradication CORRECT ANSWER B
Which of the following phases of risk management is an ongoing iterative process
that assigns priorities for risk mitigation and implementation plans to help
determine the quantitative and qualitative value of risk?
A Risk identification
B Risk treatment
C Risk tracking and review
D Risk assessment CORRECT ANSWER D
Jack, a security professional, was instructed to introduce a security standard to
handle cardholder information for major debit, credit, prepaid, e-purse, ATM, and
POS cards. In the process, Jack has employed a standard that offers robust and
comprehensive standards as well as supporting materials to enhance payment-
card data security.
, What is the security standard that Jack has employed?
A HIPAA
B SOX
C DMCA
D PCI DSS CORRECT ANSWER D
Morris, an attacker, has targeted an organization's network. To know the structure
of the target network, he combined footprinting techniques with a network utility
that helped him create diagrammatic representations of the target network.
What is the network utility employed by Morris in the above scenario?
A Netcraft
B Tracert
C Shodan
D BuzzSumo CORRECT ANSWER B
Which of the following Google advanced search operators displays similar
websites to the specified URL?
A [site:]
B [info:]
C [inurl:]
SOCIOLOGY MERGED QUESTION PAPER + MARK SCHEME 2025
Which of the following information security elements guarantees that the sender
of a message cannot later deny having sent the message and the recipient cannot
deny having received the message?
A Confidentiality
B Non-repudiation
C Availability
D Integrity CORRECT ANSWER B
A phase of the cyber kill chain methodology triggers the adversary's malicious
code, which utilizes a vulnerability in the operating system, application, or server
on a target system. At this stage, the organization may face threats such as
authentication and authorization attacks, arbitrary code execution, physical
security threats, and security misconfiguration.
Which is this phase of the cyber kill chain methodology?
A Reconnaissance
B Weaponization
C Exploitation
D Installation CORRECT ANSWER C
,Which of the following is a category of hackers who are also known as crackers,
use their extraordinary computing skills for illegal or malicious purposes, and are
often involved in criminal activities?
A Black hats
B White hats
C Suicide hackers
D Script kiddies CORRECT ANSWER A
John, a professional hacker, has launched an attack on a target organization to
extract sensitive information. He was successful in launching the attack and
gathering the required information. He is now attempting to hide the malicious
acts by overwriting the server, system, and application logs to avoid suspicion.
Which of the following phases of hacking is John currently in?
A Maintaining access
B Scanning
C Clearing tracks
D Gaining access CORRECT ANSWER C
Which of the following risk management phases involves selecting and
implementing appropriate controls for the identified risks to modify them?
A Risk tracking and review
,B Risk identification
C Risk treatment
D Risk assessment CORRECT ANSWER C
In which of the following incident handling and response phases are the identified
security incidents analyzed, validated, categorized, and prioritized?
A Incident recording and assignment
B Incident triage
C Containment
D Eradication CORRECT ANSWER B
Which of the following phases of risk management is an ongoing iterative process
that assigns priorities for risk mitigation and implementation plans to help
determine the quantitative and qualitative value of risk?
A Risk identification
B Risk treatment
C Risk tracking and review
D Risk assessment CORRECT ANSWER D
Jack, a security professional, was instructed to introduce a security standard to
handle cardholder information for major debit, credit, prepaid, e-purse, ATM, and
POS cards. In the process, Jack has employed a standard that offers robust and
comprehensive standards as well as supporting materials to enhance payment-
card data security.
, What is the security standard that Jack has employed?
A HIPAA
B SOX
C DMCA
D PCI DSS CORRECT ANSWER D
Morris, an attacker, has targeted an organization's network. To know the structure
of the target network, he combined footprinting techniques with a network utility
that helped him create diagrammatic representations of the target network.
What is the network utility employed by Morris in the above scenario?
A Netcraft
B Tracert
C Shodan
D BuzzSumo CORRECT ANSWER B
Which of the following Google advanced search operators displays similar
websites to the specified URL?
A [site:]
B [info:]
C [inurl:]
