gcsecomputerscience.co.uk
🏆 Score: 0 / 34
1 [4 Marks Total]
Identify the specific threats described below. Tick one box per row.
Description
Phishing
Brute-force
SQL Injection
Data Intercep.
Software to capture network packets.
Code in website form to manipulate DB.
Tool to guess passwords via trial/error.
Emails pretending to be a company to steal data.
✅ Mark Scheme
  • Packets: Data Interception
  • Database Code: SQL Injection
  • Guessing Passwords: Brute-force
  • Fake Emails: Phishing
Score yourself (Max 4):
2 [6 Marks Total]
(a) Define 'Social Engineering'. [2]
(b) Explain one difference between Phishing and Pharming. [2]
(c) Describe how a Shoulder Surfing attack takes place. [2]
✅ Mark Scheme

(a) Manipulating people (1) into giving up confidential info (1).

(b) Phishing uses emails/links (1), Pharming uses fake websites/auto-redirects (1).

(c) Looking over someone's shoulder (1) to see them enter a PIN/Password (1).

Score yourself (Max 6):
3 [4 Marks Total]
Web server is slow/crashing due to repeated requests.
(a) Identify the type of attack. [1] (b) Explain how it works and why it crashes the site. [3]
✅ Mark Scheme

(a) Denial of Service / DoS / DDoS (1)

(b) Explanation:

  • Attacker floods server with traffic (1).
  • Uses up bandwidth/processing power (1).
  • Server can't respond to legitimate requests (1).
Score yourself (Max 4):
4 [6 Marks Total]
Malware threats.
(a) Describe difference between Virus and Spyware. [4]
Virus:
Spyware:
(b) Ransomware impact on school data: [2]
✅ Mark Scheme

(a) Virus vs Spyware:

  • Virus: Replicates itself (1) and damages/corrupts files (1).
  • Spyware: Runs in background (1) and records inputs/steals data (1).

(b) Ransomware: Encrypts/locks data (1). Demands payment for key (1).

Score yourself (Max 6):
5 [4 Marks Total]
SQL Injection.
(a) Explain concept of SQL Injection. [3] (b) One consequence of successful attack. [1]
✅ Mark Scheme

(a) Malicious SQL commands entered (1) into a web form (1) to trick the database/bypass validation (1).

(b) View private data / Delete tables / Bypass login.

Score yourself (Max 4):
6 [10 Marks Total]
Brute-force and Prevention.
(a) Describe Brute-force attack. [2] (b) How does a 'lockout policy' prevent it? [2] (c) Two other measures (Software + Physical). [2] (d) Why is Data Interception a risk on public Wi-Fi? [4]
✅ Mark Scheme

(a) Automated software method (1) trying every possible password combination (1).

(b) Limits attempts (1). Makes the attack take too long to work (1).

(c) Software: Strong passwords/2FA. Physical: Biometrics/Locked doors.

(d) Public Wi-Fi is often unencrypted (1) so packet sniffers can read data (1). Check for HTTPS/Padlock (1) to ensure encryption (1).

Score yourself (Max 10):