Complete the table below by placing a tick (✓) in the correct column to show which security measure is described.

Description	Anti-malware	Firewall	Penetration Testing
Scans files against a database of known signatures to detect viruses.
Simulates a cyberattack to identify vulnerabilities in a system.
Monitors incoming and outgoing network traffic based on a set of rules.

A software company has just finished developing a new web application. Before launching it, they hire an external company to perform Penetration Testing.

(a) Describe the process of penetration testing.
(b) Explain the purpose of performing this test before the software is released to the public.
(c) State the type of "hacker" who typically carries out this work legally.

A school network uses a Firewall.
[Image of firewall network security diagram]
(a) Describe two actions a firewall performs to protect the network.
(b) A student brings a USB stick from home containing a virus. They plug it into a school computer.
Explain why the Firewall will not prevent the virus from infecting the computer in this specific situation.

Most computer systems come with Anti-malware software installed.

(a) Apart from scanning the hard drive, identify one other time or event when anti-malware software typically scans a file.
(b) Describe the steps the anti-malware software takes when it detects a file that matches a known virus signature.

A small business owner, Sarah, is setting up her office network. She installs a Firewall but decides she does not need Anti-malware software because "the firewall blocks everything."

(a) Explain why Sarah is incorrect. You must refer to the difference in how these two tools work.
(b) Sarah is concerned about Social Engineering.
State one form of non-software "prevention" Sarah could use to help her staff avoid social engineering attacks.
(c) Sarah considers taking a Backup of her data.
Explain whether taking a backup is a method of prevention or recovery, and justify your answer.