Exam Questions Flashcards
Holders of information 1.1
Exam Question
PhWSSE organise world sport tour events
(A) Identify the category of information holders that PhWSSE Would be included in
Either
Business (1 mark)
Organisation (1 mark)
3.2 & 3.3 Information categories
(B)
PhWSSE create an itinerary for each event tour. The Itinerary would be included. In the planning category of information
Explain why the itinerary would be included in the planing category of information? (4 marks)
Planning:
Itinerary needs to be planed in advance (1) , the planning includes dates or countries (1 mark)
If Itinerary is not planned (1) the event tour will be disorganised (1)
Knowledge Management & Creation
The Itinerary is used by shipping companies (1 mark)
In country journeys need to be advised (1) to local haulage companies (1)
The Itinerary needs to be planned in advance (1) the planning includes countries and dates (1)
Management information system
Details are held (1) about future events (1)
WWW Technologies 1.5
The Air Freight distribution company can access the itinerary created by PhWSSE
Identify and describe the World Wide Web (WWW) technology which is used by the distribution company to access the itinerary
What technology and provide a description (4 marks)
Extranet (1 mark)
A website (1) provides restricted access (private) (1)
To resources for authorised users (1) from outside PhWSSE (1)
It is an intranet (1) accessed via internet (1)
Identify one characteristic of this technology (Extranet) (1 mark)
Private (1 mark)
Shared access (1 mark)
Secure (1 mark)
LO6 Security and protection
6.4 Protection Measures
6.1 Security Principles
4.1 Legislation in terms of staff
The Security of the tracking team is maintained through the use of log-in details which are valid for any given tour
Discuss, using examples, how policies can be used by PhWSSE to maintain the security of the tracking information during the tour (10 Marks)
HINT
Disaster & Recovery planning plays a role in this question
Staff access rights to information (Availability)
Only those staff who need access are authorised
Limited number of staff have the tour log-in
Responsibilities of staff for security information
Log-in details must not be written down
Staff who have log-in details must not give the details to anyone else - either staff or someone else
Correct Log out process must take place
Staff Training
Staff trained about basic cyber security principles and procedures
Staff who are authorised too access the details should be trained in the procedures
Training provided as to how to handle the tacking details and who these should be communicated to
1.6 Information Formats
During each event, the results of each sports competition are uploaded to the event webpage on the PhWSSE website. Schools can access the results using an RSS Feed
What is the purpose of the RSS Feed? (2 Marks)
1.6 Information Formats
During each event, the results of each sports competition are uploaded to the event webpage on the PhWSSE website. Schools can access the results using an RSS Feed
What is the purpose of the RSS Feed? (2 Marks)
1.6 Information Formats
Describe one advantage to the competing schools of using RSS Feeds (2 marks)
Those staff and students who are not at the event (1) can have instant access to results (1)
Schools can keep a total of the number of points (1) hey have scored (1)
(SCHOOLS ARE PARTICIPATING IN THE EVENT)
Schools do not have to constantly update or refresh the feeds (1) so the RSS feed shows the most up-to-date details (1)
1.6 Information Formats
Describe one disadvantage to PhWSSE of using RSS Feeds (2 Marks)
A connection is needed (1) to upload the results (1)
Time consuming (1) to update the RSS feeds (1)
Staff may need to be trained (1) to upload the results (1)
One member of staff (1) will need to be designated to upload the RSS Feeds (1)
If an incorrect update is made (1) then this Will be published on the RSS feed (1)
Some browsers do not support RSS Feeds (1) so limiting accessibility to some schools \ events \ counties (1)
5.1 Data Types & Sources
When the tour has finished the results are collated. The PhWSSE website is uploaded to shown the points and ranking for all schools in each sport across all events
Identify the type of information source of the results used by PhWSSE, justifying your choice (3 marks)
Could either choose
Internal (1)
Primary (1)
Primary (1)
The results are held by PhWSSE (1) and are not being provided by an external business (organisation) (1)
Internal (1)
PhWSSE already have \ collected \ collate (1) the results of each competition \ event on the tour (1)
3.2 & 3.3 Categories of information for individuals
A crime prevention charity provides help and assistance to people who have been the victims of crime. The Charity also collects and collates crime statistics for publication on neighbourhood websites.
The charity collects some statistics from big data sets
Explain, using an example, what is meant by the term big data. (4 Marks)
HINT
An organisation can be a charity don’t be thrown off
Data that is either too large (1) or too complex (1) For traditional analysis techniques to be used (1)
E.g UK Wide crime statistics (1)
2.2 Information Classification
(B) Some of the statistics can be classified as sensitive
Explain using an example, what is meant by the term sensitive data (3 Marks)
Information that should not be generally available (1)
Information that could cause harm if released (1)
Information that is protected from unwarranted disclosure (1)
Access should be safeguarded (1)
Example
Medical conditions (1)
Disability of victims of crime (1)
4.1 UK Legislation
(C)* Some of the statistics are collected from local police forces
Discuss, using examples, how The Protection Of Freedoms Act (2012) should be considered by police forces when they are carrying out criminal investigations. (10 Marks)
Biometric data
Must be deleted for suspects who are not convicted of any offence
Only the data of those convicted of the most serious offences is subject to ‘indefinite’ retention
Schools and colleges to obtain consent of one parent of a child under 18 for acquiring and processing the child’s biometric information
Child has the right to stop the processing of their biometric information regardless of any parental consent
The processing of biometric information must be discontinued if any parent of the child objects
The length of time is reduced for which biometric data can be retained
Safeguarding the vulnerable and criminal records
Criminal records disclosure is required for anyone working or involved in activities with vulnerable groups
Data Protection and Freedom of information
Certain data should be provided in an electronic form suitable for re-use
This includes widening the rules on applying for and receiving datasets from public authorities to re-use
Surveillance, counter-terrorism, trafficking can also be credited marks but the following which are on this Flashcard are relatively straightforward
2.1 Information Styles
(7)
When the statistics have been collected, they are collected and analysed
(A) identify and describe two advantages of using a spreadsheet when collating the statistics (6 marks)
HINT
Collate = To analyse data
Automatic recalculation (1) can reduce the errors (1) when collating large amounts of statistics (1)
Use of calculations (1) for accurate (1) analysis (1)
Use of functions or formulas (1) can reduce errors (1) when collating large amount of statistics (1)
Different worksheets can be used (1) for the different types of statistics (1) e.g different areas (1)
3.4 Stages of Data Analysis
2.1 Information styles
(B) when the statistics have been collected and analysed the visualisation of data analysis tool is used to present the data
Justify the use of visualisation of data analysis tool to present the data (4 Marks)
Visualisation includes the use of charts and graphs (1) which can show the analysed data in a clear and easily understandable way (1)
Data presented visually (1) can clearly show trends and patterns (1)
Correlations (1) between different data can be seen (1)
Different graphs and charts (1) can be used to show data in an appropriate way (1)
6.2 Risks
Statistics are stored securely but need to conform to the information security principle of availability
One information security risk to the stored data is intentional tampering with the data
Identify and describe one other information security risk to the stored statistics (3 marks)
Accidental loss of data (1)
The data is lost unintentionally (1) such as someone deleting the file containing the data or the file corrupting with no backup (1)
Unauthorised \ unintended access to data \ hacking (1)
Data is seen or used by those (1) who should not see or use it (1)
Intentional destruction of data (1)
The data is destroyed by a deliberate act (1) usually as the result of a virus or hacking attack (1)
6.1 Security Principles
Explain what is meant by the information security principle of availability (3 Marks)
Information is always available to (1) and usable (1) by the individuals \ groups \ processes that need it (1)
Information is accessible (1) when needed (1)
2.1 Information Styles
The results of collation and analysis of the statistics are presented on neighbourhood websites
Explain how information style of audio can be used during the presentation of the statistics on the websites (3 Marks)
Accessibility of information (1) for the visually impaired (1)
Presenter speaking (1) to provide further details about the analysis (1)
Used in a video or presentation software (1) to describe the results of the analysis (1)
In separate files (1) to provide more in-depth analysis of the statistics (1)
1.6 Information Formats
Owners and customers renting their cottage communicate by email
Discuss the benefits and limitations of using this communication method (10 Marks)
Benefits
Emails can be sent to one person or a group
Emails are delivered extremely fast when compared to traditional post
Attachments can be sent
Cheaper than using traditional post
An audit trail can be kept
Emails can be sent 24 hours a day, 365 days a year
Limitations
Recipient needs access to the internet to receive the mail
Viruses are easily spread via email attachments
Phishing
No guarantee the mail will be read until the user logs on and checks their email
Email may go into junk folder and be deleted without being seen
1.6 Information Formats
Customers can view a 360 degree virtual tour of some of the cottages
The file is streamed from the PHHC Server
Describe one advantage and one disadvantage to the customers of the 360 degree virtual tours being streamed (4 marks)
Advantages
Files do not have to be downloaded (1) so the tour file will not take up space on a digital device as the file is stored on PHHC server (1)
Customers can check the cottage meets their requirements (1) before booking (1)
Instant playback (1) customers can start viewing the cottage quickly (1)
Disadvantages
Customers need (1) broadband access to stream the tours (1)
Customers device may not be able to run the software (1) required to stream the tour (1)
Buffering may occur (1) if the broadband speed is not high enough (1)
5.1 Data Types & Sources
The PHHC website has an external link to a web-based currency converter
The link is included in the external information source category
Explain why the web-based currency converter would be included in the external information source category (3 Marks)
HINT
“Link” and “External”
External is the key word
The converter is not part (1) of the PHHC website (1)
When the link is activated by the customer (1) a different browsing window is available (1)
The converter is outside of PHHC (1) with the figures being sent back to the customer (1) through the PHHC website (1)
User is directed (1) to an external website (1)
4.1 UK Legislation
When the customers are booking a cottage they can choose to opt out of receiving marketing communication from PHHC
Identify the regulation that relates to customers being able to opt out of marketing communication (1 Mark)
GDPR or DPA (1 Mark)
Privacy and electronic communications regulation (1)
4.1 UK Legislation
Explain two actions that PHCC should take to comply with this regulation
(DPR, GDPR, Privacy and Electronic Communications Regulations)
HINT
Focus on Privacy and Electronic Communication regulation as it links with the scenario
To only contact a customer (1) if box has been ticked (1)
Not to contact a customer (1) if a box has not been ticked (1)
To only use (1) the methods (1) that have been selected by a customer (1)
To Display (1) their telephone number (1) if contacting a customer by phone (1)
If cookies (1) are set on the websites (1), explaining what they will do and why (1)
2.1 Information styles
(B) continued from last question
A Box is ticked of customers choose to opt out
Identify the data type used for the tick box
Justify your answer (3 Marks)
Boolean (1)
The box only (1) has two options (1)
Opt-out if ticked (1) opt-in if left unticked (1)
6.5 Physical Protection
PHHC Store records of customers and owners personal details in a database on the main server
Identify and describe two physical protection methods that could be used to protect the main server (6 Marks)
Biometrics (1)
Fingerprint or eye scanners (1) confirm the identify of the user (1)
Locks (1)
Only people with the key or number (1) can access the office with the main server (1)
Bars on windows (1)
To deter burglars
RFID (1)
Authorised people will have a card (1) to provide an audit trail (1)
CCTV (1)
To have 24 hour surveillance (1) to detect burglars (1)
5.1 Data Types & Sources
Customers are encouraged to leave a review when their stay has ended
The star rating is classified as Quantitative data
Explain why the star rating is classified as Quantitative data (3 Marks)
The rating is measured (1) on a scale (1) of one to five (1)
The rating is based on numbers not text (1)
Analysis can be carried out on the star rating (1)
Numerical data (1) Used to measure (1) quality of accommodation (1)
1.1 Holders of Information
A UK - based university provides a range of free online courses each academic year
Students need to register to access the course content
Identify the category of information holders the university would be included in (1 Mark)
From the following
Academic (1)
Education (1)
Educational institution (1)
1.5 WWW Technologies
(B) continued form last questions
The online courses are accessed through the internet.
Describe what is meant by the internet? (3 Marks)
CSNewbs answer or Flashcard answer is valid but this Flashcard will refer to the mark scheme
A network (1) of interconnected networks or devices (1) spanning the world
Uses the WWW (1) to browse websites (1)
2.4 Information Management
Students need to register before they can take any of the online courses. To Register, personal information needs to be input
The university stores the personal information on their servers
Identify the information management step that should be applied to the personal information stored on the servers (1 Mark)
Security (1)
Continued from last question (Security)
LO4
6.6 Logical Protection
Identify and describe one impact of this step on the university (3 Marks)
Compliance with legislation (1) for example if data is not kept secure (1) then fines could be given if information is breached (1)
Cost (1) may increase (1) due too extra hardware or software e.g encryption software having to be purchased (1)
6.1 Security principle
The university should ensure that stored personal information demonstrates the information security principle of confidentiality
Explain why is meant by information security principle of confidentiality (3 Marks)
Information can only be accessed (1) by authorised people (1)
It is a legal requirement under the GDPR or DPA (1)
Requires data to be kept safe (1) and take measures to ensure this (1)
2.2 Information Classification
The students create a profile which includes their name and the course they are currently taking
The students can set their profile to private or public
Explain the difference between the private and public information classification (2 marks)
Private is:
Only available to those who have been granted access rights (1)
Public is:
Available to anyone (1)
1.2 Storage media
Courses can be completed online or can be downloaded
Students could use a solid state storage media to store the downloaded courses
Identify and describe one characteristic of solid sate media (3 marks)
Robust and durable (1) there are no moving parts (1) so less likely to be damaged if dropped or moved (1)
Storage capacity (1) can be high (1) at a lower cost (1)
Low power consumption (1) as no moving parts (1) better for the environment (1)
Fast transfer of data (1) is faster than HDD (1) increase in efficiency and saves time (1)
Mutability (1) stored data \ information (1) can be edited (1)
2.1 Information Styles
Some for the students have visual impairment
Identify the information style that should be used to allow students with a visual impairment access to the online courses
Justify your Answer (4 Marks)
Audio (1)
People need to hear (1) what the presenter (1) is saying (1)
Visuals \ graphs \ images (1) can be converted to audio (1) to describe them (1)
Any other valid suggestion
2.1 Information styles
Identify and describe the information style that should be used for the certificate of completion for students with a visual impairment (3 Marks)
Identification
Braille (1)
Description
Is a series of dots (1) that use a set pattern for each letter (1)
Can be read by touch (1)
Is used for documents (1)
Generated through the use of a braille printer (1)
4.1 UK Legislation
The university has been the victim of a cyber-attack
Discuss, using examples, how the Computer Misuse Act 1990 may have been broken during the cyber-attack (10 Marks)
The CMA makes it illegal to:
Gain unauthorised access to computer material
Gain unauthorised access with the intent to commit further offences
Make unauthorised modification of information \ data
Making, supplying or obtaining anything which can be used in Computer Misuse Offences
Examples include:
Data \ information may have been stolen
The breach means that access has been gained to the hardware \ software
Identify theft may occur if personal details have been stolen
Changes to data \ information may have been stolen
Details may have been changed to the benefit of the students
3.5 Data Analysis Tools
2.1 Information styles
At the end of each e academic year the university analyses the type of course that have been taken by students and uses this information to decide what courses to offer in future.
Explain how charts and graphs can be used by the university when analysing the courses that have been taken by students (3 Marks)
Can show data \ information (1) in a visual way (1)
Trends and patterns (1) can be seen to interpret data (1)
To show numbers of students (1) on each course each year (1)
To show the most \ least popular courses (1) to make informed decisions (1)
2.4 Information management
The university uses a Management information system (MIS) when deciding what courses to offer
What is the purposes of an MIS? (2 Marks)
Provides the university with the tools to organise \ manage \ evaluate \ analyse (1) (to present) data \ information (1)
Any other valid suggestion
1.2 Storage Media
Book_Shelve use magnetic media to store a back-up copy of the books database
(A) identify two magnetic media devices (2 Marks)
Magnetic tape (1)
Internal or external hard drive (1)
3.6 Information Systems
The available books are shown on the catalogue of books section of the web
Identify the type of information system structure the catalogue of books section on the Book_Shelve website would be included in (1 Mark)
Closed (1)
6.6 Logical Protection
Only registered users can access the catalogue of books section of the website
Identify the logical protection method that is used to access the catalogue of books section of the website (1 Mark)
Username and Password (1)
Log-in details (1)
6.6 Logical Protection
Explain how this logical protection method will increase the security of the catalogue of books section (3 Marks)
A password restricts access to the catalogue (1) without a correct \ strong password (1) the catalogue cannot be accessed (1)
The log-in details can be linked to school contact details (1) so only schools who have registered (1) will receive the books (1)
Can be used with a User ID (1) to authenticate the user (1) so access to the catalogue is limited to a specific group of users \ registered users (1)
1.1 Holders of information
Some of the schools that order books from Books_Shelve are located in developing counties.
Discuss the access issue that could arise in these countries when the schools are ordering books from Book_Shelve Website (10 Marks)
Internet access may be limited
Counties may not have fully functioning computer systems
Internet access may be limited by the government
Upload \ download speeds may not be fast enough to carry out the browsing of the books section
Unstable access may mean that browsing \ ordering of the books is interrupted
Intermittent access due to lack of infrastructure \ location
2.4 Information Management
The schools can query the catalogue of books to find the books that meet their requirements
Identify the information management process that the query would be included in.
Describe the process that takes place (4 Marks)
Collecting, storing, Retrieving (1)
A query is carried out (1) on the catalogue of books section (1)
The query is based on (1) age range \ subject and type of book \ textbook \ revision guide (1)
Selection of tiles (1) and number of books required (1)
5.1 Data Types & Sources
Identify the type of source of the data held in the books catalogue (1 Mark)
Internal (1)
3.2 & 3.3 Information categories
The photographs and statement form a school who have received books would be included in the external communication category of information.
Explain why the photographs and statement would be included in the external communication category of information (4 Marks)
The photographs \ statement contains a message (1) to the donors \ Book _Shelve (1)
The schools \ outside the company (1) create the statement \ photograph (1) and send into Book_Shelve (1)
The photograph \ statement come from the schools \ students \ outside the company (1) who have received the books (1)
2.1 Information Styles
Schools send videos to Book_Shelve to shows the impact the books have on their students. The videos use the schools native language
The subtitle information Style is used to ensure that English language speakers can understand the videos.
Justify the use of the subtitle information style (4 Marks)
Background noise on video (1) can interfere with hearing the message (1)
Noisy environment (1) need to turn volume down (1)
Hearing disability (1) to allow access for full range of users (1)
If English is used (1) then the accent may be difficult for the charity \ donors to understand (1) so subtitles will make the message understandable (1)
The schools are located in countries around the world (1)
English may not be the 1st language (1)
Video speech will need to be translated (1) so that the donors \ charity can understand the message (1)
2.2 Information Classification
A hairdressers has clients including men, women and children. They are considering a new computer system to manage the bookings and to enable clients to book their appointments through an online booking system.
Identify the classification of information the appointments would be included in
Justify your choice (3 Marks)
Business (information) (1 Mark)
The appointments are data that applies (1) to the hairdressers (1)
The appointments are crucial (1) to the running if the business / Hairdresser (1)
5.2 Data Flow Diagrams
As part of the development process a Data Flow Diagram (DFD) will be created.
One component of a DFD is an external entity
Draw and label symbols for two other DFD Components (4 Marks)
WARNING
Unable to draw the shape please check CSNewbs
Label
1) Data flow (1)
Component
1) Arrow (1)
Label
2) Process (1)
Component
2) Oblong (1)
5.1 Data Types & Sources
Qualitative data will be used in the online booking system
Describe, using an example related to the booking system, what is meant by qualitative data (3 Marks)
Data that describes (1)
Data does not measure (1)
Does not include numbers / measurements (1)
Examples
Hairdresser name (1)
Day of appointment (1)
Name of client (1)
Service required (1)
6.3 Impacts
The hairdressers has been advised about security breaches.
One impact of a breach in information security is the loss of services and access to these services.
Describe two other impacts that could occur as a result of a security breach (4 Marks)
Loss of reputation (1) as the hairdressers has failed to comply with the GDPR / DPA (1)
Clients may have to change financial details / Identity theft (1) as confidential data may be accessible to others (1)
Possible financial implications / have to pay compensation (1) due to loss of information belonging to clients / staff (1)
2.2 Information Classification
The hairdressers will be storing client details including names, addresses and contact details including mobile numbers and email addresses
Explain why the client details would be included in the personal classification of information (4 Marks)
The contact details (1) are information about a person / client (1)
The contact details should not be seen by anyone (1) who is not authorised to do so (1) and should be kept securely (1)
The details are covered by the DPA / GDPR (1)
Permission should be given (1) before the contact details are shared with another (1)
4.1 UK Legislation
Identify the legislation that relates to the storing of client data (1 mark)
From the following:
GDPR (1)
Data protection act (DPA) (1)
4.1 UK Legislation
Describe two actions that should be taken by the hairdressers to comply with this legislation (4 Marks)
Maintain security (1) to ensure that clients data is safe (1)
Check clients data is up to date (1) on a regular basis (1)
Remove clients data (1) when they stop using the hairdresser (1)
Not use the data for any other purpose (1) that it was collected for (1)
2.3 Quality of Information
The new booking system will enable clients to book their appointments online. The clients will be able to see the available days and times for the appointments. The client will be able to select the stylist they want to cut their hair and confirm the appointment. This appointment will then no longer be available for booking by other clients.
Discuss the consequences to the hairdressers if the client and booking information is of poor quality (10 Marks)
Appointments missed by clients leading to loss of revenue
Incorrect appointments booked by clients so stylist may not be available
Loss of reputation if online booking page is unreliable
Clients may not be able to be reminded if client details are incorrect so appointments may be missed
Appointments not being made unavailable when booked by a client meaning appointments can be double booked
Double booking of appointments for the same day / time stylist meaning two clients arrive at the same time
4.3 Green IT
The hairdressers want to use Green IT to increase its reputation with clients
Describe the purpose of Green IT (3 Marks)
To use computers / IT resources (1) in an efficient / environmentally responsible way (1)
To reduce waste (1) by recycling resources / computers (1)
To reduce carbon footprint (1) to help reduce global warming (1)
Any other valid suggestion
4.1 Green IT
Describe two benefits to the hairdressers of using Green IT (4 Marks)
Energy costs / use will be reduced (1) as power is not being wasted / lights not being left on (1)
Less consumables will be used (1) Leading to less cost / less going to landfill (1)
To be able to access government grants / tax relief (1) which increases profits / revenue (1)
