LO1

Question 1

What is meant by cyber security

Answer 1

Technologies, processes and practices used to protect networks, programs, computer systems and data from being attacked, damaged and prevent unauthorised access

Question 2

What is integrity

Answer 2

Ensuring data is kept upto date, accurate, fit for its intended purpose and trustworthy

Question 3

What is confidentiality

Answer 3

Ensuring data is only accessible to those who are authorised to do the data

Question 4

What is availability

Answer 4

Ensuring data is made avaliable for those who are authorised when the data is required

Question 5

What is GDPR

Answer 5

General data protection regulation, protects the privacy of data for people in the EU that is processed by organisations and stored on computers

Question 6

6 Principles of GDPR

Answer 6

Data must be collected lawfully
Data must be used only for reasons specified
Data must be relevant and not excessive
Data must be up to date/ Accurate
Data must be secured securely
Data must not be stored longer than required

Question 7

Name types of cyber security incidents

Answer 7

Unauthorised access
Information disclosure
Inaccessible data
Destruction
Theft

Question 8

What is unauthorised access and what types of unauthorised access is there

Answer 8

Gaining access to computer systems, networks and data without permission

• Hacking
• Escalation of privileges

Question 9

What is hacking

Answer 9

Illegally using a computer to access information stored on another computer

Question 10

What is escalation of privileges and the two forms of it

Answer 10

obtaining rights to access and edit information that normal users do not normally have

• Horizontal
• Vertical

Question 11

What is vertical escalation of privileges

Answer 11

Finding flaws in the security system/ operating system to increase levels of unauthorised access

Question 12

What is horizontal escalation of privileges

Answer 12

Gaining access to other users areas by stealing their username and passwords

Question 13

What is information discourse

Answer 13

Information passed to another person, organisation without permission from the owner

Question 14

What is inaccessible data and the two examples of inaccessible data

Answer 14

Data that is not available to those with authorisation

• Account lockout
• denial of service

Question 15

What is account lock out

Answer 15

account is locked due to many failed log in attempts

Question 16

What is denial of service

Answer 16

Attack to shut down a computer system making it inaccessible

Question 17

What is destruction and two ways destruction can be done

Answer 17

Permanent deletion of data

• Malware
• Deliberate erasure

Question 18

What is Malware

Answer 18

Software including viruses, trojan and spyware used to steal, encrypt or delete data

Question 19

What is deliberate erasure

Answer 19

data deleted from a computer system on purpose and without owner permission to cause problems for an individual or organisation

Question 20

What is theft

Answer 20

Stealing computer based information from an un known victim with the intent of compromising privacy or obtaining confidential information

Question 21

Cyber security protects…

Answer 21

Personal data such as financial date, identity
organisations data such as financial date or intellectual property
States data such as national security, economic plans

Question 22

Why is cyber security importants

Answer 22

Cyber crime is on the rise so cybersecurity is in place to fight and reduce cyber crime making the online world more safer and secure

Cyber crime causes damage therefore cyber security is in place to protect against all damages such as financial, health and safety and reputational damage

cyber security can help build trust as for organisations customers want a trustworthy organisation to securely store their personal information if there is no trust then people are less likely to use the organisation