chapter 8

Question 1

What is the Data Protection Act (DPA)?

Answer 1

Laws designed to protect individuals and prevent incorrect/inaccurate data being stored.

Question 2

State one DPA principle.

Answer 2

Data must be fairly/ lawfully processed / Processed for stated purpose only / Adequate, relevant, not excessive / Accurate / Not kept longer than necessary / Kept secure / Not transferred without adequate protection.

Question 3

Why is data protection legislation required?

Answer 3

Provides rules on using personal data / Regulates processing / Protects data subject’s rights / Prevents misuse by third parties.

Question 4

What is e-safety?

Answer 4

Being safe on the internet.

Question 5

Give an e-safety rule for young children.

Answer 5

Use age-appropriate search engines / Only visit recommended websites / Use software to limit web access.

Question 6

Give an e-safety rule for email.

Answer 6

Be careful with unknown senders / Never open unknown attachments / Type website addresses directly / Check sender’s address in header.

Question 7

What is hacking?

Answer 7

Gaining unauthorised access to a computer system.

Question 8

Hacking effect.

Answer 8

Can lead to identity theft / Data can be deleted, changed, or corrupted.

Question 9

How to avoid hacking?

Answer 9

Use firewalls / Use strong, frequently changed passwords.

Question 10

What is phishing?

Answer 10

Email pretending to be trustworthy to steal personal information.

Question 11

Phishing effect.

Answer 11

Creator gains personal data / Can lead to fraud or identity theft.

Question 12

How to avoid phishing?

Answer 12

ISP/web browsers filter emails / Be cautious with emails/attachments.

Question 13

Smishing vs. vishing.

Answer 13

Smishing uses SMS; Vishing uses voice calls/messages.

Question 14

What is pharming?

Answer 14

Malicious code redirecting user to fake website without their knowledge.

Question 15

Pharming effect.

Answer 15

Creator can gain credit/debit card details / Leads to fraud or identity theft.

Question 16

How to avoid pharming?

Answer 16

Anti-spyware software / Be alert for website redirection clues.

Question 17

Define malware.

Answer 17

Any malicious software designed to disrupt computer or data.

Question 18

What is a computer virus?

Answer 18

Program that replicates, corrupts data, or uses memory to slow/crash computer.

Question 19

What is a worm?

Answer 19

Program that replicates by finding network vulnerabilities, clogging bandwidth.

Question 20

What is spyware/keylogging?

Answer 20

Records all key presses and sends data to perpetrator.

Question 21

What is a Trojan horse?

Answer 21

Malware disguised as harmless software (e.g., game).

Question 22

What is adware?

Answer 22

Program creating pop-up/banner adverts online.

Question 23

What is ransomware?

Answer 23

Malware encrypting data and demanding ransom for decryption.

Question 24

Anti-virus software function.

Answer 24

Protects against viruses / Scans with virus database / Alerts user / Removes/quarantines viruses.

Question 25

Anti-malware software function.

Answer 25

Protects against advanced malware / Uses heuristic detection / Warns of threats / Removes malware.

Question 26

What is shoulder surfing?

Answer 26

Watching/spying to obtain passwords, PINs, or data by direct observation.

Question 27

How to reduce shoulder surfing?

Answer 27

Cover keypad / Sit with back to wall / Unclick 'show password' / Use biometrics / Use contactless.

Question 28

What is card cloning?

Answer 28

Making an unauthorized digital copy of credit card data onto a blank card.

Question 29

Biometrics definition.

Answer 29

Relies on unique human characteristics for identification.

Question 30

Two biometric categories.

Answer 30

Physiological (fingerprint, retina) / Behavioural (signature, voice).

Question 31

Biometrics advantage.

Answer 31

Improved security / Quicker authentication / Cannot be forgotten/lost.

Question 32

Biometrics disadvantage.

Answer 32

Environment affects measurements / Not 100% accurate / May not recognise changed characteristics / Hygiene concerns.

Question 33

What is encryption?

Answer 33

Method of securing data by scrambling it to make it meaningless.

Question 34

Plain text vs. cipher text.

Answer 34

Plain text: data before encryption. Cipher text: data after encryption.

Question 35

Symmetric vs. asymmetric encryption.

Answer 35

Symmetric: same key encrypts/decrypts. Asymmetric: public key encrypts, private key decrypts.

Question 36

What is a digital certificate?

Answer 36

Digital form of identification authenticating a website's credentials.

Question 37

Digital certificate purpose.

Answer 37

Ensure website is trusted/genuine / Verify company ownership / Share public key for encryption.

Question 38

What is SSL?

Answer 38

Secure Sockets Layer - protocol for secure data transmission over internet (https, padlock).

Question 39

What is TLS?

Answer 39

Transport Layer Security - more modern/secure version of SSL.

Question 40

Firewall function.

Answer 40

Software/hardware examining traffic between computer and network; blocks data failing criteria.

Question 41

Two-factor authentication factors.

Answer 41

Knowledge (PIN) / Possession (security token) / Inheritance (fingerprint).

Question 42

Strong password rule.

Answer 42

At least 8 chars / Contains numbers & letters / Upper & lower case / Contains symbol / No personal details.

Question 43

Authentication definition.

Answer 43

Process of verifying someone's claimed identity.

Question 44

Authentication techniques.

Answer 44

User ID/password / Biometrics / Magnetic stripes / Smart cards / Physical tokens / Electronic tokens.

Question 45

What is zero login?

Answer 45

Authentication by user behaviour (facial, voice, movements) with no manual input.

Question 46

A company stores customer data. Which DPA principle requires them to state why they collect it?

Answer 46

Data must be processed for the stated purpose only.

Question 47

How can a user identify a phishing email?

Answer 47

Check sender's actual address / Look for too-good-to-be-true offers / Avoid clicking links, type URL directly.

Question 48

Why is a worm more dangerous to a network than a virus?

Answer 48

It self-replicates using network holes, clogging bandwidth and slowing the entire network.

Question 49

What protection is best against ransomware?

Answer 49

Regular backups and anti-malware with heuristic detection.

Question 50

A shop uses fingerprint scanners for staff logins. What type of biometric is this?

Answer 50

Physiological biometric.

Question 51

Why is asymmetric encryption more secure for online shopping?

Answer 51

The public key encrypts data, but only the website's private key can decrypt it.

Question 52

How does a firewall protect a home network?

Answer 52

Examines incoming/outgoing data and blocks traffic that doesn't meet security criteria.

Question 53

Why should passwords be changed regularly?

Answer 53

To reduce the risk if a password is compromised without the user's knowledge.