Worksheet 1 Network threats

Unit 4 Network security and systems software

Name:...................................................................................................... Class: ......................

Task 1
For each of the scenarios given below, tick which hacking techniques have been used.
Underline the part(s) in the scenario that support(s) your choice. The first scenario has been
completed as an example.

Ransomwar

Key logger
Scenario

Trojan
Worm
Virus

e
1 Tyler goes to a website that says that it will supply
cracked software that doesn’t need a licence. After
installing the software, the user is pleased as it works
as expected. They notice later that many adverts P
display on their computer.

2 Leila clicked on a file in an email attachment. Today,

when she turned on her computer it said that all her files
are now encrypted. She has been given 24 hours to pay
one bitcoin to unencrypt the files. x

3 Richard has downloaded a file from the Internet and run

it. After a short while he has noticed that many of the
files on his computer have been deleted or corrupted.
x

5 A program has been written that targets computers on

the Internet. It automatically replicates itself, and whilst
it doesn’t harm any individual computers, it does slow
down the network. x

1
Worksheet 1 Network threats
Unit 4 Network security and systems software

Task 2
You have been asked to help a user that isn’t that knowledgeable about computer security.
In the table below are some actions that they commonly take. For each action, explain the
security risk and what you would advise them to do instead. The first row has been completed
for you.

Action taken by user Security risk Advice

The user ignores most app The software will be Update all apps/software
updates as sometimes the unpatched / have security
apps need a username and issues that are not fixed
password to be entered
again.

A user visits a legitimate The site could be a scam site Contact Bank and change
looking website for their to steal her data to log in to password immediately.
bank. The web address is her bank account to transfer Transfer money out of
very slightly different to money. account if possible.
usual. They enter their
username and password to
log in, but it says there is an
error.

The user enters their PIN at Someone could be shoulder Change pin and hold onto
ATMs without covering their surfing and looking at their your credit card and wallet
hand. pin and if their card gets carefully.
stolen, their account can be
accessed easily

The user is very honest and They could be providing Change passwords, put the
helpful. They work as a information for a brute force user on mandatory training
receptionist. When someone hacking and a security leak and find out who the caller
phones and asks for such as this can make it was.
information about other staff easier to guess passwords,
in the company, such as get into the building or
their full name, they are commit identity fraud.
happy to help.

2
Worksheet 1 Network threats
Unit 4 Network security and systems software

Task 3
Look at the following text message.

(a) What action should the recipient take?

Call the bank (your actual bank). Report the message and delete it. Do not respond and
do not click on the link

(b) Give reasons for your answer:

The link looks fake and the phrasing on your Online Banking is very suspicious due to the
bad grammar usage. As this is not on a laptop you cannot hover on the link, but to be safe
not clicking on the link is the best option. Calling the bank is the best way to identify
whether or not there is real unusual activity. The sense of urgency created by ‘to avoid
account suspension is also suspicious but in case of an actual problem it is always best to
call your actual trusted bank with a number you trust.

3
Worksheet 1 Network threats
Unit 4 Network security and systems software

Task 4
1. Carry out some research on Denial of Service attacks and write up your findings.
Be sure to include answers to the following questions.
 What is a DoS attack?
 Who is typically targeted?
 Who does it typically affect?
 How can it be countered?

4
Worksheet 1 Network threats
Unit 4 Network security and systems software

2. Research one or more examples of DoS attacks and write a short description. Cover the
following points:
 When did it take place?
 Which country/organisation was affected?
 How many people were affected?
 Who was responsible for the attack?
 What were their motives?
 How was the attack accomplished?
 How can organisations protect themselves?
Sample websites:
https://www.microsoft.com/en-us/microsoft-365-life-hacks/privacy-and-safety/top-5-most-
famous-ddos-attacks
http://www.independent.co.uk/life-style/gadgets-and-tech/worlds-largest-denial-of-service-
attack-caused-by-vulnerability-in-the-infrastructure-of-the-web-9122200.html

5
Worksheet 1 Network threats
Unit 4 Network security and systems software

Task 5
An SQL injection is a way of hacking a database. These databases often store data which is
used for websites.

Describe, with examples how an SQL injection can take place. Include the following:

 What is SQL?
 What does a typical SQL query look like that is generated from a web form?
 What commands can be injected into an SQL query to make it operate in a
malicious manner?