Cambridge High School Quiz #1

/20

Name: ……………………………… Grade/Section: 9/ M, L, O Date: … /March /2022

Teachers' Name: Alex A. Quiz #1 Subject: ICT/ CS.

Security - Authentication & Hacking

1. Define The following terms: [6]

 Hacking:
Hacking Is a word used to refer to gaining unauthorized access to computer systems. And is
done by exploiting weaknesses in the target system’s security.

 Social engineering:
Social Engineering is simply tricking or manipulating a person into revealing their password
or other sensitive data.

 False Positive:
This is when an unauthorized user is mistakenly allowed access because the system
mistakes their data for that of an authorized user.

2. (a) State whether Passwords fall into the category of “something you know”,
“something you have” or “something you are”. [1]

- something you know

(b) List precautions that every password should have. [2]
- use more than 12 characters
- Use upper-case and lower-case letters, numbers and symbols
-Use different passwords for each system, to limit problems if one password is
compromised.
-Changing password frequently
-Avoid using real words, names or dates
-Never write down passwords

1
 3. (a) What is the main authentication method included in “Something you are”?
Provide a brief explanation. [1]
Something you are or “biometrics” is the process of using part of a person's body to
give them authority. It uses parts of the human body like fingerprints and iris patterns to
identify the person of authority. Biometrics have a clear advantage over passwords since
you cannot forget them.
(b) outline two examples. [2]
Using face shape, voice patterns
4. Explain which is more of a security risk between False Negative and False Positives in
Biometrics. Elaborate on your choice. [4]
False Positive is a lot more dangerous than False Negative. Since in False Negative, the
authorized person does not gain access to the system, whereas, in false Positive an
unauthorized user gains access to a system that they should not gain access to. The
system mistakenly allows their access. If False Positive error ever happens in a system
the person with the access could do anything, they want in the system but the
authorized user in False Negative would simply not have access yet can try again to gain
access.
5. Explain Packet sniffers and outline how they can be used both positively and
maliciously. [4]
Packet Sniffers are programs that capture data as it travels over networks. Packet sniffer do
have many uses as helping diagnose network problems, However, they could be used
maliciously by capturing sensitive data as it travels though the netwroks.