Year 10

Being part of the solution

Year 10

Being part of the solution

warning

These resources will be removed by end of Summer Term 2025.

Switch to our new teaching resources now - designed by teachers and leading subject experts, and tested in classrooms.

Lesson details

Key learning points

  1. In this lesson, we will explore different careers available in cybersecurity before taking an end of unit quiz.

Licence

This content is made available by Oak National Academy Limited and its partners and licensed under Oak’s terms & conditions (Collection 1), except where otherwise stated.

Loading...

3 Questions

Q1.
Which of the following definitions describes physical security?
A plan to review and test code in an attempt to discover vulnerabilities in programs before cybercriminals find them
Allowing an organisation to resume business quickly during or after a disaster, which could include a cyberattack
Monitoring and analysis of computer network traffic for information gathering and intrusion detection
Correct answer: Security measures that are designed to deny unauthorised access to facilities, equipment, and resources and to protect personnel and property from damage or harm, e.g. the use of passcards and biometric checks (fingerprints, retinal scans)
Q2.
"Penetration testing is defined as a type of A.______ testing used to test the B.______ areas of a system or application." What is the missing word at position A?
hacker
insecure
insider
Correct answer: network
Q3.
"Penetration testing is defined as a type of A.______ testing used to test the B.______ areas of a system or application." What is the missing word at position B?
hacker
Correct answer: insecure
insider
network

11 Questions

Q1.
Which of these sentences most accurately defines cybersecurity?
Any activity designed to protect the usability and integrity of a network and its data by managing access to the network.
Designing programs that are less vulnerable to cyberattack.
Ensuring that all staff are adequately trained to protect an organisation.
Correct answer: The practice of protecting systems, networks, and programs from digital attacks.
Q2.
Which of these sentences defines an ethical hacker?
An individual who is inexperienced but interested in a career in IT.
An individual who may seek financial reward for finding vulnerabilities but is more interested in finding the vulnerabilities than the reward.
An individual who will violate computer security for malicious / financial reasons, AKA cracker.
Correct answer: An individual whose activities are designed to test and enhance computer security, AKA ethical hacker.
Q3.
Which of the sentences below most accurately describes hacktivists?
Individuals who don’t care about money.
Individuals who organise mass walkouts and protests.
Correct answer: Individuals who use technology to announce a social, ideological, religious, or political message.
Individuals who will stop at nothing to get their message across.
Q4.
Which of the sentences below most accurately represents social engineering in cybersecurity?
A discipline in social science that refers to efforts to influence particular attitudes and social behaviours on a large scale to produce desired characteristics in a target population.
Getting information from people by promising them things.
Manipulating people on the telephone.
Correct answer: The psychological manipulation of people into performing actions or divulging confidential information.
Q5.
Which of the sentences below defines phishing?
A physical security breach in which an unauthorised person follows an authorised individual to enter secured premises.
A technique that involves a social engineer being physically present to overhear confidential conversations.
Redirecting victims to a bogus site even if the victim has typed the correct web address; this scam is often applied to the websites of banks or e-commerce sites.
Correct answer: Trying to obtain confidential records such as passwords by sending emails that look as if they are from a legitimate, respected organisation, but contain links to fake websites that take data from their unsuspecting victims.
Q6.
Which of the sentences below most accurately represents a worm?
A type of malware that can be combated by constantly updating software.
Correct answer: Self-replicating malware that does not need to infect an existing program but is able to spread very rapidly, infecting large numbers of machines.
Self-replicating malware that usually embeds itself into an existing software on a device and then, once that software is run, spreads to other executable files.
Q7.
Which of the sentences below most accurately represents a virus?
A type of malware that can be combated by constantly updating software.
Self-replicating malware that does not need to infect an existing program but is able to spread very rapidly, infecting large numbers of machines.
Correct answer: Self-replicating malware that usually embeds itself into an existing software on a device and then, once that software is run, spreads to other executable files.
Q8.
SQL injection allows cybercriminals to do which of the following actions?
Correct answer: All of the above.
Change specific items in a database.
Delete all the contents of a database.
Reveal all usernames and passwords.
Q9.
What is encryption?
Communicating only with certain people.
Hiding messages from cybercriminals.
Hiding secret messages.
Correct answer: The process of encoding data or a message so that it cannot be understood by anyone other than its intended recipient.
Q10.
Which of the following is incorrect in relation to firewalls?
A firewall blocks unexpected connections coming into the network; most operating systems include a firewall.
Correct answer: A firewall can only be software.
A firewall sits between a local network or computer and another network, controlling incoming and outgoing network traffic.
A firewall’s rules determine which traffic is allowed through and which isn’t.
Q11.
Which of the sentences below most accurately represents network forensics?
A plan to review and test code in an attempt to discover vulnerabilities in programs before cybercriminals find them.
Allowing an organisation to resume business quickly during or after a disaster, which could include a cyberattack.
Correct answer: Monitoring and analysis of computer network traffic for information gathering and intrusion detection.
Security measures that are designed to deny unauthorised access to facilities, equipment, and resources and to protect personnel and property from damage or harm, e.g. the use of passcards and biometric checks (fingerprints, retinal scans).