Professional Documents
Culture Documents
work.
...................................................................................................................................
...................................................................................................................................
...................................................................................................................................
(2 marks)
(ii) Why does the company have a Code of Conduct rather than just expecting
employees to obey the law?
...................................................................................................................................
...................................................................................................................................
...................................................................................................................................
...................................................................................................................................
...................................................................................................................................
(2 mark)
(ii) To set out points of good practice for employees//set out rules
that are not legal requirements;
To ensure employees are aware of legal requirements//as
employees may not know what the law is;
To relate legal requirements to the work that the employee does;
To make clear consequences of breaking the rules if mark not
already awarded in b(i)
A to exonerate the company if law is broken
MAX 2 2
2 (a) A student has been asked to explain the difference between security and integrity of
data. Give an example for each of two different types of failure of security and give
two different reasons for a failure of integrity which the student might use to
demonstrate the difference between the meaning of these two terms.
1 .................................................................................................................................
....................................................................................................................................
2 .................................................................................................................................
....................................................................................................................................
(2 marks)
1 .................................................................................................................................
....................................................................................................................................
2 .................................................................................................................................
....................................................................................................................................
(2 marks)
(b) For each of the types of security problems you have given in part (a) (i), describe
a practice that a school or college might implement to protect students’ personal
data. Your two practices must be different.
1 .................................................................................................................................
....................................................................................................................................
....................................................................................................................................
2 .................................................................................................................................
....................................................................................................................................
....................................................................................................................................
(4 marks)
(a) (i) Security: 1 mark for each of 2 examples of different types of security
failure MAX 2 marks
Unauthorised access to data;
Unauthorised / deliberate corruption / loss / alteration of
data/software;
Theft of / damage to hardware;
Accidental destruction of data by hardware failure /operator error;
Loss of data through natural hazards e.g. fire, flood, earthquake;
Natural hazards
Regular backups; (if not already given)
kept securely;
/Uninterrupted power supply;
To allow systems to close down safely;
(a) For each of the following, suggest a suitable backup strategy. Your suggestions should
all be different.
Hint: You might consider who should be responsible, how often it should take place
and/or a suitable medium to use.
....................................................................................................................................
....................................................................................................................................
(2 marks)
....................................................................................................................................
....................................................................................................................................
(2 marks)
....................................................................................................................................
....................................................................................................................................
(2 marks)
3 backing up policies
(a) (i) Describe two distinct steps that should be taken to minimise unauthorised access
by staff to those parts of the system they have no need to access in order to carry
out their job role.
1 .................................................................................................................................
....................................................................................................................................
2 .................................................................................................................................
....................................................................................................................................
(4 marks)
....................................................................................................................................
....................................................................................................................................
(1 mark)
(b) What safeguards should be used to keep the data protected from loss or corruption due to:
(i) Hackers
....................................................................................................................................
(1 mark)
(ii) Viruses
....................................................................................................................................
(1 mark)
(iii) A system failure caused, for example, by a power cut?
....................................................................................................................................
(1 mark)
(c) Describe one further safeguard which needs to be in place to enable the company to get
back into operation swiftly and effectively after a serious problem causing a complete
system failure.
.............................................................................................................................................
.............................................................................................................................................
.............................................................................................................................................
(1 mark)
4 (a) (i) Unauthorised access
password protect sensitive files; 1 mark
//have username & passwords to log on;
/ have username & password / use biometrics to restrict access;
AND change passwords on a regular basis; 1 mark
/ choose passwords that are difficult to guess;
/ do not write passwords down;
/ shut down after (e.g.) 3 attempts at guessing the password;
A and set attributes/permissions/access rights;
(ii) use software that can monitor /log user activity A record, R store
/monitor file changes; 1 mark
(c) restore
a good recovery / restore procedure; A description of this 1 mark
/backup media must be available immediately;
/ availability of alternative hardware;
A Make regular backups if not given in (iii)
A have a contract with an outside recovery service;
5 A manufacturing company uses computers for both the manufacturing process and the tasks
carried out in the offices.
(a) The customer and order files used in the office are regularly backed up, while the data
produced during operation of the manufacturing process is archived.
(i) Describe what is meant by backing up files, giving a reason why the customer and order
files are backed up.
Backing up .........................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...................................................................................................................................... [2]
Reason ..............................................................................................................................
...................................................................................................................................... [1]
(ii) Describe what is meant by archiving data, giving a reason why the data from the
manufacturing process is archived.
Archiving ...........................................................................................................................
...........................................................................................................................................
...........................................................................................................................................
...................................................................................................................................... [2]
Reason ..............................................................................................................................
...................................................................................................................................... [1]
(b) The workers are paid weekly. Their times at work over the week are collected and the staff file
is updated at the same time as the pay is calculated.
Describe a backing up routine which could be used for the staff file.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
.............................................................................................................................................. [4]
(a) (i) Making copy of the data in a file...
And the file structure
On a portable medium
Kept away from originals
So that if the original is corrupted it can be replaced
(1 per -, max 2) (2)
Customer and order files are very important to the company, so
must be protected (1) [3]
(b) Either:
Back up copy taken weekly...
Immediately after updating of staff file
Multiple copies taken...
Stored in more than 1 location
At least one is stored off site
Mention of incremental back up
6 The encryption of data is widely used in computing.
Application 1
Reason
Application 2
Reason
[4]
(b) Authorisation and authentication are processes designed to protect the computer
system and data.
Authorisation
Authentication
[2]
6 Possible answers include:
(b) Authorisation
Different permissions granted to different users [1]
Restricted access to certain data files/directories/physical devices [1]
User IDs [1]
MAX 1
Authentication
Passwords [1]
(Digital) signature // (Digital) certificate [1]
Use of biometric data and methods [1]
MAX 1
[Total: 11]