Paper 1 Network Security Drills

These are original Paper 1-style practice questions. They use concrete security scenarios so the answers can be checked exactly.

Detailed answers are in Paper 1 Network Security Answers.

Revise the topic hub first:

Questions

Question 1: Malware

A student opens an attachment named timetable_update.exe. After that, files in the Documents folder are renamed with the extension .locked, and the laptop starts sending many emails to contacts without permission.

Describe two harmful effects of the malware in this scenario. [2]

Question 2: Denial of Service

At 09:00, a school results website normally handles about 50 requests per minute. During an attack it receives 80 000 requests per minute from many different IP addresses, so this is a distributed form of DoS. Legitimate students cannot load the page.

Explain how this attack affects availability. [3]

Question 3: Firewall Rule

A school network uses these firewall rules for incoming traffic:

RulePortAction
180allow
2443allow
322block

State what the firewall should do with an incoming packet to port 22, and explain why. [2]

Question 4: IDS vs IPS

An IDS logs this alert:

10 failed login attempts from 203.0.113.9 within 60 seconds

An IPS is configured with the same detection rule.

Compare what the IDS and IPS would normally do after detecting this pattern. [4]

Question 5: Encryption

A message is sent over a public Wi-Fi network:

exam_result=85

Explain how encryption protects confidentiality if the traffic is intercepted. [2]

Question 6: Digital Signature

A teacher sends a file and a digital signature. The file hash computed by the student is different from the hash verified from the teacher’s signature.

Explain what this tells the student about integrity and authenticity. [4]

Question 7: Authentication Factors

A login system requires:

password: correct horse battery
one-time code from phone app: 481926

Identify the two different authentication factors used. [2]

Question 8: Password Policy

A website currently accepts all of these passwords:

alex
12345678
password1

Suggest two password-policy controls that would reduce the risk of weak passwords, and apply each control to one password above. [4]

Question 9: Security and Usability

A school changes its student portal so users must enter a password and a six-digit one-time code every time they log in, including from trusted classroom computers.

Explain one security benefit and one usability cost of this change. [2]

Question 10: Control Choice

A web server log shows repeated requests from the same IP address:

203.0.113.8 GET /login
203.0.113.8 GET /login
203.0.113.8 GET /login
203.0.113.8 GET /login
203.0.113.8 GET /login

Choose a suitable security control to detect, slow, or block this pattern, and justify your choice using the repeated requests from the same IP address. [3]

Review Checklist

After attempting these questions, check whether you can:

  • apply malware, DoS, firewall, IDS, IPS, encryption, digital-signature, and authentication ideas to a concrete scenario;
  • distinguish detection from prevention;
  • explain security controls using the exact evidence supplied;
  • state one precise benefit, limitation, or trade-off where required.