Documente Academic
Documente Profesional
Documente Cultură
7 March 2018
Marking Scheme
This marking scheme has been prepared as a guide only to markers. This is not a set of
model answers, or the exclusive answers to the questions, and there will frequently be
alternative responses which will provide a valid answer. Markers are advised that, unless a
question specifies that an answer be provided in a particular form, then an answer that is
correct (factually or in practical terms) must be given the available marks.
If there is doubt as to the correctness of an answer, the relevant NCC Education materials
should be the first authority.
Where markers award half marks in any part of a question, they should ensure
that the total mark recorded for the question is rounded up to a whole mark.
.
Answer ALL questions
Marks
Question 1
a) Briefly explain the general actions performed during the encryption process. 4
b) ‘Successful encryption, depends on the key and algorithm being kept secret’. Is 2
this statement valid or misleading? Explain your answer.
The Algorithm does not have to be kept secret, (1 mark) but in symmetric
key cryptography the key must be kept secret (1 mark)
ii. Outline the effect of different key sizes in relation to a Brute Force Attack. 2
Total: 10 Marks
Page 2 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Question 2
a) Public Key Infrastructure (PKI) is a security architecture that has been introduced 5
to provide an increased level of confidence for exchanging information. E-
Commerce makes use of Public Key Infrastructure using TLS when you make a
purchase.
Spell out the acronym TLS and explain how a browser uses TLS to ensure that
the E-commerce server is authentic and not a spoof website.
b) PKI uses ‘Public Key Cryptography’ rather than ‘Symmetric Key Cryptography’. 1
Explain the weakness of Symmetric Key cryptography that Public Key
Cryptography overcomes.
c) Alison wants to send a secure message to Jason. Describe how Alison would 2
use Public Key Infrastructure to send a send a secure message to Jason.
Alison encrypts her message with Jason’s Public Key and transmits it to
Jason. (1 mark). Jason decrypt with his Private Key. (1 mark)
d) Public Key encryption has limitations. What is the disadvantage of Public Key 2
encryption compared to Symmetric Key encryption? Explain how can this
disadvantage be overcome?
Total 10 Marks
Page 3 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Question 3
b) Produce a diagram to demonstrate how TCP/IP fits with other common Internet 6
protocols in a protocol stack. Your table should be illustrated by showing named
protocols.
Award 1 mark for each correctly named element placed in the correct
position within the diagram.
SSL or TLS
TCP
IP
Total 10 Marks
Page 4 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Question 4
Total 10 Marks
Page 5 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Question 5
b) To ensure password database entries are protected Hashing Functions are used. 2
MD5 and SHA-1 are two common Hashing Functions. Explain how they are
used to protect the password entries.
d) State ONE (1) reason why it is important that users are not allowed to create their 1
own passwords without ensuring that the password they create is strong?
Award a maximum of 1 mark for the following, or any other valid relative
reason:
Total 10 Marks
Page 6 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Question 6
b) Explain how you would detect open ports and provide ONE (1) example of a tool 2
that can be used.
c) A further aspect of penetration testing is to use brute force attacks and dictionary 5
attacks.
i) Explain how a dictionary attack works and give ONE (1) advantage of
using a dictionary attack.
ii) State THREE (3) similarities between brute force and dictionary
attacks.
Award 1 mark for each bullet point up to a maximum of 3 marks:
▪ Both a dictionary and brute force attack are guessing attacks;
▪ they are not directly looking for a flaw or bypass.
▪ Both are ways of obtaining passwords
▪ Either can be an offline attack or an online attack.
Total 10 Marks
Page 7 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Question 7
a) Briefly explain FOUR (4) key functions of a Virtual Private Network (VPN). 4
Total 10 Marks
Page 8 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Question 8
b) Draw a diagram which shows how a single network firewall could be used with a 4
Demilitarized Zone, Internal network and Internet. Show where a Web Server
and Domain Controller would be positioned.
c) Provide TWO (2) examples of Access (Firewall) rules for your network in 2
Question 8(b).
Total 10 Marks
Page 9 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Question 9
Wireless networking is inherently less secure than a wired LAN, since the Wireless
network broadcasts its existence and the signal can be received by devices not authorised
to join the network.
a) What security technique would you use to ensure confidentiality of data across a 1
wireless network?
b) State TWO (2) protocols you could use to provide confidentiality of traffic across 4
the network. Which of the two protocols you have chosen is the most secure?
You should justify your answer.
The maximum number of marks awarded to this question is 4.
Award up to 2 marks for stating two protocols. Award up to 2 marks for a
choice and justification of a security protocol.
Protocol examples:
WEP; WPA; WPA-2 EAP/ IEEE802.1X (2 marks)
Total 10 Marks
Page 10 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Question 10
Ransomware is malware that prevents you from using your files or your computer, and
then extorts money from you in exchange for a promise to unlock them. Ransomware is
one of the most prolific cybercrime problems. One of the best known, most recent and
most devastating examples is ‘WannaCry’, which attacked many businesses in 2017.
a) The WannaCry typically uses phishing techniques to trick the user into running it. 3
Briefly describe the term phishing and provide ONE (1) example of the term.
Award 1 mark for the example and up to 2 marks for explaining phishing.
Example: email from an ecommerce site with attachment of ‘invoice’.
Page 11 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
c) If you were a Company Chief Information Security Officer, what action would you 5
take to improve security from this type of cyberattack? You must justify your
recommendations.
The maximum number of marks awarded to this question is 5. The aim here
is to see security in context of the business and to provide students with
more opportunity to elaborate an argument rather than recall knowledge
and facts.
Total 10 Marks
End of paper
Page 12 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Learning Outcomes matrix
Page 13 of 14
Network Security and Cryptography © NCC Education Limited 2018
Marks
Grade descriptors
Page 14 of 14
Network Security and Cryptography © NCC Education Limited 2018