Our site uses cookies. Some of the cookies we use are essential for parts of the site to operate and have already been set. You may delete and block all cookies from this site, but parts of the site will not work. To find out more about cookies on this website, see our Cookie Policy
Accept
© eRevision.uk and ZigZag Education 2025
This test is run by .
Note that your final mark will not be saved in the system.

B2 Prevention and management of threats to data GapFill

Target Level
Pass
Running Total
0
0%
Attempt
1 of 3

You must fill all the gaps before clicking ‘Check Answers!’

In the previous topic, you learned that black hat hackers try to gain access for criminal activities such as to steal money and intellectual property. However, there are two other types of hacker that don’t have such criminal intent.

A  greywhiteredblue hat hacker is a professional security expert. They are paid by companies to deliberately hack into their system in order to  publish exploits to the Internetfind vulnerabilities within their systeminstall anti-virus softwarefind personal data. After his process has occurred, the hackers disclose the vulnerabilities to the company so that the vulnerabilities can be  fixedpublished onlineexploitedpaid. But employing experts can be  unethicalthoughtlessexpensivecheap.

One way of checking a computer system for weaknesses is a penetration test – this is often called a  rulerpenpencileraser test. These tests take place  outside of normal working hoursduring normal working hourson April fool’s dayon Christmas day in order to minimise disruption. These tests might look for weaknesses such as  patched and updated serverscomputers running Windows 3.1cookiesinsecure passwords, applications and unpatched operating systems. Afterwards a  reportdictionarynotebookthesaurus outlining the issues found and containing recommendations will be given to the organisation so that the vulnerabilities that have been discovered can be fixed.

The other type of hacker is a  redbluegreywhite hat. They are hackers who have not requested permission to try to hack into the system. Because of this their actions are technically  legalillegalmoralgrey and they could be prosecuted by the company. These hackers will usually inform the company of the weakness, may offer solutions or offer to fix it themselves, or threaten to publicly disclose the weakness if it’s not been fixed within a specified time frame.

Companies also   penetration testmonitorvulnerableanti-virus their networks for unusual activity - such as employee access, web pages visited, or sudden increases in network activity which could mean that a computer is infected by a worm or is sending out spam.

This is your 1st attempt! You get 3 marks for each one you get right. Good luck!

Pass Mark
72%