9626/12 Cambridge International AS/A Level – Mark Scheme October/November

PUBLISHED 2018

Question Answer Marks

3 Trojan Horse: 8
Two from:

A malicious computer program which is used to hack into a computer by

misleading users of its true intent/disguises itself as authentic software
(unlike computer viruses and worms)
Trojans generally do not attempt to infect other files
They do not attempt to self-replicate themselves

Worm:
Two from:

A standalone malicious computer program that replicates itself in a

computer system
Many copies are then sent to other computers
Worms almost always cause some harm/slowing down to the network
even if only by consuming bandwidth

Spyware:
Two from:

Software designed to collect information about a computer user’s activities

Data such as passwords is passed to a remote server/attacker/hacker
(without the user’s knowledge)
A keylogger is a type of spyware (which collects a record of the user’s key
strokes)

Adware:
Two from:

Automatically generates advertisements in order to gain revenue for its

author
Advertisements may appear in the user interface/screen shown to the user
by the software
Examines which internet sites visited and presents advertising according to
the types of goods/services featured on these/usually the type of
goods/adverts the user is interested in.

© UCLES 2018 Page 4 of 11

 9626/11 Cambridge International AS & A Level – Mark Scheme October/November
PUBLISHED 2020

Question Answer Marks

7(c) Three from: 3

Ransomware is malicious software that threatens to publish the victim's data/block

access to it /to user’s computer unless a ransom is paid
It encrypts the victim's files making them undecipherable and demands a ransom
payment to decrypt them
It often infiltrates a PC as a computer worm or Trojan horse
Most ransomware attacks are the result of clicking on an infected email attachment
or visiting compromised websites
Some ransomware allows use of the computer but prevents the opening of certain
files

Question Answer Marks

8 Six from: 6

A compiler converts the high-level instructions into machine

language/object/code/executable code all at once
An interpreter converts the high-level instruction into some intermediate form and
after that the instruction is executed
The entire program is compiled before being executed
The interpreter translates one statement at a time, executing the statement before
moving on to the next one
A list of errors is created by the compiler after the compilation process
An interpreter stops translating after the first error/reports an error immediately on
encountering it
The compiled program is executed directly using the machine code
An interpreter does not convert the source code to an object code file before
execution
Interpreted programs can be modified at runtime by adding/changing functions
A compiled program has to be recompiled fully even for small modifications to be
made

Question Answer Marks

9 Six from: 6

LAN stands for local area network and WAN stands for wide area network
LAN covers a small geographic area/ WAN covers a large geographical area
LAN is used within a home, office, school, or group of buildings (must have at
least two)
WAN – communications links cross metropolitan, regional, national boundaries over
a long distance (must have at least two)
LANs have a high data transfer rate/WANs have a lower data transfer rate compared
to LANs
WANs tend to use technologies like MPLS/IP/Frame Relay/X.25
LANs use layer 1, layer 2 and layer 3 devices
WANs use layer 3 devices
As WANs tend to consist of more complex systems, they are less fault tolerant
Both make use of ethernet technologies

Must refer to LAN and WAN to get full marks

© UCLES 2020 Page 7 of 9

9626/11 Cambridge International AS/A Level – Mark Scheme May/June 2019
PUBLISHED

Question Answer Marks

4 Six from: 6

Unauthorised access to personal information

The risk of being subject to grooming by those with whom they make
contact on the internet
The sharing / distribution of personal images without an individual’s consent
or knowledge
Inappropriate communication / contact with others, including strangers
Cyber-bullying by fellow students

Other problems
Access to unsuitable video / internet games
An inability to evaluate the quality, accuracy and relevance of information on
the internet
Plagiarism and copyright infringement
Illegal downloading of music or video files
giving rise to the potential for excessive use which may affect the social
and emotional development and learning of the student
Access to illegal, harmful or inappropriate images or other content

Must have at least two of each to gain full marks

© UCLES 2019 Page 4 of 10

9626/11 Cambridge International AS/A Level – Mark Scheme May/June 2019
PUBLISHED

Question Answer Marks

8(a) Three from: 3

Fraudster phones the victim pretending it is a call from the bank

Fraudster claims that there has been some fraudulent activity on the
customer’s account/customer has made certain purchases – could they
confirm?
Often involves getting the customer to phone the bank
Fraudster’s computer redirects phone call to own phone
Gives customer their bank details to get their confidence
Gets customer to log on to bank’s site and enter their details to transfer
money to their new account which has been set up
This account is actually the fraudster’s own bank account

8(b) Three from: 3

Fraudster sends a cell phone text message to persuade customer to divulge

their personal Information
inviting the receiver to go to the fraudster’s website
They include a telephone number in the message that connects to an
automated voice response system
They include in the message something that demands the target's
immediate attention such as
"We confirm that you have signed up to our service. You will be charged
$2 a day unless you cancel your order on this URL”
The user then goes on to a seemingly legitimate website that asks them to
"confirm/enter your personal financial information”

© UCLES 2019 Page 6 of 10

9626/11 Cambridge International AS/A Level – Mark Scheme May/June 2019
PUBLISHED

Question Answer Marks

14 This question to be marked as levels of response: 8

Level 3 (7–8 marks)

Candidates will discuss the benefits and drawbacks of using the internet
The information will be relevant, clear, organised and presented in a
structured and coherent format
There may be a reasoned conclusion/opinion
Specialist terms will be used correctly and appropriately

Level 2 (4–6 marks)

Candidates will discuss the benefits and drawbacks of using the internet
although development of some of the points will be limited to one side of the
argument
For the most part, the information will be relevant and presented in a
structured and coherent format
Specialist terms will be used appropriately and for the most part correctly

Level 1 (1–3 marks)

Candidates will present benefits or drawbacks of using the internet
There will be little or no use of specialist terms
Answers may be simplistic with little or no relevance

Level 0 (0 marks)
Response with no valid content.

Candidates may refer to e.g.

Benefits
Internet tends to be up to date
Internet has vast amounts of information/ wide range of information/ wide
variety of sources
Use of search engines makes it quicker to find information than looking in
books
Multimedia sources are available on the internet unlike text books
Interactive sites can be found on the internet unlike text books

Drawbacks
Danger of accessing inappropriate websites.
Can take long time to find required information
Can access biased/inaccurate websites
Lack of expertise leads to inefficient searching
Easy to plagiarise information
The internet is not regulated
Internet provides a variety of answers so it is difficult to decide which answer
is correct

© UCLES 2019 Page 10 of 10

9626/12 Cambridge International AS & A Level – Mark Scheme March 2020
PUBLISHED

Question Answer Marks

10(a) Four from: 4

Involves using email to persuade people to divulge their personal

information
The email may include a website URL/link inviting the receiver to go to the
site
Email/website looks just like an actual organisation’s email/website but is a
fake website/email
Clicking on the link takes the target to a fake website
The email may ask customer to reply with their bank details
The email usually contains something that demands the target's immediate
attention
Examples include ‘We confirm that you have signed up to our service. You
will be charged $2 a day unless you cancel your order on this URL: ...’
The website then asks the target to enter their personal/financial information

10(b) Three from: 3

Installs a piece of malicious software/code on the customer’s computer

Creates a fake website which looks like the actual bank’s website
The fraudster redirects genuine website’s traffic to own website…
…customer is now sending personal details to fraudster’s website
unknowingly/customer is asked by fake website for personal details

© UCLES 2020 Page 8 of 10

9626/11 Cambridge International AS & A Level – Mark Scheme October/November
PUBLISHED 2020

7(a) Three from: 3

A rootkit is software designed to provide continued privileged/administrator access to

a computer while actively hiding its presence
Root refers to the Admin account on Unix and Linux systems
Kit refers to the software components that implement the tool
Rootkits can be installed in a number of ways, including phishing attacks/social
engineering to trick users into giving the rootkit permission to be installed
A rootkit allows someone to maintain command and control over a computer without
the computer user/owner knowing about it
The controller of the rootkit can remotely execute files
The controller of the rootkit can change system configurations on the host machine
A rootkit can access log files and spy on the computer owner’s usage
Rootkits are difficult to detect because they are activated before a computer's
operating system has completely booted up

7(b) Three from: 3

Bots often automate tasks and provide information or services that would otherwise
be conducted by a human being
Bots are used to gather information (web crawlers)/ interact automatically with instant
messaging/Internet Relay Chat/other web interfaces
They may also be used to interact dynamically with websites
A malicious bot is self-propagating malware designed to infect a host and connect
back to a central server or servers
Attackers can launch broad-based, ‘remote-control,’ flood-type attacks against their
targets
They have the worm-like ability to self-propagate
Bots can include the ability to log keystrokes/gather passwords/capture and analyse
packets
They can launch DDoS attacks/spam attacks/relay spam/open back doors on the
infected network
They infect networks in a way that escapes immediate notice

© UCLES 2020 Page 6 of 9

 9626/11 Cambridge International AS & A Level – Mark Scheme October/November
PUBLISHED 2020

Question Answer Marks

7(c) Three from: 3

Ransomware is malicious software that threatens to publish the victim's data/block

access to it /to user’s computer unless a ransom is paid
It encrypts the victim's files making them undecipherable and demands a ransom
payment to decrypt them
It often infiltrates a PC as a computer worm or Trojan horse
Most ransomware attacks are the result of clicking on an infected email attachment
or visiting compromised websites
Some ransomware allows use of the computer but prevents the opening of certain
files

© UCLES 2020 Page 7 of 9

9626/13 Cambridge International AS & A Level – Mark Scheme May/June 2022
PUBLISHED

Question Answer Marks

3 Four from: 4

Use anti-virus software to scan for malicious content/virus as it enters the

computer/detect any unusual behaviour in the computer/system…
…anti-virus can remove / quarantine viruses/alert/recommend the user to
take action
Keep anti-virus software up to date/running continuously/set up frequent
scans
Only use one anti-virus program as two different programs can fight against
each other
Use a firewall to filter incoming traffic…
… if it detects malicious software trying to enter the system it can prevent it
from entering
Use anti-spyware software if the anti-virus software does not include it
Use a spam filter to minimise the effect of spam if the user's email software
does not use one

© UCLES 2022 Page 3 of 11