Define the term cyber security - AQA - GCSE Computer Science - Question 16 - 2023 - Paper 2

One type of malware is a Trojan virus.

Weak and default passwords can be easily exploited by attackers using brute force methods to crack passwords. If users do not choose strong passwords or continue to use factory-set passwords, it leaves the system vulnerable. Attackers can access sensitive information and potentially gain admin-level control, compromising the entire network.

Misconfigured access rights can allow unauthorized staff to access areas they shouldn't. Those unfamiliar with network protocols may not realize that sensitive areas have been breached. This could lead to further exploitation where users create accounts with elevated privileges, increasing the risk of data leaks or system manipulation.

Unpatched or outdated software may contain vulnerabilities that attackers can exploit to gain access to systems. Known weaknesses may be publicly disclosed, and in case a hacker infiltrates the network, they could install malware. Regular updates are vital to mitigate such risks and secure the software environment.

AQAware can enforce a strong password policy across all devices and require regular updates for passwords. They should ensure admin accounts, especially, have strong unique passwords. Implementing two-factor authentication and conducting regular password audits can also enhance security.

AQAware should carefully monitor and assign suitable access rights for every employee. Limiting privileges to only those necessary for job functions minimizes risk. Additionally, conducting regular audits can help identify any potential vulnerabilities in user access.

To protect against this threat, AQAware should adopt a strict update policy, ensuring that software patches are applied as soon as they are released. Automated software management tools can assist in this process by identifying and addressing vulnerabilities in real-time.