Social Engineering, Data Interception & Brute Force Attacks

Lesson Instructions

Watch and follow the YouTube video, the lesson contains three parts:

  1. Key Information and content - all you need to do here is watch and listen.

  2. Learning activity - there are two activities to complete. One task is preparing you to see the signs of a phishing email and the second is a task where you need to brute force a password.

  3. Consolidation - these are past exam question and are for deliberate practice to check your understanding.

Task - Phishing Task

Task - Brute Force Task

Brute Force Password Task

Task - Exam Questions - Deliberate Practice

Exam Questions - System Security

Mark Scheme

Question 1

1 mark for description, 1 mark for prevention

Max 2 per threat

Data interception / passive

    • Data is sent to another device and is intercepted by a third party

    • Encryption


    • An e-mail has a link that when clicked directs the user to a fake website that collects personal data

    • Network policy // firewall

Brute force attack

    • Person/software using every combination of passwords to gain access

    • Firewall//strong passwords