CodeIEB
Theory Notes/🌐 Topic 2: Internet & Communication Technologies/12.2.8
12.2.8Grade 12

Identifying Risk & Proposing Security Solutions

A synthesis subtopic — you're expected to independently identify security threats in a scenario and recommend a matched, justified solution, drawing on everything from 11.2.8.

This subtopic doesn't introduce brand-new threats/solutions — it tests your ability to apply the full threat/solution toolkit from 11.2.8 to a new, unseen scenario.

  • Read the scenario carefully and identify the specific vulnerability described (not a generic 'hackers might attack').
  • Choose the solution(s) that most directly address that specific vulnerability.
  • Justify your choice by explaining exactly how it mitigates the identified risk.

Example

Scenario: 'A small business stores all client records on a single desktop with no backup, and staff share one generic login.' Identified risks: single point of hardware failure (no backup), and no accountability/access control (shared login). Recommendation: implement regular remote backups (protects against hardware failure/disaster) and individual user accounts with appropriate rights (restores accountability and limits damage if one account is compromised).

💡 Exam Tip

Two-part answers score best: name the risk explicitly, then propose and justify a specific solution for it — a list of generic security terms with no connection to the scenario earns minimal marks.