Scribd
Upload
14 views

2020 Sample Answer Mod4 Q5

Uploaded by

Shashi Bhusan Singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
14 views

2020 Sample Answer Mod4 Q5

Uploaded by

Shashi Bhusan Singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Sample Answer IRSE Exam, Module 4, 2020

Question 5

a) Explain what is meant by the term cyber security and its importance in relation to the
railway telecommunications environment

[5 marks]

Cyber security means the security over digital and information technologies including but not limited to
wired and wireless transmission network over any protocol, human machine interface computers,
mobile phone, any electronics that can pick digital signals, and etc, that are vulnerable to malicious
attack and may result in financial loss, loss of lives, property damage, loss and leakage of data, and
service interruption. As a public transportation service, railway telecommunications are unavoidably
exposed to public partly and vulnerable to malicious attack. For example, wireless transmission
between train born equipment and trackside equipment, access-controlled area such as relay room,
which may result in disastrous outcome if they are compromised.

b) Explain what is meant by a cyber-attack and outline some of the methods used by cyber
criminals to launch an attack

[5 marks]

Cyber-attack means an intentional intrusion or disruption to a digital device and it is illegal. The attack
will usually result in loss and leakage of data, financial loss and equipment damage. Typical methods
used by cyber criminals include:

- Computer virus, trojan, ransomware, which will compromise the infected computer and spread the
virus through the Internet, or causing exposure of system vulnerability to public, or execution of
arbitrary code.

- DOS or DDOS: service will be interrupted or down due to massive service requests sent from
attacker (DOS, denial of service) or from several thousand zombie computers (DDOS, distributed
DOS).

- Social engineering such pishing email will convince the victim to expose their credential information
to attacker via a fake website, or email attachment injected with malicious code.

This sample answer is an actual answer (with minimal editing) from a candidate in a past
examination. Each has been selected by an examiner as a “good answer” to the question: They are
not intended to be perfect model answers that would necessarily earn full marks.
2020 Sample Answer Template Mod4 Q5.docx 1
c) Describe a range of measures that can be taken to protect railway telecommunications
systems from the threat of cyber-attack

[15 marks]

For internal security:

- Disable all portable harddisk drive and block the USD ports will cover lock to prohibit staff using
potentially infected device.

- Implement centralised computer group policy to enforce high security setting to each employee's
computer and modification to the setting shall be disabled.

- Centralised antivirus software installed to each employee's computer and virus definition update
shall be distributed periodically.

- Consistent update of antivirus definition and periodic virus scanning shall be executed by the
computer automatically at least every week.

For external security:

- Implement DMZ (demilitarized zone) for any server exposed to the Internet to avoid direct exposure
to DDOS threats.

- Proper configuration of firewall with latest update of virus definition and behaviour signature
definition to IPS.

- Separate maintainer's account and root account with different privilege, such that the information
and credentials are both separated at different level.

- Password shall be updated once a while with combination restriction, that upper case, number,
special characters must be used to ensure protection from brutal force.

- WiFi password shall be encrypted at least with WPS2 and hidden from public.

- Penetration test shall be carried out and reviewed annually to ensure the security measure and
vulnerability are up to date.

- Physical security can be considered during the design stage, e.g. the door lock controllers are
installed in the secured area with WiFi, Bluetooth function disabled.

- Implement VLAN to separate IT and OT network. Wireless function of printers shall be disabled.

This sample answer is an actual answer (with minimal editing) from a candidate in a past
examination. Each has been selected by an examiner as a “good answer” to the question: They are
not intended to be perfect model answers that would necessarily earn full marks.
2020 Sample Answer Template Mod4 Q5.docx 2

You might also like