Date | May 2021 | Marks available | 2 | Reference code | 21M.1.SL.TZ0.12 |
Level | SL | Paper | 1 | Time zone | no time zone |
Command term | Identify | Question number | 12 | Adapted from | N/A |
Question
A school currently has a cabled network but wants to add wireless networking across the whole campus.
There are concerns that unauthorized people could access the data on the wireless network.
The school has decided to implement a virtual private network (VPN) to provide access to its network.
Describe two hardware components the school will need to implement the wireless network.
Identify two advantages to the students of the new wireless network.
Outline two methods the school could employ to prevent network data from being accessed over their wireless system.
Identify two technologies the school would require to provide a VPN.
Explain one benefit to the staff of using a VPN to remotely access the school network.
Markscheme
Award [4 max]
(Wireless) router;
A central hub for all the computers to connect to;
Enables wireless network packet forwarding and routing;
Wireless Network Interface Card (NIC);
To allow the computer to ‘talk to’ the (wireless) router;
Wireless access points;
allow Wi-Fi devices to connect to a wired network;
Wireless repeaters;
To expand the reach of the network;
Mark as 2 and 2.
Award [2 max]
The ability to use their own devices at school;
The ability to access the school network from anywhere in the school;
No cables laid, so reduces the risk of tripping over cables;
Numbers of connections are not limited to cable ports, so greater numbers of students can connect at any given time;
Award [4 max]
Use of encryption;
So that data cannot be understood if it is intercepted;
Use of user authentication/usernames and passwords;
To prevent unauthorized access to the system;
Setting up a file of accepted MAC addresses;
To only allow access to the network by registered mobile devices;
Hide network ID;
So that the wireless network is not publicly seen;
Mark as 2 and 2.
Award [2 max]
Client VPN software (to make a secure remote connection);
VPN-aware routers and firewalls (to permit VPN traffic to pass);
VPN appliance/server (to handle incoming VPN traffic);
Encryption protocol IPSec or SSL;
Award [3 max]
Enhanced security of data;
for example, using encryption;
This prevents unauthorised access;
Remote access to data and resources (from any location);
Normal access of materials on the network;
as though the user was using the network on site;
Examiners report
Candidates mostly only gained half of the available marks for this question. This was achieved by either naming two appropriate hardware components, but not describing them sufficiently for the expansion marks, or by only naming one correct component with a good description. It is important to note that for this question, candidates needed to identify additional components needed to implement the wireless network within the already existing school network. Therefore, equipment already in place, such as servers, would not gain credit.
Candidates mostly identified one or two advantages to students of the new wireless network. Occasionally, candidates gave the same answer twice, mostly in relation to accessing the network from anywhere.
Candidates were able to identify and expand at least one method of preventing network data from being accessed over the wireless system. Some responses were not sufficiently detailed for both marks.
Candidates found it difficult to identify two technologies that would be required by the school to provide a Virtual Private Network; however, a significant number did name one.
Candidates answered this question well with responses related to one of the two suggested answers of enhanced security or remote access to network resources, or in some cases, a combination of the two.