SAM HARRIS TECH REVISION
OCR GCSE CS - 1.4 Network Security
1.4 Network Security (OCR J277)
1.4.1 Threats to Computer Systems and Networks
- Malware: Malicious software including viruses, worms, Trojans, ransomware, and spyware.
- Social Engineering: Exploiting human psychology (e.g., Phishing, Shoulder surfing).
- Brute-force Attacks: Attempting every possible password combination until access is granted.
- Denial of Service (DoS): Flooding a network with traffic to crash it.
- Data Interception: Using packet sniffers to steal data during transmission.
- SQL Injection: Inserting malicious code into web forms to manipulate databases.
1.4.2 Identifying and Preventing Vulnerabilities
- Penetration Testing: Simulating attacks to find security weaknesses.
- Anti-malware Software: Tools to detect and remove malicious code.
- Firewalls: Monitoring and filtering incoming/outgoing network traffic.
- User Access Levels: Restricting data access based on a user's role.
- Passwords: Using complex strings to prevent unauthorised access.
- Encryption: Scrambling data so it cannot be read without a key.
- Physical Security: Using locks, cameras, and biometrics to protect hardware.
Related Past Paper Questions
-
Year: 2023
Explain how a firewall helps to protect a network from unauthorized access.
Mark: [2]
-
Year: 2023
Identify two different types of physical security that can be used to protect a network.
Mark: [2]
-
Year: 2022
Describe what is meant by 'Social Engineering'.
Mark: [2]
-
Year: 2022
State the purpose of 'Penetration Testing' within a network security policy.
Mark: [2]
-
Year: 2021
Explain how the use of 'Anti-malware' software can protect a computer system.
Mark: [3]
-
Year: 2021
Define the term 'Brute-force attack'.
Mark: [2]
-
Year: 2020
Describe the method of 'Phishing' and how a user may be able to spot it.
Mark: [3]
-
Year: 2020
Explain the difference between 'Data Interception' and 'SQL Injection'.
Mark: [4]
-
Year: Sample Paper
Identify two ways to prevent a 'Denial of Service (DoS)' attack.
Mark: [2]
-
Year: Sample Paper
State why 'Encryption' is needed when transmitting data over a wireless network.
Mark: [2]