44 total
By the end of this topic, you should be able to:
These three terms sound similar, but they do not mean the same thing. In exams, you must be able to tell them apart clearly.
Data security means protecting data from unauthorised access, damage, loss or corruption. In simple words, it means keeping data safe from people or programs that should not get to it, and keeping it safe from being harmed.
Data privacy means keeping personal or sensitive data private. It is about making sure that only the correct people can see or use the data. Privacy focuses on a person’s rights over their information.
Data integrity means making sure data stays accurate, complete and unchanged unless an authorised person changes it properly. If data has integrity, it is correct and trustworthy.
A simple way to remember them is this:
For example, imagine a school database. Security means stopping hackers from getting in. Privacy means only authorised staff should see student records. Integrity means the marks and names in the database must stay correct.
It is not enough to protect only the data. You must also protect the whole computer system.
Data security is needed because data can be valuable and sensitive. Personal details, bank details, medical records and company files must not be stolen, changed or deleted. If data is lost or damaged, this can cause serious problems.
Computer system security is needed because if the computer or network itself is not protected, attackers may get access to the data anyway. A secure system helps stop malware, hackers and unauthorised users before they can reach the data.
Think of it this way. The data is the valuable item inside a building. The computer system is the building itself. If the building is not protected, the valuable item inside is not truly safe.
A company, school or hospital must therefore protect:
A user account allows a person to use a computer or network. It usually requires a username and password.
User accounts are important because they help the system identify who is trying to log in. This is part of authentication, which means proving that a user really is who they claim to be.
User accounts are used on both stand-alone computers and networked systems. Even one computer in a home or office may be used by more than one person, so separate accounts can still be useful.
User accounts also control access rights. This means different users can be given different levels of access. Not everyone should be able to see or change everything.
For example, in a hospital:
This keeps data safer because each person only sees what they need for their job.
Access rights are permissions that decide what a user can do with data or files.
A user may have:
Access rights protect data by limiting who can view or change it. This reduces the risk of mistakes, misuse and unauthorised access.
Access rights are especially important on networks where many users share the same files and folders. Without access rights, any user could open confidential data or accidentally delete important files.
Passwords are one of the most common ways to stop unauthorised access. They act like digital locks.
A password should be difficult to guess or crack. If a password is too easy, a hacker may get into the account and then gain access to the system or the data.
A strong password should usually contain:
@, * or &It should also avoid obvious personal information such as:
A password like GREEN is weak because it is short and easy to guess. A password like Sy<sub>12</sub>@#TT90kj=0 is much stronger because it uses a mix of letters, numbers and symbols.
Passwords should also be protected carefully. Users should:
A weak password puts the whole system at risk, not just one file.
Authentication means checking that a user really is the correct person.
Logging in with a username and password is one form of authentication, but other methods are used as well. These methods are important because passwords alone are not always enough.
The syllabus includes two authentication methods you must know: digital signatures and biometrics.
A digital signature is used to confirm who sent a piece of data, such as an email or digital document.
Its main purpose in this topic is to identify the sender. This helps a user trust that the message really came from the person named on it.
Digital signatures are useful because they help reduce the risk of fake messages. If a company sends an important email, a digital signature can help prove it genuinely came from that company or person.
You should think of a digital signature as an electronic way of showing, “This message really came from me.”
Biometrics means using unique human features to identify a person.
Examples include:
Biometrics are useful because human features are hard to copy exactly. They can be used instead of a password, or together with a password, to increase security.
A fingerprint scan checks the pattern of ridges and valleys in a fingerprint and compares it with a stored copy.
A retina scan uses infra-red to scan the pattern of blood vessels at the back of the eye. This is very accurate because this pattern is unique.
Face recognition and voice recognition also rely on features that are different from person to person.
Biometric methods are now common on mobile phones and other modern devices because they provide quick but secure access.
A firewall is a security barrier between a computer or network and an outside network such as the internet.
A firewall can be:
Its job is to examine incoming and outgoing traffic and decide whether to allow it through.
A firewall can:
A firewall is one of the first lines of defence against internet threats.
On a network, a hardware firewall can protect the whole network. On an individual computer, a software firewall can protect that device.
However, a firewall is not perfect. It cannot solve every problem. For example, it cannot fully stop careless users, such as people who share passwords or turn off security settings. This means good security also depends on sensible user behaviour.
Anti-virus software checks for viruses and other forms of malware.
It usually works by:
Quarantine means a file is separated from normal files because it may be dangerous.
Sometimes anti-virus software makes a mistake and marks a safe file as harmful. This is called a false positive.
Anti-virus software must be kept up to date because new viruses are created all the time. If the virus database is old, the software may miss newer threats.
Regular full system scans are also important because some malware may stay hidden for a while before causing harm.
Anti-spyware software detects and removes spyware.
Spyware is malware that secretly gathers information from a user’s computer. It may monitor key presses, record browsing activity or steal passwords.
Because spyware works secretly, the user may not realise it is there. This makes it especially dangerous.
Anti-spyware software looks for known spyware or common signs of spyware behaviour. It helps stop stolen passwords, stolen personal details and secret monitoring of user activity.
Encryption changes normal readable data into coded data that cannot be understood without the correct key.
This is very useful if data is stolen or intercepted. A hacker may be able to get the file, but if it is encrypted, the contents should be meaningless without the decryption key.
Encryption helps protect:
Encryption does not stop a hacker from deleting files, but it does stop them from easily reading and using the data.
This is why encryption is important both for stored data and for data sent across the internet.
Networks and the internet create many security risks because computers are connected to other devices and outside users. This makes it easier for attacks to spread.
The main threats in this syllabus are:
Malware means malicious software. This is software made to cause harm or gain unauthorised access.
Malware threatens both security and integrity. It can steal data, damage files, slow down a system or stop it working properly.
The textbook includes several types of malware. The syllabus specifically names virus and spyware, but understanding the wider idea of malware helps you answer questions better.
A virus is a program or piece of code that can copy itself. It may corrupt files, delete data or cause the computer to malfunction.
A virus normally needs a host program or an already infected operating system in order to run.
This means it usually spreads when an infected file or program is opened.
Spyware secretly collects information from a user’s computer and sends it to another person.
It may record:
Spyware is dangerous because it can be used to steal private data without the user knowing.
The textbook also describes other malware types that show how harmful software can work.
A worm is stand-alone malware that copies itself and spreads across networks, often by finding computers with weak security.
A logic bomb is hidden code that activates when a certain condition is met, such as a date being reached.
A Trojan horse is malicious software disguised as genuine software.
A bot is an automated program. Some bots are harmless, but harmful bots can take control of systems and launch attacks.
These examples help show that malware comes in different forms, but in this subtopic you should focus especially on viruses and spyware because they are named in the syllabus.
A hacker is a person who gains access, or tries to gain access, to a computer system.
In this topic, you need to understand that hacking can be either:
Malicious hacking is illegal access without permission. The aim may be to steal data, damage files, change data or disrupt the system.
Ethical hacking is legal because the owner gives permission. It is done to test the system and find weaknesses before criminals do.
The syllabus focus is on hacking as a threat to security. A hacker may exploit weak passwords, poor security settings or unprotected systems.
The results of a hacking attack may include:
Phishing is when someone sends a message, usually an email, that looks genuine in order to trick a user.
The message may:
Phishing messages often pretend to come from trusted organisations such as banks, online shops or service providers.
The key idea is that the user is tricked into taking an action. The attack depends on the victim doing something, such as clicking a link or typing in details.
A phishing email may be suspicious if:
Phishing can lead to stolen passwords, identity theft and money being stolen from accounts.
Pharming redirects a user to a fake website without the user realising it.
This is different from phishing. In phishing, the user is tricked into clicking something. In pharming, the redirection happens even if the user types in the correct website address.
One way this happens is through DNS cache poisoning. A DNS server normally turns a website name into an IP address. If the stored IP address is changed to a false one, the user is sent to a fake site instead of the real one.
Pharming is dangerous because the fake website may look very real. The user may then type in passwords or bank details, believing the site is genuine.
To answer exam questions well, you should not only name threats. You should also explain how to reduce them.
The risk of hacking can be reduced by:
These methods make it harder for attackers to enter the system or move around inside it.
The risk from viruses and spyware can be reduced by:
This helps detect, block and remove harmful programs before they do damage.
The risk of phishing can be reduced by:
httpsUser awareness is especially important because phishing targets human mistakes.
The risk of pharming can be reduced by:
https and the padlock symbolThis does not remove all risk, especially if a DNS server itself is attacked, but it does reduce the chance of being tricked.
The syllabus specifically requires two methods here: encryption and access rights.
Encryption protects data by turning it into unreadable code unless the correct key is used.
This is useful when:
Even if someone gets hold of the data, they should not be able to understand it without the key.
Access rights protect data by controlling who can see or change it.
This means:
Access rights are very important in schools, businesses, hospitals and other organisations with many users.
Security is needed on both stand-alone computers and networks, but networks face more risks because they are connected to many devices and often to the internet.
On a stand-alone computer, security measures may include:
On a network, security measures may include all of the above, plus:
A network needs careful security because one weakness can affect many users and devices.
Access rights – permissions that control what a user can see or do with data or files.
Anti-spyware software – software that finds and removes spyware.
Anti-virus software – software that detects and removes viruses and other malware.
Authentication – checking that a user really is who they claim to be.
Biometrics – using unique human features, such as fingerprints or retina patterns, to identify a person.
Data integrity – making sure data stays accurate, complete and unchanged.
Data privacy – keeping personal or sensitive data private from unauthorised people.
Data security – protecting data from unauthorised access, loss, corruption or damage.
Digital signature – a method used to identify the sender of digital data such as an email or document.
Encryption – changing data into coded form so only someone with the correct key can read it.
Firewall – hardware or software that monitors and filters network traffic entering or leaving a system.
Hacker – a person who gains, or tries to gain, access to a computer system.
Malware – malicious software made to cause harm or gain unauthorised access.
Pharming – redirecting a user to a fake website without their knowledge.
Phishing – sending fake but believable messages to trick users into giving away personal data.
Spyware – software that secretly collects information from a user’s device.
Strong password – a password that is difficult to guess or crack.
User account – an account that allows a person to log in to a computer or network.
Virus – malware that copies itself and can damage files or make a computer malfunction.
Explain the difference between data security, data privacy and data integrity.
Model Answer:
Data security means protecting data from unauthorised access, loss, damage or corruption. It focuses on keeping the data safe from threats.
Data privacy means making sure personal or sensitive data is only seen or used by authorised people. It focuses on a person’s right to keep information private.
Data integrity means keeping data accurate, complete and unchanged unless a valid authorised change is made. It focuses on making sure the data stays correct and trustworthy.
These terms are linked, but they are different because security is about safety, privacy is about secrecy, and integrity is about correctness.
A hospital uses a computer system to store patient records. Describe four ways the hospital can protect its computer system and data.
Model Answer:
Use user accounts so each worker has their own login. This allows the system to identify who is accessing the records.
Use access rights so workers only see the data needed for their role. For example, a doctor can access patient records, but a cleaner cannot.
Use strong passwords or biometric methods such as fingerprint scanning. This makes it harder for unauthorised users to log in.
Use a firewall and anti-virus/anti-spyware software to protect the system from outside attacks and malware. This helps block threats coming from networks or the internet.
Describe how phishing works and give two ways a user can reduce the risk from phishing.
Model Answer:
Phishing is when an attacker sends a message, usually an email, that looks genuine. The aim is to trick the user into clicking a link, opening an attachment or giving away personal details.
The message often pretends to come from a trusted company such as a bank or shopping website. This makes the victim more likely to believe it is real.
One way to reduce the risk is to avoid clicking links or opening attachments in suspicious messages. This stops the user from being taken to fake sites or downloading harmful files.
Another way is to train users to spot warning signs, such as strange greetings, urgent messages or requests for passwords. A careful user is less likely to be tricked.
What is pharming? Explain how it is different from phishing.
Model Answer:
Pharming is a security attack where a user is redirected to a fake website without knowing it. The fake website is designed to steal personal data such as passwords or bank details.
This can happen when malicious code changes address information so the browser is sent to the wrong website. One example is DNS cache poisoning.
Phishing is different because the attacker sends a fake message and the user must usually click a link or take some action. The scam depends on tricking the user into doing something.
In pharming, the redirection can happen even if the user types the correct website address. That is why pharming can be harder to notice.
Describe four methods that can be used to reduce the risks caused by malware, hackers and internet threats.
Model Answer:
Use anti-virus software to scan files and programs before they are opened. This helps detect and remove viruses and other malware.
Use anti-spyware software to find and remove spyware. This helps stop passwords and other private information from being secretly collected.
Use a firewall to examine and filter incoming and outgoing network traffic. This helps block unauthorised access and dangerous connections.
Use encryption to protect sensitive data. Even if a hacker gets the file or intercepts the data, they should not be able to read it without the correct key.
Sign in to view full notes