5.3.2 CYBER SECURITY
Topics from the Cambridge IGCSE (9-1) Computer Science 0984 syllabus 2023 - 2025
5.3.2 Explain how a range of solutions are used to help keep data safe from security threats
Including:
– access levels
– anti-malware including anti-virus and anti-spyware
– authentication (username and password, biometrics, two-step verification)
– automating software updates
– checking the spelling and tone of communications
– checking the URL attached to a link
– firewalls
– privacy settings
– proxy-servers
– secure socket layer (SSL) security protocol
ALSO IN THIS TOPIC
 5.1.1 - 5.1.3 THE INTERNET AND THE WWW
 5.1.4 WEB BROWSERS
5.1.5 WEB PROTOCOLS
5.1.6 COOKIES AND SESSIONS
5.2.1 - 5.2.2 DIGITAL CURRENCY
 5.3.1 CYBER SECURITY
 YOU ARE HERE | 5.3.2 KEEPING DATA SAFE
TOPIC 5 REVISION CARDS
TOPIC 5 KEY TERMINOLOGY (CIE)
TOPIC 5 ANSWERS
TOPIC 5 TEACHER RESOURCES
CYBER SECURITY
At GCSE level, you should be able to describe the processes involved in and the aims of carrying out a range of cyber security threats, including:

  • Access levels: Access levels refer to the specific permissions that are assigned to different users or groups of users for accessing certain data or resources. By assigning different access levels, an organization can control who has access to sensitive information and restrict access to only those who need it.
  • Anti-malware: Anti-malware, including anti-virus and anti-spyware, are software programs that are designed to detect and remove malware from a computer or network. They work by scanning files and identifying any known malware signatures. This can help to protect against viruses, spyware, and other types of malware that can be used to steal sensitive information or disrupt the operation of a computer or network.
 
  • Authentication: Authentication refers to the process of verifying the identity of a user. This can be done through a variety of methods, such as username and password, biometrics, and two-step verification. By requiring authentication, an organization can ensure that only authorized users are able to access sensitive information.
 
  • Automating software updates: Automating software updates refers to the process of automatically updating software and applications on a computer or network. This can help to ensure that the latest security patches and updates are applied to all systems, which can help to protect against known vulnerabilities.
 
  • Checking the spelling and tone of communications: Checking the spelling and tone of communications refers to the process of reviewing communications, such as emails, to ensure that they are grammatically correct and in the appropriate tone. This can help to detect phishing and other types of social engineering attacks, which often use poor grammar and tone in order to trick users into providing sensitive information or clicking on malicious links.

  • Checking the URL attached to a link: Checking the URL attached to a link refers to the process of verifying the destination of a link before clicking on it. This can be done by hovering over the link to view the URL or by right-clicking and selecting "Copy Link Address" or similar option. By checking the URL, users can ensure that the link is going to a legitimate site and not a phishing site that is designed to steal sensitive information.
  • Firewalls: Firewalls are network security devices that monitor and control incoming and outgoing network traffic. They work by examining each packet of data that passes through the network and determining whether it should be allowed to pass or blocked based on a set of predefined rules. Firewalls can help to protect against unauthorized access, malware, and other types of cyber threats by blocking malicious traffic and only allowing authorized traffic to pass through.
 
  • Privacy settings: Privacy settings refer to the settings that allow users to control how their personal information is shared and used. These settings can be adjusted on a wide variety of platforms, such as social media sites, mobile devices, and web browsers. By adjusting privacy settings, users can limit the amount of personal information that is shared, and can help to protect against potential data breaches and other types of cyber threats.
 
  • Proxy-servers: A proxy server is a computer or application that acts as an intermediary between a client and a server. They are used to route network traffic and can help to enhance security by providing an additional layer of protection against hacking and other types of cyber threats. It can also be used to bypass geo-restrictions and censorship.
 
  • Secure socket layer (SSL) security protocol: Secure socket layer (SSL) is a security protocol that is used to establish an encrypted link between a web server and a web browser. This link ensures that all data passed between the web server and the browser remains private and cannot be intercepted by a third party. SSL is often used to protect sensitive information, such as personal information and credit card numbers, during online transactions.

The SSL protocol (Secure Sockets Layer) has two layers:
  1. SSL Record Protocol Layer: This layer is responsible for breaking down the messages to be transmitted into manageable blocks called SSL records, and for ensuring that these records are reliably transmitted between the two communicating parties. The SSL record protocol layer also provides message integrity, confidentiality, and authenticity using encryption and hashing techniques.
  2. SSL Handshake Protocol Layer: This layer is responsible for initiating a secure SSL connection between the two communicating parties by negotiating the encryption algorithm and parameters to be used for the SSL session. The SSL handshake protocol layer also authenticates the communicating parties by exchanging digital certificates, and verifies the authenticity of the certificates by checking them against trusted Certificate Authorities (CAs).
Together, these two layers of the SSL protocol provide a secure and reliable method for transmitting sensitive information over the internet. The SSL record protocol layer provides message confidentiality and integrity, while the SSL handshake protocol layer provides mutual authentication and negotiation of encryption parameters for the secure SSL session.
Multiple choice questions
1: Which of the following is NOT a security solution to help keep data safe?
(A) Access levels
(B) Anti-malware
(C) Authentication
(D) Email forwarding

2: Which of the following is a biometric authentication method?
(A) Username and password
(B) Fingerprint scan
(C) Facial recognition
(D) All of the above

3: What is the purpose of a firewall?
(A) To prevent unauthorized access to a network
(B) To detect and remove malware
(C) To encrypt data
(D) To authenticate users

4: Which of the following is the LEAST secure way to transfer sensitive data?
(A) Over an unsecured Wi-Fi network
(B) Through an encrypted email service
(C) On a USB drive that is password protected
(D) All of the above are equally secure

5: Which of the following is a good practice to follow when using the internet?
(A) Never click on links in emails from unknown senders
(B) Keep your software up to date
(C) Use strong passwords and change them regularly
(D) All of the above

Fill in the blanks questions
1: ................. settings allow users to control who can see their personal information.
2: .................  software helps to protect computers from viruses, spyware, and other malicious programs.
3: Checking the URL attached to a link can help to identify ................. websites.
4: ................. ................. updates help to patch security vulnerabilities in software.
5: Checking the spelling and tone of communications can help to identify ................. emails.
6: ................. monitor incoming and outgoing network traffic to block unauthorized access.
7: ................. is the process of verifying the identity of a user.
8: ................. servers act as an intermediary between a user's computer and the internet, filtering traffic and hiding the user's IP address.
9: .................   .................   .................  security protocol encrypts data transmitted over the internet.
10: ................. ................. allow users to access only the data that they are authorized to view.

Open ended questions
1: Explain how access levels can help to keep data safe.
2: What are some of the different types of anti-malware software?
3: Describe how two-step verification works.
4: Why is it important to keep your software up to date?
5: What are some of the best practices for creating strong passwords?
6: How can you identify a phishing email?
7: What are the benefits of using a firewall?
8: What are some of the different privacy settings that you can configure on your social media accounts?
9: How does a proxy server work?
10: How does SSL work?
ALSO IN THIS TOPIC
5.1.1 - 5.1.3 THE INTERNET AND THE WWW
5.1.4 WEB BROWSERS
5.1.5 WEB PROTOCOLS
5.1.6 COOKIES AND SESSIONS
5.2.1 - 5.2.2 DIGITAL CURRENCY
5.3.1 CYBER SECURITY
5.3.2 KEEPING DATA SAFE
TOPIC 5 REVISION CARDS
TOPIC 5 KEY TERMINOLOGY (CIE)
TOPIC 5 ANSWERS
TOPIC 5 TEACHER RESOURCES
SUGGESTIONS
We would love to hear from you
SUBSCRIBE 
To enjoy more benefits
We hope you find this site useful. If you notice any errors or would like to contribute material then please contact us.