Ad Banner Placeholder

Cambridge IGCSE Computer Science · 0478

Topic 5: The Internet and its Uses — Part 2

Cyber Security

Cyber security threats

The syllabus requires understanding the process and aim of these threats.

Threat Description / Process Aim / Goal
Brute-force Using automated software to test thousands of password combinations. To break into user accounts/systems.
Data interception Using software to "listen" for and capture unencrypted data on a network. To steal sensitive info (credit cards, logins).
DDoS attack Overwhelming a server with massive traffic from multiple devices simultaneously. To make a website slow or completely inaccessible.
Hacking Exploiting software vulnerabilities or stolen credentials to gain entry. To steal data, alter files, or damage systems.
Malware Hostile/intrusive software (virus, worm, trojan, spyware, adware, ransomware). To corrupt data, track users, or extort money.
Pharming Redirecting users from a real site to a fake one via DNS or server vulnerabilities. To trick users into entering personal data.
Phishing Sending fraudulent emails/SMS designed to look reputable. To trick victims into clicking links to steal info.
Social engineering Manipulating human trust or curiosity to bypass technical security. To trick people into revealing confidential info.

Malware sub-types

Virus
Attaches to a legitimate file; spreads when opened; deletes/corrupts data.
Worm
Spreads through networks without user action by exploiting security flaws.
Trojan horse
Disguises itself as legitimate software to create backdoors for hackers.
Spyware
Secretly records activity (keystrokes, browsing) and sends it to attackers.
Ransomware
Encrypts files and demands a digital currency payment for the key.

Cyber security solutions

  • Access levels: restricts data access based on user needs (e.g. student vs admin) to prevent misuse.
  • Anti-malware: scans files against a database of known threats; quarantines or deletes infected files.
  • Authentication: verifies identity via passwords, biometrics, or two-step verification.
  • Firewalls: scans incoming/outgoing traffic and blocks/allows data based on security rules.
  • Proxy servers: intermediaries that provide anonymity by hiding IP addresses and filtering harmful traffic.
  • SSL protocol: encrypts data between a browser and server; identified by https and a padlock.
  • Automated updates: installs latest security patches in the background to reduce vulnerabilities.
  • User vigilance: checking the spelling/tone of communications and verifying the URL of links before clicking.

Exam Traps

  • A firewall filters network traffic by rules; anti-malware scans files for known threats — do not use them interchangeably as the same solution.

0/15

Ad Banner Placeholder