GCSEComputer ScienceEdexcelRevision Notes4. NetworksNetwork SecurityThe Importance of Network Security

The Importance of Network Security (Edexcel GCSE Computer Science)

Revision Note

Robert Hampton

What is network security?

  • Network security is any activity designed to protect a network and it's data from internal and external threats

  • A network vulnerability is a weakness that can be exploited by a criminal to gain unauthorised access to information or resources

Identifying Network Vulnerabilities

What are common network vulnerabilities?

  • Examples of common network vulnerabilities are:

    • Weak passwords

    • Outdated software

    • Malware

    • Poorly configured firewalls

Weak passwords

  • A week password is a password with less than 8-12 characters and does not contain a combination of:

    • Upper case characters

    • Lower case characters

    • Numbers

    • Special characters (*, #. ! etc.)

  • Predictable patterns make a weak password, for example, using birthdays, names and/or keyboard patterns (qwerty)

  • Weak passwords can lead to hackers deploying brute force attacks, which can lead to:

    • Data theft

    • Access to private information

    • Further attacks

Outdated software

  • Outdated software is software that has not been patched or updated regularly

  • Outdated software can lead to hackers exploiting vulnerabilities in source code

Malware

  • Malware is malicious software designed to cause harm to a network or computer system

  • Examples of issues that malware can cause are:

    • File deletion/corruption

    • Use system resources - slow down performance/internet

    • Logging key strokes

Poorly configured firewalls

  • A firewall is designed to monitor incoming and outgoing traffic from a network

  • A poorly configured firewall can lead to malicious software getting in or cause it to spread

Penetration Testing & Ethical Hacking

What is penetration testing?

  • Penetration testing is the process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access

  • A company will employ penetration testers to test a networks security and use any information gained to to fix any issues that are found

  • There are two main types of penetration testing:

    • Internal (white-box)

    • External (black-box)

Internal (white-box)

  • When the person or team testing the system has knowledge of and possibly basic credentials for the target system, simulating an attack from inside the system

External (black-box)

  • When the person or team testing the system has no knowledge of any credentials for the target system, simulating an attack from outside the system

What is ethical hacking?

  • Ethical hacking is attempting to gain unauthorised access to a network or computer system with the intention of helping to fix any vulnerabilities

  • Ethical hackers have permission from the system owner

  • There are 3 categories of hackers:

White-hat hackers

Grey-hat hackers

Black-hat hackers

  • Security experts

  • Employed to carry out white-box/black-box testing

  • Ethical hackers

  • Not employed to carry out testing

  • Technically illegal

  • Any vulnerabilities are reported so they can be fixed

  • Criminals

  • Tries to gain unauthorised access with intent to cause harm

Last updated:

You've read 0 of your 10 free revision notes

Unlock more, it's free!

Join the 100,000+ Students that ❤️ Save My Exams

the (exam) results speak for themselves:

    Next topic

    Did this page help you?

    Robert Hampton

    Author: Robert Hampton

    Expertise: Computer Science Content Creator

    Rob has over 16 years' experience teaching Computer Science and ICT at KS3 & GCSE levels. Rob has demonstrated strong leadership as Head of Department since 2012 and previously supported teacher development as a Specialist Leader of Education, empowering departments to excel in Computer Science. Beyond his tech expertise, Robert embraces the virtual world as an avid gamer, conquering digital battlefields when he's not coding.

    James Woodhouse

    Author: James Woodhouse

    Expertise: Computer Science

    James graduated from the University of Sunderland with a degree in ICT and Computing education. He has over 14 years of experience both teaching and leading in Computer Science, specialising in teaching GCSE and A-level. James has held various leadership roles, including Head of Computer Science and coordinator positions for Key Stage 3 and Key Stage 4. James has a keen interest in networking security and technologies aimed at preventing security breaches.