Keeping Data Safe (Cambridge (CIE) O Level Computer Science)
Revision Note
Written by: Robert Hampton
Reviewed by: James Woodhouse
Access Levels
What are access levels?
Access levels ensure users of a network can access what they need to access and do not have access to information/resources they shouldn't
Users can have designated roles on a network
Access levels can be set based on a user's role, responsibility, or clearance level
Full access - this allows the user to open, create, edit & delete files
Read-only access - this only allows the user to open files without editing or deleting
No access - this hides the file from the user
Some examples of different levels of access to a school network could include:
Administrators: Unrestricted - Can access all areas of the network
Teaching Staff: Partially restricted - Can access all student data but cannot access other staff members' data
Students: Restricted - Can only access their own data and files
Users and groups of users can be given specific file permissions
Anti Malware
What is anti-malware software?
Anti-malware software is a term used to describe a combination of different software to prevent computers from being susceptible to viruses and other malicious software
The different software anti-malware includes are
Anti-virus
Anti-spam
Anti-spyware
How does anti-malware work?
Anti-malware scans through email attachments, websites and downloaded files to search for issues
Anti-malware software has a list of known malware signatures to block immediately if they try to access your device in any way
Anti-malware will also perform checks for updates to ensure the database of known issues is up to date
Authentication
What is authentication?
Authentication is the process of ensuring that a system is secure by asking the user to complete tasks to prove they are an authorised user of the system
Authentication is done because bots can submit data in online forms
Authentication can be done in several ways, these include
Usernames and passwords
Multi-factor authentication
CAPTCHA - see example below
Biometrics
Biometrics use biological data for authentication by identifying unique physical characteristics of a human such as fingerprints, facial recognition, or iris scans
Biometric authentication is more secure than using passwords as:
A biometric password cannot be guessed
It is very difficult to fake a biometric password
A biometric password cannot be recorded by spyware
A perpetrator cannot shoulder surf to see a biometric password
Automating Software Updates
What are automatic software updates?
Automatic software updates take away the need for a user to remember to keep software updated and reduce the risk of software flaws/vulnerabilities being targeted in out of date software
Automatic updates ensure fast deployment of updates as they release
Communication
What is communication?
One way of protecting data is by monitoring digital communication to check for errors in the spelling and grammar or tone of the communication
Phishing scams often involve communication with users, monitoring it can be effective as:
Rushed - emails and texts pretending to be from a reputable company are focused on quantity rather than quality and often contain basic spelling and grammar errors
Urgency - emails using a tone that creates panic or makes a user feel rushed is often a sign that something is suspicious
Professionalism - emails from reputable companies should have flawless spelling and grammar
URL
How to check a URL?
Checking the URL attached to a link is another way to prevent phishing attacks
Hackers often use fake URLs to trick users into visiting fraudulent websites
e.g. http://amaz.on.co.uk/ rather than http://amazon.co.uk/
If you are unsure, always check the website URL before clicking any links contained in an email
Firewalls
What is a firewall?
A firewall monitors incoming and outgoing network traffic and uses a set of rules to determine which traffic to allow
A firewall prevents unwanted traffic from entering a network by filtering requests to ensure they are legitimate
It can be both hardware and software and they are often used together to provide stronger security to a network
Hardware firewalls will protect the whole network and prevent unauthorised traffic
Software firewalls will protect the individual devices on the network, monitoring the data going to and from each computer
What form of attack would this prevent?
Hackers
Malware
Unauthorised access to a network
Privacy Settings
What are privacy settings?
Privacy settings are used to control the amount of personal information that is shared online
They are an important measure to prevent identity theft and other forms of online fraud
Users should regularly review their privacy settings and adjust them as needed
Proxy Servers
What is a proxy server?
A proxy-server is used to hide a user's IP address and location, making it more difficult for hackers to track them
They act as a firewall and can also be used to filter web traffic by setting criteria for traffic
Malicious content is blocked and a warning message can be sent to the user
Proxy-servers are a useful security measure for protecting against external security threats as it can direct traffic away from the server
SSL
What is SSL?
Secure Socket Layer (SSL) is a security protocol which is used to encrypt data transmitted over the internet
This helps to prevent eavesdropping and other forms of interception
SSL is widely used to protect online transactions, such as those involving credit card information or other sensitive data
It works by sending a digital certificate to the user’s browser
This contains the public key which can be used for authentication
Once the certificate is authenticated, the transaction will begin
Worked Example
(i) ) Identify a security solution that could be used to protect a computer from a computer virus, hacking and spyware.
Each security solution must be different
Threat | Security solution |
---|---|
Phishing | |
DDoS attack | |
Hacking |
[3]
(ii) Describe how each security solution you identified in (i) will help protect the computer.
[6]
Answers
(i)
Threat | Security solution |
---|---|
Phishing | Monitoring communication |
Brute force attack | Authentication |
Hacking | Firewall/Biometrics |
(ii) Two marks for each description
Monitoring communication
Checking for spelling & grammar errors
Reading tone, is the user being rushed? // is the user made to panic?
Authentication
Checks the user is they say they are
Captcha proves they are not a bot
Passwords lock out after a set number of attempts
Firewall
Monitors traffic coming into and out of the computer system
Checks that the traffic meets any criteria/rules set
Blocks any traffic that does not meet the criteria/rules set // set blacklist/whitelist
Biometrics
Data needed to enter is unique to individual
… therefore it is very difficult to replicate
Lock out after set number of attempts
Last updated:
You've read 0 of your 10 free revision notes
Unlock more, it's free!
Did this page help you?