GCSE CS (2210) / IGCSE CS (0478) P1 NOTES BY AWAB AQIB

CHAPTER 1.4: SECURITY

MEANS OF DATA DAMAGE

-Human error (e.g. deleting/overwriting data)

-Physical damage
-Power failure/surge
-Hardware failure
-Software crashing

POTENTIAL SECURITY THREATS WHILE USING THE INTERNET

1. Denial Of Service Attack (DoS)

-a large number of requests are sent to the network/server all at once
-designed to flood a network/server with useless traffic/requests
-the network/server will come to a halt/stop trying to deal with all the traffic/requests
-prevents users from gaining access to a website/server
2. Viruses
-software that replicates
-causes loss/corruption of data computer may “crash”/run slow
-designed to amend/delete/copy data and files on a user’s computer without their consent
-protection by use of /run anti-virus (software)
-do not download software or data from unknown sources
3. Hacking/Cracking
-illegal/unauthorized access to a system/data and changing it e.g. source code of an app
-protection by use of passwords/user ids. use of firewalls, encryption

4. Phishing

-creator of code sends out a legitimate-looking email

-in the hope of gathering personal and financial data from the recipient
-it requires the email or attachment to be opened first
-protection by do not opening emails/attachments from unknown sources
-some firewalls can detect fake/bogus websites

5. Pharming
-malicious code installed on user’s hard drive / computer
-user is redirected to a fake website (where personal data may be obtained)
-without their consent and knowledge to steal their personal data
-protection by only trusting secure websites, e.g. look for https in URL

awabaqibb@gmail.com https://www.youtube.com/c/awabaqib/
 GCSE CS (2210) / IGCSE CS (0478) P1 NOTES BY AWAB AQIB

CHAPTER 1.4: SECURITY

6. Spyware
-software that gathers information by monitoring key presses
-on a user’s computer and relays the information
-back to the person who sent the software
-protection by installing anti-spyware and anti-virus

7. Spam
- Junk / unwanted email
– Sent to large numbers of people
– Used for advertising / spreading malware
– Fills up mail boxes

WAYS OF PROTECTING DATA WHILE SENDING OVER A NETWORK

1. Encryption

-Encryption is the process of converting data to an unrecognizable or form

-It is used to protect sensitive information so that only authorized parties can view it.
-There are two types of Encryptions symmetric (private key), asymmetric (private, public key)
-convert the plaintext to cipher text and send it
-decrypt the cipher text on the other end to receive the original message

How to send an encrypted message using Symmetric Encryption

-Personal message before encryption is the plain text
-The plain text is encrypted using an encryption algorithm
-The plain text is encrypted using a key
-The encrypted text is cipher text
-The key is transmitted separately from the text
-The key is used to decrypt the cipher text after transmission

Method to increase the level of security of Encryption:

-Increase length / more bits used for key
-will generate more possibilities for key
-less chance of decryption by brute force method

2.Secure Socket Layer Protocol (SSL Protocol)

-cryptographic protocol, to provide security over a computer network using encryption
-Encryption is asymmetric / symmetric / both
-Makes use of public and private keys
-Data is meaningless without decryption key, if intercepted
-Used for Online banking, Online shopping, Email, Cloud based storage, Intranet/extranet

awabaqibb@gmail.com https://www.youtube.com/c/awabaqib/
 GCSE CS (2210) / IGCSE CS (0478) P1 NOTES BY AWAB AQIB

CHAPTER 1.4: SECURITY

Stages through which a user accesses a secured website with SSL deployed
OR
How a browser identifies whether a website is Secured or Not

- the web browser attempts to connect to a web site which is secured by SSL
- the web browser requests the web server to identify itself
- the web server sends the web browser a copy of its SSL certificate
- the web browser checks whether the SSL certificate is trustworthy
- if it is then the web browser sends a message back to the web server
- the web server will send back acknowledgement the SSL encrypted session to begin
- the encrypted data is then shared securely between web browser and server

3.Transport Layer Security (TLS)

-It is a security protocol
-It encrypts data sent over the web/network
-It is the updated version of SSL
-It has two layers, a handshake layer and a record layer
-Used for Online banking, Online shopping, Email, Cloud based storage, Intranet/extranet

4. Firewall
-examines/monitors traffic to and from a user’s computer and a network/Internet
-checks whether incoming and outgoing traffic meets a given set of criteria/rules
-firewall blocks/filters traffic/website that doesn’t meet the criteria/rules
-logs all incoming and outgoing traffic
-can prevent viruses or hackers gaining access
-can be both software and hardware
-blocks/filters access to specified IP addresses/websites
-warns of attempted unauthorized access to the system

5. Proxy Server
-Prevents direct access to the webserver, sits between user and webserver
-If an attack is launched it, hits the proxy server instead
-can be used to help prevent DDOS (Distributed Denial of Service) hacking of webserver
-Used to direct invalid traffic away from the webserver
-Traffic is examined by the proxy server
-If traffic is valid the data from the webserver will be obtained by the user
-If traffic is invalid the request to obtain data is declined
-Can block requests from certain IP addresses

6. Password protected / biometrics

-To help prevent unauthorized access

awabaqibb@gmail.com https://www.youtube.com/c/awabaqib/
 GCSE CS (2210) / IGCSE CS (0478) P1 NOTES BY AWAB AQIB

CHAPTER 1.4: SECURITY

7. Anti-Virus software
-Helps prevent data corruption or deletion
-Identifies / removes a virus in the system
-Scans a system for viruses

8. Spyware checking software

-Helps prevent data being stolen/copied/logged
-Scans a system for spyware

9.Drop-down input methods / selectable features

-To reduce risk of spyware / keylogging
-can stop key presses being recorded
-can stop key presses being relayed
-drop down boxes cannot be recorded as key presses

10.Physical methods
-Locked doors / cctv timeout / auto log off, to help prevent unauthorized access

11.Network / company policies training employees

-To educate users how to be vigilant

12.Access rights
-Allows users access to data that they have permission to view
-Maintain a hierarchy of levels of users, each having different levels of access e.g. admin,
employee, guest

TYPES OF PASSWORDS TO SECURE DATA

Text based password

-Minimum number of characters that can be typed using a keyboard
-Can be changed by the user

Biometric password
-A stored physical measurement e.g. fingerprint, retina scan, voice/face recognition
-That is compared to a previously scanned human measurement

Difference between Text and Biometric password

-Text based passwords are easier to hack than biometric passwords
-Biometric passwords are unique to that person/cannot be shared

awabaqibb@gmail.com https://www.youtube.com/c/awabaqib/