Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Computer science GCSE > Chapter 5: The internet and its uses > Flashcards

Chapter 5: The internet and its uses Flashcards

You may prefer our related Brainscape-certified flashcards:
GCSE Religious Studies - Edexcel Route A flashcards GCSE Religious Studies - Eduqas Route A flashcards GCSE Geography - AQA flashcards Biology 101 flashcards GCSE Religious Studies - Edexcel Route B flashcards GCSE Religious Studies - Eduqas Route B flashcards
1
Q

Definition of internet

A

the world-wide interconnection of networks; the internet makes use of TCP and IP protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Definition of World Wide Web

A

a massive collection of web pages and is based on hypertext transfer protocols (http and https)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Definition of (web) browser

A

software that connects to a domain name server (DNS) to locate IP addresses; a browser interprets HTML web pages sent to a user’s computer so that the user can read documents and watch multimedia

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Definition of hypertext mark-up language (HTML)

A

the language used to design, display and format web pages, and to write http(s) protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Definition of uniform resource locator (URL)

A

a text-based address for a web page

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Definition of hypertext transfer protocol secure (https)

A

http with extra security (such as SSL) applied

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Definition of hyperlink

A

highlighted text or an image that is activated by clicking and links to further text, images, a web page or a website

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Definition of domain name server (DNS)

A

a server that looks up domain names for websites in order to find the IP addresses that a computer needs to locate the web servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Definition of cookie

A

a text file sent from a website to a user’s browser; it is used to remember user preferences each time they visit the website

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Definition of user preferences

A

settings or options stored in cookies that can remember customised web pages or indicate browsing history to target adverts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Definition of session cookie

A

a cookie that is stored temporarily on a computer; it is deleted when the browser is closed or the website session ends

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Definition of persistent cookies

A

a cookie that is stored on the user’s hard drive and only deleted when the expiry date is reached or the cookie is deleted by the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Definition of virtual shopping basket

A

an area of memory in a website where items a user wishes to purchase are temporarily stored; items remain in the basket until payment is made or the session has ended

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Definition of digital currency

A

currency (a system of money) that exists in electronic form only; it has no physical form and is essentially data on a database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Definition of cryptocurrency

A

a form of digital currency that uses a chain of decentralised computers to control and monitor transactions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Definition of cryptography

A

the protection of data/information by use of coding; it usually involves encryption and decryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Definition of blockchain

A

a decentralised database where all transactions are stored; is consists of a number of interconnected computers but not a central server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Definition of timestamp

A

a digital record of the date and time that a data block is created in blockchain networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Definition of proof-of-work

A

the algorithm used in blockchain networks to confirm a transaction and to produce new blocks to add to the chain; special users called miners complete and monitor transactions on the network for a reward

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Definition of brute force attack

A

a ‘trial and error’ method used by cybercriminals to crack passwords by finding all possible combinations of letters, numbers and symbols until the password is found

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Definition of word list

A

a text file containing a collection of words used in a brute force attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Definition of data interception

A

an attempt to eavesdrop on a wired or wireless network transmission; cybercriminals often use packet sniffing or access point mapping / wardriving to intercept data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Definition of packet sniffing

A

a method used by a cybercriminal to examine data packets being sent over a network and to find the contents of a data packet, which are sent back to the cybercriminal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Definition of wardriving

A

using a laptop, antenna, GPS device and software to intercept Wi-Fi signals and illegally obtain data; sometimes called Access Point Mapping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Definition of wired equivalent privacy (WEP) encryption protocol security

A

an algorithm for wireless networks to protect them against data interception

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Definition of denial of service (DoS) attack

A

a cyberattack in which cybercriminals seek to disrupt the normal operation of a website by flooding it with requests; also used to clog up a user’s mailbox by sending out thousands of spam emails

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Definition of spam

A

unsolicited emails sent to a user’s mailbox

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Definition of hacking

A

the act of gaining illegal access to a computer system without the owner’s permission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Definition of malware

A

programs (such as viruses, worms and Trojan horses) installed on a user’s computer with the aim of deleting, corrupting or manipulating data illegally

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Definition of virus

A

a program or program code that replicates itself with the intention of deleting or corrupting files or by causing the computer system to malfunction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Definition of active host

A

functioning software that a virus can affect by attaching itself to the code or by altering the code to allow the virus to carry out its attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Definition of worm

A

a stand-alone type of malware that can self-replicate; unlike viruses, worms don’t need an active host; they can spread throughout a network without the need for any action by an end-user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Definition of Trojan horse

A

a type of malware that is designed to look like legitimate software but contains malicious code that can cause damage to a computer system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Definition of spyware

A

a type of malware that gathers information by monitoring a user’s activities on a computer and sends the gathered information back to the cybercriminal who sent out the spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Definition of adware

A

a type of malware that attempts to flood the end-user with unwanted advertising

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Definition of ransomware

A

a type of malware that encrypts data on a user’s computer and ‘holds the data hostage’ until a ransom is paid

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Definition of phishing

A

sending out legitimate-looking emails designed to trick the recipients into giving their personal details to the sender of the email

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Definition of spear phishing

A

similar to phishing but targeting specific people or organisations rather than carrying out a blanket attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Definition of pharming

A

redirecting a user to a fake website in order to illegally obtain personal data about the user without their knowledge; unlike phishing, pharming is initiated without needing any action by the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Definition of DNS cache poisoning

A

altering IP addresses on a domain name server (DNS) with the intention of redirecting a user’s browser to a fake website; carried out by a pharmer or hacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Definition of social engineering

A

manipulating people into breaking normal security procedures (such as giving away their password) in order to gain illegal access to computer systems or to place malware on their computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Definition of access levels

A

different levels of access in a computer system allowing a hierarchy of access levels depending on user’s level of security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Definition of anti-spyware

A

software that detects and removes spyware programs installed on a system; the software is based on typical spyware rules or known file structures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Definition of authentication

A

the process of proving a user’s identity by using something they know, something they have or something unique to them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Definition of biometrics

A

type of authentication that uses a unique human characteristic, such as fingerprints, voice or retina blood vessel pattern

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Definition of two-step verification

A

a type of authentication that requires two methods of verification to prove the identity of a user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Definition of patch

A

an update for software that is developed to improve the software and/or to remove any bugs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Definition of typo squatting

A

the use by cybercriminals of subtle spelling errors in website addresses used to trick users into visiting their fake websites

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Definition of firewall

A

software or hardware that sits between a computer and an external network (for example, the internet); the firewall monitors and filters all incoming and outgoing traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Definition of proxy server

A

a server that acts as an intermediary server through which internet requests are processed; it often makes use of cache memory to speed up web page access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Definition of privacy settings

A

controls available on social networking and other websites which allow users to limit who can access their profile or what they are allowed to see

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Definition of secure sockets layer (SSL)

A

a security protocol used when sending data over a network (such as the internet)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Definition of SSL certificate

A

a form of digital certificate which is used to authenticate a website; providing the SSL certificate can be authenticated, any communication or data exchange between browser and website is secure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Differences between the internet and the World Wide Web

A

Internet:
- users can send and receive emails
- allows online chatting (via text, audio and video)
- makes use of transmission protocols (TCP) and internet protocol (IP)
- it is a worldwide collection of interconnected networks and devices
World Wide Web (WWW)
- it is a collection of multimedia web pages and other information on websites
- http(s) protocols are written using hypertext mark-up language (HTML)
- uniform resource locators (URLs) are used to specify the location of web pages
- web resources are accessed by web browsers
- uses the internet to access information from web servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

What does the website address consist of?

A
  • domain host (www)
  • domain name (website name)
  • domain type (.com, .org, .net, .gov, for example)
  • and sometimes country code (.uk, .de, .cy, for example)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

What is the path?

A

The path is the web page, but is often omitted and it then becomes the root directory of the website

57
Q

What is the file name?

A

The file name is the item on the web page

58
Q

What are common features of browsers?

A
  • they have a home page
  • they can store a user’s favourite websites/web pages (referred to as bookmarks)
  • they keep a history of websites visited by the user (user history)
  • the have the ability to allow the user to navigate forwards and backwards through websites/web pages already opened
  • many web pages can be open at the same time by using multiple tabs
  • they make use of cookies
  • they make use of hyperlinks that allow navigation between websites and web pages
  • data is stored as a cache
  • make use of JavaScript
  • use an address bar
59
Q

In what way can hyperlinks be opened?

A
  • open in a new tab by using <ctrl> + <click></click></ctrl>
  • open in the same tab by simply clicking on the link
60
Q

How is DNS used to locate and retrieve a web page?

A
  1. The user opens their browser and types in the URL and the browser asks the DNS server (1) for the IP address of the website
  2. In this case, let’s assume the DNS server can’t find the URL in its database or its cache, so it sends out a request to a DNS server (2)
  3. The DNS server (2) finds the URL and can map it; this IP address is sent back to the DNS server (1) which now puts this IP address and associated URL into its cache/database
  4. This IP address is then sent back to the user’s computer
  5. The computer now sets up a communication with the website server and the required pages are downloaded. HTML files are sent from the website server to the computer. The browser interprets the HTML, which is used to structure content, and then displays the information on the user’s computer
    (NB: in this case, the IP address was found on the second DNS server)
61
Q

What are the two types of cookie?

A
  • session cookie
  • persistent (or permanent) cookie
62
Q

Uses of (persistent) cookies

A
  • allow the website to remember users’ passwords, email addresses and invoice details, so they won’t have to insert all of this information every time they visit or every time they purchase something from that website
  • serve as a memory, enabling the website to recognise users every time they visit it
  • save users’ items in a virtual shopping basket/cart
  • track internet habits and users’ website histories or favourites/bookmarks
  • target users with advertising that matches their previous buying or surfing habits
  • store users’ preferences (e.g. recognise customised web pages)
  • are used in online financial transactions
  • allow progress in online games and quizzes to be stored
  • allow social networking sites to recognise certain preferences and browsing histories
  • allow different languages to be used on the web pages automatically as soon as users log on
63
Q

How does cryptocurrency use decentralisation?

A
  • Cryptocurrency uses cryptography to track transactions; it was created to address the problems associated with the centralisation of digital currency
  • Traditional digital currencies are regulated by central banks and governments (in much the same way as fiat currencies). This means all transactions and exchange rates are determined by these two bodies. Cryptocurrency has no state control and all the rules are set by the cryptocurrency community itself
  • Unlike existing digital currencies, cryptocurrency transactions are publicly available and therefore all transactions can be tracked and the amount of money in the system is monitored
  • The cryptocurrency system works by being within a blockchain network which means it is much more secure
64
Q

What areas is blockchain used in?

A
  • cryptocurrency (digital currency) exchanges
  • smart contracts
  • research (particularly within pharmaceutical companies)
  • politics
  • education
65
Q

In a denial of service attack, what may the attacker be able to prevent the user from doing?

A
  • accessing their emails
  • accessing websites/web pages
  • accessing online services (such as banking)
66
Q

How could a website guard against a DDoS?

A
  • using an up-to-date malware checker
  • setting up a firewall to restrict traffic to and from the web server or user’s computer
  • applying email filters to filter out unwanted traffic (for example, spam)
67
Q

What are signs a user can look out for to see if they have become a victim of a DDoS attack?

A
  • slow network performance (opening files or accessing certain websites)
  • inability to access certain websites
  • large amounts of spam email reaching the user’s email account
68
Q

What are some examples of malware?

A
  • Viruses
  • Ransomware
  • Adware
  • Spyware
  • Trojan horse
  • Worms
69
Q

What can adware do?

A
  • highlight weaknesses in a user’s security defences
  • be hard to remove - it defeats most anti-malware software since it can be difficult to determine whether or not it is harmful
  • hijack a browser and create its own default search requests
70
Q

What are ways to prevent phishing attacks?

A
  • users need to be aware of new phishing scams; those people in industry or commerce should undergo frequent security awareness training to become aware of how to identify phishing (and pharming) scams
  • it is important not to click on any emails links unless totally certain that it is safe to do so; fake emails can often be identified by ‘Dear Customer …’ or ‘Dear email person@gmail.com …’ and so on
  • it is important to run anti-phishing toolbars on browsers (this includes tablets and mobile phones) since these will alert the user to malicious websites contained in an email
  • always look out for https or the green padlock symbol in the address bar
  • regular checks of online accounts are also advisable as well as maintaining passwords on a regular basis
  • ensure an up-to-date browser is running on the computer device (which contains all of the latest security upgrades) and run a good firewall in the background at all times; a combination of a desktop firewall (usually software) and a network firewall (usually hardware) considerably reduces the risk of hacking, pharming and phishing on network computers
  • be very wary of pop-ups and use the browser to block them; if pop-ups get through your defences, don’t click on ‘cancel’ since this can ultimately lead to phishing or pharming sites- the best option is to select the small x in the top right-hand corner of the pop-up window which closes it down
71
Q

Why does pharming pose a threat to data security?

A

Pharming redirects internet users to a fake or malicious website set up by, for example, a hacker; redirection from a legitimate website for the fake website can be done using DNS cache poisoning

72
Q

How is it possible to mitigate against the risk of pharming?

A
  • use of anti-virus software can detect unauthorised alterations to a website address and warn the user of the potential risks
  • However, if the DNS server itself has been infected (rather than the user’s computer) it is much more difficult to mitigate the risk
  • Many modern browsers can alert users to pharming and phishing attacks
  • It is very important to check the spelling of websites to ensure the web address used is correct
  • As with phishing, use of https or the green padlock in the address bar is an additional form of defence
73
Q

What are the five most common types of social engineering threat?

A
  • Instant messaging
  • Scareware (e.g. fake anti-virus that looks real)
  • Email/phishing scams
  • Baiting
  • Phone calls
74
Q

Social engineering: Instant messaging

A

Malicious links are embedded into instant messages; for example, an important software upgrade (relies on user’s curiosity)

75
Q

Social engineering: Scareware

A

This is often done using a pop-up message that claims that the user’s computer is infected with a virus; the user is told they need to download the fake anti-virus immediately (relies on user’s fear)

76
Q

Social engineering: Emails/phishing scams

A

The user is tricked by the apparent genuineness of an email and opens a link in the email; this redirects their browser to a fake website (relies on user’s trust of well-known companies)

77
Q

Social engineering: Baiting

A

The cybercriminal leaves a malware-infected memory stick somewhere where it can be found; the finder picks up the memory stick and plugs it into their computer (just to see who it belongs to) and wittingly downloads malicious malware (relies on user curiosity)

78
Q

Social engineering: Phone calls

A

For example, a so-called IT professional calls the user on their mobile claiming their device has been compromised in some way; the user is advised to download some special software that allows the cybercriminal to take over the user’s device giving them access to personal information (relies on fear)

79
Q

What are the three most common human emotions to exploit with social engineering?

A
  • Fear
  • Curiosity
  • Empathy and trust
80
Q

How is fear exploited with social engineering?

A

the user is panicked into believing their computer is in immediate danger and isn’t given time to logically decide if the danger is genuine or not; fear is a very powerful emotion that can easily be exploited by a cybercriminal

81
Q

How is curiosity exploited with social engineering?

A

the user can be tricked into believing they have won a car or they find an infected memory stick lying around; their curiosity gets the better of them and they give their details willingly to win the car (for example, credit card details to pay for delivery or road tax) or they are curious who the memory stick belongs to; without thinking clearly, their curiosity gets the better of them and the damage is done

82
Q

How is empathy and trust exploited with social engineering?

A

a real belief that all genuine-sounding companies can be trusted, therefore emails or phone calls coming from such companies must be safe; a dangerous assumption that the cybercriminal can exploit fully

83
Q

Stage 1 of a cybercriminal targeting their victim

A

The victims are identified; information about victim gathered and method of attack decided

84
Q

Stage 2 of a cybercriminal targeting their victim

A

At this stage the victim is being targeted (either through email, phone call, Trojan horse and so on; it all depends on who the victim is)

85
Q

Stage 3 of a cybercriminal targeting their victim

A

The attack on the victim is now executed allowing the cybercriminal to obtain the information or to cause the disruption decided on at Stage 1

86
Q

Stage 4 of a cybercriminal targeting their victim

A

When the cybercriminal has decided they have what they wanted then try to remove all traces of the malware to cover their tracks

87
Q

What are the four typical access levels in social networks?

A
  1. Public access (this refers to the data anyone from the general public can access)
  2. Friends (only people identified as ‘friends’ by the owner of the data can see certain data)
  3. Custom (this allows the user to further refine what data can be seen by ‘friends’ allowing them to exclude certain content from selected people)
  4. Data owner (this is data only the owner of the data can see)
88
Q

What methods can anti-spyware software be based on?

A
  • rules- in this case, the software looks for typical features which are usually associated with spyware thus identifying any potential security issues
  • file structures- in this case, there are certain file structures associated with potential spyware which allows them to be identified by the software
89
Q

What are the general features of anti-spyware?

A
  • detect and remove spyware already installed on a device
  • prevent a user from downloading spyware
  • encrypt files to make the data more secure in case it is ‘spied’ on
  • encryption of keyboard strokes to help remove the risk posed by the keylogging aspects of some spyware
  • blocks access to a user’s webcam and microphone (the software stops the spyware taking over the control of a user’s webcam and microphone which can by used to collect information without the user’s knowledge)
  • scans for signs that the user’s personal information has been stolen and warns the user if this has happened
90
Q

What are three common factors used in authentication?

A
  • something you know (e.g. a password or PIN code)
  • something you have (e.g. a mobile phone or tablet)
  • something which is unique to you (e.g. biometrics)
91
Q

When are passwords frequently used?

A
  • when accessing email accounts
  • when carrying out online banking or shopping
  • accessing social networking sites
92
Q

How can passwords be protected?

A
  • run anti-spyware software to make sure that your passwords aren’t being relayed back to whoever put spyware on your computer
  • change passwords on a regular basis in case they have come into the possession of another user, illegally or accidentally
  • passwords should be difficult to crack; passwords are grouped as either strong (hard to crack or guess) or weak (relatively easy to crack or guess)
93
Q

What should strong passwords contain?

A
  • at least one capital letter
  • at least one numerical value
  • at least one other keyboard character
94
Q

What are examples of biometrics?

A
  • fingerprint scans
  • retina scans
  • face recognition
  • voice recognition
95
Q

Benefits of fingerprint scans

A
  • it is one of the most developed biometric techniques
  • very easy to use
  • relatively small storage requirements for the biometric data created
96
Q

Drawbacks of fingerprint scanning

A
  • for some people it is very intrusive, since it is still related to criminal identification
  • it can make mistakes if the skin is dirty or damaged (e.g. cuts)
  • relatively expensive to install and set up
97
Q

Benefits of retina scans

A
  • very high accuracy
  • there is no known way to replicate a person’s retina
98
Q

Drawbacks of retina scans

A
  • it is very intrusive
  • it can be relatively slow to verify retina scan with stored scans
  • very expensive to install and set up
99
Q

Benefits of face recognition

A
  • non-intrusive method
  • relatively inexpensive technology
100
Q

Drawbacks of face recognition

A
  • it can be affected by changes in lighting, the person’s hair, change in age, and if the person is wearing glasses
101
Q

Benefits of voice recognition

A
  • non-intrusive method
  • verification takes less than 5 seconds
  • relatively inexpensive technology
102
Q

Drawbacks of voice recognition

A
  • a person’s voice can be easily recorded and used for unauthorised access
  • low accuracy
  • an illness such as a cold can change a person’s voice, making absolute identification difficult or impossible
103
Q

What actions should you take before opening an email or activating any link in it?

A
  • Check out the spellings in the email and in the links; professional, genuine organisations will not send out emails which contain spelling or major grammatical errors
  • Carefully check the tone used in the email message; if it is rushing you into doing something or if the language used seems inappropriate or incorrect, then it could be a phishing email or worse
104
Q

What are five things to look out for in an email to ensure it is safe and genuine?

A
  1. The email address itself; no legitimate company will use an email address such as @gmail.com
  2. The tone of the email and spelling
  3. Misspelling of domain names - beware of typo squatting
  4. Suspicious links
  5. Plain spelling mistakes
105
Q

What are the main tasks carried out by a firewall?

A
  • examines the ‘traffic’ between user’s computer (or internal network) and a public network (e.g. the internet)
  • checks whether incoming or outgoing data meets a given set of criteria
  • if the data fails the criteria, the firewall will block the ‘traffic’ and give the user (/ network manager) a warning that there may be a security issue
  • firewall can be used to log all incoming and outgoing ‘traffic’ to allow later interrogation by the user (/ network manager)
  • criteria can be set so that the firewall prevents access to certain undesirable sites; the firewall can keep a list of all undesirable IP addresses
  • it is possible for firewalls to help prevent viruses or hackers entering the user’s computer (or internal network)
  • the user is warned if some software on their system is trying to access an external data source (for example, automatic software upgrade); the user is given the option of allowing it to go ahead or request that such access is denied
106
Q

What are some circumstances where the firewall can’t prevent potential harmful ‘traffic’?

A
  • it cannot prevent individuals, on internal networks, using their own hardware devices (e.g. modems, smartphones) to bypass the firewall
  • employee misconduct or carelessness cannot be controlled by firewalls (for example, control of passwords or user accounts)
  • users on stand-alone computers can choose to disable the firewall, leaving their computer open to harmful ‘traffic’ from the internet
107
Q

Features of proxy servers

A
  • allows internet traffic to be filtered; it is possible to block access to a website if necessary
  • keeps users’ IP addresses secret which improves security
  • if the internet traffic is valid, access to the web server is allowed
  • if the internet traffic is invalid, access to the web server is denied
  • it is possible to block requests from certain IP addresses
  • prevents direct access to a web server by sitting between the user and the web server
  • if an attack is launched, it hits the proxy server instead - this helps to prevent hacking, DoS, and so on
  • used to direct invalid traffic away from web servers which gives additional protection
  • by using the feature known as a cache, it is possible to speed up access to information/data from a website; when the website is first visited, the home page is stored on the proxy server; when the user next visits the website, it now comes from the proxy server cache instead, giving much faster access
  • can also act as firewalls
108
Q

What can privacy settings refer to?

A
  • a ‘do not track’ setting; the intention here is to stop websites collecting and using browsing data which leads to improved security
  • a check to see if payment methods have been saved on websites; this is a useful safety feature which prevents to need to type in payment details again (every time you type in financial details, there will be a risk of data interception)
  • safer browsing- an alert is given when the browser encounters a potentially dangerous website (undesirable website will be in a ‘blacklist’ stored on user’s computer)
  • web browser privacy options (e.g. storing browsing history, storing cookies)
  • website advertising opt-outs; a website may be tracked by any number of third parties who gather information about your browsing behaviour for advertising purposes
  • apps; for instance, the sharing of location data in map apps can be switched off
109
Q

What are examples of where SSL would be used?

A
  • online banking and all online financial transactions
  • online shopping/commerce
  • when sending software out of a restricted list of users
  • sending and receiving emails
  • using cloud storage facilities
  • intranets and extranets (as well as the internet)
  • Voice over Internet Protocols (VoIP) when carrying out video chatting and/or audio chatting over the internet
  • used in instant messaging
  • when making use of a social networking site
110
Q

Features of the internet

A
  • Users can send and receive emails
  • allows online chatting (via text, audio and video)
  • makes use of transmission protocols (TCP) and internet protocols (IP)
  • a worldwide collection of interconnected networks and devices
111
Q

Features of the World Wide Web (WWW)

A
  • a collection of multimedia web pages and other information on websites
  • http(s) protocols are written using hypertext mark-up language (HTML)
  • uniform resource locators (URLs) are used to specify the location of web pages
  • web resources are accessed by web browsers
  • uses the internet to access information from web servers
112
Q

What does HTML stand for?

A

hypertext mark-up language

113
Q

What does URL stand for?

A

Uniform resource locators

114
Q

What does http stand for

A

hypertext transfer protocol

115
Q

What does the s stand for in https

A

secure

116
Q

What does DNS stand for

A

Domain Name Server

117
Q

What are the two types of cookie

A

session cookie
persistent (or permanent) cookie

118
Q

Types of malware

A

Viruses
Worms
Ransomware
Adware
Spyware
Trojan horse

119
Q

Types of social engineering

A

instant messaging
scareware
emails/phishing scams
baiting
phone calls

120
Q

What are the 4 stages in a typical social engineering scam?

A
  1. The victims are identified; information about victim gathered and method of attack decided
  2. At this stage the victim is being targeted (either through email, phone call, Trojan horse and so on; it all depends on who the victim is)
  3. The attack on the victim is now executed allowing the cybercriminal to obtain the information or to cause the disruption decided on at State 1
  4. When the cybercriminal has decided that they have what they wanted they try to remove all traces of the malware to cover their tracks
121
Q

Describe three of the features of web browsers

A

Three from:
- They have a home page
- Can store a user’s favourite websites (used as a bookmark)
- Keep a user history
- Have the ability to allow the user to navigate forwards and backwards through websites/web pages already opened; many webpages can be open at the same time (navigation)
- Make use of hyperlinks
- Make use of cookies
- Data is stored as a cache
- They translate HTML and display the result of the translation on the user’s device
- They make use of JavaScript
- They use an address bar

122
Q

Explain what is meant by a session cookie

A

A cookie that is stored temporarily on a computer

123
Q

Explain what is meant by a persistent cookie

A

A cookie that is only deleted when its expiry date is reached or it is deleted by the user

124
Q

Give three uses of cookies

A

Three from:
- They allow a website to remember a user’s details
- They allow a website to recognise a user every time they visit the website
- They can save a user’s items in a virtual shopping basket
- They can track a user’s internet habits and their browsing history or favourites (bookmarks)
- They can target users with advertising which matches previous buying/surfing habits
- They can store user preferences
- They allow different languages to be used on the webpage automatically as soon as a user logs onto the website
- They allow progress in online games/quizzes to be stored

125
Q

True or false: All digital currency systems use blockchaining

A

False

126
Q

True or False: Blockchaining uses a decentralised database

A

True

127
Q

True or False: The last block in a blockchain is known as the ‘genesis block’

A

False

128
Q

True or false: New hash values are only generated when data in a block is altered

A

False

129
Q

True or false: Tampering of data in a block by a hacker would cause the hash value to change

A

True

130
Q

True or false: Blocks are ‘policed’ by network users called ‘miners’

A

True

131
Q

When a new transaction in cryptocurrency takes place, a new block is created.
Name three values that would be created for this new block.

A
  • data (e.g. name of sender/recipient)
  • hash value (a unique ‘fingerprint’)
  • previous hash value (pointing backt o previous block in the chain)
132
Q

Explain the difference between digital currency and cryptocurrency

A
  • Cryptocurrency uses cryptography to track transactions
  • Digital currency uses a central banking system; whereas cryptocurrency is decentralised
  • Cryptocurrency uses block chaining
  • Cryptocurrency transactions are publicly available and therefore all transactions
133
Q

Give three of the features of typical anti-spyware software

A

Three from:
- it detects and removes spyware already installed on a device
- it prevents a user from downloading spyware
- it encrypts files to make the data more secure in case it is ‘spied’ on
- it encrypts keyboard strokes to help remove the risk posed by the keylogging aspects of some spyware
- it blocks access to a user’s webcam and microphone (the software stops the spyware from taking over the control of a user’s webcam and microphone which can be used to collect information without the user’s knowledge)
- it scans for signs that the user’s personal information has been stolen and warns the user if this has happened

134
Q

Explain the benefits to a user of allowing automatic updates to software on, for example, a smartphone

A
  • They contain ‘patches’ that contain software improvements, for example, removing glitches or adding new features
  • Updates may contain security fixes, such as improved antimalware routines
135
Q

One of the ways of checking the authenticity of emails and website links is to look out for spelling mistakes in the URL. Describe four other ways that can be used to identify potential fake emails and URL links. Include examples wherever possible in your answer.

A

Four from:
- email address gives clues, for example, no company will use an email such as ‘…@gmail.com’
- email address should contain the company name
- tone of email is a clear indication of a scam
- not only spelling mistakes, but the language used and the way the target victim is addressed, for example ‘Dear User’
- typo squatting
- suspicious links; the destination address should match the rest of the email
- some links (such as, How To Contact Us) don’t work
- look at the domain; for example, large companies would use .com rather than .co or .org

136
Q

Explain what is meant by SSL

A

A type of protocol that:
- allow data to be sent and received securely over a network
- encrypts data
- is active when the connection protocol is https or if there is a small green padlock by the website address

137
Q

Give three examples of where SSL would be used

A

Three from:
- online banking and financial transactions
- online shopping/commerce
- when sending out software to a restricted list of users
- sending/receiving emails
- using cloud storage facilities
- using VoIP
- when using instant messaging
- when using social networking sites

138
Q

Explain why firewalls are used

A
  • They can filter information in and out of a computer
  • They are the primary defence of any computer system to prevent it from hacking, malware, phishing and pharming
  • They can be hardware or software
139
Q

Give four of the tasks carried out by a firewall.

A

Four from:
- It is used to examine the ‘traffic’ between a user’s computer (or internal network) and a public network (e.g. the internet)
- It checks whether incoming or outgoing data meets a given set of criteria, and if the data fails the criteria, the firewall will block the ‘traffic’ and give the user (or network manager) a warning that there may be a security issue
- The firewall can be used to log all incoming and outgoing ‘traffic’ to allow later interrogation by the user (or network manager)
- Criteria can be set so that the firewall prevents access to certain undesirable sites; the firewall can keep a list of all undesirable IP addresses
- Alternatively, the firewall can be set to only allow access to known and trusted IP addresses
- It is therefore possible for firewalls to help prevent viruses or hackers from entering the user’s computer (or internal network)
- The user is warned if some software on their system is trying to access an external data source (e.g. automatic software upgrade); the user is given the option of allowing it to go ahead or request that such access is denied

Computer science GCSE (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions