The Internet and the
World Wide Web
Features of a Browser
- Stores bookmarks
- They keep a history of websites visited by the user (Stores History)
- Allow multiple tabs/web pages to be open
- Allows the user to enter a URL/IP into the address bar
- Manages HTTP/HTTPS protocol
- Requests IP from DNS
- Sends a request to the IP address/web server to obtain the contents of a web page
- Browsers interpret the HTML from websites and show the results
- Allows files to be downloaded from website/internet
From Past Papers
Retrieval and location of web pages
(Step 1) The user opens their browser and types in the URL and the browser asks the DNS server 1 for the IP address of the website.
(Step 2) If the DNS server can’t find the URL in its database or its cache, it sends out a request to a DNS server 2.
(Step 3) The DNS server 2 finds the URL and this IP address is sent back to the DNS server 1 which now puts this IP address and associated URL into its cache/database.
(Step 4) This IP address is then sent back to the user’s computer.
(Step 5) The computer now sets up a communication with the website server and the required pages are downloaded. HTML files are sent from the website server to the computer. The browser interprets the HTML, which is used to structure content, and then displays the information on the user’s computer.
From Text Books
Cookies and their features
Cookies store personal details, login details, track user preferences and hold items in an online shopping cart. These are some examples.
There are 2 types of cookies with different functions:
- Session cookies are temporary cookies stored in the temporary memory (RAM). These session cookies are removed from memory when the browser is closed.
- Persistent cookies are cookies stored on the computer’s hard drive. They are stored on the hard drive of a user’s computer until the expiry date is reached or the user deletes it. These cookies remain in operation on the user’s computer even after the browser is closed or the website session is terminated
From Text Books
Examples of both types of Cookies
Session cookies
- Shopping Cart Information: In e-commerce websites, session cookies often store details about the items a user has added to their shopping cart
Persistent cookies
- User Preferences: Persistent cookies are often used to store user preferences, such as language preferences, theme choices, or other customization options.
- Login Information: Some websites use persistent cookies to remember a user’s login information, allowing them to stay logged in across multiple sessions.
From Text Books
Digital Currency
What is meant by Digital Currency? Give Examples
A currency that exists only in electronic form (P1). One example of digital currency is Crypto Currency. (P2)
From Past Papers
Describe the process of Block Chain in Digital Currency
It acts as a ledger (P1) by tracking each transaction (P2). It keeps a series of time-stamped records (P3) that cannot be altered (P4).
From Past Papers
Cyber Security
Brute Force Attacks
Brute forcing consists of Trial and error to guess a password (P1). Different Combinations (of letters, numbers, and symbols) are repeatedly entered (P2) until the correct password is found (P3). This process can be carried out manually or automatically by software (P4).
To prevent Brute Force attacks, you can use Two-step verification//Two-factor authentication (P0) or Biometrics (P0) or Firewall (P0) or Proxy-server (P0) or Strong/complex password (P0) or setting a limit for login attempts (P0).
From Past Papers
Data interception
Data interception involves stealing information by accessing a wired or wireless communication link (P1) . This can be done using a packet sniffer, a tool that examines data packets transmitted over a network (P2) . The intercepted data is sent back to the hacker (P3) . Using this method, data can be intercepted using a laptop or smartphone, antenna and a GPS device (together with some software) (P4) .
To prevent data interception, use a firewall (P) or WEP protocal (P).
Modelled From Past Papers (Mark division may not be accurate)
Distributed Denial of Service (DDoS)
A denial of service uses multiple computers are used as bots. (P1). It is designed to deny people access to a website (P2) a large number of requests are sent to a server (P3) all at the same time (P4).the server is unable to respond / struggles to respond to all the requests (P5). The server fails / times out as a result (P6).
To Prevent enial of service, you can use Firewall (P) or a Proxy Server (P)
From Past Papers
Hacking
Hacking is the unauthorized access to a computer system (P1) , leading to potential issues like identity theft and data manipulation (P2). Encryption helps make data incomprehensible to hackers, but it doesn’t stop them from deleting, corrupting or passing the data (P3). Preventive measures like firewalls, and strong, regularly updated passwords are essential (P4).
Modelled From Past Papers (Mark division may not be accurate)
Virus
Software/code that replicates (P1) when the user runs it (P2) . Virus needs an active host to work (P2). Deletes/damages/ corrupts data/files (P3). Takes up storage / memory space (P3)
From Past Papers
Worms
Software/code that replicates itself on a network (P1) without user input / without active host (P2) Deletes/damages/corrupts data/files (P2) takes up storage /memory space (P2). Used to deposit other malware on networked computers (P3).
From Past Papers
Trojan Horse
Software/code that is hidden within other software/Software that is disguised as authentic software (P1) when downloaded/ installed the other malware that it contains is installed (P2)
From Past Papers
Spyware
Monitors and relays user activity. (example: key presses /key logging software) (P1). User activity/key presses can be analyzed to find sensitive data (example: passwords) (P2).
From Past Papers
Adware
Software/code that generates /displays unwanted adverts on a user’s computer (P1). Some Adware may contain spyware/other malware (P2). Reduces device performance /reduces internet speed (P3). Redirects internet searches/user to fake websites (P4)
From Past Papers
Ransomware
Software/code that stops a user accessing/using their computer /data (P1) by encrypting the data /files/computer (P2) A fee has to be paid to decrypt the data / A fee has to be paid to ‘release’ the computer/device/data (P3).
From Past Papers
Pharming
Pharming involves the installation of malicious code on a user’s computer/an infected website (P1). This code redirects the user’s browser to a fake website (P2), requiring no action from the user (P3). Allows the creator of the malicious code to acquire personal data, including sensitive information like bank details (P4).
Check the spelling and tone of the email/website (P) or Checking the URL attached to a link (P) or Scanning a download with anti-malware (P) or Only downloading data/software from trusted sources (P) or Never providing personal details online (P) or Install a firewall to check if the website is valid (P).
Modelled From Past Papers (Mark division may not be accurate)
Phishing
Phishing takes place when a cybercriminal sends convincing emails to users (P1), which may include links or attachments leading to fraudulent websites (P2). The recipient has to initiate some act before the phishing scam can cause any harm (P3).
Fake emails are often recognizable by generic greetings like “Dear Customer” /similar patterns (P). Look out for HTTPS or the green padlock symbol in the address bar (P). Regularly review online accounts (P), along with the regular updating of passwords (P).
Modelled From Past Papers
Social Engineering
Social Engineering consists of Manipulating/deceiving/ tricking people (P1) to obtain data/to force them to make an error (P2). There is no hacking involved, since the user is willingly allowing the cybercriminal to have access to their computer, to download malicious software or visit fake websites; the user is rushed into making rash decisions.
From Past Papers
Process of SSL and how it works
From Past Papers
SSL is a (security) protocol (P1). It encrypts any data that is sent (P2). It uses digital certificates (P3) which are sent to the user’s browser/ requested by the user’s browser (P4). Digital Certificates contain the website’s public key (P5) that can be used to authenticate the gallery (P6). Once the certificate is authenticated, the transaction will begin. (P7)
What is meant by HTTPS
From Past Papers
Hypertext Transfer Protocol Secure (P1) is a set of rules/standards (P2). It is a secure version of HTTP (P3). It uses TLS / SSL (P4) to secure the data (P5). Uses encryption(P6).
Differences between Session and Persistent Cookies
From Past Papers
Session cookies are stored in memory/RAM (P1) whereas persistent cookies are stored on the hard drive/secondary storage (P2). When the browser is closed a session cookie is lost (P3) whereas a persistent cookie is not lost (P4) until deleted by the user/they expire (P5).
Similarities and Differences between Phishing and Pharming
From Past Papers
Similarities
- Both are designed to steal personal data
- They both pose as a real company/person
Differences
- Pharming uses malicious code installed on hard drive
- Phishing is in form of an email
- Phishing requires use to follow a link / open an attachment
Similarities and Differences between Proxy Servers and Fire Walls
From Past Papers
Similarities
• Check incoming and outgoing signals // filter traffic
• Store whitelist/blacklist
• Block incoming/outgoing signals
• Both block unauthorized access
• Keep a log of traffic
• Both can be hardware or software (or both)
Differences
• Proxy can hide user’s IP address, firewall does not hide the user’s IP address
• Proxy intention is to divert attack from server, firewall is to stop unauthorised access
• Proxy protects a server, firewall protects individual computer
• Proxy processes client-side requests whereas firewall filters packets
• Proxy transmits website data to the user, but a firewall does not
• Proxy allows faster access to a web page using cache, but a firewall
does not (allow faster access or have cache)
• Proxy can hide internal network from internet, but a firewall cannot
Access Levels
Providing users with different permission for the data (P1) and Limiting access to reading data or limiting the data that can be viewed (P2) . Limiting access to editing data // limiting the data that can be deleted / changed (P3) . Normally linked to a username (P4) .
From Past Papers
Authentication
Authentication refers to the ability of a user to prove who they are (P1). There are three common factors used in authentication: something you know (for example, a password or PIN code) (P2), something you have (for example, a mobile phone or tablet) (P3) or something which is unique to you (for example, biometrics) (P4).
Modelled From Past Papers (Mark division may not be accurate)
Advantages of Biometric Passwords
A biometric password cannot be guessed (P1) and it is very difficult to fake a biometric password (P2), A biometric password cannot be recorded by a keylogger/spyware (P3). A perpetrator cannot shoulder surf to see a biometric password (P4).
Modelled From Past Papers (Mark division may not be accurate)
Biometric Passwords
Uses biological data (P1) and It uses characteristics/features that belong to a human (P2) .
From Past Papers
© Copyright 2024 - Made with Passion