What is the primary difference between a computer Virus and a computer Worm?

A virus requires a host file or human action (like running a program) to replicate and spread. In contrast, a worm is a standalone piece of software that can self-replicate and spread automatically across network connections without human intervention.

How does Phishing differ from Spear Phishing?

Phishing is a broad, 'cast-a-wide-net' approach targeting a large number of people with generic deceptive messages. Spear Phishing is a highly targeted attack where the message is customized for a specific individual or organization to increase the likelihood of success.

What is the difference between Symmetric and Asymmetric Encryption?

Symmetric encryption uses the same single key for both encryption and decryption, requiring the key to be shared securely. Asymmetric encryption uses a pair of keys (public and private); data encrypted with the public key can only be decrypted by the corresponding private key.

What is the danger of 'Security through Obscurity'?

This approach relies on keeping the design or implementation of a system secret as the primary security method. It is considered a common error because once the secret is discovered (e.g., through reverse engineering), the system has no actual security layers left to protect it.

Why is it a misconception to assume a website is safe just because it uses HTTPS?

HTTPS only ensures that the communication between your browser and the server is encrypted (Confidentiality). It does not guarantee that the website itself is legitimate; a malicious phishing site can still use HTTPS to appear trustworthy while stealing your data.

What is the risk of neglecting 'Patch Management'?

Neglecting patches leaves known vulnerabilities unaddressed, providing attackers with an easy 'open door' into the system. Most cyberattacks exploit vulnerabilities for which a security patch has already been released but not yet applied by the user.

Ransomware is a type of malware that encrypts a victim's files or locks their system, making the data inaccessible. The attacker then demands a ransom payment, usually in cryptocurrency, in exchange for the decryption key.

What is a 'Distributed Denial of Service' (DDoS) attack?

A DDoS attack is a malicious attempt to disrupt the normal traffic of a targeted server or network by overwhelming it with a flood of Internet traffic. It achieves this by using multiple compromised computer systems (a botnet) as sources of attack traffic.

Define 'Social Engineering' in the context of cyber security.

Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. It exploits human traits like trust, fear, or urgency rather than technical software flaws.

Explain the 'Integrity' component of the CIA Triad.

Integrity involves maintaining the consistency, accuracy, and trustworthiness of data over its entire life cycle. It ensures that data cannot be modified by unauthorized people or in an undetected manner, often verified through checksums or digital signatures.

Cyber Security & Threats | AQA GCSE Computer Science

Cyber Security & Threats

Summary

Cyber security is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Understanding the landscape of threats and the principles of defense is essential for maintaining the integrity of digital infrastructure.

1. Definition & Core Concepts

Cyber Security: The body of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access.
The CIA Triad: The foundational model for information security consisting of three key principles: Confidentiality (ensuring only authorized users have access), Integrity (ensuring data is accurate and hasn't been tampered with), and Availability (ensuring systems and data are accessible when needed).
Vulnerability: A weakness in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.
Threat: Any circumstance or event with the potential to adversely impact organizational operations, assets, or individuals through an information system via unauthorized access, destruction, disclosure, or modification of information.

The CIA Triad diagram showing the intersection of Confidentiality, Integrity, and Availability.

2. Underlying Principles of Cyber Threats

Malware (Malicious Software): A broad term for any software intentionally designed to cause damage to a computer, server, client, or computer network. Common types include viruses, worms, and trojans.
Social Engineering: The art of manipulating people so they give up confidential information. It relies on human psychology rather than technical hacking techniques to gain access to systems.
Attack Vectors: The path or means by which a hacker gains access to a computer or network server in order to deliver a payload or malicious outcome. Examples include email attachments, malicious links, or unpatched software vulnerabilities.
Zero-Day Exploit: A cyberattack that occurs on the same day a vulnerability is discovered in software. At this stage, it is 'zero days' since the developer learned of the flaw, meaning no patch or fix is yet available.

3. Methods & Techniques of Attack

4. Key Distinctions

5. Exam Strategy & Tips