What is the primary difference between Symmetric and Asymmetric encryption?

Symmetric encryption uses a single secret key for both encryption and decryption, requiring secure key distribution. Asymmetric encryption uses a mathematically linked pair of keys: a public key for encryption and a private key for decryption.

How does a hardware firewall differ from a software firewall in terms of scope?

A hardware firewall is a standalone device that protects the entire network at the perimeter. A software firewall is installed on a specific host (like a PC) and only protects that individual device's traffic.

When should an administrator choose a 'White List' approach over a 'Black List' for MAC filtering?

A White List should be used in high-security environments where only specific, known devices are permitted. It is more secure because it blocks all unknown devices by default, whereas a Black List only blocks known offenders.

What is the danger of relying solely on a single firewall for network security?

Relying on one firewall creates a single point of failure. If an attacker bypasses the firewall or if it misfunctions, the entire internal network becomes vulnerable, violating the principle of Defense in Depth.

Why is using only a password for authentication considered a security risk?

Passwords can be easily compromised through phishing, brute-force attacks, or social engineering. Without a second factor (like a biometric scan or a one-time code), an attacker gaining the password has full access.

What misconception exists regarding the relationship between encryption and data availability?

Many believe encryption protects all aspects of security, but it only ensures confidentiality and integrity. Encryption does not prevent a Denial of Service (DoS) attack from making the data unavailable to users.

Define 'Authentication' in the context of network security.

Authentication is the process of confirming that a user or system is who they claim to be. It typically involves checking credentials against a stored database of authorized users.

What is a 'Firewall'?

A firewall is a security system, either hardware or software-based, that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

What does 'MAC Address Filtering' involve?

It is a security method where the network identifies the unique Media Access Control (MAC) address of a device's network interface card to decide whether to grant it access to the network.

Why is the 'Integrity' component of the CIA triad critical for financial databases?

Integrity ensures that data has not been altered or tampered with by unauthorized parties. In finance, even a small unauthorized change to a balance or transaction record can have catastrophic consequences.

Network Security | AQA GCSE Computer Science

9. Fundamentals of Computer Networks

Network Security

Summary

Network security involves the implementation of policies and technical measures to protect the integrity, confidentiality, and accessibility of computer networks and data. It utilizes a multi-layered approach combining hardware, software, and procedural controls to mitigate risks from both external and internal threats.

1. Definition & Core Concepts

Network Security is the practice of preventing and protecting against unauthorized intrusion into corporate networks. It ensures that data remains secure and that the network infrastructure is resilient against attacks.
The CIA Triad is the foundational model for security: Confidentiality ensures data is only accessible to authorized users; Integrity maintains the accuracy and consistency of data; and Availability ensures the network and data are accessible when needed.
Authentication is the process of verifying the identity of a user or device. This is typically achieved through something the user knows (passwords), something they have (ID badges), or something they are (biometrics like fingerprints).

A concentric circle diagram representing Defense in Depth, showing layers of security protecting the central data.

2. Underlying Principles

Defense in Depth is a strategy that uses multiple security layers to protect an organization's assets. If one layer fails (e.g., a firewall), others (e.g., encryption or authentication) remain in place to stop the threat.
The Principle of Least Privilege (PoLP) dictates that users and systems should only have the minimum level of access necessary to perform their functions. This limits the potential damage if an account is compromised.
Network Segmentation involves dividing a larger network into smaller, isolated sub-networks. This prevents an attacker from moving laterally across the entire network if they gain access to one segment.

3. Methods & Techniques

Firewalls act as a barrier between a trusted internal network and untrusted external networks (like the internet). They filter incoming and outgoing traffic based on predefined security rules.
Encryption transforms readable data (plaintext) into an unreadable format (ciphertext) using mathematical algorithms. Only parties with the correct decryption key can revert the data to its original form.
MAC Address Filtering is a security technique where a network administrator configures a list of allowed (white list) or denied (black list) physical hardware addresses. Only devices with approved MAC addresses can connect to the network.

4. Key Distinctions

5. Exam Strategy & Tips

6. Common Pitfalls & Misconceptions