What is the primary difference between a hardware firewall and a software firewall?

A hardware firewall is a standalone device that protects an entire network by filtering traffic at the gateway, whereas a software firewall is installed on an individual computer to protect that specific host.

How does Encryption differ from Physical Security in protecting data?

Encryption protects the data's content by making it unreadable to unauthorized users even if they gain access, while Physical Security prevents unauthorized users from reaching the hardware where the data is stored.

When should a company use Penetration Testing instead of just installing a Firewall?

Penetration Testing should be used to proactively find hidden vulnerabilities in software and configurations that a firewall might not block, such as logic flaws or unpatched services.

Why is it a mistake to rely solely on a Firewall for network protection?

Firewalls primarily control traffic flow; they may not detect malicious code hidden within 'allowed' traffic (like an email attachment), which is why anti-malware is also necessary.

What is the danger of giving all users 'Administrator' access levels?

If a standard user's account is compromised, the attacker gains full control over the entire network, whereas restricted access levels would limit the potential damage.

Why is failing to update anti-malware software a critical security risk?

Anti-malware relies on a database of known threat signatures; without updates, the software cannot recognize or block newly created malware released after the last update.

What is 'Penetration Testing'?

It is a security exercise where specialists (ethical hackers) are authorized to simulate an attack on a network to identify and report vulnerabilities so they can be fixed.

Define 'Biometrics' in the context of network security.

Biometrics are physical security measures that use unique biological traits, such as fingerprints, iris patterns, or facial features, to verify a user's identity.

What is 'Input Validation'?

It is a programming technique that checks and filters data entered by a user to ensure it matches expected formats, preventing malicious code like SQL injections from being processed.

What are 'User Access Levels'?

They are administrative settings that define the specific actions (Read, Write, Execute) a user can perform on files and folders based on their role in the organization.

Methods of Preventing a Network Attack | OCR GCSE Computer Science

1. Definition & Core Concepts

Network Prevention refers to the proactive strategies and tools used to block unauthorized access, malicious software, and data breaches before they occur.
Defense in Depth is the fundamental principle of layering multiple security controls so that if one fails, others are in place to stop the threat.
Vulnerability Management involves identifying weaknesses in a system through testing and patching them before they can be exploited by attackers.

A concentric circle diagram representing Defense in Depth, showing layers of Physical Security, Firewalls, and Anti-Malware protecting the central Data.

2. Network Perimeter Defense: Firewalls

Firewalls act as a filter between a private network and the public internet, inspecting every packet of data that attempts to enter or leave.
Rule-Based Filtering: Firewalls use a set of predefined criteria (rules) to determine whether to allow or block traffic based on IP addresses, ports, or protocols.
Hardware vs. Software: Hardware firewalls protect the entire network at the gateway, while software firewalls provide granular protection for individual host devices.

3. Endpoint Protection: Anti-Malware

Anti-Malware Software is a suite of tools designed to detect, quarantine, and remove malicious code such as viruses, worms, and spyware.
Signature Matching: This method compares files against a database of known malware 'signatures' or patterns to identify threats instantly.
Heuristic Analysis: Modern anti-malware also monitors for suspicious behavior (like a program trying to encrypt files) to catch new, previously unknown threats.

4. Access Control & Identity Management

User Access Levels implement the 'Principle of Least Privilege,' ensuring users only have the permissions necessary for their specific role.
Permission Types: Standard permissions include Read (viewing files), Write (modifying files), and Execute (running programs).
Authentication: Passwords and multi-factor authentication serve as digital locks to verify that a user is who they claim to be before granting access.

5. Data & Physical Security

Encryption transforms data into an unreadable format using an algorithm; even if data is intercepted, it cannot be understood without the correct decryption key.
Physical Barriers: Security measures like locked server rooms, CCTV, and biometrics (fingerprints/retinal scans) prevent direct physical tampering with hardware.
Input Validation: This technique prevents SQL injection by sanitizing data entered into web forms, ensuring malicious code cannot be executed against a database.

6. Key Distinctions

Feature	Firewall	Anti-Malware
Primary Goal	Control network traffic flow	Detect and remove malicious files
Location	Network boundary or host OS	Installed on individual devices
Method	Packet inspection & rules	Signature & behavior scanning
Method	Penetration Testing	Physical Security
---	---	---
Nature	Proactive digital simulation	Tangible environmental controls
Target	Software/Network vulnerabilities	Hardware and facility access

7. Exam Strategy & Tips

Identify the Threat First: When asked for a prevention method, first identify the specific attack (e.g., use Firewalls for DDoS, but Anti-malware for Viruses).
Describe, Don't Just Name: In long-answer questions, always explain how the method works (e.g., 'Firewalls scan packets against a set of rules').
Check for Redundancy: If a scenario mentions protecting a whole office, suggest a hardware firewall; if it mentions a remote laptop, suggest a software firewall.
Common Mistake: Do not confuse encryption with a firewall; encryption protects data content, while a firewall protects the connection.

Methods of Preventing a Network Attack

Summary

1. Definition & Core Concepts

2. Network Perimeter Defense: Firewalls

3. Endpoint Protection: Anti-Malware

4. Access Control & Identity Management

5. Data & Physical Security

6. Key Distinctions

7. Exam Strategy & Tips

Methods of Preventing a Network Attack

Summary

1. Definition & Core Concepts

2. Network Perimeter Defense: Firewalls

3. Endpoint Protection: Anti-Malware

4. Access Control & Identity Management

5. Data & Physical Security

6. Key Distinctions

7. Exam Strategy & Tips