Scribd
Upload
12 views101 pages

Communication 1

The document outlines various aspects of computer security, including data integrity, privacy, and protection measures such as encryption, data backup, firewalls, and anti-malware software. It discusses methods to protect data online, the importance of data validation and verification, and the risks associated with malware, phishing, and pharming. Additionally, it explains the use of digital signatures and hashing algorithms to ensure authenticity and integrity of data during transmission.

Uploaded by

rahulrauniyar4129
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12 views101 pages

Communication 1

The document outlines various aspects of computer security, including data integrity, privacy, and protection measures such as encryption, data backup, firewalls, and anti-malware software. It discusses methods to protect data online, the importance of data validation and verification, and the risks associated with malware, phishing, and pharming. Additionally, it explains the use of digital signatures and hashing algorithms to ensure authenticity and integrity of data during transmission.

Uploaded by

rahulrauniyar4129
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 101

Security

COMPUTER SCIENCE 9618 PAPER 1


Security
Data Integrity Data Privacy Security

Ensuring the Ensuring data Is to keep


accuracy and can only be data safe
consistency accessed by Prevention
of data authorized of data loss
during and person e.g data
after backup.
processing
Ensuring the
data is up to
date.

Security Measures To Protect Computer


1) Encryption

Encryption scrambles the source code


Using an encryption key
If the file is accessed without authorization it will be
meaningless and wont me understandable
It requires a decryption key to unscramble the algorithm.
2) Data Backup

A copy of data will have been made and stored elsewhere


If the original data is lost, the backup can be used to
restore the data.

3) Disk Mirroring

The data is stored on two disks simultaneously


If the first data disk drive fails, the data is accessed from
the second disk.

4) Firewall

Prevents unauthorized access to the data


Monitors incoming and outgoing traffic
Blocks transmission from unauthorized sources/website
Maintains an allow list
Can be software or hardware both
Can help to prevent hacking
Blocks data from entering specific ports
Blocks data that does not meet whitelist that meets
blacklist
5) User Account

User has a username and password


Access to resources can be limited to
specific account
A person cannot access system
without valid username and
password.

6) Anti Malware

Scans for malicious code (harmful code)


Quarantines or deletes any malicious software found
Scans can be scheduled at regular intervals.

7) Access Rights

Different Access Rights for individual/group


To stop users from editing program.

8) Physical Measure

Locked doors / Keyboards


Secure method of access
Software To Prevent Threats

Types Of
Description
Software

Scans the computer for viruses and checks


against a stored database of viruses, that
needs to be updated regularly and then
Antivirus deletes/quarantines them.
Compares downloaded files to a database of
known viruses and prevents the download
continuing.

Scans the computer for spyware and checks


against a stored database of spyware, that
needs to be updated regularly and then
Antispyware deletes/quarantines them.
Compares downloaded files to a database of
known spyware and prevents the download
continuing.

Monitors incoming and outgoing traffic and


compares it to criteria that are set by the user
such as through a whitelist/blacklist or identifying
Firewall
allowed/blocked IP addresses.
Compares incoming and outgoing traffic to criteria
and blocks those that do not match criteria.

Scans the computer for viruses and checks


against a stored database of viruses, that
needs to be updated regularly and then
Antimalware deletes/quarantines them.
Compares downloaded files to a database of
known viruses and prevents the download
continuing.
What are the other methods to protect data online ?

Running up to date anti virus


Use of proxy server
Strong biometrics / password

Proxy Server

192.168.1.1 22.11.22.1

Acts as middle man and hides


the public IP address of the user.
What are the factors to consider when planning a data backup ?

How often should the data be backed up


e.g at the end of each day as students' progress may be edited
each day.

What medium should the data be backed up to


e.g external hard disk as it has larger capacity.

Where should the backup be stored


e.g off-site as if the building is damaged only the original data are
lost.

What is backed up?


e.g only the updated file.

When should the backup take place?


e.g overnight.

Malware
Malware is software that is intentionally designed
to cause damage to a computer or server.

Types Of Malware
Virus, Spyware
Explain the term virus ?

Malicious Code (Harmful code)


that replicates / copies itself
can cause loss of data
can cause computer to crash
can fill up hard disk with data.

What are the ways to protect from virus ?

Use anti-virus
update anti-virus on regular basis
avoids downloads from unknown sources
use a firewall
avoid suspicious websites.

(1) Virus

Programs or program code that can replicate itself by


inserting itself into another piece of software with the
intention of deleting or corrupting files.

Problem: Computer may stop working or files may get lost.

Solution: Run anti-virus software

(2) Spyware

Malware downloaded without the user’s knowledge which


secretly records the user’s actions / keystrokes on the
computer and sends logs of the actions to a third party

Solution: Anti - Spyware Software


PHISHING
The email pretends to be from an official body persuading
individuals to disclose private information such as bank
details or requesting authentication by redirecting to an
unofficial/unauthorized website by inviting a user to click a
link

Problem: Identity fraud // misuse of financial data


Solution: Ignore suspicious email and undergo frequent
security awareness training.

PHARMING
Malicious code installed on user’s computer or webserver.
The code redirects the user to fake website.

Difference and Similarities between Phishing and Pharming

Difference:
Pharming is malicious code that redirects to a fake
website. Phishing uses an email to prompt user action.
Pharming is automatic. Phishing requires user action.
Similarity:
Both try to obtain financial or personal information
Both are a false representation of an official
organization, e.g. a bank
Both make use of fake websites
Explain how the data security risks of Malware can be
restricted

Download programs from reputable websites / sources as


these are less likely to contain malware

Backup / archive computer systems so they can be


restored in case of data loss from malware program
installation

Install and run anti-malware program so that regular


scans can be made for known malware and if malware is
found it can be quarantined / removed and computer’s
anti-malware definitions are regularly updated

Using a firewall to block unused ports so that malware


cannot enter the computer system

Deny administrator privileges to everyday users so that


malware cannot be downloaded by everyday users

Avoid the use of removable devices so that malware


cannot be installed from these devices

Explain why the data and computer system both should be


secure from unauthorized access ?

Data
Data needs protecting from someone amending /
deleting or taking it
Computer System
Computer system need protecting to stop people for
example, installing malware or damaging the system
Data Integrity
Validation: Checks that the data entered is reasonable.
Verification: Checks that the data entered is same as the original.

Validation
Range Check: Checks whether data entered is between a lower
and an upper limit
e.g. using 13 as months or -120 as age

Format Check: Checks whether data has been entered in the


agreed format
e.g. format of date is dd/mm/yyyy

Length Check: Checks whether data has the required number of


characters
e.g. phone number should contain 7 numbers

Presence Check: Checks to make sure a field is not left empty


when it should contain data
e.g. verification code should be present

Existence Check: Checks if data in a file or a filename actually


exists
e.g. registered name is found

Limit Check: Checks only one of the limits (such as the upper
limit or lower limit)
e.g. 1.5 litre only.
Check Digit
Checks whether a numeric or alphanumeric identifier has been
entered correctly by verifying the last digit, which is derived
from the other digits using a specific algorithm.

Method for Calculating Check Digit

1. Each digit in the number is given a weighting e.g., 7, 6, 5, 4,


3, 2, 1 starting from the left.
2. The digit is multiplied by its weighting and then each value
is added to make a total.
3. The total is divided by 11 and the remainder is subtracted
from 11.

Data verification is one method of protecting the integrity of


data.
Describe one other method of protecting the integrity of
data ?

Validation
protects the data by ensuring that the data is reasonable
and within specified bounds
Verification
Is a way of preventing errors when data is entered manually
using a keyboard or when data is transferred from one
computer to another.

Verification During Data Entry


Double Entry: Data is entered twice, and the computer compares
to check they are the same

Visual Check: Entered data is compared manually with the


original document

Verification During Data Transfer


Checksum: A value is calculated from the data, then
appended to the end of the data. The receiver recalculates
the checksum to compares the result with the value
received. If the two are different, there is an error.

Parity Check: A parity bit is added to the data to ensure the


number of 1s is either odd (odd parity) or even (even
parity). The receiver checks the parity to detect errors.
Checksum
bytes sent as a block
bytes added up before transmission
results of addition is sent with the data block
same calculation is carried out at receiver's end
the two values are compared.

Exam Style Question


Describe how checksum is used to detect errors during data
transmission ?

checksum value is calculated from the data before


transmission
this calculated value is transmitted with the data
receiving computer recalculates the checksum from the
received data
if the checksum received and calculated match, no error
has occurred
if the checksum received and calculated do not match,
an error has occurred

Explain why the data in the system may not be correct even
after validating and verifying the data ?

Validation checks data is reasonable/within bounds it


does not check that accurate data has been entered
Verification checks if the data matches the data given it
does not check if the original data is accurate
Parity Check
Even Parity (Even number of 1's)
Odd Parity (Odd number of 1's)
How a parity block check can identify a bit that has been
corrupted?

Each byte has a parity bit


An additional parity byte is sent with vertical and horizontal
parity
Each row and column must have an even/odd number of 1's
Identify the incorrect row and column
The intersection is the error.

Computer A and Computer B agree on whether to use odd or


even parity.
Computer A divides the data into groups of 7-bits. The number
of 1s in each group is counted. If the agreed parity is odd and
the group has an even number of 1s a parity bit of 1 is
appended, otherwise, a parity bit of 0 is appended.

In a parity block check the bytes are grouped together, for


example in a grid. The number of 1s in each column (bit
position) is counted. A bit is assigned to each column to make
the column match the parity. These parity bits are transmitted
with the data as a parity byte.

State the difference between data verification and data


validation ?

data verification is checking if input data is the same as the


original whereas data validation is checking that the data is
reasonable / sensible
Digital Signature

Hashing Algorithm
Hashing algorithms are mathematical functions that produce a
hash key.
Explain how digital signature is used to ensure email is
authentic?

Email message put through hashing algorithm to produce


a digest.
Digest is encrypted with sender's private key to create
digital signature.
The digital signature can only be decrypted with matching
sender’s public key.
Explain how a digital signature is used to authenticate a
digital document during transmission over a network?

The sender hashes the document


to produce a digest
The sender encrypts the digest to create the digital
signature
The message and the signature are sent to the receiver
The receiver decrypts the signature to reproduce the
digest
The receiver uses the same hashing algorithm on the
document received to produce a second digest
The receiver compares this digest with the one from the
digital signature
If both of the receiver’s digests are the same, the
document is authentic
Security, privacy and data integrity
Question 1

Sir Taha Ali Papersdock +92 318 2248934


Question 2

Sir Taha Ali Papersdock +92 318 2248934


Question 3

Sir Taha Ali Papersdock +92 318 2248934


Question 4

Sir Taha Ali Papersdock +92 318 2248934


Question 5

Sir Taha Ali Papersdock +92 318 2248934


Question 6

Sir Taha Ali Papersdock +92 318 2248934


Question 7

Sir Taha Ali Papersdock +92 318 2248934


Question 8

Sir Taha Ali Papersdock +92 318 2248934


Sir Taha Ali Papersdock +92 318 2248934
Question 9

Sir Taha Ali Papersdock +92 318 2248934


Question 10

Sir Taha Ali Papersdock +92 318 2248934


Question 11

Sir Taha Ali Papersdock +92 318 2248934


Question 12

Sir Taha Ali Papersdock +92 318 2248934


Question 13

Sir Taha Ali Papersdock +92 318 2248934


Question 14

Sir Taha Ali Papersdock +92 318 2248934


Question 15

Sir Taha Ali Papersdock +92 318 2248934


Question 16

Sir Taha Ali Papersdock +92 318 2248934


Question 17

Sir Taha Ali Papersdock +92 318 2248934


Question 18

Sir Taha Ali Papersdock +92 318 2248934


Question 19

Sir Taha Ali Papersdock +92 318 2248934


9608 Topical Past Paper
Question 20

Sir Taha Ali Papersdock +92 318 2248934


Question 21

Question 22

Sir Taha Ali Papersdock +92 318 2248934


Question 23

Question 24

Sir Taha Ali Papersdock +92 318 2248934


Sir Taha Ali Papersdock +92 318 2248934
Question 25

Question 26

Sir Taha Ali Papersdock +92 318 2248934


Sir Taha Ali Papersdock +92 318 2248934
Sir Taha Ali Papersdock +92 318 2248934
Question 27

Sir Taha Ali Papersdock +92 318 2248934


Question 28

Sir Taha Ali Papersdock +92 318 2248934


Sir Taha Ali Papersdock +92 318 2248934
Question 29

Sir Taha Ali Papersdock +92 318 2248934


Question 30

Sir Taha Ali Papersdock +92 318 2248934


Sir Taha Ali Papersdock +92 318 2248934
Question 31

Sir Taha Ali Papersdock +92 318 2248934


Question 32

Sir Taha Ali Papersdock +92 318 2248934


Sir Taha Ali Papersdock +92 318 2248934
Question 33

Sir Taha Ali Papersdock +92 318 2248934


Question 34

Sir Taha Ali Papersdock +92 318 2248934


Question 35

Sir Taha Ali Papersdock +92 318 2248934


Question 36

Sir Taha Ali Papersdock +92 318 2248934


Question 37

Sir Taha Ali Papersdock +92 318 2248934


Question 38

Sir Taha Ali Papersdock +92 318 2248934


Question 39

Sir Taha Ali Papersdock +92 318 2248934


Sir Taha Ali Papersdock +92 318 2248934
Question 40

Sir Taha Ali Papersdock +92 318 2248934


Question 41

Sir Taha Ali Papersdock +92 318 2248934


Question 42

Sir Taha Ali Papersdock +92 318 2248934


Sir Taha Ali Papersdock +92 318 2248934
Answer

Answer 1

Answer 2

Sir Taha Ali Papersdock +92 318 2248934


Answer 3

Sir Taha Ali Papersdock +92 318 2248934


Answer 4

Answer 5

Sir Taha Ali Papersdock +92 318 2248934


Answer 6

Answer 7

Sir Taha Ali Papersdock +92 318 2248934


Answer 8

Sir Taha Ali Papersdock +92 318 2248934


Answer 9

Answer 10

Sir Taha Ali Papersdock +92 318 2248934


Answer 11

Answer 12

Answer 13

Sir Taha Ali Papersdock +92 318 2248934


Answer 14

Sir Taha Ali Papersdock +92 318 2248934


Answer 15

Sir Taha Ali Papersdock +92 318 2248934


Answer 16

Sir Taha Ali Papersdock +92 318 2248934


Answer 17

Sir Taha Ali Papersdock +92 318 2248934


Answer 18

Sir Taha Ali Papersdock +92 318 2248934


Answer 19

Sir Taha Ali Papersdock +92 318 2248934


Answer 20

Answer 21

Sir Taha Ali Papersdock +92 318 2248934


Answer 22

Answer 23

Sir Taha Ali Papersdock +92 318 2248934


Answer 24

Sir Taha Ali Papersdock +92 318 2248934


Answer 25

Sir Taha Ali Papersdock +92 318 2248934


Answer 26

Sir Taha Ali Papersdock +92 318 2248934


Answer 27

Sir Taha Ali Papersdock +92 318 2248934


Answer 28

Sir Taha Ali Papersdock +92 318 2248934


Answer 29

Sir Taha Ali Papersdock +92 318 2248934


Answer 30

Sir Taha Ali Papersdock +92 318 2248934


Answer 31

Sir Taha Ali Papersdock +92 318 2248934


Sir Taha Ali Papersdock +92 318 2248934
Answer 32

Sir Taha Ali Papersdock +92 318 2248934


Answer 33

Sir Taha Ali Papersdock +92 318 2248934


Answer 34

Sir Taha Ali Papersdock +92 318 2248934


Answer 35

Sir Taha Ali Papersdock +92 318 2248934


Answer 36

Sir Taha Ali Papersdock +92 318 2248934


Answer 37

Answer 38

Sir Taha Ali Papersdock +92 318 2248934


Answer 39

Sir Taha Ali Papersdock +92 318 2248934


Answer 40

Sir Taha Ali Papersdock +92 318 2248934


Answer 41

Sir Taha Ali Papersdock +92 318 2248934


Answer 42

Sir Taha Ali Papersdock +92 318 2248934

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy