Page | 1

Page | 2

Contents
5 The internet and its uses – Quick Revision ....................................................................................................4
5.2 Digital currency, ..............................................................................................................................................7
5.3 Cyber security .................................................................................................................................................8
0a Specimen 1a Q2c) Internet - DDoS ........................................................................................................... 14
0a Specimen 1a Q9) Communication – Security ........................................................................................... 14
0a Specimen 1a Q10) Cyber Security............................................................................................................. 15
0b Specimen Paper 1b- Q4) Cyber Security................................................................................................... 15
0b Specimen Paper 1b- Q8) Crypto Currency................................................................................................ 16
1b fm23 p12 – Q1) Cyber Security................................................................................................................. 16
2a S23 qp11 Q8) Cyber Security .................................................................................................................... 19
2a s23 qp11-Q 10) Cyber Security ................................................................................................................. 20
2b s23 qp12 Q6) Internet .............................................................................................................................. 22
2b s23 qp12 Q7) Cyber Security .................................................................................................................... 23
2b s23 qp12- Q8) Hardware – Network Hardware........................................................................................ 25
3b w23 p12- Q1-Security ............................................................................................................................... 26
3b w23 p12 -Q8 Security ............................................................................................................................... 26
3b w23 p12 -Q9 Internet ............................................................................................................................... 28
3b w23 p12 -Q12 Digital Currency................................................................................................................. 29
3c W23 P13 Q4-Internet ................................................................................................................................ 29
3c W23 P13 Q6-Internet ................................................................................................................................ 30
3c w23 P13 Q8-Internet................................................................................................................................. 31
4b FM24 P12- Q4) Internet, Steps of visiting a website ................................................................................ 33
4b FM24 P12- Q5) Digital Currency ............................................................................................................... 33
5a S24 P11 Q9) Communication & Cyber Security ............................................................................................ 35
5b S24 P12 Q8) Cyber Security ......................................................................................................................... 36
5b S24 P12 Q11) Internet ................................................................................................................................. 36
5c S24 P13 – Q7) Communication & Internet .................................................................................................... 37
6b W24 P12) Q -7 Internet ................................................................................................................................ 39
6c W24 P13 Q 6) Internet .................................................................................................................................. 40
7b fm25 qp12) Q-5 Network & Internet ............................................................................................................ 41
Page | 3
Page | 4

5 The internet and its uses – Quick Revision

Candidates should be able to: Notes and guidance
1 Understand the difference between the internet and • The internet is the infrastructure
the world wide web • The world wide web is the collection of websites
and web pages accessed using the internet
2 Understand what is meant by a uniform resource • A URL is a text-based address for a web page; it can
locator (URL) contain the protocol, the domain name and the web
page/file name
3 Describe the purpose and operation of hypertext
transfer protocol (HTTP) and hypertext transfer
protocol secure (HTTPS)
4 Explain the purpose and functions of a web browser • The main purpose of a web browser is to render
hypertext markup language (HTML) and display web
pages
• Functions include:
– storing bookmarks and favourites
– recording user history
– allowing use of multiple tabs
– storing cookies
– providing navigation tools
– providing an address bar
5 Describe how web pages are located, retrieved and • Including the role of:
displayed on a device when a user enters a URL – the web browser
– IP addresses
– domain name server (DNS)
– web server
– HTML
6 Explain what is meant by cookies and how they are • Cookies are used for functions, including:
used, including session cookies and persistent – saving personal details
cookies – tracking user preferences
– holding items in an online shopping cart
– storing login details

5.1 The internet and world wide web to any other computer information, which is
anywhere in the world accessed via internet.
Q1) Describe the difference between the internet
Internet is www is a service on top
and the world wide web. infrastructure. of that infrastructure.
Ans ) The internet is the infrastructure. The world Internet is super set of www is a subset of the
www. internet.
wide web is the collection of websites and web pages Internet uses TCP & IP. WWW uses http or
accessed using the internet. https. It also uses URLs
to specify the locations
Internet WWW of websites and web
Internet is global WWW is collection of pages
network of networks web pages
Internet is a mean of World Wide Web is a
connecting a computer collection of
Page | 5
requests the server for web documents and services.
It works as a compiler to render HTML, which is used
to design a webpage.
Q 5) Explain the term ‘render’.
Rendering in HTML coding is the process of turning
Q 2) Describe the features of URL.
website code into the interactive pages users see
Ans) Uniform Resource Locator (URL):
when they visit a website.
A URL is a text-based address for a web page.
Q 6) Explain the purpose and functions of a web
Components of URL:
browser
It can contain the protocol, the domain name and the
web page/file name Ans) The main purpose of a web browser is to render

An example of a URL is: hypertext markup language (HTML) and display web

https://www.inqilabpatel.com/classwork. pages
In this example • Functions include:
a. “https” refers to protocols that enables browser – storing bookmarks and favourites
– recording user history
to know what protocol is being used to access
– allowing use of multiple tabs
information in the domain – storing cookies
b. “inqilabpatel.com” is called the domain name or – providing navigation tools
web server name. – providing an address bar
c. "classwork" refers to the file path .
Q 3) Describe the purpose of HTTP and HTTPS.
Ans) HTTP (Hyper Text Transfer Protocol), defines
the rules for websites to format and transmit web
pages.
HTTPS (Hyper Text Transfer Protocol Secure),
means communication is secure, data is
transferred defines the rules for websites to
format and transmit web pages.

Q 4) What is meant by web browser.

Ans)The web browser is an application software to
explore www (World Wide Web). It provides an
interface between the server and the client, and it
Page | 6
Q 6) Describe the steps to visit a website? Q) Explain what is meant by cookies and how they
Ans) Steps of visiting a website. are used.
1. User types URL of a website in browser address Ans) Cookie is a text file that contains information
bar like inqilabpatel.com. stored by website about a user on the user’s hard

2. The web browser sends the request of URL to disk; this enables the website to remember details

DNS of ISP. about the user’s interest when they next visit the

3. DNS searches the IP address of the URL. website.

4. URL is translated into machine friendly IP Cookies are stored with the

address by DNS. permission of user. Legitimate

5. The translated IP address is sent to browser. Web sites will encrypt personal
information stored in the cookie
6. Browser sends http get command to the server
to prevent unauthorized usage by
of the IP address where website is hosted.
another party with access to cookie folder.
7. The web server sends HTML data to the client
Types of Cookies:
web browser.
1 Session cookies: These are temporary cookies that
8. The browser renders html data and displays
are stored in the user's browser memory until they
web page. close their browser. They are used to maintain user
session information, such as:
1. login credentials
2. items in a shopping cart.
Persistent cookies: These cookies are stored on the
user's device even after they close their browser.
They are used to save:
3. Personal details
4. Track user prefrecences
5. Storing login details
Page | 7

5.2 Digital currency,

Candidates should be able to: Notes and guidance
1 Understand the concept of a digital currency and • A digital currency is one that only exists
how digital currencies are used electronically
2 Understand the process of blockchain and how it is • Blockchain, in its basic form, is a digital ledger, that
used to track digital currency transactions is a time-stamped series of records that cannot be
altered

Q 1) What is a fiat currency? A block is created when a new transaction takes

Fiat currency is a type of currency that is issued place. It contains following data items:
by government to be legal tender. 1. Data (Amount of transaction, sender and
Q 2) What is digital currency? receiver)
Ans) A digital currency is one that only exists 2. Hash value of the block
Electronically. 3. Hash value of previous block
Q 3) What is Crypto Currency? Q 5) What is a block chain?
A crypto currency is a Ans) Blockchain, in its basic form, is a digital ledger,
type of currency that that is a time-stamped series of records that
exists only in digital cannot be altered.
form and is not backed
by any physical commodity or government.
Q 4) Explain what is Block in digital currency?
Ans) Blocks are
data structures Hash Key of
Block
within the
Previous Block
blockchain Block Hash
database, (Amount, Sender,
Receiver)
where
transaction data
in a crypto currency are permanently recorded.
Page | 8
5.3 Cyber security
Candidates should be able to: Notes and guidance
1 Describe the processes involved in, and the aim of • Including:
carrying out, a range of cyber security threats – brute-force attack
– data interception
– distributed denial of service (DDoS) attack
– hacking
– malware (virus, worm, Trojan horse, spyware,
adware, ransomware)
– pharming
– phishing
– social engineering
2 Explain how a range of solutions are used to help • Including:
keep data safe from security threats – access levels
– anti-malware including anti-virus and anti-spyware
– authentication (username and password, biometrics,
two-step verification)
– automating software updates
– checking the spelling and tone of communications
– checking the URL attached to a link
– firewalls
– privacy settings
– proxy-servers
– secure socket layer (SSL) security protocol

Important terminology in Cyber Security: implementation and usage of any system which
Perpetrator (per·pet·ra·tor): a person that carries out stores, processes, or retrieves data.
an illegal, harmful, or immoral action. Data security is about keeping data safe. Many
Bot: a computer that has had malware downloaded individuals, small businesses and major companies
onto it that will cause it to be used in a DDoS attack. rely heavily on their computer systems.
Botnet: a network of bots that are created to carry Cyber Security Threats
out a DDoS attack. Cyber security is the application of technologies,
Zombie: a dormant or sleeping bot, currently not processes, and controls to protect systems, networks,
used in DDoS attacks. programs, devices and data from cyber-attacks.
Port: an entry point into a computer or network. It aims to reduce the risk of cyber-attacks and protect
Malware: a software, developed with intention to against the unauthorised exploitation of systems,
harm other computers. networks, and technologies.
Data Integrity and security 1. Brute-force attack: A brute-force attack is a trial
Data integrity refers to maintaining and assuring the and error method used by cybercriminals to crack
accuracy and consistency of data over its entire life- passwords or encryption codes by trying every
cycle, and is a critical aspect to the design, possible combination until the correct one is found.
Page | 9
This method is time-consuming, but it can be
effective if the password or key is weak.
2. Data interception: Data interception refers to the
unauthorized access or monitoring of data that is
being transmitted between two parties. This can
occur through various means such as eavesdropping
on a network, intercepting wireless transmissions or
through hacking into a system. Packet Sniffer is a
piece of software that is used to examine the
contents in a data packet.

4. Hacking: Hacking is the unauthorized access of

computer systems or networks with the intent of
stealing, altering or destroying data. This can be done
by exploiting vulnerabilities in software or by tricking
users into providing sensitive information.
5. Malware (virus, worm, Trojan horse, spyware,
adware, ransomware): Malware is software designed
to cause harm to computer systems or networks. This
3. Distributed denial of service (DDoS) attack: A
includes:
DDoS attack is a cyber-attack that targets a server or
Viruses, replicate themselves and infect other
website by flooding it with traffic from multiple
systems,
sources (bot-net), overwhelming the server and
Worms, malicious software, that spread rapidly
causing it to crash or become unavailable.
through networks,
Trojan horses, which appear to be harmless but
contain malicious code,
Spyware, which collects personal information from a
user's computer and adware, which displays
unwanted advertisements,
Ransomware is a type of malware that encrypts a
user's files and demands payment in exchange for the
decryption key.
Page | 10
6. Social engineering: Social engineering is a al information or inflicts their systems with malwa
technique used by cybercriminals to manipulate re. The most reviled form of baiting uses physical
people into divulging sensitive information or media to disperse malware. For example, attacker
performing actions that are against their best s leave the bait—typically malware-infected flash
interests. This can include tactics such as phishing, drives—in conspicuous areas where potential victi
pretexting, and baiting. ms are certain to see them (e.g., bathrooms, eleva
a. Pharming: Pharming is a type of cyber-attack that tors, the parking lot of a targeted company). The b
redirects users to fake websites in order to steal ait has an authentic look to it, such as a label pres
their personal information or install malware on enting it as the company’s payroll list. Victims pick
their computer. up the bait out of curiosity and insert it into a wor
k or home computer, resulting in automatic malw
are installation on the system.
Solutions to keep data secure
There are various solutions available to keep data
safe from security threats, which include:
e.g.
1. Access Levels: Access levels help restrict
User types in
User web address access to data by assigning different levels of
Real
computer website permissions to users. This ensures that only
malware
authorized personnel can access sensitive
information, reducing the risk of data
Fake
Request website breaches.
gets
User clicks link that redirected 2. Anti-malware: Anti-malware software, such
downloads malware
to computer as anti-virus and anti-spyware, are used to
detect and remove malicious software that
b. Phishing: Phishing is a type of social engineering
attack where cybercriminals trick users into can damage or steal data.

revealing their personal information by posing as 3. Authentication: Authentication methods,

a trustworthy entity, such as a bank or email such as usernames and passwords,
provider. biometrics, and two-step verification, help
c. Baiting: As its name implies, baiting attacks use a f verify the identity of users accessing the
alse promise to pique a victim’s greed or curiosity. system, preventing unauthorized access.
They lure users into a trap that steals their person
Page | 11
4. Automating Software Updates: Automating
software updates ensures that the system is
up to date with the latest security patches
and fixes, reducing the risk of vulnerabilities
being exploited by attackers.
5. Checking Spelling and Tone: Checking the
spelling and tone of communications, such as
emails, can help identify phishing scams and
other fraudulent activities.
10. Secure Socket Layer (SSL) Security Protocol:
6. Checking URL Attached to a Link: Checking
SSL is a security protocol that encrypts data
the URL attached to a link before clicking on it
to transmitted over the internet, ensuring
helps prevent users from being directed to
that sensitive information cannot be
malicious websites.
intercepted by unauthorized parties.
7. Firewalls: Firewalls are used to monitor and
control network traffic, blocking
unauthorized access to the system.

8. Privacy Settings: Privacy settings can be used

to restrict access to personal information,
reducing the risk of identity theft and other Authentication
privacy breaches. Here are some methods of authentication:

9. Proxy-Servers: Proxy servers can be used to Zero login: This is a type of authentication that aims

mask the IP address of the user, preventing to remove or reduce the need for the user to
manually input their details and instead rely on the
attackers from tracking their online activity.
system to verify the user's credentials automatically.
Newer methods of zero login types of authentication
Page | 12
include the use of networks, location, device data, Smart card: Smart cards are cards that contain a chip
and human behavioral patterns to recognize users and can be used as contactless cards. They are used
automatically. for authentication purposes and can store a variety of
Biometric: Biometric authentication is a type of information such as personal identification, medical
authentication that uses the user's unique biological records, and financial information.
characteristics such as fingerprints or facial features Physical token: A physical token is a device that
to authenticate the user's details. generates a unique code that is used for
Magnetic stripe: Magnetic stripe cards are a form of authentication purposes. The user enters the code
card that stores the user's data on a magnetic strip into the system to authenticate their identity.
usually on the reverse side. The user scans the card Electronic token: An electronic token is a device that
through a reader where the details stored on the card generates a unique code that is used for
authentication purposes. The user enters the code
are compared to the details stored within the system.
into the system to authenticate their identity.
If the data from the card matches the data that is Electronic tokens can be used for a variety of
stored on the system, the user is authenticated and purposes such as online banking, accessing secure
networks, and making online purchases.
granted access .
Page | 13
Threat Risk Security measures
to crack passwords make passwords difficult to crack and
brute force attacks change them often

tapping into networks to obtain use private lines/networks and encrypt

data interception information all data

denial of service Flood of fake traffic, which cause use a malware checker, firewalls and
attack it to crash email filters

illegal access to a computer Firewalls, proxy server and passwords

hacking
system (including biometrics)

malware (worms, Deleting, corrupting or altering use up-to-date anti-malware software

viruses, spyware) of data

legitimate-looking emails which don’t open links in emails, use up-to-

phishing contain links to fake websites date browsers, look out for
https, check if URL looks legitimate
code on HDD/SSD or DNS server use anti-virus software to detect website
which redirects browser to fake tampering, check spelling of websites
pharming
website without user’s
knowledge
cybercriminal creates social be aware of scam text messages, phone
situation that can lead a victim calls, memory sticks left lying around
social engineering to dropping their guard using: on purpose, and so on
instant messaging, scareware,
phishing, baiting or phone calls
Page | 14

0a Specimen 1a Q2c) Internet - DDoS

2(c) The company is concerned about a distributed denial of service (DDoS) attack.
(i) Describe what is meant by a DDoS attack.
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
............................................................................................................................................................................ [4]
(ii) Suggest one security device that can be used to help prevent a DDoS attack.
.............................................................................................................................................................................. [1]
Any four from:
• multiple computers are used as bots
• designed to deny people access to a website
2(c)(i) • a large number / numerous requests are sent (to a server) … 4
• … all at the same time
• the server is unable to respond / struggles to respond to all the requests
• the server fails / times out as a result.
2(c)(ii) firewall OR proxy server 1

0a Specimen 1a Q9) Communication – Security

9 Complete the sentences about symmetric encryption.
Use the terms from the list. Some of the terms in the list will not be used. You should only use a term once.
algorithm cipher copied delete key plain
private public standard stolen understood unreadable
The data before encryption is known as .................................................. text.
To scramble the data, an encryption ......................................., which is a type of ................................................,
is used. The data after encryption is known as .................................................. text.
Encryption prevents the data from being .................................................. by a hacker. [5]

One mark for each correct term in the correct place.

9 5
plain algorithm/key key/algorithm cipher understood
Page | 15
0a Specimen 1a Q10) Cyber Security
10 An art gallery uses secure socket layer (SSL) to provide a secure connection when selling art on its website.
Describe the process of SSL and explain how it provides a secure connection.
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
............................................................................................................................................................................. [6]

Six from:
• SSL is a (security) protocol.
• It encrypts any data that is sent.
• It uses/sends digital certificates …
10 6
• … which are sent to the (buyer’s/user’s) browser // requested by the (buyer’s/user’s) browser
• … that contains the gallery’s public key
• … that can be used to authenticate the gallery.
• Once the certificate is authenticated, the transaction will begin.

0b Specimen Paper 1b- Q4) Cyber Security

4 A student is concerned about the threats to their computer when using the internet.
The student wants to use some security solutions to help protect the computer from the threats.
(a) Identify a security solution that could be used to protect the computer from a computer virus, hacking and
spyware. Each security solution must be different. [3]

Threat Security solution

Computer virus

Hacking

Spyware
(b) Describe how each security solution you identified in (a) will help protect the computer.
Computer virus security solution .............................................................................................................................
Page | 16
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
Hacking security solution .........................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
Spyware security solution .......................................................................................................................................
…………………….............................................................................................................................................................
...................................................................................................................................................................................
.......................................................................................................................................................................... [6]

0b Specimen Paper 1b- Q8) Crypto Currency

8 Digital currency can be used to buy products from the world wide web.
(a) State what is meant by a digital currency.
………………………………………………………….......................................................................................................................
............................................................................................................................................................................ [1]
(b) Describe the process of blockchain in digital currency.
...................................................................................................................................................................................
...................................................................................................................................................................................
............................................................................................................................................................................ [2]
8(a) A currency that exists only in electronic form 1
Any two from:
• It acts as a ledger
8(b) • … by tracking each transaction 2
• It keeps a series of time-stamped records
• … that cannot be altered

1b fm23 p12 – Q1) Cyber Security

1 Computers can be infected with malware. Spyware is one example of malware.

(a) Tick (✓) one box to show a correct definition of spyware. [1]
Page | 17
A Software that activates a webcam and transmits the video to a third party that
outputs it live on a website.
B Software that detects when a password is being entered and then emails the
password to a third party
C Software that records all data entered into a computer, analyses this data to find
email addresses and passwords, then posts these to a website.
D Software that records all key presses and transmits these to a third party.

(b) Complete the table by identifying and describing two other examples of malware. [6]
Malware Description

...........................................................................................................

...........................................................................................................
......................................
1 ...........................................................................................................
......................................
...........................................................................................................

...........................................................................................................

...........................................................................................................

...........................................................................................................
......................................
2 ...........................................................................................................
......................................
...........................................................................................................

...........................................................................................................

(c) Proxy‑servers and firewalls have some similar functions.

Identify two similarities and one difference between proxy‑servers and firewalls.
Similarity 1 .............................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
Page | 18
Similarity 2 .............................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
Difference..................................................................................................................................................................
.............................................................................................................................................................................[3]

1(a) D 1

1(b) One mark for identification. E.g. One mark per bullet for description to 6
max two each.Virus
• Software that replicates
• Deletes/damages data/hardware // equivalent
Worm
• Software that replicates itself on a network
• Takes-up bandwidth/storage space
Trojan horse
• Software that is hidden within other software // Software that is
disguised as authentic software
• Deletes/damages data/hardware
Adware
• Software that generates/displays adverts on a user's computer
• Some may contain spyware
• Some when clicked may link to viruses
Ransomware
• Software that stops a user accessing/using their computer/data
• A fee has to be paid to 'release' the computer/device…
• …otherwise the data will be deleted

1(c) One mark for each similarity to max two. One mark for difference (both 3
sides needed unless implied)
Similarities e.g.
• Check incoming and outgoing signals
• Store white/black list // by example
• Block access to incoming signals
• Both block unauthorised access//by example
• Keep a log of traffic

Differences e.g.
• Proxy can hide user's IP address, firewall does not
• Proxy intention is to divert attack from server, firewall is to stop
unauthorised access
• Proxy protects a server/network, firewall protects
network/individual computer
• Proxy filters access from items such as websites, firewall blocks
ports
Page | 19
2a S23 qp11 Q8) Cyber Security
8 A manager at a company is concerned about a brute‑force attack on its employee user accounts.
(a) Describe how a brute‑force attack can be used to gain access to the employee user accounts.
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
................................................................................................................................................................ [3]
(b) One possible aim for carrying out a brute‑force attack is to install malware onto the company network.
(i) State two other aims for carrying out a brute‑force attack to gain access to the employee user accounts.
1 ...............................................................................................................................................................................
..................................................................................................................................................................................
2 ...............................................................................................................................................................................
............................................................................................................................................................................. [2]
(ii) Identify three types of malware that could be installed.
1 ..............................................................................................................................................................................
2 ..............................................................................................................................................................................
3 ......................................................................................................................................................................... [3]
(c) Give two security solutions that could be used to help prevent a brute‑force attack being successful.
1 ..............................................................................................................................................................................
................................................................................................................................................................................
2 .............................................................................................................................................................................
..........................................................................................................................................................................[2]

8(a) Three from: 3

• Trial and error to guess a password
• Combinations are repeatedly entered …
• … until correct password is found
• Can be carried out manually or automatically by software

8(b)(i) Any two from: e.g. 2

• Steal/view/access data
• Delete data
• Change data
• Lock account // Encrypt data
• Damage reputation of a business
Page | 20
8(b)(ii) Any three from: e.g. 3
• Virus
• Worm
• Trojan horse
• Spyware
• Adware
• Ransomware
8(c) Any two from: 2
• Two-step verification//Two-factor authentication//by example
• Biometrics
• Firewall // Proxy-server
• Strong/complex password // by example
• Setting a limit for login attempts
• Drop-down boxes
• Request for partial entry of password

2a s23 qp11-Q 10) Cyber Security

10 A student uses the internet for their schoolwork to research what is meant by pharming.
(a) State the aim of pharming.
……………………………………………………………....................................................................................................................
............................................................................................................................................................................ [1]
(b) Draw and annotate a diagram to represent the process of pharming. [4]

(c) The student uses a web browser to access data on the internet.
Explain the purpose of the web browser.
…………………………………………………………………………......................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
............................................................................................................................ [2]
(d) Storing cookies is one function of the web browser.
Give three other functions of the web browser.
Page | 21
1 ................................................................................................................................................
...................................................................................................................................................
2 ................................................................................................................................................
...................................................................................................................................................
3 ................................................................................................................................................
................................................................................................................................................... [3]
(e) A student visits a website that uses session cookies, instead of persistent cookies.
Explain the difference between session cookies and persistent cookies.
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
................................................................................................ [4]

10(a) 1
To obtain personal data/details // by example
10(b) One mark for each correct part of the diagram. 4
Diagram shows:
• User clicks/opens attachment/link that triggers download
• Malicious software downloaded onto user's computer
• User enters website address
• User is redirected to fake website

e.g.
User types in
web address
User
Real
computer
website
malware

Fake
Request website
gets
User clicks link that redirected
downloads malware
to computer
Page | 22
10(c) Two from: 2
Displays web pages
… by rendering HTML
10(d) Any three from: e.g 3
• Storing bookmarks/favourites
• Recording user history
• Allowing use of multiple tabs
• Providing navigation tools // by example
• Providing an address bar
• Managing protocols // by example // checking digital certificate Send URL
to DNS
• Sends a request to the IP address/web server (to obtain the contents of a
webpage)
• Runs active script/JavaScript/client-side script
• Allows files to be downloaded from website/internet
10(e) Any four from: 4
• Session cookies are stored in memory/RAM
• … whereas persistent cookies are stored on the hard drive/secondary storage
• When the browser is closed a session cookie is lost
• … whereas a persistent cookie is not lost
• … until deleted by the user/they expire

2b s23 qp12 Q6) Internet

6 (a) Complete the statements about cookies.
Use the terms from the list.
Some of the terms in the list will not be used. Some terms may be used more than once.
Compression Executable hypertext markup language (HTML) Image internet protocol (IP)
Address Persistent hypertext transfer protocol (HTTP) Session Sound
Text web browser uniform resource locater (URL) web server
Cookies are small .................................. files that are sent between a ........................................... and a
........................................................... .
........................................ cookies are stored in memory and not in the user’s secondary storage.
When the web browser is closed a ........................................................... cookie is lost,
whereas a ........................................................... cookie is not lost. [6]
(b) Give three functions of a cookie.
1 .............................................................................................................................................................................
2 .............................................................................................................................................................................
3 ......................................................................................................................................................................... [3]
Page | 23
6(a) One mark for each correct term. 6
Text
• Web browser // web server
• Web server // web browser
• Session
• Session
Persistent
6(b) Any three from: e.g. 3
• Saving personal details
• Storing login details
• Tracking user preferences
Holding items in an online shopping cart

2b s23 qp12 Q7) Cyber Security

7 A distributed denial of service attack (DDoS) is a cyber security threat.
(a) Draw and annotate a diagram to represent the process of a DDoS. [6]

(b) State two aims of carrying out a DDoS attack.

1 .......................................................................................................................................................................
.........................................................................................................................................................................
2 ......................................................................................................................................................................
..................................................................................................................................................................... [2]

(c) Give two security solutions that can be used to help prevent a DDoS attack being successful.
1............................................................................................................................................................................
..............................................................................................................................................................................
2 ............................................................................................................................................................................
…………………….................................................................................................................................................... [2]
Page | 24
7(a) One mark for each part of the diagram (MAX six). 6
The diagram demonstrates:
• Malware downloaded to several computers
• … turning it into a bot/zombie
• … creating a network of bots/zombies
• Third party/hacker initiating the attack
• Bots send requests to a web server at the same time
• The web server fails due to the requests
• Legitimate requests cannot reach the web server

7(b) Any two from: e.g. 2

• Revenge
• To affect a company’s reputation
• Entertainment value
• To demand a ransom to stop it
• To test a system’s resilience
7(c) Any two from: 2
• Proxy server
• Firewall
• Users scanning their computers with anti-malware
Page | 25
2b s23 qp12- Q8) Hardware – Network Hardware
8 A computer is connected to a network and assigned an IPv4 address.
(a) Tick (✓) one box to show which device would assign the IPv4 address to the computer. [1]
A Domain name server (DNS)

B Network interface card (NIC)

C Router

D Web server

(b) Describe the characteristics of an IPv4 address.

...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
.............................................................................................................................................................................. [4]

8(a) C 1

8(b) Four marks from: 4

Any FOUR from:

• It is denary based
• … with numbers between 0 and 255
• It is 32 bits
• 4 sets/groups of numbers
• … separated by dots

Any TWO from:

• It is a unique address
• It can be static or dynamic
• It can be public or private
• It contains the network prefix
… and the host number
Page | 26
3b w23 p12- Q1-Security
1 Malware can be used to corrupt data stored on a computer.
(a) Tick (✓) one box to show which cyber security threat is not a type of malware. [1]
A Phishing
B Ransomware
C Virus
D Worm

(b) Identify one other example of malware than those given in part 1(a).
............................................................................................................................................. [1]
(c) Identify the type of software that is used to find and remove malware from a computer.
............................................................................................................................................. [1]

1(a) − A 1

1(b) Any 1
one from:
− Spyware // Keylogger
− Adware
− Trojan horse

1(c) − Anti-malware 1

3b w23 p12 -Q8 Security

8 (a) Draw and annotate a diagram that demonstrates the cyber security threat of data interception.[4]

(b) Identify one security solution that will help keep data safe from data interception and state why it will help
keep the data safe.
...................................................................................................................................................................................
...................................................................................................................................................................................
............................................................................................................................................................................. [2]
Page | 27
8(a) The diagram demonstrates (One mark for each part of the diagram): 4
− Data is being sent from one device to another
− The data is being examined during transmission
Packet sniffer is used
−
Intercepted data is reported to a third-party during transmission …
− … and analysed for anything useful
− Connection hacked to spoof destination address
−
e.g.

8(b) − 2
Encryption …
− … if the data is intercepted it will be meaningless (because they do not
have the decryption key)
Page | 28
3b w23 p12 -Q9 Internet
9 The table contains terms and descriptions about the internet. [6]
Complete the table with the missing terms and descriptions.
Term Description

the collective name for all the web pages available

..................................................

a small text file, stored by the web browser, that can store a
.................................................. user’s personal data

...........................................................................................
uniform resource locator (URL)
...........................................................................................
...........................................................................................

...........................................................................................
web server
...........................................................................................
...........................................................................................

the language used to create a website. Example tags are

.................................................. <head> and <body>

a protocol that is used to request and send web pages

..................................................

9 www
Cookie
the text-based address for a website // It is made up of the protocol, domain name and
filename/folder name
Stores web pages // receives requests from clients and returns requested web page
html
https // https
Page | 29
3b w23 p12 -Q12 Digital Currency
12 Digital currency can be used to pay for products and services.
Digital currencies are often tracked using digital ledgers.
(a) Give two other features of digital currency.
1.................................................................................................................................................................................
..................................................................................................................
2.................................................................................................................................................................................
.................................................................................................................. [2]
(b) Identify the process that uses a digital ledger to track the use of digital currency.
............................................................................................................................................. [1]

12(a) Any two from: 2

− Only exists electronically
− Can be a decentralised system
− Can be a centralised system
− Usually encrypted
12(b) − Blockchain 1

3c W23 P13 Q4-Internet

4 An employee uses a web browser on their computer.
(a) Describe the main purpose of a web browser.
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
............................................. [2]
(b) The employee wants his payment details to be automatically filled in when he buys products using the
internet.
Identify the function of a web browser that could be used for this purpose.
............................................................................................................................................. [1]
(c) The employee wants to be able to quickly access websites that he regularly uses.
Identify the function of a web browser that could be used for this purpose.
............................................................................................................................................. [1]
Page | 30
(d) The web browser uses the secure socket layer (SSL) protocol to transmit personal data securely over the
internet.
State how the SSL protocol secures the data for transmission.
...................................................................................................................................................................................
......................................................................................................................................... [1]

4(a) Any two from: 2

− Display web pages
− … by rendering HTML
4(b) − Storing cookies 1
4(c) Any one from: 1
− Storing bookmarks
− Storing favourites
4(d) Any one from: 1
− It encrypts it
− Uses digital certificates
3c W23 P13 Q6-Internet
6 A company uses cloud storage to store its data.
(a) Tick (✓) one box to show which is not a characteristic of cloud storage. [1]
A Data is accessed through a network
B Data is stored locally
C Data is stored remotely
D Physical servers are used to store the data
(b) Explain two advantages for the owners of the company of storing its data in cloud storage.
1.................................................................................................................................................................................
...................................................................................................................................................................................
..................................................................................................................................................................................
2.................................................................................................................................................................................
...................................................................................................................................................................................
............................................................................................................................................................................ [4]
(c) Explain one disadvantage to employees of the company storing data in the cloud.
...................................................................................................................................................................................
...................................................................................................................................................................................
............................................................................................................................................................................. [2]
Page | 31
6(a) − B 1
6(b) Four from e.g.: 4
The data can be accessed from any location
… meaning that employees can work from anywhere with a connection
The hardware is owned/maintained by a third party
… meaning that the company are not responsible for maintaining // meaning the
company aren’t responsible for its security
Can increase the storage needed easily
… without needing to buy new hardware
Do not need to house the hardware needed
… costs can be saved on the space saved for this
Cloud system will back up the data
… meaning the company does not need to do this
6(c) Two from e.g.: 2
− Internet connection is needed/needs to be stable …
− … and if this is not available/unstable the data cannot be accessed
− Employees could be pressured to work outside of hours …
− … as they can access the data from any location

3c w23 P13 Q8-Internet

8 Draw and annotate a diagram to represent the role of a router. [4]
Page | 32
8 The diagram demonstrates (one mark for each part): 4
− The router examining the packet …
− … looks for the packet header
− … looking for the IP address of destination
− The packet being sent toward its correct destination
− … by the fastest route // decides which route it takes
− Router is shown connecting devices/networks
− Router is shown assigning an IP address to a device
e.g.
Page | 33
4b FM24 P12- Q4) Internet, Steps of visiting a website
4 A student enters a uniform resource locator (URL) into their web browser.
Draw and annotate a diagram to show the process from the user entering the URL to the web browser
displaying the web page. [5]

4b FM24 P12- Q5) Digital Currency

5 Complete the description of digital currencies using the terms provided.

Blockchains Changed Data Chains Decentralised

Deleted Encryption Passport Physical Address
Physically Records time-stamp Traced transaction-chains

A digital currency does not exist ..........................................................., it can only be accessed electronically.
Page | 34
Some digital currencies have digital ledgers called ............................................................
These are decentralised databases where each transaction is stored as a new set of data with a
........................................................... and is linked to the previous set of data. This means that
transactions cannot be altered, only new transactions added, which allows the location of the data to be
............................................................ [4]
Page | 35

5a S24 P11 Q9) Communication & Cyber Security

9 A company owner has installed a new network. Data is correct before it is transmitted across the network.
The company owner is concerned that data might have errors after transmission.
(c) The company owner also installs a firewall to help protect the network from hackers and malware.
(i) Explain how the firewall operates to help protect the network.
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
................................................................................................................................... [5]
(ii) Give two examples of malware that the firewall can help protect the network from.
1 ........................................................................................................................................
2 ........................................................................................................................................ [2]

9(c)(i) Five from: 5

− The company owner can set criteria for traffic
− … such as a blacklist/whitelist of IP addresses
− It will examine traffic coming into the network
− It will check that the traffic meets the set criteria …
− … and will reject it if it does not
− Certain ports used by hackers can be blocked by
the firewall

9(c)(ii Any two from: 2

)
e.g.

− Virus
− Worm
− Trojan horse
− Spyware
− Adware
− Ransomware
Page | 36
5b S24 P12 Q8) Cyber Security
8 A company has a website that is suffering a distributed denial of service (DDoS) attack.
(a) Draw and annotate a diagram to show the process of the DDoS. [5]

(b) Identify a solution that can be used to help prevent the DDoS attack being successful.
............................................................................................................................................. [1]

8(a) One mark for each part of the diagram that shows: 5

− A perpetrator
− A webserver
− Malware sent to multiple computers
− Computer is turned into a bot
− Many bots are created to form a botnet
− All the bots send a request at once to the webserver

8(b) − Proxy server 1

5b S24 P12 Q11) Internet

11 A company has a website. Users use the internet and the world wide web to access the website.
(a) Describe the difference between the internet and the world wide web.
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
......................................................................................................................................................................... [2]
(b) The website has a uniform resource locator (URL). The URL has three different parts.
Identify the three different parts that are included in the URL.
1................................................................................................................................................
2................................................................................................................................................
3................................................................................................................................................ [3]
 Page | 37
(c) One function of a web browser is to provide an address bar for a user to enter a URL.
Give three other functions of a web browser.
1................................................................................................................................................
2................................................................................................................................................
3................................................................................................................................................ [3]

11(a) Any two from: 2

− The internet is an infrastructure
− The world wide web is a collection of web pages

11(b) − Protocol 3
− Domain name
− File name / web page name

11(c) Any three from: 3

− Storing bookmarks and favourites
− Recording user history
− Allowing use of multiple tabs
− Storing cookies
− Providing navigation tools

5c S24 P13 – Q7) Communication & Internet

7 A company has a network that includes a web server.
Data is transmitted across the network using serial half-duplex data transmission.
(d) The company uses a proxy server to help protect the web server and the network from cyber security
threats.
a. Give three cyber security threats that the proxy server can help protect against.
i. ........................................................................................................................................
ii. ........................................................................................................................................
iii. ........................................................................................................................................ [3]
b. Identify two functions of the proxy server that can be used to help protect the web server and the network.
i. ........................................................................................................................................
...........................................................................................................................................
ii. ........................................................................................................................................
........................................................................................................................................... [2]
(e) Customers access the company’s web pages that are stored on the web server.
Describe how the web pages are located, retrieved and displayed on a customer’s computer.
Page | 38
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
................................................................................................................................................ [6]

7(d)(i) Any three from: 3

− DDoS // DoS
− Hacking
− Malware // By example
− Brute-force attack

7(d)(ii) Any two from: 2

− It can limit the number of requests sent to the web server at a time
− It can act as a firewall
− It can examine incoming data to the webserver
− It can have set rules/criteria for traffic to meet
− It can have a blacklist of IP addresses to block

7(e) Any six from: 6

− The users type the URL into the address bar/web browser
− The web browser sends the URL to the DNS
− The DNS searches for the match IP address
− The DNS returns the IP address to the web browser
− The web browser sends a request to the IP address
− The web server sends the data for the web page to the web browser
− The web browser renders the HTML data to display the web page
Page | 39
6b W24 P12) Q -7 Internet
7 A student enters the uniform resource locator (URL) for a web page into their tablet computer.
(a) State what is meant by a URL.
...................................................................................................................................................
............................................................................................................................................. [1]
(b) Identify two different parts of a URL.
1................................................................................................................................................
2............................................................................................................................................... [2]

(c) The student enters the URL into a piece of software that then displays the web page.
Identify the name of this software.
............................................................................................................................................. [1]
(d) Draw and annotate a diagram to show how the web page is located and retrieved to be displayed on the
student’s tablet computer. [5]

(e) The data for the web page is transmitted using the secure socket layer (SSL) protocol.
Complete the paragraph about the SSL protocol. Use only terms from the list.
Not all terms need to be used. Some terms may be used more than once.
encrypted file server hypertext markup language (HTML)
hypertext transfer protocol (HTTP) operating system search engine
unencrypted URL web browser web server
The .............................................................. asks the .............................................................. to identify itself.
The .................................................................. sends back its digital certificate. The
............................................... authenticates the digital certificate. If it is authentic,
.......................................................... data transmission begins. [5]
Page | 40

6c W24 P13 Q 6) Internet

6 (a) Complete the statements about cookies.
Use only terms from the list.
Not all terms need to be used. Some terms may be used more than once.
binary close denary expire hexadecimal image malware operating system
permanent persistent session sound temporary web browser
Cookies are small text files that are stored by a ....................................................... .
....................................................... cookies are ....................................................... text files that are deleted
when the ....................................................... is closed.
....................................................... cookies are ....................................................... text files that are stored on a
user’s secondary storage device until they are manually deleted or they .................................................... [7]
(b) Give three examples of the use of cookies.
1.................................................................................................................................................................................
........................................................................................................................................................................
Page | 41
2.................................................................................................................................................................................
..................................................................................................................
3.................................................................................................................................................................................
.................................................................................................................. [3]

6(a) 7
One mark for each correct term in the correct order:

• web browser
• session
• temporary
• web browser // session
• persistent
• permanent
• expire

6(b) Any three from: 3

For example:

• User preferences // by example

• Login details
• Payment details
• User’s personal details e.g. address
• Contents of a shopping cart
• Targeted advertising

7b fm25 qp12) Q-5 Network & Internet

5 A computer is connected to a network.
(a) The computer has a network interface card (NIC) that has a media access control (MAC) address.
(i) One purpose of the NIC is to provide the computer with a MAC address.
Describe the other purposes of the NIC.
...................................................................................................................................................................................
...................................................................................................................................................................................
.......................................................................................................................................................................... [2]
(ii) Identify three characteristics of a MAC address.
1.................................................................................................................................................................................
..................................................................................................................................................................................
2.................................................................................................................................................................................
.................................................................................................................................................................................
Page | 42
3.................................................................................................................................................................................
.............................................................................................................................................................................. [3]
(b) The network allocates an internet protocol (IP) address to the computer.
(i) Tick (✓) one box to identify a valid IPv4 address. [1]
A 110:255:2:1
B 1.30.2FF.A9
C 3.162.74.3
D 8.0.257.6.8

(ii) Identify the device in a network that can automatically assign an IP address to a computer, each time the
computer connects to the network.
........................................................................................................................................................................ [1]
(c) A user accesses the world wide web using a web browser.
(i) Define the term world wide web.
...................................................................................................................................................................................
.............................................................................................................................................................................. [1]
(ii) The uniform resource locator (URL) for a website includes the protocol hypertext transfer protocol secure
(HTTPS). Explain how HTTPS makes the transmission of data secure.
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
...................................................................................................................................................................................
............................................................................................................................................................................. [4]
(iii) The protocol is one part of a URL.
Give the other two parts of a URL.
1…………………………………………………….........................................................................................................................
............................................................................................................................................................
2.................................................................................................................................................................................
.......................................................................................................................................................................... [2]
Page | 43
5(a)(i) 1 mark each to max 2 2
• Receive data from the network…
• … and convert it to be understood by the computer
• Convert data from the computer to a form to be transmitted over the network
• To allow a physical connection between a computer and a network

5(a)(ii) 1 mark each to max 3 3

• (Represented) in hexadecimal
• Numbers are separated by colons
• Six groups of digits
• Sets of 2-digit (hex) numbers
Note: Question is structured as 1, 2, 3 but consider marking as a whole i.e. 2+ marks on one
line

5(b)(i) C 1

5(b)(ii) Router 1

5(c)(i) 1 mark from 1

− The collection of websites and web pages accessed using the internet
− The websites hosted on the internet/web servers

5(c)(ii) 1 mark each to max 4 4

− Uses SSL/TSL
− Encrypts data
− … using asymmetric encryption
− … data is encrypted using the web server's public key
− … data can only be decrypted by the web server's private key
− Data transmitted to the server can only be decrypted by the server

5(c)(iii) 1 mark each to max 2 2

− Domain name
− Web page/file name/directory