Network Security
Unit 1.4 explores the devastating threats facing systems, and the crucial preventative measures required to lock them down.
Concept Explorer: Cyber Threat Simulator
As a network administrator, you must understand exactly how different attacks target a system. Launch a targeted attack on the server below to observe its specific purpose.
Module Theory 1.4
1. Malware Types
Viruses, Worms, Trojans, Ransomware, and Spyware/Keyloggers. Understand their specific goals and damages.
2. Network & Human Attacks
Brute-Force, DoS/DDoS, SQL Injection, Data Interception, Shoulder Surfing, and Social Engineering (Phishing/Pharming).
3. Defence Software
Firewalls, Anti-Malware, Encryption, and strong Authentication protocols (2FA, Limiting Attempts).
4. Identifying Vulnerabilities
Ethical Hacking, Penetration Testing, User Access Levels, and Physical Security controls.
The Examiners' Top 4 Zero-Mark Traps
Unit 1.4 contains the highest density of common student misconceptions. Every year, thousands of students lose guaranteed marks by falling into these four traps. Memorise them now.
1. The Encryption Trap
Encryption does NOT stop data from being intercepted. Hackers can still steal the data packet mid-transit! You must state that encryption makes intercepted data "unreadable/meaningless without the decryption key".
2. The Firewall Trap
Firewalls do NOT stop data interception across the wider Internet. A firewall can only monitor incoming/outgoing traffic directly passing through its specific network boundary node.
3. The 'Malware' Generalisation
Never write the generic term "Malware" or "Virus" as your final answer. If an exam asks for a specific threat that locks data, you must specify the precise type (e.g., "Ransomware").
4. The 'Hacking' Generalisation
Never use the generic phrase "Hacking". You must specify the exact method used to gain unauthorised access: (e.g., Brute-force attack, SQL injection, Social engineering, or Packet sniffing).
Baseline Check
Q1 A bank uses strong Encryption on their customer connection. A hacker uses a packet sniffer to intercept the customer's payment details. What happens?
Q2 Which of the following is the single most accurate description of how a Network Firewall prevents vulnerabilities?
Written Exam Scenario (AO2/AO3)
Stretch (Grade 9)"A small dental surgery stores patient medical records on a network-connected server. They have recently been targeted by Ransomware.
Describe the specific purpose of a Ransomware attack, and recommend two technical preventative methods the surgery should implement." (3 marks)
Grade 9 Exemplar Response:
Purpose (1 mark): The purpose of Ransomware is to maliciously encrypt the surgery's patient records and lock out staff, so the attacker can demand a financial fee (ransom) in exchange for the decryption key.
Method 1 (1 mark): The surgery should install Anti-Malware software to scan incoming files, comparing them against known ransomware signatures to quarantine them before they execute.
Method 2 (1 mark): The surgery should configure strict User Access Levels. This ensures that if a receptionist accidentally downloads ransomware, the malware can only encrypt records the receptionist has access to, preventing the entire main database from being locked.