OCR J277 Network Security

Lesson 4: Software Defences

Selecting and justifying appropriate logical prevention methods to secure a network.

Lesson Progress

0/5
01 Review of Previous Learning

DO NOW: The Reverse Question

Normally, you are given a question and have to provide the answer. Today, we are reversing it. In your Google Doc, write the best 2-mark OCR exam question that would lead to the answer below.

The Answer is:

"Denial of Service (DoS)"

Reveal Example Questions

If your question looks similar to any of these, you have achieved the marks:

  • "Identify the attack where a server is flooded with overwhelming traffic to deny access to legitimate users."
  • "Name the network threat designed specifically to crash a system by using up all available bandwidth."
02 Introducing the New Objective & KWs

Context & Keywords

Learning Objective

To select, justify, and explain the mechanics of appropriate logical prevention methods (software defences) used to secure a network.

Tier 3 Vocabulary (Click to flip):

Firewall Click to enlarge

Hardware or software that monitors incoming and outgoing network traffic. It blocks unauthorised packets based on a set of security rules.

It sits at the border of the network, acting as a security checkpoint.

Click to close
Anti-Malware Click to enlarge

Software that actively scans files and compares them against a database of known threats to detect, quarantine, and delete malicious code.

It searches internally for threats that bypassed the firewall.

Click to close
User Access Levels Click to enlarge

Assigning specific permissions (Read, Write, Execute) based on a user's role. It limits what data a compromised account can access.

Admin Full Access
Staff Read/Write
Guest Read Only
Click to close
Authentication Click to enlarge

Verifying the identity of a user trying to access the network. This includes passwords, biometrics, and Two-Step Verification (2FA).

Password

SMS Code

Access

Two-Step Verification

Click to close
MAC Filtering Click to enlarge

Configuring a router to only allow devices with specific MAC addresses (a unique hardware code) to connect to the network.

WHITELIST:

00:1B:44:11:3A:B7

Unknown Device

Click to close
03 New Learning

The Golden Distinction: Firewall vs Anti-Malware

In the exam, students constantly confuse Firewalls and Anti-Malware. They are not the same thing. One looks at network traffic, the other looks at files.

Network Topography Visualisation

The Internet

Data Packet

Firewall

Blocks unauthorised network traffic at the border.

Local PC

Anti-Malware scans files already on the hard drive.

MWB Check: Which defence?

Read the scenario. Write either A (Firewall) or B (Anti-Malware) on your MWB.

"An employee has plugged in a USB drive they found in the car park. They copy a file from the USB onto their desktop computer."
Reveal Answer
B (Anti-Malware). The file was brought in physically via a USB drive. It never travelled across the network connection, so the Firewall would not see it. You need Anti-Malware to scan the file locally.
04 Application

Task: Secure the System

InsecureTech Ltd SOC

System Integrity

Secured: 0 / 5

Software Defences

Select a tool, then click an active vulnerability to apply the patch.

Active Vulnerabilities

Task 2: Exam Question

In your Google Doc, answer the following 4-mark OCR exam question. Use the point-and-explain structure.

"A secondary school stores sensitive student data on its network. Explain how the school can use a firewall and user access levels to protect the network." (4 Marks)
05 Consolidation

Plenary: The Abstract Image

Look at the image below. This real-world scenario perfectly describes a specific software prevention method we learned today. Write the name of the method on your MWB.

CLUB VIP
ID: 00-1B-44

GUESTLIST

00-1B-44

F8-2C-11

ID: A1-99-B2

Which network defence is this bouncer performing?

Reveal Answer
MAC Filtering. (The bouncer checks the unique ID against an approved whitelist).

Note: "Firewall" is also an acceptable interpretation, as a firewall blocks traffic based on rules, much like a bouncer at the door.