OCR J277 Network Security

Lesson 5: Encryption & Testing

Securing data during transmission and identifying physical system vulnerabilities.

Lesson Progress

0/5
01 Review of Previous Learning

DO NOW: Match the Defence

Open your master Google Doc. Read the 3 specific threats below and identify the correct software prevention method for each from the options provided.

MAC Filtering Firewall Anti-Malware User Access Levels
  1. An employee accidentally deleting a folder containing confidential financial records.
  2. A hacker trying to send unauthorised data packets into the network from Russia.
  3. A student attempting to connect their personal, unapproved smartphone to the school Wi-Fi.
Reveal Answers (Use Green Pen)
  • 1. User Access Levels: Prevents standard employees from having 'write' or 'delete' permissions for sensitive folders.
  • 2. Firewall: Blocks unauthorised incoming network traffic at the border.
  • 3. MAC Filtering: Blocks devices that are not on the hardware whitelist from connecting.
02 Introducing the New Objective & KWs

Context & Keywords

Learning Objective

To understand how data is secured during transmission (Encryption), how systems are actively tested (Penetration Testing), and how hardware is protected physically.

Tier 3 Vocabulary (Click to flip):

Encryption Click to enlarge

The process of using an algorithm to scramble plaintext data into unreadable ciphertext. It requires a specific 'key' to decrypt it back.

"HELLO" [ALGORITHM] "XQ!9Z"
Click to close
Plaintext & Ciphertext Click to enlarge

Plaintext: Original, readable data.

Ciphertext: Scrambled, unreadable data after encryption has been applied.

Plaintext

Ciphertext

Click to close
Penetration Testing Click to enlarge

Employing ethical hackers to simulate cyberattacks on your own network to identify and report vulnerabilities before malicious hackers exploit them.

"White Hat" Hackers

They hack you, but with permission, to tell you how to fix the holes.

Click to close
Physical Security Click to enlarge

Using physical barriers to stop attackers from directly accessing hardware or server rooms (e.g., locks, keycards, CCTV, security guards).

A firewall can't stop someone walking out with the server hard drive.

Click to close
Biometrics Click to enlarge

Using unique physical characteristics to grant access. Examples include fingerprint scanners, facial recognition, or retina scans.

Unlike passwords, you can't easily guess, share, or forget a fingerprint.

Click to close
03 New Learning

The Misconception of Encryption

In the exam, the biggest mistake students make is saying: "Encryption stops hackers from intercepting data."

This is FALSE.

Encryption does not stop data from being intercepted. Hackers can still 'sniff' and steal the data packets as they travel over a Wi-Fi network.

The TRUE Purpose:

Encryption ensures that if the data is intercepted, it is completely unreadable and useless without the correct decryption key.

Cold Call Check

Think about your answer in silence. Be prepared to be cold-called.

"Why would a company pay a hacker to perform a Penetration Test on their own network?"
Reveal Ideal Answer
To identify vulnerabilities (weaknesses) in the system so that the company can patch/fix them before a malicious hacker exploits them.
04 Application

Task 1: The Cryptography Terminal

SECURE COMMS // CAESAR_PROTOCOL

+0
-25 (Decrypt Left) +25 (Encrypt Right)

Mission Brief

A Caesar Cipher is a simple substitution algorithm. It shifts every letter in the plaintext by a set number of positions down the alphabet to create ciphertext.

Intercepted Packet

FRQJUDWXODWLRQV

INTEL SUGGESTS SHIFT KEY: -3

Type the intercepted packet into the terminal and apply the correct shift key to decrypt the secret password.

Task 2: Exam Question

In your Google Doc, answer the following 4-mark OCR exam question.

"A hospital stores highly sensitive patient data on its main server room. Identify two physical security methods they could use to protect the server room, and describe how each method prevents unauthorised access." (4 Marks)
05 Consolidation

Plenary: Exit Ticket

To finish the lesson, complete the final exit ticket on Google Classroom to demonstrate you have met today's learning objective.

Final Knowledge Check

Task: Answer the exit question in full sentences:

"Explain the difference between plaintext and ciphertext, and describe the purpose of encryption during data transmission."

Open Exit Ticket in Google Forms