GCSEComputer ScienceAQARevision Notes10. Cyber SecurityMethods of Preventing Cyber Security ThreatsMethods of Preventing Cyber Security Threats

Methods of Preventing Cyber Security Threats (AQA GCSE Computer Science)

Revision Note

Robert Hampton

Expertise

Computer Science Content Creator

Penetration Testing

What is penetration testing?

  • Penetration testing is the process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access
  • A company will employ penetration testers to test a networks security and use any information gained to to fix any issues that are found
  • There are two main types of penetration testing:
    • Malicious insider
    • External attack

Malicious insider (white-box)

  • When the person or team testing the system has knowledge of and possibly basic credentials for the target system, simulating an attack from inside the system

External attack

  • When the person or team testing the system has no knowledge of any credentials for the target system, simulating an attack from outside the system

Biometric Measures

What are biometric measures?

  • Biometric measures are an individuals personal characteristics used to identify them, such as
    • Fingerprints
    • Iris/retina scans (eyes)
    • Voice recognition
  • Biometrics provide a very secure method of confirming a users identity before allowing access/permission to a computer system
  • Biometric measures are often used on mobile devices to provide secure access

CAPTCHA

What is a CAPCHA?

  • A CAPCHA is a method of testing if a website request originates from a human or a machine (bot)
  • Completely Automated Public Turing test to tell Computers & Humans Apart (CAPTCHA) examples include:
    • Text - Asking users to enter characters from a distorted text box, users would need to decipher the characters and enter them in a designated box
    • Image - A grid of images, a user would be asked to select all those that contain a specific object
    • Checkbox - A simple checkbox appears asking the user to confirm they are not a robot 
  • A CAPTCHA can be used to prevent spam and protect logins

Confirming Identity

How can you confirm identity?

  • One method of confirming the identity of a user is to email a link to check that they are using a valid and working email address
  • A user does not get access to a service/website until the check is complete
  • This type of check can be carried out using SMS in the same way

Automatic Software Updates

What are automatic software updates?

  • Automatic software updates take away the need for a user to remember to keep software updated and reduce the risk of software flaws/vulnerabilities being targeted in out of date software
  • Automatic updates ensure fast deployment of updates as they release

Worked example

Give three examples of when it would be suitable to use a CAPTCHA system [3]

Answer

  • account registration
  • account access
  • online voting systems
  • ticket purchasing / transaction completion
  • on pages where comments / reviews can be posted
  • on parts of the website where fraudulent click-throughs may be possible

You've read 0 of your 0 free revision notes

Get unlimited access

to absolutely everything:

  • Downloadable PDFs
  • Unlimited Revision Notes
  • Topic Questions
  • Past Papers
  • Model Answers
  • Videos (Maths and Science)

Join the 100,000+ Students that ❤️ Save My Exams

the (exam) results speak for themselves:

    Next topic

    Did this page help you?

    Robert Hampton

    Author: Robert Hampton

    Rob has over 16 years' experience teaching Computer Science and ICT at KS3 & GCSE levels. Rob has demonstrated strong leadership as Head of Department since 2012 and previously supported teacher development as a Specialist Leader of Education, empowering departments to excel in Computer Science. Beyond his tech expertise, Robert embraces the virtual world as an avid gamer, conquering digital battlefields when he's not coding.