IT BTEC level 3 unit 1 & 2

What is meant by data?

Raw facts and figures that have not been processed

What is meant by information?

Processed data that is meaningful and useful

What is the difference between data and information?

Data is raw, information is processed and meaningful

What is a CPU?

Central Processing Unit that processes instructions and controls operations

What are the two main parts of the CPU?

ALU and Control Unit

What does the ALU do?

Performs arithmetic and logical operations

What does the Control Unit do?

Decodes instructions and controls execution

What is clock speed?

Number of cycles per second measured in GHz

What does cache memory do?

Stores frequently used data for quick access

What is RAM?

Volatile memory used to store data currently in use

What is ROM?

Non-volatile memory storing firmware

What is storage?

Devices used to store data permanently

What is primary storage?

Main memory directly accessed by CPU (RAM, cache)

What is secondary storage?

Long-term storage (HDD, SSD)

What is an HDD?

Magnetic storage device with spinning disks

What is an SSD?

Solid state storage with no moving parts

State one advantage of SSD over HDD

Faster read/write speeds

State one disadvantage of SSD

Higher cost per GB

What is input hardware?

Devices used to enter data into a system

Give two examples of input devices

Keyboard, mouse

What is output hardware?

Devices that present data to the user

Give two examples of output devices

Monitor, printer

What is system software?

Software that manages hardware and system resources

What is an operating system?

Software that manages hardware and provides user interface

Give two functions of an OS

Memory management, process management

What is application software?

Software designed to perform specific tasks

Give examples of application software

Word processor, spreadsheet

What is utility software?

Software that maintains and optimises system performance

Give examples of utility software

Antivirus, disk defragmenter

What is open source software?

Software with source code freely available to modify

What is proprietary software?

Software owned and licensed with restricted use

What is a network?

Two or more devices connected to share resources

What is a LAN?

Local Area Network in a small geographic area

What is a WAN?

Wide Area Network covering large geographic areas

What is bandwidth?

Maximum amount of data transmitted per second

What is latency?

Delay in data transmission

What is a router?

Device that forwards data between networks

What is a switch?

Connects devices within a network using MAC addresses

What is an IP address?

Unique identifier for a device on a network

What is a MAC address?

Unique hardware address assigned to a network interface

What is cloud computing?

Delivery of computing services over the internet

State one advantage of cloud computing

Accessible from anywhere

State one disadvantage of cloud computing

Dependent on internet connection

What is virtualization?

Running multiple virtual systems on one physical machine

What is cyber security?

Protection of systems and data from digital attacks

What is malware?

Malicious software designed to harm systems

Give examples of malware

Virus, worm, trojan, ransomware

What is phishing?

Fraudulent attempt to obtain sensitive information

What is social engineering?

Manipulating people to gain confidential information

What is encryption?

Converting data into unreadable form to protect it

What is authentication?

Verifying identity of a user

What is a firewall?

Security system that monitors and controls network traffic

What is data protection?

Ensuring personal data is used lawfully and securely

What is the purpose of GDPR?

Protect personal data and privacy

State one GDPR principle

Data must be processed lawfully

What is a backup?

Copy of data stored separately

What is the purpose of backups?

Restore data after loss or damage

What is a database?

Structured collection of data

What is a table?

Collection of related records

What is a field?

Single piece of data in a record

What is a record?

Collection of related fields

What is primary key?

Unique identifier for each record

What is validation?

Ensuring data entered is sensible and reasonable

What is verification?

Checking data matches original input

What is a user interface?

Means by which user interacts with system

Give types of user interfaces

GUI, CLI, menu-based

What is accessibility?

Designing systems usable by people with disabilities

Give one accessibility feature

Screen reader

What is sustainability in IT?

Reducing environmental impact of IT systems

Give one method of improving sustainability

Recycling hardware

What is ethical use of IT?

Using IT responsibly and morally

Give one ethical issue

Privacy concerns

What is legal use of IT?

Following laws related to IT

Give one IT law

Data Protection Act

Cyber security definition

Protecting computer systems, networks and data from unauthorized access, damage or theft

Authentication

Process of verifying a user’s identity before access is granted

Encryption

Process of converting plaintext into ciphertext using a key

Risk assessment

Identifying threats, analysing likelihood and impact, and assigning risk levels

Least privilege

Users only have minimum access required for their role

Assume breach

Design systems assuming a breach will occur and focus on detection/recovery

Security through obscurity

Avoid relying on hidden systems instead use strong security controls

ISO 27000

International standard for information security management

Internal threats

Threats originating from within an organisation

Employee sabotage

Employees deliberately damaging or stealing data/equipment

Unauthorized internal access

Employees accessing data or systems without permission

Accidental data loss

Unintentional data loss such as deletion or spills

Unsafe practices

Poor security behaviours like weak passwords

External threats

Threats originating outside the organisation

Malware

Malicious software designed to damage or gain access

Hacking

Exploiting vulnerabilities to gain unauthorized access

Sabotage attacks

Disrupting systems (e.g., DoS or physical damage)

Social engineering

Manipulating people into revealing confidential information

Network vulnerabilities

Weak firewall settings or infected external devices

Organisational vulnerabilities

Weak policies or excessive permissions

Software vulnerabilities

SQL injection and zero-day exploits

Operating system vulnerabilities

Outdated systems or missing patches

Cloud/IoT vulnerabilities

Lack of control or built-in security weaknesses

Virus

Malware that attaches to files and replicates

Worm

Self-replicating malware that spreads across networks

Trojan

Malware disguised as legitimate software