CIE IGCSE Computer Science Topic 5 The internet and its uses

Describe how web pages for the website are requested and displayed on a user’s computer

− Browser sends URL to DNS; [1 mark]

− ... using HTTP/HTTPS; [1 mark]

− IP address is found on DNS; [1 mark]

− DNS returns IP address to the browser; [1 mark]

− Browser sends request to web server/IP address; [1 mark]

− Web server sends web pages back to browser; [1 mark]

− Browser interprets/renders the HTML (to display web pages); [1 mark]

− Security certificates exchanged; [1 mark]

Why do websites make cookie requests

– to enable logon information to be kept on his computer; [1 mark]

– to provide pages customised for Ahmed the next time he logs on; [1 mark]

– to implement shopping carts and one-click purchasing; [1 mark]

– to be able to distinguish between new and repeat visitors to the website; [1 mark]

What are the two layers in the TLS protocol?

Handshake
Record

Protocols that can be used to secure data transmission over the internet

HTTPS
SSL
TLS

Examples of HTML structure

where text is placed, margins of page;

Examples of HTML presentation

font size, font colour

What is meant by HTML?

Hypertext Mark-up Language; [1 mark]

− Web authoring language // language used to write/create websites/web page; [1 mark]

Explain how data is sent securely using the TLS protocol

− Client/browser requests secure connection to server; [1 mark]

− Client/browser requests the server to identify itself; [1 mark]

− Server provides a digital certificate; [1 mark]

− Client/browser validates the certificate; [1 mark]

− Client/browser send signal back to server (to begin transmission); [1 mark]

− Session caching can be used; [1 mark]

− A session key is generated; [1 mark]

− Encryption method is agreed // data is encrypted; [1 mark]

Describe what is meant by a DDOS attack

multiple computers are used as bots; [1 mark]

● designed to deny people access to a website; [1 mark]

● a large number / numerous requests are sent (to a server) …; [1 mark]

● … all at the same time; [1 mark]

● the server is unable to respond / struggles to respond to all the requests; [1 mark]

● the server fails / times out as a result; [1 mark]

Security device that can be used to help prevent a DDOS attack

Firewall / proxy server

An art gallery uses secure socket layer (SSL) to provide a secure connection when selling art on its website. Describe the process of SSL and explain how it provides a secure connection.

SSL is a (security) protocol; [1 mark]

● It encrypts any data that is sent; [1 mark]

● It uses/sends digital certificates …; [1 mark]

● … which are sent to the (buyer’s/user’s) browser // requested by the (buyer’s/user’s) browser; [1 mark]

● … that contains the gallery’s public key; [1 mark]

● … that can be used to authenticate the gallery; [1 mark]

● Once the certificate is authenticated, the transaction will begin; [1 mark]

Methods to keep data secure

Password; [1 mark]

− Biometrics (device); [1 mark]

− Encryption; [1 mark]

− Physical methods (e.g. locks); [1 mark]

− Two-factor authentication // Two-step verification; [1 mark]

− Anti-viruses; [1 mark]

firewall

What is meant by phishing?

Legitimate looking email sent to user; [1 mark]

− encourages user to click a link that directs user to a fake website; [1 mark]

− User encouraged to enter personal details into a fake website // designed to obtain personal details from a

user; [1 mark]

What is meant by pharming?

Malicious code/malware is downloaded/installed // software downloaded without users' knowledge; [1 mark]

− ... that re-directs user to fake website (when legitimate URL entered); [1 mark]

− User encouraged to enter personal details into a fake website // designed to obtain personal details from a

user; [1 mark]

Security threats

Hacking; [1 mark]

− Denial of service (DoS) attack; [1 mark]

− Virus; [1 mark]

− Malware; [1 mark]

How proxy server helps protect website

− Acts as a firewall; [1 mark]

− Monitor/filters/examines incoming and outgoing traffic; [1 mark]

− Rules/criteria for traffic can be set // blacklist/whitelist set; [1 mark]

− Blocks any traffic that does not meet criteria …; [1 mark]

− … and can send a warning message to the user; [1 mark]

− Stop the website failing in a DoS attack // DoS attack hits the proxy server and not the webserver; [1 mark]

Ways that data could be accidentally damaged

Loss of power/electricity; [1 mark]

− Spillage of liquids; [1 mark]

− Flood; [1 mark]

− Fire; [1 mark]

− Human error; [1 mark]

− Hardware failure; [1 mark]

− Software failure; [1 mark]

Similarities between phishing and pharming

Both are designed to steal/collect personal data; [1 mark]

− Both pretend to be a real company; [1 mark]

− Both use fake websites

Differences between phishing and pharming

− Phishing involves use of an email whereas pharming involves installing malicious code; [1 mark]

− Phishing involves clicking a link or an attachment whereas pharming creates a redirection; [1 mark]

State what is meant by a digital currency

Currency that only exists in electronic form

Describe the process of blockchain in digital currency

• It acts as a ledger [1 mark]

... by tracking each transaction [1 mark]

• It keeps a series of time-stamped records [1 mark] that cannot be altered [1 mark]