•

•
•
•

•
•

•
•
•
•
•

•
•

•
Features of a web
browser
HINT:BAN CAR
 Features of a web
browser
•
•
•

•
•
•
•
on browsers.
•
•

•
 required pages are
downloaded.

HTML files are sent from the

website server to the
computer.

The browser interprets the

HTML, which is used to
structure content, and then
displays the information on
the user’s computer.
https://drive.google.com
/
•

•
•
•
•
•
•

•
•

•
•

•
•
•
•
EXAM QUESTION
EXAM QUESTION
EXAM QUESTION
EXAM QUESTION
 Digital
Currency
Definition
Examples of digital currency
Central Banking System

Person A Person B

Imagine Person A wants to

transfer money to Person B ...
Central Banking System

Person A Person B

A central bank is needed to

act as the "middleman"
 Problems with centralisation

- Confidentiality (Control of
governments and central authorities)
- Security
Decentralisation - Cryptocurrency

Ethereum Tether Litecoin Bitcoin

RMXXX RMXX RMXXX RMXX
X X
CRYPTOCURRENCY MINING

MINER
- Use the power of their personal computers to
process transactions. The reward for doing so is
that miners receive some of the transaction fees
involved in the process of payment made.
Decentralisation - Cryptocurrency
• Traditional digital currencies are regulated by central banks
and governments. This means all transactions and exchange
rates are determined by these two bodies.
• Cryptocurrency has no state control and all the rules are set
by the cryptocurrency community itself.
• The cryptocurrency system works by being within a
blockchain network which means it is much more secure.
 Blockchain
A technology that sits behind all
cryptocurrency transactions. It makes all
sorts of cryptocurrency safe to use.
Blockchaining - How cryptocurrency work?
• Blockchain is a decentralised database.
• All the transactions of networked members are stored on this
database.
• The blockchain consists of a number of interconnected
computers but they are not connected to a central server.
• All transaction data is stored on all computers in the
blockchain network.
Blockchaining - A chain of blocks
Blockchaining - A chain of blocks

• When a new transaction takes place, a new block

is created
• Blockchains = A collections of all transactions
What's inside one block?

Data = Sender, Recipient,

Amount of Coins

Hash Value, generated by

an algorithm (acts as a
unique identifier). Includes
a timestamp.

Previous Hash Value -

Points back to a previous
block in the chain
 Blockchaining - A chain of blocks

Hash: A4BF
Previous Hash: 0000
 Blockchaining - A chain of blocks

Hash: A4BF Hash: 6AB1 Hash: 34EE

Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1
 Blockchaining - A chain of blocks

Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: FF12

Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 34EE

Let's say a new transaction is created!

Blockchaining - A chain of blocks

THERE ARE 3 REASONS WHY TRANSACTIONS CANNOT BE

MODIFIED EASILY - MAKE THE SYSTEM SECURE
FIRST REASON: THE PREVIOUS HASH ATTRIBUTE
IN THE BLOCK

Hash: A4BF Hash: 4ERD Hash: 34EE Hash: FF12

Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 34EE

Let's change the transaction in this block. Oops, what's the

consequence of this?
 Blockchaining - A chain of blocks

Hash: A4BF Hash: 4ERD Hash: 34EE Hash: FF12

Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 34EE

Lost connection. Block 3 and 4 will become invalid.

Transaction fails.Blockchain prevents tampering (by hackers).
 SECOND REASON: PROOF OF WORK MAKE THE
CREATION OF BLOCK SLOWER

Hash: A4BF Hash: 4ERD Hash: 34EE Hash: FF12

Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 34EE

Hackers will find it hard to re-create block 3 and 4, due to proof-of-

work, which makes sure it takes 10 minutes to add a block to the chain.
THIRD REASON: The exact blockchain is stored in all the
computers in the networks.

Hash: A4BF Hash: 6AB1 Hash: 34EE

Hash: A4BF Hash: 6AB1 Hash: 34EE
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1

Hash: A4BF Hash: 6AB1 Hash: 34EE

Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1
Hash: A4BF Hash: 6AB1 Hash: 34EE
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1
When a new transaction is added, a block will added to each node.

Hash: 34EE
Hash: A4BF Hash: 6AB1 Hash: 34EE
Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: 34EE Previous Hash: 6AB1
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 6AB1

Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: 34EE

Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 6AB1
Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: 34EE
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 6AB1
All nodes within this network creates a consensus. Majority wins.
This means that hacker will have to tamper a block in more than half
of the nodes, which is impossible.

Hash: 34EE
Hash: A4BF Hash: 6AB1 Hash: 34EE
Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: 34EE Previous Hash: 6AB1
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 6AB1

Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: 34EE

Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 6AB1
Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: 34EE
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 6AB1

I Hack This!
All nodes within this network creates a consensus. Majority wins.
This means that hacker will have to tamper a block in more than half
of the nodes, which is impossible.

Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: 34EE

Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: 34EE Previous Hash: 6AB1
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 6AB1

Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: 34EE

Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 6AB1
Hash: A4BF Hash: 6AB1 Hash: 34EE Hash: 34EE
Previous Hash: 0000 Previous Hash: A4BF Previous Hash: 6AB1 Previous Hash: 6AB1

Failed!
Cyber Security
Cyber Security

Threat
 Cyber Security
Threats Solutions/Prevention
 Cyber Security
Threats
Cyber Brute-Force
DDOS Attack
B D
Security
Attack

Data

Threat D Interception H Hacking

Malware Phishing
M P
Social
Pharming
P S Engineering
Cyber Brute-Force
DDOS Attack
B D
Security
Attack

Data

Threat D Interception H Hacking

Malware Phishing
M P
Social
Pharming
P S Engineering
B Brute-Force Attack

Activity: Can you guess my

number?
B Brute-Force Attack
• A ‘trial and error’ method used by cybercriminals to crack passwords by
finding all possible combinations of letters, numbers and symbols until
the password is found.
• One way to reduce the number of attempts needed to crack a
password is to try with the more commonly password first.
• The longer a password is and the greater the variation of characters
used, the harder it will be to crack.
Cyber Brute-Force
DDOS Attack
B D
Security
Attack

Data

Threat D Interception H Hacking

Malware Phishing
M P
Social
Pharming
P S Engineering
D Distributed Denial of Service (DDOS)

• A denial of service (DoS) attack is an attempt at preventing users

from accessing part of a network, notably an internet server.
• The attacker may be able to prevent a user from:
• accessing their emails
• accessing websites/web pages
• accessing online services (such as banking).
If too many people accessing a website at the same
time, the server will go down ...
D Distributed Denial of Service (DDOS)
How does it attack?

When a user enters a website's

URL in their browser, a request
is sent to the web server that
contains the website
D Distributed Denial of Service (DDOS)
How does it attack?

When a user enters a website's

URL in their browser, a request The server can only handle a
is sent to the web server that finite number of requests. (say:
contains the website 1 million) at a time

Patient ..
D Distributed Denial of Service (DDOS)
How does it attack?

A criminal can use a software that

force thousands of innocent
computers around the world to
send a viewing request to a web
server.

x100000
 D Distributed Denial of Service (DDOS)
Distributed = Many computers
Denial of Service = Deny user from
using a service
How does it attack?

A criminal can use a software that
force thousands of innocent
computers around the world to
send a viewing request to a web
server.
The server becomes overloaded and won't be
able to service a user's legitimate request. It
will slow the website down or cause it to go
offline altogether.

Sorry
can't do
x100000 it!
D Distributed Denial of Service (DDOS)
Signs to detect a DDOS attack

Slow network performance (opening files

or accessing certain websites)

Inability to access certain websites

Large amounts of spam email reaching the

user’s email account.
Cyber Brute-Force
DDOS Attack
B D
Security
Attack

Data

Threat D Interception H Hacking

Malware Phishing
M P
Social
Pharming
P S Engineering
D Data Interception

• Data interception is a form of stealing data by tapping into a wired or

wireless communication link.
• The intent is to compromise privacy or to obtain confidential
information.
• Interception can be carried out using a packet sniffer, which examines
data packets being sent over a network. The intercepted data is sent
back to the hacker.
D Data Interception
To tackle data interception

Encryption of data.
Eg. Wired Equivalency privacy (WEP)

It is important not to use Wi-Fi (wireless)

connectivity in public places (such as an
airport) since no data encryption will exist
and your data is then open to interception
by anyone within the place.
Cyber Brute-Force
DDOS Attack
B D
Security
Attack

Data

Threat D Interception H Hacking

Malware Phishing
M P
Social
Pharming
P S Engineering
H Hacking

• Hacking is the act of gaining illegal access to a computer system

without the user's permission.
• Data can be deleted, passed on, changed or corrupted.
• Can encryption stops hacking?
H Hacking

• Hacking is the act of gaining illegal access to a computer system

without the user's permission.
• Data can be deleted, passed on, changed or corrupted.
• Encryption does not stop hacking, it just make the data meaningless.
• Solution: Firewall, strong passwords.
H Hacking

Black-hat White-hat
hacker hacker
Hacker that try to find security
Hacker who seeks to gain loopholes in a system and give
unauthorised access to a advice to the network owners
computer system. about how to close them.
Cyber Brute-Force
B D DDOS Attack

Security
Attack

Data

Threat D Interception H Hacking

Malware Phishing
M P
Social
Pharming
P S Engineering
 Malware = Malicious Code Software
M
Malware are pieces of software that have been written and
coded with the intention of causing damage to or stealing
data from a computer or system.

There are several types of malware:

Trojan
Virus Worm Spyware Adware Ransomware
Horse
 Virus
V
• Viruses are programs or program codes that self-replicate
with the intention of deleting or corrupting files, or causing a
computer to malfunction.
• Viruses need an active host program on the target
computer or an operating system that has already been
infected, before they can actually run and cause harm.
• Viruses are often sent as email attachments, reside on infected
websites or on infected software downloaded to the user’s
computer.

Virus
 Trojan Horse
T
• A trojan horse is malware that is hidden away in the code of software that
appears to be harmless. A Trojan horse replaces all or part of the
legitimate software with the intent of carrying out some harm to the
user’s computer system.
• They need to be executed by the end-user. They usually arrive as an
email attachment or are downloaded from an infected website
• Once installed on the user’s computer, the Trojan horse will give
cyber criminals access to personal information on your computers,
such as IP addresses, passwords and other personal data. Spyware
and ransomware are often installed on a user’s computer via
Trojan horse malware.

Trojan
Horse
 Worm
W
• A type of stand-alone malware that can self-replicate. Unlike viruses,
they don't need an active host program to be opened in order to do
any damage.
• Worm replicates itself until the computer's resources are used to
their maximum capacity and no further processing can take place,
leading to system failure and crashing.
• Worms tend to be problematic because of their ability to spread
throughout a network without any action from an end-user;
whereas viruses require each end-user to somehow initiate the
virus.

Worm
 Spyware
S
• Spyware is software that gathers information by monitoring a
user’s activities carried out on their computer.
• The gathered information (bank account numbers, passwords
and credit/debit card details) is sent back to the cybercriminal
who originally sent the spyware (just like cookies).
• Spyware can be detected and removed by anti-spyware
software.

Spyware
 Adware
A
• Adware is a software that will attempt to flood an end-user with
unwanted advertising.
• For example, it could
• redirect a user’s browser to a website that contains
promotional advertising
• appear in the form of pop-ups
• appear in the browser’s toolbar and redirect search requests

Adware
 Ransomware
R
• Ransomware are programs that encrypt data on a user’s
computer and ‘hold the data hostage’.
• The cybercriminal waits until the ransom money is paid and,
sometimes, the decryption key is then sent to the user.

Ransomware
Flashcard

THE DIFFERENCE
BETWEEN VIRUS
AND WORMS
VIRUS NEEDS AND
ACTIVE HOST,
WORMS DO NOT.
Flashcard

HOW IS VIRUS
SENT TO A USER
 VIA EMAIL
ATTACHMENTS,
INFECTED
SOFTWARE/
WEBSITE
Flashcard
Once installed on the user’s computer, I
will give cyber criminals access to
personal information on your computers,
such as IP addresses, passwords and other
personal data. Spyware and ransomware
are often installed on a user’s computer
via ME.
WHO AM I?
TROJAN HORSE
Flashcard

Encryption can stop hacking.

What's your view on it?
Encryption does not
stop hacking, it just
make the data
meaningless.
Cyber Brute-Force
B D DDOS Attack

Security
Attack

Data

Threat D Interception H Hacking

Malware Phishing
M P
Social
Pharming
P S Engineering
 Phishing
P
• Sending out
legitimate-looking
emails designed to
trick the recipients into
giving their personal
details to the sender of
the email.
• These emails may
contain links or
attachments, when
initiated, take the user to
a fake website to enter
personal details.
 Phishing
P
• Sending out
legitimate-looking
emails designed to
trick the recipients into
giving their personal
details to the sender of
the email.
• These emails may
contain links or
attachments, when
initiated, take the user to
a fake website to enter Clickbait
personal details.
 Phishing
P
Can you find something
that is not so right?
 Phishing - Legit Emails
P
 Phishing
P Ways to prevent phishing

Be aware of fake emails (eg. Dear (Your

name) and not Dear Customer)

Look out for http(s) in the address bar

Be very wary of pop-ups and use the

browser to block them
Cyber Brute-Force
B D DDOS Attack

Security
Attack

Data

Threat D Interception H Hacking

Malware Phishing
M P
Social
Pharming
P S Engineering
 Pharming
P
• Redirect user from a genuine website to a fake one, with
the hope that this goes unnoticed. They manipulate the
DNS server.
• A user may then be prompted to enter login details, and
this can then be collected by a criminal for use on the
genuine site.
• Pharming attacks occur when web servers are attacked,
and code is inserted into a website that redirects visitors
(changing the IP address).
Examples:
Cyber Brute-Force
B D DDOS Attack

Security
Attack

Data

Threat D Interception H Hacking

Malware Phishing
M P
Social
Pharming
P S Engineering
 Social Engineering
S
• This form of cyber-crime is where users are manipulated into
behaving in a way that they would not normally do.
• Five common types of threat:
• Instant messaging (malicious link embedded in message)
• Scareware (tell you that your computer is infected with virus)
• Email (genuine looking emails)
• Baiting (leave a pendrive where it can be found)
• Phone calls (asks you to download special software)
• All threats above are effective methods for introducing malware.
• The whole idea of social engineering is the exploitation of human
emotion (fear, curiosity, empathy and trust).
E X A M Q U ES T I O N ( M A RC H 1 9 )
EXAM QUESTION
EXAM QUESTION
E X A M Q U ES T I O N ( M A RC H 1 9 )
EXAM QUESTION
EXAM QUESTION
Cyber Security
Solutions
and
Prevention
Cyber Security
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
 Access Level
A
• This method of protection is hugely important in
organisations where there are lots of users accessing a
network.
• User will be assigned different levels of access
depending on the role they have. It ensures that users'
behaviour can be controlled while they use a computer
on a network.
• When using databases, levels of access are important
to determine who has the right to read, write and delete
data.
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
 Anti-malware
A
• Danger of malicious software
• Theft of company data
• Corruption of data (data becomes unreadable)
• Hence, a network should have anti-malware and anti-
virus applications installed that protect all devices on
the network (just like a vaccine to covid).

Types of Anti-malware

Anti Virus Anti Spyware

 Anti virus
A
• Anti-virus software are constantly scanning documents, files and
also incoming data from the internet.

Anti Virus
 Anti virus
A
• Anti-virus software are constantly scanning documents, files and
also incoming data from the internet.
• They are designed to detect suspisious activity and files before
they are opened or stored / warn the user against opening the
files.
• If a file is detected as harmful, the anti-virus will quarantine the file
away from the network, preventing it from installing or multiplying
itself to other areas of the network or the hard disk drive.
• Upon user instructions, the software will then remove and delete
the offending malware or virus.

Anti Virus
 Anti spyware
A
• Spyware: Spyware is software that gathers information by
monitoring a user’s activities carried out on their computer.
• How they work?
• Looks for typical features which are usually associated with
spyware thus identifying any potential security issues
• File structures – in this case, there are certain file structures
associated with potential spyware which allows them to be
identified by the software.
 Anti spyware
A
• Spyware: Spyware is software that gathers information by
monitoring a user’s activities carried out on their computer.
• How they work?
• Looks for typical features which are usually associated with
spyware thus identifying any potential security issues
• File structures – in this case, there are certain file structures
associated with potential spyware which allows them to be
identified by the software.
• General features - block webcam, encryption of keyboard strokes,
detect spyware and remove if found, scans for signs
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
 Authentication
A
• Authentication refers to the ability of a user to prove who
they are.

Password
Biometrics Two-step Credit Card &
and user Authentication verification Hotel Card
names
 Password and user names
P
• Examples of where password is used:
• websites
• mobile phones, etc
• Password should be strong enough to stop criminals from
guessing them.

Password
and user
names
Let's try this out

Password
and user
names
 Tips for a stronger password
T
• Combine different types of character (lowercase, uppercase,
special character)
• Don't put in pattern in your passwords (eg. cabbag3), use
random patterns eg. Hp3oe7Ls*(!kajmc)
• Don't use the same passwords for all accounts
• Be aware of spyware that tries to steal your passwords (via
keyboard stroke)

Password
and user
names
 Biometric Authentication
B
• Biometrics relies on certain unique characteristics of human
beings:

Biometric
Authentication
 Biometric Authentication
B
• Biometrics relies on certain unique characteristics of human
beings:
• Fingerprint scans (compare image stored versus image
scanned; fingerprints are unique)
• Face recognition
• Voice recognition

Biometric
Authentication
 Two-step verification
T
• Requires two methods of authentication to verify who a user
is.
• Example: Online shopping
• Step 1: Enter user name and password
• Step 2: Enter PIN that is sent back to her either in an email
or as a text message to her mobile phone

Two-step
verification
 Credit Card & Hotel Card
C
• Hotel card has magnetic stripe on the back of the card.
These stripe will store personal information.
• Credit card (or any smart card) has a chip that is read when
inserted into an Electronic Funds Transfer Point of Sale. The
chip can hold a lot of information (eg. Pin).

Credit Card &

Hotel Card
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
 Automating Software Updates
A
• Why?
 Automating Software Updates
A
 Automating Software Updates
A
• This ensures that applications
like operating systems, anti-
virus and other commonly
used pieces of software are
always operating with the
latest version installed.
• Greater threats are constantly
evolving and that anti-virus
companies are always
attempting to stay up to date
with new attacks.
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
S Spelling and Tone in communications

• Threat relating to emails?

S Spelling and Tone in communications

• Phishing emails are a threat to security. Sending out

legitimate-looking emails designed to trick the recipients
into giving their personal details to the sender of the email.
• What can we do?
S Spelling and Tone in communications
• Phishing emails are a threat to security. Sending out
legitimate-looking emails designed to trick the recipients
into giving their personal details to the sender of the email.
• Check
• If there is spellinnngngs errors in the email
• The tone used in the email message

www.gougle.com
www.amozon.com
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
F Firewall

• A firewall can be either software or hardware. It sits between the user’s computer
and an external network (for example, the internet) and filters information in and out
of the computer.
F Firewall

• A firewall can be either software or hardware. It sits between the user’s computer
and an external network (for example, the internet) and filters information in and out
of the computer.
• Firewalls are the primary defence to any computer system to help protect
it from hacking, malware (viruses and spyware), phishing and pharming.
• Main tasks
• Examine the ‘traffic’ between user’s computer (or internal network)
and a public network
• checks whether incoming or outgoing data meets a given set of
criteria.If the data fails the criteria, the firewall will block the ‘traffic’
• criteria can be set so that the firewall prevents access to certain
undesirable sites; the firewall can keep a list of all undesirable IP
addresses
• The firewall can be software installed on a computer; in some cases, it is
part of the operating system.
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
P Privacy Setting

• Privacy settings are the controls available on web browsers, social

networks and other websites that are designed to limit who can access
and see a user’s personal profile.
• Examples:
• "Do not track" setting
• Allow payment method to be saved (avoid the need to key in
information everytime, which is dangerous)
• Safer browsing
• App (sharing of location)
P Privacy Setting - Phone and
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
P Proxy Server

• Proxy servers act as an intermediate between a user and a web server.

• Benefits?
P Proxy Server

• Proxy servers act as an intermediate between a user and a web server.

• Benefits:
• Allows internet traffic to be filtered; it is possible to block access to a
website if necessary - Parental Control
P Proxy Server

• Proxy servers act as an intermediate between a user and a web server.

• Benefits:
• Allows internet traffic to be filtered; it is possible to block access to a
website if necessary - Parental Control
• Keeps users’ IP addresses secret which improves security (middleman
concept)
• Can you relate to one threat that we learn last week?
P Proxy Server

• Proxy servers act as an intermediate between a user and a web server.

• Benefits:
• Allows internet traffic to be filtered; it is possible to block access to a
website if necessary - Parental Control
• Keeps users’ IP addresses secret which improves security (middleman
concept)
• If an attack is launched, it hits the proxy server instead – this helps to
prevent hacking, DDoS, and so on.
P Proxy Server

• Proxy servers act as an intermediate between a user and a web server.

• Benefits:
• Allows internet traffic to be filtered; it is possible to block access to a
website if necessary - Parental Control
• Keeps users’ IP addresses secret which improves security (middleman
concept)
• If an attack is launched, it hits the proxy server instead – this helps to
prevent hacking, DoS, and so on
• Act as a firewall
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
S Secure socket layer

• SSL is a protocol/rule that is commonly found on

websites where financial transactions take place.
• SSL encrypts the connection between the user's
computer and the website that is being used.
Sensitive data can be bank card numbers, login
details and passwords.
S Secure Socket Layer Handshake
A connection that is created between a web
browser and a web server
S Secure Socket Layer - flow
The user’s browser
sends a message so
that it can connect with
the required website
which is secured by SSL
The browser then The web server
requests that the web responds by sending
server identifies itself a copy of its SSL
certificate to the
user’s browser

Certificate
An SSL certificate is a form of digital certificate
which is used to authenticate a website and
enables an encrypted connection
S Secure Socket Layer Handshake
The user’s browser The browser then The web server
sends a message so requests that the web responds by sending
that it can connect with server identifies itself a copy of its SSL
the required website certificate to the
which is secured by SSL user’s browser

If the browser can

authenticate this
certificate, it sends a
message back to the web
server to allow
communication to begin
S Secure Socket Layer Handshake
The user’s browser
sends a message so
that it can connect with
the required website
which is secured by SSL
The browser then The web server
requests that the web responds by sending
server identifies itself a copy of its SSL
certificate to the
user’s browser

Once this message is If the browser can

received, the web server
acknowledges the web
browser, and the SSL-
encrypted two-way data
transfer begins
authenticate this
certificate, it sends a
message back to the web
server to allow
communication to begin
S How do we know if a website is using SSL?

A user will know if SSL is being applied when they see https or the
small padlock in the status bar at the top of the screen.
S How do we know if a website is using SSL?
Examples of where SSL will be used:
• Online banking and all online financial transactions
• Online shopping/commerce
• Sending and receiving emails
• Instant messaging

Transport Layer Security (TLS)

- A more modern and more secure version of SSL. It is a form of
protocol that ensures the security and privacy of data between
devices and users when communicating over a network
T Transport Layer Security (TLS)
A more modern and more secure version of SSL. It is a form of
protocol that ensures the security and privacy of data between
devices and users when communicating over a network
Cyber A Access Level
A Anti-Malware

Security Authentication
Automating
A A Software Updates
Solution and
Prevention Spelling and
Tone in Firewall
S communications F s

Privacy
Proxy Server
P Setting P
Secure Socket
S Layer
E X A M Q U ES T I O N ( J U N E 2 1 )
E X A M Q U ES T I O N ( M A RC H 1 9 )
E X A M Q U ES T I O N ( J U N E 2 1 )
E X A M Q U ES T I O N ( M A RC H 1 9 )
E X A M Q U ES T I O N ( J U N E 2 0 )
E X A M Q U ES T I O N ( J U N E 2 0 )
E X A M Q U ES T I O N ( M A RC H 2 1 )
E X A M Q U ES T I O N ( M A RC H 2 1 )
E X A M Q U ES T I O N ( J U N E 2 0 )
E X A M Q U ES T I O N ( J U N E 2 0 )
E X A M Q U ES T I O N ( J U N E 2 0 )
E X A M Q U ES T I O N ( J U N E 2 0 )