CS 2210 - Notes CH 5
CS 2210 - Notes CH 5
The Internet is the infrastructure used to provide connec vity to the World Wide Web
The world wide web, or simply the web, is a collec on of websites and web pages that are accessed using
the internet
It was created in 1989 by Tim Berners-Lee, who envisioned it as a way to share and access informa on on a
global scale
The web consists of interconnected documents and mul media files that are stored on web servers around
the world
Web pages are accessed using a web browser, which communicates with web servers to retrieve and display
the content
Hypertext Transfer Protocol (HTTP) allows communication between clients and servers
for website viewing
HTTP & HTTPS are protocols, a set of rules governing communication between devices
on a network
HTTP allows clients to receive data from the sever (fetching a webpage) and send data to
the server (submitting a form, uploading a file)
HTTPS works in the same way as HTTP but with an added layer of security
All data sent and received using HTTPS is encrypted
HTTPS is used to protect sensitive information such as passwords, financial information
and personal data
2|Page
Web Browser
What is a web browser?
A web browser is a piece of software used to access and display information on the
internet
A web browser displays web pages by rendering hypertext markup language (HTML)
Web browsers interpret the code in HTML documents and translate it into a visual
display for the user
Function Description
Render HTML Display the web page
E.g. back/forward buttons and home button, to help users move between
Provide navigation tools
pages
Allow users to save links to frequently visited websites and access them
Storing bookmarks & favourites
easily
Storing cookies Cookies
Record user history Allow users to quickly revisit recently viewed web pages
A place for user to type in the URL (link to URL page) of a web page to
Provide address bar
visit
Allow multiple web pages to be open at once so users can quickly
Multiple tabs
switch between them
A web server is a remote computer that stores the files needed to display a web
page on the Internet
Web servers are generally available 24/7 and security is managed by the owner of the
hardware
Web servers provide access to multiple users at the same time
3|Page
Uniform Resource
Locator (URL) (2)
What is a URL?
A Uniform Resource Locator (URL) is a unique identifier for a web page, known as
the website address
It is text based to make it easier to remember
A user enters a URL into a web browser to view a web page
An example of a URL is:
https://www.savemyexams.com/igcse/computer-science/cie/23/revision-notes/
The Domain Name System (DNS) can be thought of as the Internet's equivalent to a phone
book
It is essentially a directory of domain names and is used to translate human-readable
domain names to the numeric IP addresses that computers use
When you type a URL into your browser, the DNS translates the domain name into its
associated IP address so your computer can connect to the server hosting the website
Without DNS, we would have to remember the IP address of every site we want to visit
HTML (4)
What is HTML?
Hypertext Markup Language (HTML), is the foundational language used to structure and
present content on the web
HTML consists of a series of elements, often referred to as "tags"
Most tags are opened and closed e.g. <html> and </html>, whereas some tags are only
opened e.g. <img> and <link>
4|Page
Structure
<!DOCTYPE html>
<html>
<head>
<title>My Web Page</title>
</head>
<body>
<header>
<h1>Welcome to My Website</h1>
</header>
<main>
<section>
<h2>About Me</h2>
<p>This is a paragraph about me.</p>
</section>
<section>
<h2>My Projects</h2>
<p>This is a paragraph about my projects.</p>
</section>
</main>
<footer>
<p>Contact: [email protected]</p>
</footer>
</body>
</html>
In this example, HTML is used to create a structure with a header, two sections in the main
body, and a footer
Other examples of HTML being used for structure include:
o Creating lists to structure information
o Positioning of text on the screen
o Embedding media and interactive elements
Present
HTML is also used to present and display information in a visually meaningful way
The content layer of a web page is made up of HTML elements such as headings (<h1>,
<h2>, etc.), paragraphs (<p>), links (<a>), images (<img>), and more
This layer is mainly handled by CSS (Cascading Style Sheets)
<!DOCTYPE html>
<html>
<body>
<h1>Welcome to My Website</h1>
<p>This is a paragraph introducing the content of the website.</p>
<h2>Subheading 1</h2>
<p>Here is some detailed information under the first subheading.</p>
<h2>Subheading 2</h2>
<p>Another section with more information.</p>
In this example, headings (<h1>, <h2>) and text formatting tags (<strong>, <em>) are used
to present the content clearly and with emphasis
Other examples of HTML being used to present information include:
o Presenting data in a table
o Displaying images with captions
Worked Example
Explain how the information stored on the company’s website is requested by the customer, sent
to the customer’s computer and displayed on the screen.
[7]
Answer
Seven from:
Requested
Sent
Received
Cookies
What is a cookie?
A cookie is a tiny data file stored on a computer by browser software that holds
information relating to your browsing activity
Typically a cookie will contain:
o Browsing history - what websites you have visited
o Login information - usernames & passwords
o Preferences - language/font size/themes
The two types of cookie are:
o Session - Created and replaced every time a user visits a website
o Persistent - Created and saved the first time a user visits a website, retained until
they expire
The Privacy and Electronic Communications Regulations (2003) is a law that governs the
use of cookies
Any website that wants to store a cookie must:
o Tell users the cookies are there
o Explain what the cookies are doing
o Obtain users consent to store the cookie
Digital Currency
What is digital currency?
In the IGCSE exam digital currency and crypto currency are the same thing, although in real life
they are not strictly the same thing.
7|Page
Blockchain
What is a blockchain?
A blockchain is a digital ledger that records every transaction made with a particular digital
currency
Transactions are time-stamped and added to the blockchain in
a permanent and unalterable way
A blockchain is a decentralised technology, meaning that it is not controlled by a single
entity or authority
o Instead, every participant in the network has a copy of the ledger and can verify
the transactions independently
The blockchain is made up of "blocks" of transactions that are linked together in a "chain"
using cryptographic algorithms
o This creates a secure and tamper-proof record of every transaction made with the
digital currency
Each transaction in the blockchain must be verified by multiple participants in the
network
o This verification process ensures that the transaction is legitimate and prevents
any fraudulent activity
Computers face a variety of forms of attack and they can cause a large number of issues
for a network and computers
The main threats posed are:
o Brute-force attacks
o Data interception & theft
o DDos attack
o Hacking
o Malware
o Pharming
o Phishing
o Social engineering
Data interception
What is data interception & theft?
DDoS Attack
What is a DDoS attack?
Hacking
What is hacking?
Malware
What is malware?
Malware (malicious software) is the term used for any software that has been created with
malicious intent to cause harm to a computer system
Examples of issues caused by malware include
o Files being deleted, corrupted or encrypted
o Internet connection becoming slow or unusable
o Computer crashing or shutting down
There are various types of malware and each has slightly different issues which they cause
Very similar to viruses, main difference being that they spread to other drives and computer
network
Worms can infect other computers from
o Infected websites
Worms
o Instant message services
o Email
o Network connection
Locks your computer or device and encrypts your documents and other important files
A demand is made for money to receive the password that will allow the user to decrypt the
Ransomware
No guarantee paying the ransom will result in the user getting their data back
Pharming
What is pharming?
Pharming is typing a website address into a browser and it being redirected to a 'fake'
website in order to trick a user into typing in sensitive information such as passwords
An attacker attempts to alter DNS settings, the directory of websites and their matching IP
addresses that is used to access websites on the internet or change a users browser
settings
A user clicks a link which downloads malware
The user types in a web address which is then redirected to the fake website
10 | P a g e
Phishing
What is phishing?
Social Engineering
What is social engineering?
Worked Example
[4]
(ii) Suggest one security device that can be used to help prevent a DDoS attack.[1]
Answers
(ii)
Access Levels
What are access levels?
Access levels ensure users of a network can access what they need to access and do
not have access to information/resources they shouldn't
Users can have designated roles on a network
Access levels can be set based on a user's role, responsibility, or clearance level
o Full access - this allows the user to open, create, edit & delete files
o Read-only access - this only allows the user to open files without editing or deleting
o No access - this hides the file from the user
Some examples of different levels of access to a school network could include:
o Administrators: Unrestricted - Can access all areas of the network
o Teaching Staff: Partially restricted - Can access all student data but cannot access
other staff members' data
o Students: Restricted - Can only access their own data and files
Users and groups of users can be given specific file permissions
Anti Malware
What is anti-malware software?
Anti-malware scans through email attachments, websites and downloaded files to search
for issues
Anti-malware software has a list of known malware signatures to block immediately if they
try to access your device in any way
Anti-malware will also perform checks for updates to ensure the database of known
issues is up to date
Authentication
What is authentication?
Authentication is the process of ensuring that a system is secure by asking the user
to complete tasks to prove they are an authorised user of the system
Authentication is done because bots can submit data in online forms
Authentication can be done in several ways, these include
o Usernames and passwords
o Multi-factor authentication
o CAPTCHA - see example below
13 | P a g e
Biometrics
Automatic software updates take away the need for a user to remember to keep software
updated and reduce the risk of software flaws/vulnerabilities being targeted in out of
date software
Automatic updates ensure fast deployment of updates as they release
Communication
What is communication?
One way of protecting data is by monitoring digital communication to check for errors in
the spelling and grammar or tone of the communication
Phishing scams often involve communication with users, monitoring it can be effective as:
o Rushed - emails and texts pretending to be from a reputable company are focused
on quantity rather than quality and often contain basic spelling and grammar errors
o Urgency - emails using a tone that creates panic or makes a user feel rushed is
often a sign that something is suspicious
o Professionalism - emails from reputable companies should have flawless spelling
and grammar
URL
How to check a URL?
Checking the URL attached to a link is another way to prevent phishing attacks
Hackers often use fake URLs to trick users into visiting fraudulent websites
o e.g. http://amaz.on.co.uk/ rather than http://amazon.co.uk/
If you are unsure, always check the website URL before clicking any links contained in
an email
Firewalls
What is a firewall?
A firewall monitors incoming and outgoing network traffic and uses a set of rules to
determine which traffic to allow
A firewall prevents unwanted traffic from entering a network by filtering requests to ensure
they are legitimate
It can be both hardware and software and they are often used together to provide stronger
security to a network
o Hardware firewalls will protect the whole network and prevent unauthorised traffic
o Software firewalls will protect the individual devices on the network, monitoring the
data going to and from each computer
Hackers
Malware
Unauthorised access to a network
Privacy Settings
What are privacy settings?
Privacy settings are used to control the amount of personal information that is shared
online
They are an important measure to prevent identity theft and other forms of online fraud
Users should regularly review their privacy settings and adjust them as needed
Proxy Servers
What is a proxy server?
A proxy-server is used to hide a user's IP address and location, making it more difficult
for hackers to track them
They act as a firewall and can also be used to filter web traffic by setting criteria for
traffic
Malicious content is blocked and a warning message can be sent to the user
Proxy-servers are a useful security measure for protecting against external security threats
as it can direct traffic away from the server
SSL
What is SSL?
Worked Example
(i) ) Identify a security solution that could be used to protect a computer from a computer virus,
hacking and spyware.
(ii) Describe how each security solution you identified in (i) will help protect the computer.
[6]
Answers
(i)
Monitoring communication
o Checking for spelling & grammar errors
o Reading tone, is the user being rushed? // is the user made to panic?
Authentication
o Checks the user is they say they are
o Captcha proves they are not a bot
o Passwords lock out after a set number of attempts
Firewall
o Monitors traffic coming into and out of the computer system
o Checks that the traffic meets any criteria/rules set
o Blocks any traffic that does not meet the criteria/rules set // set
blacklist/whitelist
Biometrics
o Data needed to enter is unique to individual
o … therefore it is very difficult to replicate
o Lock out after set number of attempts