BETAThis platform is under active development; bugs, missing features, and risk of data loss are present. Thank you for your support!

Cyber Security

Learn it by playing

Answer these questions to earn energy, then fish and explore. No account needed.

For teachers: ready-to-use lesson slides, revision notes, diagrams for Cyber Security (Computer Science, CIE) — use them in your lesson, or run the topic as a live class game.

Notes

Cyber Security Threats

  • **Brute-force attack**: repeatedly tries password/PIN combinations; **dictionary attack** tries common words/phrases.
  • **Data interception & theft**: uses a **packet sniffer** to capture network data and steal usernames/passwords.
  • **DDoS attack**: floods a server with requests from many **bots** (compromised computers), making it unusable.
  • **Hacking**: exploits weaknesses (unpatched software, outdated anti-malware) to gain unauthorised access.
  • **Malware**: malicious software including **virus** (replicates, corrupts files), **worm** (spreads across network), **Trojan** (disguised as legitimate), **spyware** (records activity), **adware** (displays ads), **ransomware** (encrypts files, demands ransom).
  • **Pharming**: redirects user to a fake website by altering DNS settings or browser settings; protect with anti-malware, check URLs, look for padlock icon.
  • **Phishing**: sends fraudulent emails/SMS claiming to be from a reputable company to trick users into revealing details.
  • **Social engineering**: exploits human weaknesses (e.g., fraudulent phone calls, pretexting) to gain confidential data.

Keeping Data Safe – Access Control & Authentication

  • **Access levels**: set based on role – **full access** (create/edit/delete), **read-only**, **no access**.
  • **Authentication**: verifies user identity via **usernames/passwords**, **multi-factor authentication**, **CAPTCHA**, or **biometrics** (fingerprint, facial recognition, iris scan).
  • Biometrics are more secure than passwords: cannot be guessed, faked, recorded by spyware, or shoulder-surfed.

Keeping Data Safe – Software & Network Defences

  • **Anti-malware**: scans files/emails/websites for known malware signatures; includes anti-virus, anti-spam, anti-spyware; updates automatically.
  • **Firewall**: monitors incoming/outgoing traffic, filters based on rules; can be hardware (protects whole network) or software (protects individual devices).
  • **Proxy server**: hides user's IP address/location, filters web traffic, blocks malicious content.
  • **SSL (Secure Socket Layer)**: encrypts data transmitted over the internet; uses digital certificate with public key for authentication.
  • **Automatic software updates**: ensure vulnerabilities are patched quickly without user intervention.

Keeping Data Safe – User Practices & Communication

  • **Privacy settings**: control personal information shared online; review regularly to prevent identity theft.
  • **Check URLs**: verify links before clicking (e.g., `amaz.on.co.uk` vs `amazon.co.uk`) to avoid phishing.
  • **Monitor communication**: phishing emails often have spelling/grammar errors, urgent tone, or lack professionalism.
  • **User vigilance**: lock devices, log off when not in use, do not share passwords, encrypt data, keep software up to date.

DDoS attack: attacker controls botnet to flood server with requests, denying service to legitimate users.

DDoS Attack DiagramAttackerBotnetServerOverloadedUserRequest blockedMultiple bots send simultaneous requests → server fails

Practice questions

Free preview — 8 of 40 questions. Sign up to see them all.

  1. 1.What is the term for a type of malware that locks a user's computer and demands payment to unlock it?

    Easy
    • ARansomware
    • BSpyware
    • CAdware
    • DTrojan
  2. 2.Which of the following is a method used to prevent unauthorised access by monitoring and filtering network traffic based on a set of rules?

    Easy
    • AFirewall
    • BProxy server
    • CAnti-malware
    • DSSL
  3. 3.A company's website becomes slow and eventually crashes because a large number of requests are sent to it from multiple compromised computers. What type of attack is this?

    Medium
    • ADDoS attack
    • BBrute-force attack
    • CPhishing attack
    • DData interception
  4. 4.Which security measure uses unique physical characteristics such as fingerprints or iris scans for authentication?

    Medium
    • ABiometrics
    • BCAPTCHA
    • CMulti-factor authentication
    • DEncryption
  5. 5.A user receives an email that appears to be from their bank, asking them to click a link and enter their login details. The email contains several spelling mistakes. What type of threat is this?

    Hard
    • APhishing
    • BPharming
    • CSocial engineering
    • DSpyware
  6. 6.An attacker repeatedly tries different combinations of a user's password to gain unauthorised access. Which type of attack is this?

    Hard
    • ABrute-force attack
    • BDictionary attack
    • CDDoS attack
    • DData interception
  7. 7.Which of the following is a type of malware that can replicate itself and spread to other computers on a network without needing to attach to a host file?

    Easy
    • AWorm
    • BVirus
    • CTrojan
    • DSpyware
  8. 8.What is the purpose of a proxy server in network security?

    Medium
    • ATo hide a user's IP address and location
    • BTo encrypt data transmitted over the internet
    • CTo scan for malware in email attachments
    • DTo manage user access levels

Unlock all 40 questions, slides & more

Create a free account to see every question, the slides, flashcards and revision notes for this topic.

Past papers

Past-paper practice for this topic is coming soon.

🗂️ Coming soon