What threats face a network, and how do firewalls, proxies and encryption defend against them?
Network security: the threats from malware (viruses, worms, trojans), social engineering and network attacks, and the protective measures of firewalls, proxy servers, encryption and access control.
An OCR H446 answer on network security: the threats from malware (viruses, worms, trojans), social engineering such as phishing, and network attacks, together with the protective measures of firewalls, proxy servers, encryption and access control.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this dot point is asking
OCR wants the main network threats (malware types, social engineering, attacks) and the protective measures (firewalls, proxy servers, encryption, access control), with how each works. Expect a "distinguish virus, worm and trojan" question and a "how do firewalls and encryption protect a network" question.
The answer
Malware
Social engineering and attacks
Protective measures
Examples in context
A company firewall blocks unexpected inbound connections while allowing web and email; a proxy caches popular pages and filters banned sites. HTTPS encrypts traffic so intercepted packets are unreadable. Phishing remains the commonest breach route, which is why training and two-factor authentication matter. SQL injection is defeated by validating and parameterising input. OCR links this to encryption and hashing, to the TCP/IP stack (where defences sit at different layers), and to the legal and privacy module.
Try this
Q1. State how a worm differs from a virus in the way it spreads. [2 marks]
- Cue. A worm self-replicates and spreads automatically across a network without a host file or user action; a virus attaches to a host file and needs the user to run it.
Q2. State the purpose of a firewall. [1 mark]
- Cue. To monitor and filter incoming and outgoing network traffic against rules, controlling what can enter or leave the network.
Q3. Explain why encryption is used in addition to a firewall. [2 marks]
- Cue. A firewall controls access at the boundary but does not protect data once intercepted in transit; encryption keeps the data unreadable without the key, so the two are complementary.
Exam-style practice questions
Practice questions written in the style of OCR exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
OCR 20196 marksExplain the difference between a virus, a worm and a trojan, giving how each spreads or operates.Show worked answer →
Award two marks per type for a correct description.
Virus: malicious code that attaches itself to a host file or program and replicates when that file is run or shared by the user; it needs the user to execute the infected file to spread.
Worm: self-replicating malware that spreads automatically across a network by exploiting vulnerabilities, without needing a host file or user action, so it can spread very rapidly and consume bandwidth.
Trojan: malware disguised as legitimate, desirable software that the user installs willingly; it does not self-replicate but, once run, performs a hidden malicious action such as opening a backdoor. Markers reward the host-file/user-action point for a virus, automatic self-spreading for a worm, and disguise without replication for a trojan.
OCR 20216 marksDescribe how a firewall and encryption each contribute to protecting a network, and explain why both are used together.Show worked answer →
Firewall (up to 3): a firewall monitors and filters incoming and outgoing network traffic against a set of rules, blocking packets that are not permitted (for example by port, IP address or protocol), so it controls what can enter or leave the network and stops unauthorised access.
Encryption (up to 2): encryption scrambles data so that even if it is intercepted it cannot be read without the key, protecting confidentiality in transit and at rest.
Used together (up to 1): a firewall controls access at the boundary but cannot protect data once it is in transit beyond the network; encryption protects the data itself but does not block unauthorised access, so the two are complementary layers of defence. Markers reward the filtering role, the confidentiality role, and the complementary-layers point.
Related dot points
- Networks (LAN and WAN, network topologies, client-server and peer-to-peer), network hardware (NIC, switch, router, WAP), the need for protocols and protocol layering, the TCP/IP four-layer stack, and packet switching.
An OCR H446 answer on networks: LANs and WANs, topologies, client-server and peer-to-peer models, network hardware (NIC, switch, router, wireless access point), the need for protocols and layering, the TCP/IP four-layer stack, and packet switching.
- The structure of the internet, the Domain Name System (DNS), URLs and IP and MAC addressing, the difference between the internet and the world wide web, and the protocols HTTP, HTTPS, FTP and the client-server model of the web.
An OCR H446 answer on the structure of the internet: the Domain Name System, URLs, IP and MAC addressing, the distinction between the internet and the world wide web, and the protocols HTTP, HTTPS and FTP within the client-server model of the web.
- Web technologies: HTML for structure, CSS for presentation and JavaScript for client-side behaviour, the difference between client-side and server-side processing, and how search engines index and rank pages using web crawlers and the PageRank algorithm.
An OCR H446 answer on web technologies: HTML for structure, CSS for presentation and JavaScript for client-side behaviour, the difference between client-side and server-side processing, and how search engines use web crawlers and the PageRank algorithm to index and rank pages.
- The moral, social, ethical and cultural impact of computer science, including privacy, the environmental impact of computing, automation and employment, the digital divide, and how to evaluate the ethical issues raised by new technologies.
An OCR H446 answer on the moral, social, ethical and cultural impact of computer science: privacy and surveillance, the environmental impact of computing, automation and employment, the digital divide, and how to evaluate the ethical issues raised by new technologies.
- Compression (lossy and lossless, run length encoding and dictionary coding), encryption (symmetric and asymmetric) and hashing, including their characteristics, differences and appropriate uses.
An OCR H446 answer on compression, encryption and hashing: lossy versus lossless compression with run length encoding and dictionary coding, symmetric versus asymmetric encryption, and how hashing works, with the characteristics, differences and appropriate uses of each.