Why is network security important, and how are network vulnerabilities identified and networks protected?
Understand the importance of network security, ways of identifying network vulnerabilities (penetration testing, ethical hacking) and methods of protecting networks (access control, physical security, firewalls).
A focused answer to Edexcel GCSE Computer Science 4.2.1, covering the importance of network security, identifying vulnerabilities by penetration testing and ethical hacking, and protecting networks with access control, physical security and firewalls.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this dot point is asking
Edexcel wants you to explain why network security matters, how vulnerabilities are identified (penetration testing, ethical hacking), and how networks are protected (access control, physical security, firewalls).
Why network security is important
The stakes are high: organisations hold customer records, financial data and confidential information, and they rely on their networks to operate. An attacker who gets in could steal personal data, install malware, hold data to ransom, or shut services down. Because the harm is so serious, organisations invest in identifying weaknesses and protecting their networks, and they have a legal duty to keep personal data secure.
Identifying vulnerabilities
The key idea is finding the holes first. By acting like an attacker, in an authorised and controlled way, testers discover weaknesses such as weak passwords, unpatched software or misconfigured settings, and report them so they can be corrected. The crucial distinction from criminal hacking is permission: ethical hackers and penetration testers have the organisation's authorisation and aim to improve security, not to cause harm.
Protecting networks
These methods defend at different points. Access control stops unauthorised people getting in and limits what each user can do, so a stolen password does less damage. Physical security protects the hardware itself, because someone with physical access to a server could bypass other defences. A firewall sits at the network boundary, examining traffic against rules and blocking anything unauthorised, which keeps out external attackers and malware. Used together, they provide layered protection.
Bringing it together
Good network security combines finding weaknesses (penetration testing, ethical hacking) with defending against attacks (access control, physical security, firewalls). A strong exam answer names a method and says how it protects the network or what it reveals. This topic links closely to cybersecurity in Topic 5, which covers the specific threats (malware, social engineering) these measures defend against.
Try this
Q1. State one reason network security is important. [1 mark]
- Cue. Networks hold valuable or personal data that could be stolen, damaged or disrupted, causing data loss, financial loss or legal and reputational harm.
Q2. State one method of protecting a network from unauthorised access. [1 mark]
- Cue. Any one of: access control (passwords and permissions); a firewall; physical security.
Exam-style practice questions
Practice questions written in the style of Pearson Edexcel exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
Edexcel 20224 marksDescribe two methods an organisation could use to protect its network from unauthorised access.Show worked answer →
Describe two protection methods and how each helps.
A firewall monitors and controls the traffic entering and leaving the network according to rules, blocking unauthorised or suspicious connections, so it stops attackers and malware from getting in from outside.
Access control (such as usernames, strong passwords and user permissions) ensures only authorised users can log in and that each user can only access the data and resources they are permitted to, limiting the damage if an account is misused.
(Physical security, such as locking server rooms, is an alternative.)
Markers reward two developed methods with how each protects the network: firewalls filter traffic; access control restricts who can log in and what they can access; physical security stops physical access to equipment.
Edexcel 20213 marksExplain what penetration testing is and why an organisation would carry it out on its own network.Show worked answer →
Penetration testing is deliberately attacking or probing a network (often by ethical hackers) to find security weaknesses, in a controlled and authorised way.
An organisation carries it out to find and fix vulnerabilities before a real attacker can exploit them, so its security can be strengthened. By thinking like an attacker, the testers reveal weaknesses (such as weak passwords or unpatched software) that can then be corrected.
Markers reward defining penetration testing as authorised testing to find vulnerabilities, and the reason: to identify and fix weaknesses before criminals exploit them.
Related dot points
- Understand why computers are connected in a network and understand the different types of networks (LAN, WAN).
A focused answer to Edexcel GCSE Computer Science 4.1.1 and 4.1.2, covering why computers are connected in a network and the difference between a local area network (LAN) and a wide area network (WAN).
- Understand how the internet is structured, including IP addressing and routers.
A focused answer to Edexcel GCSE Computer Science 4.1.3, covering how the internet is structured as a global network of networks, the role of IP addresses in identifying devices, and how routers direct data.
- Understand the role of and need for network protocols (Ethernet, Wi-Fi, TCP/IP, HTTP, HTTPS, FTP) and email protocols (POP3, SMTP, IMAP).
A focused answer to Edexcel GCSE Computer Science 4.1.6, covering the role of and need for network protocols and what each of Ethernet, Wi-Fi, TCP/IP, HTTP, HTTPS, FTP, POP3, SMTP and IMAP is for.
- Understand how the four-layer (application, transport, internet, link) TCP/IP model handles data transmission over a network, and understand the characteristics of network topologies (bus, star, mesh).
A focused answer to Edexcel GCSE Computer Science 4.1.7 and 4.1.8, covering how the four-layer TCP/IP model (application, transport, internet, link) handles data transmission, and the characteristics of bus, star and mesh network topologies.
- Understand the threat to digital systems posed by malware (viruses, worms, Trojans, ransomware, key loggers), how hackers exploit technical vulnerabilities and use social engineering, and methods of protecting digital systems and data (anti-malware, encryption, acceptable use policies, backup and recovery).
A focused answer to Edexcel GCSE Computer Science 5.3.1 and 5.3.2, covering malware (viruses, worms, Trojans, ransomware, key loggers), how hackers exploit vulnerabilities and use social engineering, and protection methods (anti-malware, encryption, acceptable use policies, backup and recovery).
Sources & how we know this
- Pearson Edexcel GCSE (9-1) Computer Science (1CP2) specification — Pearson (2020)