What does the Cyber security content in WJEC GCSE Computer Science cover?

It covers the main cyber security threats, including malware (viruses, worms, trojans, ransomware), phishing, social engineering, brute-force attacks, denial-of-service attacks, SQL injection and data interception, and the methods used to protect systems and networks, including firewalls, encryption, authentication with strong passwords and two-factor authentication, anti-malware software, penetration testing, network and acceptable-use policies, and managing cookies. It is part of Unit 1.

What is the difference between phishing and malware?

Malware is malicious software designed to damage, disrupt or gain access to a system, such as a virus, worm, trojan or ransomware. Phishing is an attempt to trick a user into revealing personal or financial information through fake emails or websites that pretend to be from a trusted organisation. Malware attacks the technology, while phishing deceives a person, which is why staff awareness is an important defence against phishing.

How do firewalls and encryption protect a system?

A firewall monitors and controls the traffic entering and leaving a network, blocking unauthorised or suspicious connections according to rules, acting as a barrier between the internal network and the internet. Encryption scrambles data using a key so that, even if it is intercepted or stolen, it cannot be read without the correct key. A firewall keeps attackers out, while encryption keeps data unreadable if it is captured.

What is a denial-of-service attack?

A denial-of-service attack tries to make a system, server or website unavailable to its legitimate users by flooding it with so many requests or so much traffic that it cannot cope and slows down or crashes. The aim is to deny access to genuine users, causing disruption and lost business, rather than to steal data. Spreading the attack across many computers makes it a distributed denial-of-service attack.

What is penetration testing?

Penetration testing is when an organisation deliberately attacks its own systems, or hires experts to do so, in a controlled and authorised way to find security weaknesses. The aim is to discover vulnerabilities before real attackers do, so they can be fixed and the system made more secure. It is not a malicious attack; it is a planned test intended to improve security.

WalesComputer Science

WJEC GCSE Computer Science Cyber security: a complete overview of threats and how to protect systems and networks

A deep-dive WJEC GCSE Computer Science guide to the Cyber security content in Unit 1. Covers the main threats (malware, phishing, social engineering, brute-force, denial-of-service, SQL injection and interception) and the methods used to protect systems and networks (firewalls, encryption, authentication, anti-malware, penetration testing and policies), with the exam patterns WJEC repeats.

Generated by Claude Opus 4.811 min read3500 Unit 1 Security and data managementUpdated 2026-06-15

Reviewed by: AI editorial process; not yet individually human-reviewed

Jump to a section

What the Cyber security content demands
Cyber security threats
Protecting systems and networks
Matching threats to defences
Check your knowledge

What the Cyber security content demands

This area is where WJEC checks that you can name and explain the threats facing computer systems and the methods used to defend against them. The threats and protections come up in nearly every paper, often in scenario questions that ask you to identify a threat and recommend a defence, so clear, distinct descriptions and sensible matching earn marks reliably. The content links closely to networks (where data is intercepted and attacked) and to the legal and ethical content (the Computer Misuse Act makes many of these attacks crimes).

This guide walks through the Cyber security content and ties together the matching dot-point pages, each of which has its own worked examples and practice questions.

Cyber security threats

Threats aim to damage, disrupt or steal from systems. Malware is malicious software: viruses (need a host file), worms (spread by themselves), trojans (disguised), spyware and ransomware (encrypts files for payment). Phishing tricks users into revealing information through fake emails or sites; social engineering manipulates people more broadly. A brute-force attack tries many passwords; a denial-of-service attack floods a system so real users cannot reach it; SQL injection enters database commands through an input box; data interception captures data in transit.

Protecting systems and networks

Defences combine technology and rules. A firewall controls traffic in and out of a network, blocking unauthorised connections. Encryption scrambles data with a key so intercepted data is unreadable. Authentication confirms identity using strong passwords and two-factor authentication. Anti-malware detects and removes malicious software. Penetration testing deliberately attacks a system to find weaknesses before criminals do. Network and acceptable-use policies set safe rules, and cookies should be managed to protect privacy.

Matching threats to defences

Many exam questions describe a scenario and ask for a threat and a defence. Weak passwords are met with strong passwords and two-factor authentication; malware with anti-malware and a firewall; readable data in transit with encryption; unknown weaknesses with penetration testing; and risky user behaviour with network policies and awareness training. Thinking in threat-defence pairs makes these questions straightforward.

Check your knowledge

A mix of threat and protection questions covering the Cyber security content. Attempt them under timed conditions, then check against the solutions.

State what malware is and give one example. (2 marks)
Describe what phishing is. (2 marks)
State the aim of a denial-of-service attack. (1 mark)
State what SQL injection attacks. (1 mark)
Describe how a firewall protects a network. (2 marks)
Explain why encryption is used for sensitive data. (2 marks)
Give one benefit of two-factor authentication. (1 mark)
Explain what penetration testing is and why it is done. (2 marks)

Solutions

Q1: Malware is malicious software designed to damage, disrupt or gain access; for example a virus, worm, trojan or ransomware.
Q2: Phishing tricks a user into revealing personal or financial information through fake emails or websites pretending to be from a trusted organisation.
Q3: To make a system or website unavailable to its legitimate users by overwhelming it with traffic.
Q4: A database, by entering malicious database commands through an input field on a poorly protected website.
Q5: It monitors and controls traffic entering and leaving the network, blocking unauthorised or suspicious connections according to rules.
Q6: It scrambles the data with a key so that, even if intercepted or stolen, it cannot be read without the correct key.
Q7: A stolen password alone is not enough, because a second check (such as a code to a phone) is also required.
Q8: It is a controlled, authorised attack on an organisation's own systems to find weaknesses before real attackers do, so they can be fixed.

Sources & how we know this

WJEC GCSE Computer Science specification (3500) from 2017 — WJEC (2017)