What are the main cyber security threats to computer systems and networks?
Common cyber security threats, including malware, phishing, social engineering, brute-force attacks, denial-of-service attacks, SQL injection and data interception.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on cyber security threats, covering malware and its types, phishing and social engineering, brute-force attacks, denial-of-service attacks, SQL injection and data interception, and how each threat works to compromise a system.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this topic is asking
WJEC wants you to know the common cyber security threats to systems and networks and how each one works. This is part of the Security and data management content in Unit 1 of WJEC GCSE Computer Science (3500).
Malware
Phishing and social engineering
Technical attacks
Try this
Q1. State what malware is and give one example. [2 marks]
- Cue. Malicious software designed to damage or gain access; for example a virus, worm, trojan or ransomware.
Q2. State the aim of a brute-force attack. [1 mark]
- Cue. To find a password by trying many possible combinations until one works.
Exam-style practice questions
Practice questions written in the style of WJEC exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
WJEC-style Unit 14 marksDescribe what is meant by malware and phishing, giving one example of malware.Show worked answer →
A Unit 1 threats question. Malware is malicious software designed to damage, disrupt or gain unauthorised access to a computer system (1 mark), for example a virus (which attaches to files and spreads), a worm (which spreads by itself across networks), a trojan (disguised as legitimate software) or ransomware (which encrypts files and demands payment) (1 mark for a named example). Phishing is an attempt to trick a user into revealing personal or financial information, such as passwords or bank details, usually through fake emails or websites that pretend to be from a trusted organisation (1 mark for tricking the user, 1 mark for the fake message/site method). Markers reward the malicious-software definition with an example and the deception used in phishing. A common error is to confuse phishing with malware, when phishing relies on tricking a person rather than infecting the machine.
WJEC-style Unit 13 marksExplain what a denial-of-service (DoS) attack is and the effect it has on a system.Show worked answer →
A Unit 1 explain question. A denial-of-service (DoS) attack tries to make a computer system, server or website unavailable to its legitimate users (1 mark). It does this by flooding the system with so many requests or so much traffic that it cannot cope and slows down or crashes (1 mark). The effect is that genuine users cannot access the service, which can cause lost business and disruption (1 mark). Markers reward overwhelming the system with traffic and the loss of availability to real users. A common error is to say a DoS attack steals data, when its aim is to deny access rather than to steal.
Related dot points
- Methods of protecting systems and networks, including firewalls, encryption, authentication, anti-malware, penetration testing, network policies and managing cookies.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on protecting systems and networks, covering firewalls, encryption, authentication including strong passwords and two-factor authentication, anti-malware software, penetration testing, network and acceptable-use policies, and the role of cookies.
- The purpose of computer networks, the difference between LANs and WANs, client-server and peer-to-peer models, and common network topologies.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on networks, covering the purpose and benefits of networks, the difference between a LAN and a WAN, the client-server and peer-to-peer models, and common network topologies such as the star and bus, with their advantages and disadvantages.
- The purpose of protocols, common protocols (TCP/IP, HTTP and HTTPS, FTP, SMTP), and why network communication is organised into layers.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on protocols and layers, covering what a protocol is and why protocols are needed, the purpose of common protocols such as TCP/IP, HTTP and HTTPS, FTP and SMTP, and why network communication is split into layers.
- IP addresses and MAC addresses, the purpose of the Domain Name System (DNS), and how data is routed across the internet.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on internet addressing and routing, covering the difference between IP addresses and MAC addresses, the purpose of the Domain Name System (DNS), how routers direct data across the internet, and how the internet links networks together worldwide.
- The main legislation governing computer use (data protection, the Computer Misuse Act and copyright law) and the ethical and cultural issues raised by computing.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on legislation and ethics, covering data protection law, the Computer Misuse Act, copyright and intellectual property law, the difference between legal and ethical issues, and the cultural and privacy issues raised by computing.