How can computer systems and networks be protected from cyber security threats?
Methods of protecting systems and networks, including firewalls, encryption, authentication, anti-malware, penetration testing, network policies and managing cookies.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on protecting systems and networks, covering firewalls, encryption, authentication including strong passwords and two-factor authentication, anti-malware software, penetration testing, network and acceptable-use policies, and the role of cookies.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this topic is asking
WJEC wants you to know the methods used to protect systems and networks: firewalls, encryption, authentication, anti-malware, penetration testing, network policies and managing cookies. This is part of the Security and data management content in Unit 1 of WJEC GCSE Computer Science (3500).
Firewalls and encryption
Authentication
Anti-malware and penetration testing
Network policies and cookies
Try this
Q1. State what a firewall does. [1 mark]
- Cue. Monitors and controls traffic entering and leaving a network, blocking unauthorised connections.
Q2. Give one benefit of two-factor authentication. [1 mark]
- Cue. A stolen password alone is not enough to gain access, because a second check is also required.
Exam-style practice questions
Practice questions written in the style of WJEC exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
WJEC-style Unit 14 marksDescribe how a firewall and encryption each help to protect a computer system.Show worked answer →
A Unit 1 protection question. A firewall monitors and controls the traffic entering and leaving a network, blocking unauthorised or suspicious connections according to a set of rules, which helps keep attackers and unwanted traffic out (1 mark for controlling traffic, 1 mark for blocking unauthorised access). Encryption scrambles data using a key so that, even if it is intercepted or stolen, it cannot be read by anyone without the correct key (1 mark for scrambling data, 1 mark for protecting it if intercepted). Markers reward controlling network traffic for the firewall and making intercepted data unreadable for encryption. A common error is to say a firewall encrypts data, when a firewall filters traffic and encryption is a separate technique.
WJEC-style Unit 13 marksExplain what penetration testing is and why an organisation might carry it out.Show worked answer →
A Unit 1 explain question. Penetration testing is when an organisation deliberately attacks (or has experts attack) its own systems in a controlled way to find security weaknesses (1 mark). The aim is to discover vulnerabilities before real attackers do (1 mark), so they can be fixed, improving the system's security (1 mark). Markers reward simulating an attack to find weaknesses and fixing them before criminals exploit them. A common error is to confuse penetration testing with an actual malicious attack, when it is authorised and intended to improve security.
Related dot points
- Common cyber security threats, including malware, phishing, social engineering, brute-force attacks, denial-of-service attacks, SQL injection and data interception.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on cyber security threats, covering malware and its types, phishing and social engineering, brute-force attacks, denial-of-service attacks, SQL injection and data interception, and how each threat works to compromise a system.
- Data security and integrity processes, including backups, archiving, and methods of keeping data accurate and consistent.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on data security and integrity, covering the difference between backups and archiving, full and incremental backups, why data integrity matters, and the processes (such as validation, verification and access control) used to keep data accurate, consistent and safe.
- The purpose of computer networks, the difference between LANs and WANs, client-server and peer-to-peer models, and common network topologies.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on networks, covering the purpose and benefits of networks, the difference between a LAN and a WAN, the client-server and peer-to-peer models, and common network topologies such as the star and bus, with their advantages and disadvantages.
- The purpose of protocols, common protocols (TCP/IP, HTTP and HTTPS, FTP, SMTP), and why network communication is organised into layers.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on protocols and layers, covering what a protocol is and why protocols are needed, the purpose of common protocols such as TCP/IP, HTTP and HTTPS, FTP and SMTP, and why network communication is split into layers.
- The main legislation governing computer use (data protection, the Computer Misuse Act and copyright law) and the ethical and cultural issues raised by computing.
A focused answer to the WJEC GCSE Computer Science Unit 1 content on legislation and ethics, covering data protection law, the Computer Misuse Act, copyright and intellectual property law, the difference between legal and ethical issues, and the cultural and privacy issues raised by computing.