Protecting networks (Edexcel GCSE Computer Science): Revision Notes

Protecting networks

Network security is crucial for any organisation that wants to keep their data safe from hackers and unauthorised users. There are several layers of protection that work together to create a secure network environment.

Access control

Access control is like having a bouncer at a club - it decides who gets in and what they're allowed to do once they're inside. This system limits who can log into a network and controls what permissions they have.

Authentication methods

Authentication is the process of proving you are who you say you are when trying to access a network. Think of it like showing your ID card to prove your identity.

Single authentication typically involves:

• Username and password combinations
• This is the most basic form but also the most vulnerable

Multi-factor authentication provides much stronger security by requiring multiple forms of proof:

• Something you know (like a password)
• Something you have (like a phone or swipe card)
• Something you are (like your fingerprint or face)

Biometric authentication uses your unique physical characteristics such as:

• Fingerprints
• Facial recognition
• Eye scans (iris or retina)
• Voice patterns

The key advantage of biometric data is that it's always with you and cannot be easily stolen, lost, or forgotten like a password or card.

Permission levels

Once someone is authenticated, the system needs to control what they can access. This works through different permission levels:

• Read-only access: Users can view files but cannot make any changes
• Read and write access: Users can view and modify files
• Administrative access: Users can delete files and change other users' permissions

Think of this like different levels of access in a school - students might only be able to read certain files, teachers can modify them, and IT administrators have full control.

Physical security

Physical security focuses on preventing unauthorised people from physically reaching network equipment. After all, if someone can physically access your servers, they could potentially bypass all your digital security measures.

Building access controls

Secure doors and entry points:

• Access doors should remain locked at all times
• Security keypads require users to enter a code
• Card readers scan employee ID badges
• Biometric scanners can verify fingerprints or other physical features

Monitoring systems:

• CCTV (Closed-circuit television) cameras monitor building exteriors and interiors
• Security personnel can watch for suspicious activity
• Recordings provide evidence if security breaches occur

Equipment tracking:

• RFID (Radio Frequency Identification) chips can be attached to valuable equipment
• These chips trigger alarms if equipment is moved without authorisation
• They help track the location of important devices

Principle of least privilege

This is a fundamental security concept that means giving users only the minimum level of access they need to do their job effectively. Network managers apply this principle when setting up user accounts and file permissions.

This approach limits damage if an account gets compromised - hackers can only access what that particular user was allowed to see.

Firewalls

A firewall acts like a security checkpoint between your internal network and the outside world (usually the internet). It examines all data trying to enter or leave the network and decides whether to allow it through.

How firewalls work

Firewalls can be configured with rules that determine what traffic to block or allow. They can:

• Block incoming connections from suspicious IP addresses
• Prevent certain programs from accessing the internet
• Filter web content to block dangerous websites
• Monitor outgoing traffic to detect if malware is trying to communicate with external servers

Types of firewalls

Software firewalls:

• Installed on individual computers
• Come with default security rules
• Suitable for home users and small offices
• Less expensive but limited in features

Hardware firewalls:

• Dedicated physical devices (like PC-sized appliances)
• Protect entire networks rather than individual computers
• More flexible and configurable
• Allow faster data processing
• Better suited for businesses with complex security needs

The firewall sits between your Local Area Network (LAN) and the Wide Area Network (WAN), inspecting all traffic that passes between them.

Real-world applications

These security measures are used everywhere in modern digital infrastructure:

• Banks use multi-factor authentication for online banking to protect customer accounts
• Hospitals apply least privilege to protect sensitive patient records and comply with privacy laws
• Schools use firewalls to philtre inappropriate content and protect students online
• Offices combine physical security with access controls to create comprehensive protection

Exam tips

Key takeaways