Search CSNewbs

Learn about the Central Processing Unit (CPU), the four components within and Von Neumann architecture. Based on the 2020 Eduqas GCSE (WJEC) specification. Exam Board: Eduqas / WJEC 1.1 The Central Processing Unit (CPU) Specification: 2020 + The Central Processing Unit ( CPU ) is the most important component in any computer system. The purpose of the CPU is to process data and instructions by constantly repeating the fetch - decode - execute cycle . CPU Components The control unit directs the flow of data and information into the CPU. It also controls the other parts of the CPU . ALU stands for ‘ Arithmetic and Logic Unit ’. It performs simple calculations and logical operations . The registers are temporary storage spaces for data and instructions inside the CPU. The registers are used during the FDE cycle . Five essential registers are explained in 1.2 . Cache memory is used to temporarily store data that is frequently accessed . Cache memory is split into different levels . Level 1 and level 2 (L1 & L2) are usually within the CPU and level 3 (L3) is just outside it. See 1.3 and 1.5 for more information about cache. You should know: The control unit is also known as the controller and cache memory is sometimes called internal memory . Computer Architecture The way a computer is designed and laid out is known as its architecture . The most common type of computer architecture is Von Neumann . Von Neumann Architecture The CPU is the most important component in Von Neumann architecture as it is constantly fetching and decoding instructions from RAM and controlling the other parts of the system . Von Neumann architecture also stores both instructions and data in memory . Being able to store programs in memory allows computers to be re-programmed for other tasks - this enables it to multitask and run several applications at the same time. Data input and output is another key feature of this architecture. An alternative architecture is Harvard , which features the control unit as the most essential component. Q uesto's Q uestions 1.1 - The Central Processing Unit (CPU): 1a. What does 'CPU ' stand for ? [1 ] 1b. What is the purpose of the CPU ? [ 2 ] 2a. Draw a diagram of the CPU , use the same symbols as shown on this page. [ 4 ] 2b. Label the four main components of the CPU. [ 4 ] 3. Describe the purpose of: a. The Control Unit [ 2 ] b. The ALU [ 2 ] c. The registers [ 2 ] d. Cache memory [ 2 ] 4a. Describe the key features of Von Neumann architecture . [ 3 ] 4b. Explain why storing data in memory is important. [ 1 ] 4c . State an alternative architecture . [ 1 ] Theory Topics 1.2 - The FDE Cycle

Based on the OCR Computer Science A-Level 2015 specification. Exam Board: OCR 1.1 - Computational Thinking Specification: A-Level 2015 An instruction set is a list of all the instructions that a CPU can process as part of the FDE cycle . CPUs can have different sets of instructions that they can perform based on their function. The two most common instruction sets are the simpler RISC (Reduced Instruction Set Computer ) and more complicated CISC (Complex Instruction Set Computer ). Instruction Sets This page is still being updated. Graphical Processing Unit What is cache memory? Cache memory is temporary storage for frequently accessed data . Cache memory is very quick to access because it is closer to the CPU than other types of memory like RAM . Multicore & Parallel Systems What is cache memory? Cache memory is temporary storage for frequently accessed data . Cache memory is very quick to access because it is closer to the CPU than other types of memory like RAM . Multicore & Parallel Systems What is cache memory? Cache memory is temporary storage for frequently accessed data . Cache memory is very quick to access because it is closer to the CPU than other types of memory like RAM . Q uesto's Q uestions 1.1 - Computational Thinking: 1. What is cache memory ? [ 2 ] Theory Topics 2.1a - Recursion & Variables

Based on the OCR Computer Science A-Level 2015 specification. Exam Board: OCR 3.1f - Searching Algorithms Specification: A-Level 2015 An instruction set is a list of all the instructions that a CPU can process as part of the FDE cycle . CPUs can have different sets of instructions that they can perform based on their function. The two most common instruction sets are the simpler RISC (Reduced Instruction Set Computer ) and more complicated CISC (Complex Instruction Set Computer ). Instruction Sets This page is still being updated. Graphical Processing Unit What is cache memory? Cache memory is temporary storage for frequently accessed data . Cache memory is very quick to access because it is closer to the CPU than other types of memory like RAM . Multicore & Parallel Systems What is cache memory? Cache memory is temporary storage for frequently accessed data . Cache memory is very quick to access because it is closer to the CPU than other types of memory like RAM . Multicore & Parallel Systems What is cache memory? Cache memory is temporary storage for frequently accessed data . Cache memory is very quick to access because it is closer to the CPU than other types of memory like RAM . Q uesto's Q uestions 3.1f - Searching Algorithms: 1. What is cache memory ? [ 2 ] 3.1e - Sorting Algorithms Theory Topics 3.1g - Pathfinding

Learn how to use logical operators in Python. Try practice tasks and learn through text and images. Perfect for students learning GCSE Computer Science in UK schools. top Python 4c - Logical Operators AND Operator The AND operator is used to execute certain code if more than one thing is true . AND is commonly used with account logins - both the username AND the password must be correct . The example below requires both a secret word and a secret number to be correct: print ( "To enter you need the secret word and the secret number!" ) word = input ( "What is the secret word? " ) number = int ( input ( "What is the secret number? " )) if word == "solitude" and number == 2011: print ( "Correct! You may enter!" ) else : print ( "Incorrect! Get out of here!" ) If no part or only some of the if statement is true then the indented code will not run : To enter you need the secret word and the secret number! What is the secret word? solitude What is the secret number? 4503 Incorrect! Get out of here! To enter you need the secret word and the secret number! What is the secret word? windhelm What is the secret number? 1021 Incorrect! Get out of here! Only If all parts of the if statement are true will the indented code be executed : To enter you need the secret word and the secret number! What is the secret word? solitude What is the secret number? 2011 Correct! You may enter! Logical Operators Task 1 ( Three Easy Questions) Ask the user three easy questions and print a special response if they get all three correct . Use the and operator to see if their answer for all each of the questions is correct. You must use a unique variable nam e for each of your inputs (it can't be 'answer' for all three, for example). Example solutions: What is the capital of Germany? Berlin What is the chemical formula for water? H20 What year did World War Two end? 1945 You absolute genius! What is the capital of Germany? Vienna What is the chemical formula for water? W20 What year did World War Two end? 1945 Bit awkward, I thought you'd do better... OR Operator The OR operator is used to execute certain code if one of several statements is true . The program below is checking if either a , e , i , o or u were entered. letter = input ( "Enter a letter: " ) if letter == "a" or letter == "e" or letter == "i" or letter == "o" or letter == "u" : print ( "You entered a vowel." ) else : print ( "You entered a consonant." ) Enter a letter: f You entered a consonant. Enter a letter: e You entered a vowel. It is important that you re-write the variable and operator (e.g. letter ==) each time you use 'or' . It will not work if you just write: if letter == “a” or “e” or “i” or “o” or “u”: Logical Operators Task 2 ( Twins?) Ask the user to enter their favourite colour and then ask them their age . If their favourite colour is the same as yours AND their age is the same as yours then print “Snap! Are you my twin?” . If only one of the statements is true (use the OR operator) then print “Spooky! You’re a bit like me.” . Add an else statement to print “We’re not so similar, you and I.” if there's nothing in common. Example solutions: What's your favourite colour? green What's your age? 15 Snap! Are you my twin? What's your favourite colour? blue What's your age? 15 Spooky! You're a bit like me. What's your favourite colour? red What's your age? 16 We're not so similar, you and I. ⬅ 4b - Mathematical Opera tors Sectio n 4 Practice Tasks ➡

Learn about crucial laws in place to protect data and privacy, including the Data Protection Act (2018), Computer Misuse Act (1990), RIPA (2000) and the Freedom of Information Act (2000). Based on the 2016 OCR Cambridge Technicals Level 3 IT specification for Unit 2 (Global Information). 4.1 - UK Legislation Specification: 2016 - Unit 2 Exam Board: OCR There are many types of legislation - laws that have been written into use - that concern data storage, protection and the use of information. In an exam, the year the law was introduced must be stated . In 2018 the European Union introduced GDPR (General Data Protection Regulation ) to protect the privacy of data for people in the EU. The UK matched this by updating the Data Protection Act introduced in 1998 to become the Data Protection Act (2018) . This act protects the data of individuals that is stored on computers and processed by organisations. How the Data Protection Act works: Each person who has their data stored is known as a data subject . An employee within an organisation must be appointed as a data controller and it is they who are responsible for registering with the Information Commissioner . The Information Commissioner is the person in the UK who is responsible for managing several laws , most significantly the Data Protection Act. When registering with the Information Commissioner, the organisation's data controller must be clear on exactly: What information they are collecting, Why it is being collected, What the data will be used for . The six principles of the Data Protection Act (2018) state: 1. Data must be collected lawfully and processed fairly. 2. Collected data must only be used for the reasons specified. 3. Data must be relevant and not excessive. 4. Data must be accurate and up-to-date. 5. Data must not be stored for longer than necessary, 6. Data must be stored and processed securely. Actions organisations must take to stick to the Data Protection Act (2018): The company must appoint and register a member of staff to act as the organisation's data controller . The data controller is responsible for communicating with the Information Commissioner and ensuring the principles of the DPA are not broken . There must be strong security measures in practice to protect data from being accessed or transferred without authorisation . This could be in the form of physical or digital protection methods enforced by the company. Staff should be trained so that they are clearly aware of their responsibilities and each principle is adhered to. For example, they should know that data can only be used for the reasons specified when it is collected and should not be passed to others without the permission of the data subject. Data subjects should be given the opportunity to alter their data and make changes if it is incorrect . Data should be deleted when it is no longer needed , so organisations should periodically assess both the accuracy and relevance of storing each data subject's information. Data subjects have the right to make a Subject Access Request (SAR ) and receive a copy of the data which is stored about them. Companies must abide by this request by verifying the user's identify and presenting the data to them securely . Rights of data subjects: Under the Data Protection Act, individuals have a right of access to any information that is stored about them by public bodies . If an individual wishes to access their data they must submit a Subject Access Request (SAR ) which results in the following steps: The organisation's data controller must be written to and told exactly what information is required to access. An administrative fee should be paid to the organisation (but only if the request requires excessive efforts to fulfil ). The organisation must provide the requested information within 40 days . The individual must verify their identity using appropriate ID because only the data subject can request their data . Computer Misuse Act (1990) This act was introduced as computers became cheaper and more common at home and work . The act attempts to stop and punish those who use computers inappropriately . Breaking any of the three principles could result in fines and a jail sentence but only if it can be proved it was done on purpose and not by accident. The Computer Misuse Act (1990 ) includes three main principles : 1. No unauthorised access to data. Example: Hacking a computer system. 2. No unauthorised access to data that could be used for further illegal activities. Example: Accessing personal data to use as blackmail or identity theft. 3. No unauthorised modification of data. Example: Spreading a virus to change data. Data Protection Act (2018) / GDPR Freedom of Information Act (2000) This act allows people to request public authorities to release information . Public authorities include local councils , government departments , universities and hospitals . A freedom of information request must be formally submitted in a letter or email and a reply from the organisation is required within twenty days of receiving the request. A simple freedom of information request might be the average response times of the local ambulance service in the past year. Certain requests will not be accepted , such as if processing the request would be too expensive or if it involves sensitive information protected by the Data Protection Act (2018 ). Regulation of Investigatory Powers Act (2000) This act (often shortened to RIPA ) was introduced in response to the increase in both criminal and terrorist activities on the internet, it is used to monitor and access online communication of suspected criminals . If criminal activity is suspected by an individual then this act grants the following powers : Internet Service Providers (ISPs) must provide access to the suspect's online communication , such as emails or social media. Locked or encrypted data may be accessed such as online messages. ISPs could install surveillance equipment or software to track the suspect's online activity . Surveillance may take place to physically track the suspect , e.g. in private vans or by undercover officers in public spaces. Access must be granted to personal information . This act became controversial as its use widened and local councils were using it for minor offences - a Scottish council used the act to monitor dog barking and a council in Cumbria gathered video evidence about who was feeding pigeons . The act has since been changed to only allow the surveillance of crime suspects . Copyright, Designs & Patents Act (1988) This act makes it a criminal offence to copy work that is not your own without the permission of the creator or the copyright holder. This can refer to text, images, music, videos or software. Owning the copyright of an image might not prevent others from copying and using it but this act means that the owner can bring legal proceedings in court to those who have stolen their work . Creators of copyrighted work can take ownership of their work and control how it is used . Others must ask for permission to use the work otherwise the copyright holder can ask for it to be removed or demand a fee for its use . This act specifically prohibits the following actions: Making copies of copyrighted material to sell to others . Importing and downloading illegally copied material (except for personal use). Distributing enough copyrighted material to have a noticeable effect on the copyright holder . Possessing equipment used to copy copyrighted material , as part of a business. Information Commissioner's Office (ICO) Codes of Practice Protection of Freedoms Act (2012) There are seven sections to this act, revolving around the protection of personal data . It was introduced because there was little legislation about biometric data , and to update older laws . IT-related sections are summarised below: Part 1 - States how biometric data (e.g. fingerprints and DNA) is stored, handled and collected. For example, parents must give consent before their child gives biometric data to a school. Also, biometric data for suspects of minor offences is deleted after the case is closed. Part 2 - Creates new regulation for CCTV and ANPR (automatic number plate recognition) use. Part 5 - The Disclosure & Barring Service (DBS) was created to run background checks on anyone wanting to work with children or vulnerable people. Part 6 - Extends the Freedom of Information Act (2000) allowing for wider requests to be made . The information commissioner is the senior government official in charge of the country's freedom of information requests and the protection of personal data . The Information Commissioner's Office describes itself as "The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals". The ICO publishes codes of practices about various data protection and privacy topics , usually related to explaining the Data Protection Act . For example, the ICO has a code of practice regarding how organisations should share data and another code of practice about the use of CCTV . The ICO offers help and support to both individuals (such as giving access to students to their exam results) and organisations (such as support with legal electronic marketing). Privacy and Electronic Communications Regulations (2003) This law (which was updated in 2011 ) regulates how organisations can communicate with individuals . Companies must stick to the following rules: It is an offence to directly contact an individual unless they have specifically opted-in to receive communication. This is commonly managed by using tick boxes on online stores where you must opt-in to receiving promotional material. Companies must clearly state who they are when contacting customers, such as displaying the phone number when calling - and not 'hiding' the number. Organisations must explain how cookies are used on their website . Companies must only contact customers through communication channels that the customer has previously permitted . This can be done with tick boxes when signing up. Customers can select or de-select methods such as email , phone calls and text messages . The Information Commissioner's Office (ICO) is responsible for this regulation and can fine companies that commit unsolicited communication up to £500,000. It is the customer who benefits and is protected by this regulation. Equality Act (2010) The government states that "The Equality Act legally protects people from discrimination in the workplace and in wider society." Discrimination because of protected characteristics such as gender , race , religion , age and disability are specifically punishable by legal action. The aim of the act is to end discrimination in the workplace and open up fair opportunities for every employee regardless of behavioural or physical characteristics that are outside of their control . Within a company, the Equality Act protects staff by stating protected characteristics should not be a factor in an employee's promotion or change of role. Information must be presented in a format accessible to all staff . Q uesto's Q uestions 4.1 - UK Legislation: 1. Create a flashcard or PowerPoint slide for each legislation above. Explain the purpose of the legislation , its main principles and whom it affects . [5 each ] 3.6 - Information Systems Topic List 4.2 - Global Legislation

Test your ability to create a more complex program in Python based on a given scenario. Perfect for students learning GCSE Computer Science in UK schools. Extended Task 1 Pete Porker's Pork Pie Emporium Hello, Pete Porker here... I need a new program for customer orders at my bakery . I need the customer to enter how many scotch eggs (49p each ), pork pies (85p each ) and quiche tarts (£1.45 ) they want to order. Next, ask them to confirm their choice . If they are not happy , ask the questions again . If they confirm their choice, print a receipt showing their order and total . To make your program better, you should use validation (either while loops or error handling ) to make sure that a user must enter a correct value. Bronze Award --- Welcome to Pete Porker's Pork Pie Emporium --- Scotch eggs are 45p, pork pies are 85p and quiche tarts are £1.49. Enter the number of scotch eggs to buy: 9 Enter the number of pork pies to buy: 7 Enter the number of quiche tarts to buy: 4 ----- You selected 9 scotch eggs, 7 pork pies and 4 quiche tarts. 9 scotch eggs = £4.05 7 pork pies = £5.95 4 quiche tarts = £5.96 ------- Total: £15.96 There are many ways to create this program, but below are some suggestions : Use inputs with int to let the user enter how many of each item they want. Use total variables , e.g. totaleggs = eggs * 0.45 to work out the total cost for eggs, pies and tarts. Set a finalcost variable by adding the total of the three items together. Use dashes and \n (which makes a new line ) inside speech marks to make your program more presentable . Silver Award --- Welcome to Pete Porker's Pork Pie Emporium --- Scotch eggs are 45p, pork pies are 85p and quiche tarts are £1.49. Enter the number of scotch eggs to buy: 5 Enter the number of pork pies to buy: 3 Enter the number of quiche tarts to buy: 6 ----- You selected 9 scotch eggs, 7 pork pies and 4 quiche tarts. ----- Are you happy with this selection? no Okay, enter your choices again. Enter the number of scotch eggs to buy: 6 Enter the number of pork pies to buy: 2 Enter the number of quiche tarts to buy: 7 ----- You selected 6 scotch eggs, 2 pork pies and 7 quiche tarts. ----- Are you happy with this selection? yes Excellent! Here is your receipt : 6 scotch eggs = £2.70 2 pork pies = £1.70 7 quiche tarts = £10.43 ------- Total: £14.83 There are many ways to improve this program and below are some suggestions : Use a while loop to repeat the input stage until the user is happy with their choices. You will need to ask the user if they are happy with the values that were entered and then use an if statement to repeat the loop if they enter 'no '. Gold Award Example solution: --- Welcome to Pete Porker's Pork Pie Emporium --- Scotch eggs are 45p, pork pies are 85p and quiche tarts are £1.49. Enter the number of scotch eggs to buy: 9 Enter the number of pork pies to buy: 35 Sorry you must enter a number between 1 and 20. Starting again... Enter the number of scotch eggs to buy: 9 Enter the number of pork pies to buy: 20 Enter the number of quiche tarts to buy: 7 ----- You selected 9 scotch eggs, 20 pork pies and 7 quiche tarts. ----- Are you happy with this selection? YES Excellent! Here is your reciept: 9 scotch eggs = £4.05 20 pork pies = £17.00 7 quiche tarts = £10.43 ------- Total: £31.48 There are many ways to make this program even better and below are some suggestions : Include validation so that the user can only enter numbers between 1 and 20 . You will need to use if statements and the and operator to do this. You can include additional features to your program such as rounding the number to two decimal places and including coloured text using the Colorama library (which will only work if you are using an online editor like Replit ). You can use the .lower() command when checking if the user is happy with their choices to automatically accept 'Yes' and 'YES '. If you really want to challenge yourself you could consider outputting the receipt in order from most expensive to least expensive , using if statements to check the three values (although that has not been done in this example on the left). Helpful reminders for this task: Inputting Integers While Loops Calculations Rounding Integers ⬅ 12 - Error Handling Extende d Task 2 (Lottery) ➡

An overview of what desktop publishing (DTP) is, considerations designer must take and common forms such as posters, leaflets and business cards. Desktop Publishing (DTP) What is DTP? Desktop Publishing (DTP) software allows people to create documents with a mixture of graphics and text . Examples of desktop publishing software are Microsoft Publisher and Serif PagePlus . Desktop publishers can be used to produce documents such as business cards, leaflets, brochures, newspapers, magazines and newsletters . DTP software can be cheap and printers at home are more common these days so people can design and print their own documents. Professional-looking documents can be made simply and without an extensive knowledge of graphic design. The biggest advantage of using DTP is that it is frame based . Text and picture frames can be laid out on the page, and rotated, moved or resized as necessary. It is easy to import images from clip art or the web. The view of the page is known as WYSIWYG (W hat Y ou S ee I s W hat Y ou G et) because the view on the computer will be very similar to what you get when it is printed. What to consider when using DTP Orientation Will your document be landscape or portrait ? Some document types are more commonly one orientation than the other. For example, business cards are generally landscape but newsletters are more often portrait. Size The size of a typical piece of paper is A4. But that is too large for most DTP documents. The larger the number, the smaller the piece of paper . A5 is half the size of A4 and A3 is twice the size of A4. Documents can also be measured in millimetres, for example, an appropriate business card size is 85mm wide and 55mm high. House Style A house style is a set of rules to ensure that each document made by a person or company is part of an identity . To be consistent , each document should use the same logo, titles, colours, graphics and layout . For example, the NHS always uses a blue colour, the same logo and similar layout on each of its documents. Some companies have perfected their house style so that they are synonymous with a single colour - e.g. McDonald's use yellow and Coca-Cola use red and white . DTP Documents Business Cards A business card is a small piece of card that must be simple and stylish . The purpose of a business card is to clearly state the contact details of a person or company. Sharing your business card with other people is one way to promote your business or skills to attract new business partners or customers. A business card must be uncluttered and clearly display relevant contact information, such as an email address, phone number or physical address. Today, business cards may also state social media contacts, such as Facebook pages or Twitter accounts. Flyers A flyer is a small handout that advertises an event or new product. The purpose of a flyer is to clearly and quickly promote an event . It must be eye-catching and to-the-point so that people can immediately understand what it is about. Flyers are often handed out in the street or posted through letterboxes so if it is not clear people will just ignore it. A flyer should use a large title to promote the event, as well as appropriate graphics and information about the date, location and time. It should also contain contact details including a telephone number, website and email address. Posters A poster is a large piece of paper that is put up to advertise an event and display more information than a flyer . Posters should promote an event by using large titles and graphics to clearly describe where the event is taking place, when it is and why people should go. Because there is much more space on a poster than a flyer, additional information can be added and some kind of persuasion to entice passers by to attend. Leaflets A leaflet is a small folded handout that provides more information about an event or new product. The purpose of a leaflet is to give additional details about an event . It can be used before an event to describe the different parts, such as the different acts in a circus or different bands at a festival. It can also be used during an event, such as at a school fair to list the different stalls. Because it is folded over it can display a large amount of information, with both text and graphics . The front of the leaflet should clearly display the purpose of it and the text inside must be readable with images to break up the words. There may also be contact information inside the leaflet, such as directions to a website or social media page .

Learn about three key methods of ensuring that an employee is ready for a successful job role, such as their clothing, hygiene and attitude. Based on the 2016 OCR Cambridge Technicals Level 3 IT specification. 4.4 - Ready for Work Exam Board: OCR Specification: 2016 - Unit 1 Successful employees always demonstrate that they are ready to work hard for their organisation by presenting themselves in a professional manner in line with the company's policies. Dress Code Employees must follow the dress code policy of an organisation at all times . For some businesses this may be very formal such as a suit and tie for men and a smart dress or trousers for women. Other organisations enforce a smart-casual dress code where expectations for dress are not as strict but obscene attire is still not permitted. Different job roles within a company may also have different expected standards of dress , for example a manager may require a tie and a technician may not. Presentation Employees should have good personal hygiene so that they can comfortably communicate with other staff members and customers. Good personal hygiene demonstrates respect for the organisation, other employees and yourself. Wearing clean clothes and avoiding bad odour help to give a professional impression . Attitude Maintaining a positive attitude can help you to be noticed and liked by peers and management. Having an 'I can do it' attitude, even during difficult times, will make you a hugely important team member of an organisation. Employees should be able to adapt and respond to on-going situations, be flexible and listen to suggestions made by others. Q uesto's Q uestions 4.4 - Ready for Work: 1. What is meant by a dress code ? Explain why it is important for employees of an organisation to follow the company's dress code policy . [2 ] 2. Why is personal presentation so important in an organisation? [2 ] 3. A games company has had its latest game flop and nobody seems to be buying it. What should the attitude of the company manager be during this time? [3 ] 4. Explain why two workers in the same company may have different expected standards of dress . [1 ] 5. Identify and describe three ways that IT employees can demonstrate that they are ready for work . You should refer to each of the 3 subsections (dress code, presentation and attitude). [6 ] 4.3 - Personal Attributes Topic List 4.5 - Job Roles

Learn about different forms of cyber attacks online including malware, SQL injection, DoS attacks and social engineering. Based on the J277 OCR GCSE Computer Science specification (first taught from 2020 onwards). 4.1: Security Threats Exam Board: OCR Specification: J277 Types of Malware Malware is any type of harmful program that seeks to damage or gain unauthorised access to your computer system. Virus A virus can replicate itself and spread from system to system by attaching itself to infected files . A virus is only activated when opened by a human . Once activated, a virus can change data or corrupt a system so that it stops working . Worm A worm can replicate itself and spread from system to system by finding weaknesses in software . A worm does not need an infected file or human interaction to spread. A worm can spread very quickly across a network once it has infiltrated it. Trojan A trojan is a harmful program that looks like legitimate software so users are tricked into installing it . A trojan secretly gives the attacker backdoor access to the system . Trojans do not self replicate or infect other files. Spyware Spyware secretly records the activities of a user on a computer. The main aim of spyware is to record usernames, passwords and credit card information . All recorded information is secretly passed back to the attacker to use. Keylogger A keylogger secretly records the key presses of a user on a computer. Data is stored or sent back to the attacker. The main aim of a keylogger is to record usernames, passwords and credit card information . Keyloggers can be downloaded or plugged into the USB port . Ransomware Ransomware locks files on a computer system using encryption so that a user can no longer access them. The attacker demands money from the victim to decrypt (unlock) the data . ? ? ? ? Attackers usually use digital currencies like bitcoin which makes it hard to trace them. SQL Injection SQL ( Structured Query Language ) is a programming language used for manipulating data in databases . A SQL injection is when a malicious SQL query (command) is entered into a data input box on a website. If the website is insecure then the SQL query can trick the website into giving unauthorised access to the website’s database . An SQL injection can be used to view and edit the contents of a database or even gain administrator privileges . DoS Attack A DoS (Denial of Service ) attack is when a computer repeatedly sends requests to a server to overload the system . A server overload will slow the system and may take websites offline temporarily. A DDoS (Distributed Denial of Service ) attack is a coordinated attack using a botnet of infected systems to overload a server with requests . A botnet is a large group of devices controlled and used maliciously by an attacker. Brute-Force Attack Every possible combination is tested in order from start to finish . This is not a quick method but it should break the password eventually and can be sped up if multiple computer systems are used at the same time. Social Engineering Social engineering means to trick others into revealing their personal data by posing as a trusted source . For example, impersonating an IT technician of a school via email and asking for a student's username and password . Data Interception This is when data packets on a network are intercepted by a third party (e.g. a hacker) and copied to a different location than the intended destination. Software called packet sniffers are used to intercept and analyse data packets. 4.1 - Security Threats: 1. What is malware ? [ 2 ] 2a. Describe three characteristics of a virus . [3 ] 2b. Describe three characteristics of a worm . [3 ] 2c. What is a trojan ? [ 3 ] 2d. Describe how spyware and keyloggers work. [ 4 ] 2e. Explain how ransomware works and why it is difficult to trace attackers . [ 3 ] 2f. In your opinion, which malware do you think is the most dangerous and why ? [ 2 ] 3. Describe what an SQL injection is and how an attacker would use it. [ 3 ] 4a. Describe what a DoS attack is and its impact . [2 ] 4b. Describe how a DDoS attack is different to a DoS attack . [2 ] 5a. Describe a brute-force attack. [ 2 ] 5b. Describe social engineering and give an example of when it might be used . [2 ] 5c. Describe interception . [2 ] Q uesto's Q uestions 3.2b - Protocols & Layers Theory Topics 4.2 - Preventing Vulnerabilities

Learn about the risks of storing and processing data, including accidental deletion and hacking. Based on the 2016 OCR Cambridge Technicals Level 3 IT specification for Unit 2 (Global Information). 6.2 - Risks Exam Board: OCR Specification: 2016 - Unit 2 Unauthorised Access to Data As part of the security principle of confidentiality , data should only be viewed by individuals with the authorisation to do so. There are two main reasons why data may be viewed by someone who shouldn't - espionage and poor information management . Espionage is the act of collecting data so that it can be used against an organisation - such as a competitor acquiring information about their rival's product before it is launched publicly. If a company has poor information management strategies in place and data is insecurely stored or too many people have access to sensitive information then it is more likely to be viewed by unauthorised persons. Not only would competitors benefit from unauthorised access, but the Data Protection Act (2018 ) would also be broken if personal data was accessed . Accidental Loss of Data Data loss refers to information being irretrievably lost - not just a copy of the file but the original version too so it cannot be accessed in any format . One reason for accidental data loss is equipment failure or a technical error that leads to data corruption , such as a database crash or hard drive failure. Human error is another reason for accidental data loss as an employee might accidentally delete a file or discard an important paper document without realising. If data is accidentally lost then it could mean that hours of data entry and collection will have been for nothing and might delay dependent processes such as analysis and trend recognition. Also, if it was personal data that was lost then the security principle of availability has been broken and the Data Protection Act ( 2018 ) has been breached . Intentional Destruction of Data This is the act of purposely damaging an organisation by deleting or denying access to data . Examples include viruses that corrupt data so that it can no longer be used and targeted malicious attacks such as DDOS (distributed denial of service) attacks or ransomware . Ransomware encrypts files so that they can only be accessed again when certain criteria have been met, usually the affected group having to pay an extortionate fee . When data is intentionally deleted the organisation in question can respond by replacing the data and any infected computer systems / devices or by ignoring the loss and not making the breach public - but having to re-collect / re-analyse the data. Data destruction will usually lead to a loss of reputation as customers won't want to have their information stored in a system they see as unreliable and insufficiently protected . This loss of reputation could lead to customer loss and a decrease in profits . If the loss is ignored and unreported then it could result in a huge loss of trust when it is eventually revealed - like Yahoo who only confirmed a massive data breach that happened in 2013, two years later in 2016. This breach affected all 3,000,000,000 Yahoo accounts and is the largest data breach in the history of the internet. Intentional Tampering with Data This is when data is changed and no longer accurate . This could occur through fraudulent activity such as hacking to change information displayed on a webpage. An example is if a student or a teacher changed exam answers for a better grade. A business example is if a company tampered with financial data to display larger profits and smaller losses than real figures, to boost investment or please stakeholders. If data tampering is found out then it can result in a loss of reputation as that organisation cannot be trusted to report data accurately . If personal data has been altered then the security principle of integrity will have been broken as the data is no longer accurate . Data security methods and protection systems will also need to be reviewed if data has been tampered with, especially if it was an external individual that accessed and changed the data. Employees that tamper with data will be fired and may face legal action . Q uesto's Q uestions 6.2 - Risks: 1. Describe two effects on an organisation for each of the four identified risks . [8 ] 2. Research at least one real-life example for each risk above and describe the consequences of that example, such as the Yahoo data breach. [12 ] 6.1 - Security Principles Topic List 6.3 - Impacts

Learn about methods of wired and wireless connections to transmit data on the internet, including satellite and bluetooth. Based on the 2016 OCR Cambridge Technicals Level 3 IT specification for Unit 2 (Global Information). 1.4 - Internet Connections Exam Board: OCR Specification: 2016 - Unit 2 The internet i s a global network of interconnected networks . There are multiple methods of connecting to the internet . Wired Connections Copper Cables Copper cables are a cheaper type of wired internet connection that may be poorly insulated and therefore susceptible to electromagnetic interference . Copper cables are more likely to suffer from attenuation (network distortion ). However, they are malleable (easier to bend) and less likely to break than other cables such as fibre optic. They have a lower bandwidth - cannot transmit as much data at once - than fibre optic cables. Fibre Optic Cables Fibre optic cables are a very fast but expensive type of wired internet connection. Signals are transmitted as waves of light through a glass tube. Because of this fibre optic cables are not affected by electromagnetic interference and suffer less from attenuation . Fibre optic cables have a higher bandwidth - can transfer more data at one time - than copper cables but they are more fragile . Wireless Connections Bluetooth Bluetooth is a temporary short-range communication between devices within a limit of about 10 metres . For example, Bluetooth can be used to transfer audio files from one smartphone to another. The close proximity is a disadvantage but no other hardware is required for a connection. Microwave Microwave connections use radio waves to send signals across a large area via microwave towers . It can transmit a large amount of data but antennas must be in the line of sight of each other with no obstructions . Microwave connections are affected by bad weather , leading to higher chances of attenuation (network distortion ). Satellite Satellite networks use point-to-multipoint communication by using satellites above the Earth's atmosphere that receive a transmission and rebroadcast them back to Earth. Because of the distance between the communication device and the satellite (roughly 45,000 miles), there is a delay between data transmission and it being received. GSM / 5G GSM (Global System for Mobile communications ) is a technology for allowing mobile phones to connect to a network for calls and text messages. Advances in mobile technology are classified by generations such as 4G and 5G (the current generation). Each generation is generally faster, more secure and allows for new opportunities. Connection Characteristics When connecting to the internet there are several characteristics that a user must consider: Strength Range Latency Bandwidth Storage Capacity Contention Latency is the delay when sending data across a network. Bandwidth is the maximum amount of data that can be sent across a network at once . Contention refers to whether a network is dedicated ( uncontended ) or shared between users ( contended ). Q uesto's Q uestions 1.4 - The Internet: 1. Compare the differences between copper and fibre optic cables (possibly in a table) by the following features: a. Price b. Bandwidth c. Interference d. Attenuation e. Malleability / Fragility [2 each ] 2. Describe each of the different types of wireless connection . Try to list 1 advantage and 1 disadvantage of using each type. a. Bluetooth b. Microwave c. Satellite d. GSM / 5G [5 each ] 3a. State the 6 characteristics of a network. [6 ] 3b. Describe what is meant by the following characteristics : i. Latency ii. Bandwidth iii. Contention [1 each ] 1.3 - Access & Storage Devices Topic List 1.5 - WWW Technologies

Based on the OCR Computer Science A-Level 2015 specification. Exam Board: OCR 3.1b - Encryption & Hashing Specification: A-Level 2015 An instruction set is a list of all the instructions that a CPU can process as part of the FDE cycle . CPUs can have different sets of instructions that they can perform based on their function. The two most common instruction sets are the simpler RISC (Reduced Instruction Set Computer ) and more complicated CISC (Complex Instruction Set Computer ). Instruction Sets This page is still being updated. Graphical Processing Unit What is cache memory? Cache memory is temporary storage for frequently accessed data . Cache memory is very quick to access because it is closer to the CPU than other types of memory like RAM . Multicore & Parallel Systems What is cache memory? Cache memory is temporary storage for frequently accessed data . Cache memory is very quick to access because it is closer to the CPU than other types of memory like RAM . Multicore & Parallel Systems What is cache memory? Cache memory is temporary storage for frequently accessed data . Cache memory is very quick to access because it is closer to the CPU than other types of memory like RAM . Q uesto's Q uestions 3.1b - Encryption & Hashing: 1. What is cache memory ? [ 2 ] 3.1a - Compression Theory Topics 3.2a - Databases & Normalisation