1 CMOS in a computer?

CMOS (Complementary Metal-Oxide-Semiconductor

BIOS (basic input/output system) is the program a computer's microprocessor uses to start the
computer system after it is powered on. It also manages data flow between the computer's operating
system (OS) and attached devices, such as the hard disk, video adapter, keyboard, mouse and printer.

What is EEPROM (electrically erasable programmable read-only memory)?

EEPROM (electrically erasable programmable read-only memory) is a user-modifiable ROM. It can be

erased and reprogrammed (written to) repeatedly by applying an electrical voltage that is higher than
normal.

firmware is a type of software that provides basic instructions for a device's hardware. Firmware is
embedded in a device's hardware and acts as a bridge between the hardware and software.

Explanation

2a Firmware is a type of microcode that's built into a device's hardware.

It's written in non-volatile memory, such as ROM, EPROM, flash memory, or one-time programmable
memory.

Firmware is responsible for a device's basic operations and communication with other software.

Firmware updates are released by the device manufacturer to fix bugs, improve performance, and add
new features.

2b. What is bootstrap loader?

Bootstrap loader is a program that starts up the operating system when a computer is turned on. It
resides in the computer's firmware or read only memory (ROM) and is responsible for loading the initial
code necessary to start the operating system. It plays a crucial role in the boot process by initializing
hardware, memory, and other system components.

3. The booting process for a computer has several steps, including:

Power-on self-test (POST): The computer checks for hardware failures, the amount of RAM, and the
drives.

Bootstrap code: The bootstrap code finds and loads the boot loader for the operating system.

Load the operating system (OS): The OS is automatically loaded into the system.

System configuration: The system configuration is set up.

Init process: The init process starts system services to bring the system to a functional state.

User authentication: The user authenticates themselves.

Loading system utilities: The system utilities are loaded.

6 A computer needs firmware and system software to operate.

(a) State the purpose of firmware.

..................................................................................................................................................
............................................................................................................................................. [1]
(b) Give one example of firmware.
............................................................................................................................................. [1]
(c) Give two examples of system software.
1 ................................................................................................................................................
2 ................................................................................................................................................

[2]s2411

9 An interrupt is a type of signal that is used in a computer.

(a) State the name of the type of software that manages interrupts.
............................................................................................................................................. [1]
(b) Describe how interrupts are used when a key is pressed on a keyboard.
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
...................................................................................................................................................
............................................................................................................................................. [5]
(c) Interrupts can be hardware based or software based.
A key press is one example of a hardware interrupt.
(i) Give two other examples of a hardware interrupt.
1 ........................................................................................................................................
...........................................................................................................................................
2 ........................................................................................................................................
...........................................................................................................................................
[2]w2311
Home Page - Save My ExamsHome

Revision Notes

Exam Questions

Past Papers

👀 You've read 5 of your 5 free revision notes this week. Sign up now. It’s free!

O Level

Computer Science

Cambridge (CIE)

Revision Notes

5. The Internet & its Uses

Cyber Security

Cyber Security Threats

Cyber Security Threats (Cambridge (CIE) O Level Computer Science): Revision Note

James Woodhouse

Robert Hampton

Written by: Robert Hampton

Reviewed by: James Woodhouse

Updated on 5 November 2024

Forms of cyber security threat

Computers face a variety of forms of attack and they can cause a large number of issues for a network
and computers
The main threats posed are:

Brute-force attacks

Data interception & theft

DDos attack

Hacking

Malware

Pharming

Phishing

Social engineering

Brute Force Attack

What is a brute-force attack?

A brute force attack works by an attacker repeatedly trying multiple combinations of a user's password
to try and gain unauthorised access to their accounts or devices

An example of this attack would be an attacker finding out the length of a PIN code, for example, 4-digits

They would then try each possible combination until the pin was cracked, for example
0000

0001

0002

A second form of this attack, commonly used for passwords is a dictionary attack

This method tries popular words or phrases for passwords to guess the password as quickly as possible

Popular words and phrases such as 'password', '1234' and 'qwerty' will be checked extremely quickly.

Data interception

What is data interception & theft?

Data interception and theft is when thieves or hackers can compromise usernames and passwords as
well as other sensitive data

This is done by using devices such as a packet sniffer

A packet sniffer will be able to collect the data that is being transferred on a network

A thief can use this data to gain unauthorised access to websites, companies and more

DDoS Attack

What is a DDoS attack?

A Distributed Denial of Service Attack (DDoS attack) is a large scale, coordinated attack designed to slow
down a server to the point of it becoming unusable

A server is continually flooded with requests from multiple distributed devices preventing genuine users
from accessing or using a service

A DDoS attack uses computers as 'bots', the bots act as automated tools under the attackers control,
making it difficult to trace back to the original source

A DDoS attack can result in companies losing money and not being able to carry out their daily duties

A DDoS attack can cause damage to a company's reputation

Hacking

What is hacking?

Hacking is the process of identifying and exploiting weaknesses in a computer system or network to gain
unauthorised access

Access can be for various malicious purposes, such as stealing data, installing malware, or disrupting
operations

Hackers seek out opportunities that make this possible, this includes:

Unpatched software

Out-of-date anti-malware
Malware

What is malware?

Malware (malicious software) is the term used for any software that has been created with malicious
intent to cause harm to a computer system

Examples of issues caused by malware include

Files being deleted, corrupted or encrypted

Internet connection becoming slow or unusable

Computer crashing or shutting down

There are various types of malware and each has slightly different issues which they cause

Malware

What it Does

Virus

Contains code that will replicate and cause unwanted and unexpected events to occur

Examples of issues a user may experience are

Corrupt files
Delete data

Prevent applications from running correctly

Worms

Very similar to viruses, main difference being that they spread to other drives and computers on the
network

Worms can infect other computers from

Infected websites

Instant message services

Email

Network connection

Trojan

Sometimes called a Trojan Horse

Trojans disguise themselves as legitimate software but contain malicious code in the background
Spyware

Allow a person to spy on the users' activities on their devices

Embedded into other software such as games or programs that have been downloaded from illegitimate
sources

Can record your screen, log your keystrokes to gain access to passwords and more

Adware

Displays adverts to the user

Users have little or no control over the frequency or type of ads

Can redirect clicks to unsafe sites that contain spyware

Ransomware

Locks your computer or device and encrypts your documents and other important files

A demand is made for money to receive the password that will allow the user to decrypt the files

No guarantee paying the ransom will result in the user getting their data back

Pharming
What is pharming?

Pharming is typing a website address into a browser and it being redirected to a 'fake' website in order
to trick a user into typing in sensitive information such as passwords

An attacker attempts to alter DNS settings, the directory of websites and their matching IP addresses
that is used to access websites on the internet or change a users browser settings

A user clicks a link which downloads malware

The user types in a web address which is then redirected to the fake website

Flowchart showing how malware redirects a web request. User's computer with malware sends the
request to a fake website instead of the real website.

How can you protect against it?

To protect against the threat of pharming:

Keep anti-malware software up to date

Check URLs regularly

Make sure the padlock icon is visible

Phishing

What is phishing?

Phishing is the process of sending fraudulent emails/SMS to a large number of people, claiming to be
from a reputable company or trusted source
Phishing is an attempt to try and gain access to your details, often by coaxing the user to click on a login
button/link

Social Engineering

What is social engineering?

Social engineering is exploiting weaknesses in a computer system by targeting the people that use or
have access to them

There are many forms of social engineering, some examples include

Fraudulent phone calls: pretending to be someone else to gain access to their account or their details

Pretexting: A scammer will send a fake text message, pretending to be from the government or human
resources of a company, this scam is used to trick an individual into giving out confidential data

People are seen as the weak point in a system because human errors can lead to significant issues, some
of which include:

Not locking doors to computer/server rooms

Not logging their device when they're not using it

Sharing passwords

Not encrypting data

Not keeping operating systems or anti-malware software up to date

Worked Example

A company is concerned about a distributed denial of service (DDoS) attack.

(i) Describe what is meant by a DDoS attack.

[4]

(ii) Suggest one security device that can be used to help prevent a DDoS attack.[1]

Answers

(i) Any four from:

multiple computers are used as bots

designed to deny people access to a website

a large number / numerous requests are sent (to a server) …

… all at the same time

the server is unable to respond / struggles to respond to all the requests

the server fails / times out as a result.

(ii)

firewall OR proxy server

You've read 5 of your 5 free revision notes this week

Sign up now. It’s free!

Join the 100,000+ Students that ❤️Save My Exams

the (exam) results speak for themselves:

I would just like to say a massive thank you for putting together such a brilliant, easy to use website.I
really think using this site helped me secure my top gradesin science and maths. You really did save my
exams! Thank you.

Beth

IGCSE Student

This website is soooo useful and I can’t ever thank you enough for organising questions by topic like this.
Furthermore, the name of the website could not have been more appropriate as it literally did SAVE MY
EXAMS!

Fathima

A Level Student

Incredible! SO worth my money, the revision notes have everything I need to know and are so easy to
understand. I actually enjoy revising! It makes me feel a lot more confident for my GCSEs in a few
months.

Kate
GCSE Student

Absolutely brilliant, both my girls used it for A levels and GCSE. It's saves on paper copies, also beneficial
exam questions ranked from easy to hard. It's removed a lot of stress from the exams.

Sameera

Parent

Just to say that your resources are the best I have seen and I have been teaching chemistry at different
levels for about 40 years

Mark

Chemistry Teacher

Excellent

Our rating represented in Trustpilot stars

Did this page help you?

Character Sets

Representing Sound

Representing Images
Cyber Security Threats

Keeping Data Safe

Program Development Life Cycle

More Exam Questions you might like

Cyber Security

Automated Systems

Robotics

Artificial Intelligence

Development Life Cycle

Computer Sub-Systems
Algorithms

Standard Methods of a Solution

Validation & Verification

Identifying Errors

Author

Reviewer

Robert Hampton

Author: Robert Hampton

Expertise: Computer Science Content Creator

Rob has over 16 years' experience teaching Computer Science and ICT at KS3 & GCSE levels. Rob has
demonstrated strong leadership as Head of Department since 2012 and previously supported teacher
development as a Specialist Leader of Education, empowering departments to excel in Computer
Science. Beyond his tech expertise, Robert embraces the virtual world as an avid gamer, conquering
digital battlefields when he's not coding.

Home

Resources

Home

Learning Hub

Help and Support

Scholarship

Join

Past Papers

Solution Banks

Sitemap

Members
Log in

Company

About us

Content Quality

Jobs

Terms

Privacy

Subjects

Biology

Chemistry

Physics

Maths

Geography

English Literature

Psychology

All Subjects

TikTok

Instagram

Facebook

Twitter

© Copyright 2015-2025 Save My Exams Ltd. All Rights Reserved.

IBO was not involved in the production of, and does not endorse, the resources created by Save My
Exams.

Cyber Security Threats | Cambridge (CIE) O Level Computer Science Revision Notes 2021