Spec & Goals 3 min
AQA Spec 3.6 · Fundamentals of cyber security (whole unit)
By the end of this lesson you can:
- Revise and self-check the whole of Unit 6, spotting your weak topics.
- Answer exam questions that span all of spec 3.6, for the marks on offer.
- Make a focused revision plan that targets the topics you got wrong.
Warm-Up — command words & the paper 5 min
This is the last lesson of Unit 6. First, know the exam you are sitting.
Command words tell you what to do
Read the command word first — it sets how much to write.
| Command word | What it demands |
|---|---|
| State / Identify | A word or short phrase. No explanation. |
| Describe | Say what something is, or the steps, with detail. |
| Explain | Give reasons — the how or the why. |
| Compare / Discuss | Both sides / trade-offs; an extended answer. |
Key Concept — your Unit 6 spec checklist 14 min
Tick each spec point. If you cannot do one, that is a topic to revise tonight.
| Spec point | You should be able to… |
|---|---|
| Threats overview | Define cyber security; identify the main threat types; explain why the human is often the weakest link. |
| Social engineering | Describe blagging, phishing, pharming and shouldering, and how to defend each. |
| Malware | Describe virus, worm, trojan, ransomware and spyware. |
| Brute force / passwords | Describe a brute-force attack; explain weak/default password risks. |
| DoS & interception | Describe a DoS attack and data interception, and their defences. |
| SQL injection | Describe SQL injection and how validation defends against it. |
| Penetration testing | Define it and its purpose; white-box vs black-box. |
| Authentication | Explain passwords, biometrics, CAPTCHA, email confirmation, 2FA. |
| Protecting systems | Anti-malware, firewall, access levels, encryption, updates, physical security. |
Worked Example — a full multi-part question 12 min
Here is one question with three parts. We earn the marks aloud.
Part (a) — Describe what a phishing attack is. [2 marks]
A fake message appears to come from a trusted organisation (1) and tricks the victim into revealing personal details or clicking a link to a fake site (1).
Part (b) — Compare how a virus and a worm spread. [2 marks]
A virus attaches to a host file and spreads only when a user opens it (1). A worm self-replicates and spreads across networks without user action (1).
Part (c) — A company stores data on a server. Describe three measures to keep it secure. [3 marks]
Any three distinct: firewall to filter network traffic (1); encryption so stolen data is unreadable (1); user access levels so staff see only what they need (1). (Also accept anti-malware, updates, physical security, 2FA, backups.)
Try It Yourself — timed mini-paper 12 min
Give yourself 12 minutes. Write full answers; check them with your teacher.
Identify two forms of social engineering. [2 marks]
Describe how a ransomware attack affects a victim. [2 marks]
Explain what an SQL injection attack is and one way to prevent it. [3 marks]
Explain why two-factor authentication is more secure than a password alone. [2 marks]
Discuss the measures a hospital should take to protect patient data from cyber threats. [4 marks]
📝 Exam Practice 10 min
These questions span the whole of Unit 6. Match your answer to the command word and the marks.
Define the term malware.
Mark scheme
- Malicious software designed to damage/disrupt/gain unauthorised access to a system (1).
Describe how a denial-of-service attack works.
Mark scheme
- Floods the server/network with requests/traffic (1).
- So it cannot respond to legitimate users (1).
Explain why a long, complex password is harder to crack by brute force.
Mark scheme
- More characters/symbol types means far more combinations (1).
- So the attacker must make many more guesses, taking much longer (1).
Describe the purpose of penetration testing.
Mark scheme
- To find security weaknesses by simulated/authorised attack (1).
- So they can be fixed before a real attacker exploits them (1).
An online shop wants to protect itself and its customers. Discuss the threats it faces and how it could defend against them.
Mark scheme
Up to 4 marks for threat + matched defence pairs, e.g.:
- Phishing of customers/staff (1) → training, checking senders/links (1).
- SQL injection / data interception (1) → input validation / encryption (HTTPS) (1).
- DoS (1) → firewall, traffic filtering, capacity (1).
- Malware (1) → anti-malware + updates (1).
Recap & Key Terms 3 min
Use your mini-paper marks to plan tonight's revision.
- Vague on the threat overview? Redo CS-L6-01.
- Muddled social-engineering types? Redo CS-L6-02 — phishing vs pharming.
- Mixed up malware? Redo CS-L6-03 — virus vs worm vs trojan.
- Unsure on brute force / passwords? Redo CS-L6-04.
- Confused DoS and interception? Redo CS-L6-05.
- Shaky on SQL injection? Redo CS-L6-06.
- Lost marks on pen testing? Redo CS-L6-07 — white vs black box.
- Authentication unclear? Redo CS-L6-08 — biometrics, CAPTCHA, 2FA.
- Defences not sticking? Redo CS-L6-09.
- Social engineering
- Tricking people into revealing information or access (blagging, phishing, pharming, shouldering).
- Malware
- Malicious software — virus, worm, trojan, ransomware, spyware.
- Brute-force attack
- Trying many password combinations until the correct one is found.
- Denial-of-service
- Flooding a server so it cannot serve legitimate users.
- SQL injection
- Entering SQL into an input field so the database runs it.
- Penetration testing
- Authorised simulated attacks to find weaknesses before attackers do.
- Two-factor authentication
- Requiring two different proofs of identity to sign in.
- Firewall
- Filters network traffic, blocking unauthorised connections.
Homework 1 min
Task (≤ 15 min): Revisit your weakest topic from the mini-paper. Open that lesson and redo its Exam Practice section.
Bring one question you still find hard to the next session, so we can work through it together.