Knowledge organisersIdentifying and preventing vulnerabilities

Common prevention methods

Knowledge organiser

Identifying and preventing vulnerabilities

1.4.2a

What you need to know

There are several methods to protect computer systems and networks from threats. Each method addresses different types of attack, and a combination of methods provides the strongest defence.

Key points

Key prevention methods: penetration testing, anti-malware software, firewalls, user access levels, passwords, encryption, physical security.
No single method protects against ALL threats — a LAYERED approach combining multiple methods is most effective.
Exam Tip:Know which prevention method protects against which type of attack. E.g. encryption protects against data interception; firewalls protect against DoS attacks.
Exam Tip:Questions often ask you to RECOMMEND prevention methods for a given scenario — justify your choice by linking the method to the specific threat.
Exam Example:Table matching — Spyware→Anti-malware. Brute-force→Encryption/strong passwords. Data interception→Encryption. SQL injection→Penetration testing/firewall.
Exam Tip:When describing a security method, say MORE than 'it manages X'. E.g. for peripheral management, don't say 'manages peripherals' — explain what that INVOLVES.

Knowledge organisersIdentifying and preventing vulnerabilities

Common prevention methods

All topics Practise exam questions

Knowledge organiser

Identifying and preventing vulnerabilities

1.4.2a

What you need to know

There are several methods to protect computer systems and networks from threats. Each method addresses different types of attack, and a combination of methods provides the strongest defence.

Key points

Key prevention methods: penetration testing, anti-malware software, firewalls, user access levels, passwords, encryption, physical security.
No single method protects against ALL threats — a LAYERED approach combining multiple methods is most effective.
Exam Tip:Know which prevention method protects against which type of attack. E.g. encryption protects against data interception; firewalls protect against DoS attacks.
Exam Tip:Questions often ask you to RECOMMEND prevention methods for a given scenario — justify your choice by linking the method to the specific threat.
Exam Example:Table matching — Spyware→Anti-malware. Brute-force→Encryption/strong passwords. Data interception→Encryption. SQL injection→Penetration testing/firewall.
Exam Tip:When describing a security method, say MORE than 'it manages X'. E.g. for peripheral management, don't say 'manages peripherals' — explain what that INVOLVES.