How do we protect a network and its data from threats?
Describe protection measures including strong passwords, firewalls, encryption, antivirus software and user access levels
A focused answer to the O-Level Computing point on protecting networks. Strong passwords and two-factor authentication, firewalls, encryption, antivirus software, user access levels, and how a layered defence works.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this dot point is asking
SEAB wants you to describe the main measures used to protect a network and its data: strong passwords, firewalls, encryption, antivirus software and user access levels. The central idea is that no single measure is enough, so good security uses several layers together, each defending against different threats.
The answer
Strong passwords and authentication
A strong password is long, mixes upper and lower case letters, numbers and symbols, and is not a common word or reused across accounts. This makes it hard to guess or crack. Two-factor authentication (2FA) adds a second check, such as a code sent to a phone, so a stolen password alone is not enough to get in.
Firewalls
A firewall monitors and controls the data passing between a network and the outside world. Using a set of rules, it blocks unwanted or suspicious traffic and allows trusted traffic. It acts as a barrier that helps prevent unauthorised access from the internet.
Encryption
Encryption scrambles data using a key so that it is unreadable to anyone without that key. It protects data both in transit (such as over HTTPS) and at rest (stored on a disk). If encrypted data is intercepted or stolen, the attacker sees only meaningless characters.
Antivirus software
Antivirus (anti-malware) software scans files and activity to detect, block and remove malware such as viruses and worms. Kept up to date, it recognises new threats and helps stop infections spreading across a network.
User access levels
User access levels give different users different permissions. A student might only open their own work, a teacher edit class records, and an administrator manage accounts. This follows the principle of least privilege: each user can access only what they need, which limits misuse and contains the damage if one account is compromised.
Other measures
- Regular backups so data can be restored after loss or a ransomware attack.
- Software updates to fix security weaknesses.
- User training so people recognise phishing and other tricks.
Layered defence
Each measure addresses different threats: passwords and access levels guard accounts, firewalls filter traffic, encryption protects data, and antivirus fights malware. Using them together gives defence in depth, so if one layer fails, others still protect the network.
Examples in context
Example 1. A hospital records system. Patient records are encrypted and protected by user access levels, so a receptionist sees only appointments while a doctor sees medical notes. If a laptop is stolen, the encryption keeps the records unreadable, and access levels limit what any single account can reach.
Example 2. A home router. A home network is protected by changing the default router password to a strong one, keeping the firewall on, and enabling Wi-Fi encryption. Together these stop neighbours or passers-by from joining the network or reading its traffic, a small-scale layered defence.
Try this
Q1. State what a firewall does. [2 marks]
- Cue. It monitors and filters traffic between a network and the outside, blocking unwanted traffic and allowing trusted traffic by rules.
Q2. Explain why user access levels improve security. [2 marks]
- Cue. They give each user only the permissions they need, so misuse is limited and a compromised account exposes less data.
Q3. Give one reason a password should not be reused across accounts. [2 marks]
- Cue. If one account is breached, a reused password would let the attacker access all the other accounts too.
Exam-style practice questions
Practice questions written in the style of SEAB exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
Original5 marks(a) Describe what a firewall does. (b) Explain how encryption protects data. (c) State why a strong, unique password is important.Show worked answer →
(a) A firewall monitors and controls the data passing between a network and the outside (such as the internet). It uses rules to block unwanted or suspicious traffic and allow trusted traffic, acting as a barrier against unauthorised access.
(b) Encryption scrambles data using a key so that it is unreadable to anyone without the key. If encrypted data is intercepted or stolen, the attacker sees only meaningless characters, protecting its confidentiality.
(c) A strong, unique password (long, mixing letters, numbers and symbols, not reused) is hard to guess or crack and limits damage if one account is compromised, because the same password does not unlock other accounts.
Markers reward a firewall filtering traffic by rules, encryption scrambling data so it is unreadable without the key, and a strong unique password resisting guessing and limiting reuse damage.
Original5 marksA school network is used by students, teachers and administrators. (a) Explain what is meant by user access levels and why they are used. (b) State two other measures the school could use to protect its network.Show worked answer →
(a) User access levels give different users different permissions over data and systems. For example, students can only open their own work, teachers can edit class records, and administrators can manage accounts. They are used to follow the principle of least privilege: each user can only access what they need, which limits accidental or deliberate misuse and contains the damage if an account is compromised.
(b) Other measures: antivirus software to detect and remove malware; a firewall to filter network traffic; encryption of stored and transmitted data; regular backups so data can be restored; and two-factor authentication for logins. Any two are acceptable.
Markers reward access levels giving appropriate permissions to limit misuse, and two further valid measures such as antivirus, firewall, encryption or backups.
Related dot points
- Define a computer network, distinguish a LAN from a WAN, and state the benefits and drawbacks of networking computers
A focused answer to the O-Level Computing point on networks. What a computer network is, the difference between a LAN and a WAN, common networking hardware, and the benefits and drawbacks of connecting computers.
- Distinguish the internet from the World Wide Web, and describe the roles of browsers, web servers, URLs and HTTP in loading a page
A focused answer to the O-Level Computing point on the internet and the Web. The difference between the internet (the network) and the Web (pages on it), and the roles of browsers, web servers, URLs, HTTP and HTTPS in loading a page.
- Explain the purpose of IP addresses and protocols, describe how data is sent in packets, and give examples of common protocols
A focused answer to the O-Level Computing point on addressing and protocols. The purpose of an IP address, what a protocol is and why networks need agreed rules, how data travels in packets, and examples of common protocols.
- Describe common network security threats including unauthorised access, interception, phishing and denial of service
A focused answer to the O-Level Computing point on network threats. Unauthorised access (hacking), data interception, phishing and social engineering, and denial of service attacks, and the harm each can cause.
- Explain why personal data must be protected, the risks of misuse, and measures and good practice for keeping data private
A focused answer to the O-Level Computing point on data protection. Why personal data must be protected, the risks of misuse such as identity theft, and the measures and good practice that keep data private and secure.