One of the highest-yield security subtopics in the whole syllabus — threats to data, and the layered solutions used to defend against them.
Threats to data integrity and availability:
| Threat | Description |
|---|---|
| Hardware failure | e.g. a hard drive fails, causing data loss |
| Power failure/surge | Sudden loss or spike in power can corrupt data or damage hardware |
| Ransomware | Malware that encrypts a victim's files and demands payment for the decryption key |
| Phishing | Fraudulent messages designed to trick users into revealing sensitive information (e.g. fake login pages) |
| Virus | Malicious code that attaches to a host program and spreads when that program runs |
| Spyware | Secretly monitors and collects user activity/data without consent |
| Pharming | Redirects users from a legitimate website to a fraudulent one, often via DNS manipulation |
| Spoofing | Disguising communication (e.g. an email address or IP) to appear as if from a trusted source |
| Botnet / zombie army | A network of infected devices controlled remotely without the owners' knowledge, often used to launch attacks |
| Denial of Service (DoS) | Overwhelming a system/server with traffic so legitimate users can't access it |
| Open ports | Unused/unsecured network ports can be exploited as an entry point by attackers |
| Wi-Fi vulnerabilities | Weakly secured wireless networks can be accessed by unauthorised users |
Solutions:
| Solution | How it helps |
|---|---|
| RAID | Redundant Array of Independent Disks — combines multiple physical drives for reliability/performance. Mirroring (RAID 1) duplicates data across drives for redundancy; striping distributes data across drives for speed; parity (used in RAID 5) stores extra recovery information so data can be rebuilt if one drive fails |
| Backups (local vs remote) | A local backup is fast to restore but vulnerable to the same physical disaster as the original; a remote/off-site backup protects against local disasters (fire, theft) but may be slower to restore |
| UPS (Uninterruptible Power Supply) | Provides temporary battery power during an outage, preventing data loss/hardware damage from sudden power loss |
| Redundant power supplies | A backup power supply unit takes over automatically if the primary one fails |
| Passwords / biometric input | Restrict access to authorised users only |
| User rights | Limit what each authenticated user is allowed to view/change, minimising damage from a compromised account |
| Encryption & digital signatures | Encryption scrambles data so it's unreadable without a key; digital signatures verify that a message genuinely came from the claimed sender and hasn't been altered |
| Network security (encryption, key length, TKIP) | Wireless security protocols encrypt data in transit; a longer encryption key is generally harder to crack; TKIP (Temporal Key Integrity Protocol) was an older Wi-Fi encryption standard |
| Firewalls & port filtering | Block unauthorised traffic and close/restrict unused ports |
| Audit trails | Logs of system activity used to detect and investigate suspicious behaviour after the fact |
| Anti-malware | Detects and removes malicious software |
| Updates and upgrades | Patch known security vulnerabilities before they can be exploited |
💡 Exam Tip
For any 'threat + solution' question, match your solution specifically to the threat described — e.g. ransomware's best defence is a strong offline/remote backup strategy (so you can restore without paying), not just 'install anti-malware' alone.