CodeIEB
Theory Notes/🌐 Topic 2: Internet & Communication Technologies/11.2.8
11.2.8Grade 11

Data Integrity & Protection

One of the highest-yield security subtopics in the whole syllabus — threats to data, and the layered solutions used to defend against them.

Threats to data integrity and availability:

ThreatDescription
Hardware failuree.g. a hard drive fails, causing data loss
Power failure/surgeSudden loss or spike in power can corrupt data or damage hardware
RansomwareMalware that encrypts a victim's files and demands payment for the decryption key
PhishingFraudulent messages designed to trick users into revealing sensitive information (e.g. fake login pages)
VirusMalicious code that attaches to a host program and spreads when that program runs
SpywareSecretly monitors and collects user activity/data without consent
PharmingRedirects users from a legitimate website to a fraudulent one, often via DNS manipulation
SpoofingDisguising communication (e.g. an email address or IP) to appear as if from a trusted source
Botnet / zombie armyA network of infected devices controlled remotely without the owners' knowledge, often used to launch attacks
Denial of Service (DoS)Overwhelming a system/server with traffic so legitimate users can't access it
Open portsUnused/unsecured network ports can be exploited as an entry point by attackers
Wi-Fi vulnerabilitiesWeakly secured wireless networks can be accessed by unauthorised users

Solutions:

SolutionHow it helps
RAIDRedundant Array of Independent Disks — combines multiple physical drives for reliability/performance. Mirroring (RAID 1) duplicates data across drives for redundancy; striping distributes data across drives for speed; parity (used in RAID 5) stores extra recovery information so data can be rebuilt if one drive fails
Backups (local vs remote)A local backup is fast to restore but vulnerable to the same physical disaster as the original; a remote/off-site backup protects against local disasters (fire, theft) but may be slower to restore
UPS (Uninterruptible Power Supply)Provides temporary battery power during an outage, preventing data loss/hardware damage from sudden power loss
Redundant power suppliesA backup power supply unit takes over automatically if the primary one fails
Passwords / biometric inputRestrict access to authorised users only
User rightsLimit what each authenticated user is allowed to view/change, minimising damage from a compromised account
Encryption & digital signaturesEncryption scrambles data so it's unreadable without a key; digital signatures verify that a message genuinely came from the claimed sender and hasn't been altered
Network security (encryption, key length, TKIP)Wireless security protocols encrypt data in transit; a longer encryption key is generally harder to crack; TKIP (Temporal Key Integrity Protocol) was an older Wi-Fi encryption standard
Firewalls & port filteringBlock unauthorised traffic and close/restrict unused ports
Audit trailsLogs of system activity used to detect and investigate suspicious behaviour after the fact
Anti-malwareDetects and removes malicious software
Updates and upgradesPatch known security vulnerabilities before they can be exploited

💡 Exam Tip

For any 'threat + solution' question, match your solution specifically to the threat described — e.g. ransomware's best defence is a strong offline/remote backup strategy (so you can restore without paying), not just 'install anti-malware' alone.