Understanding The Risks of Malware

Understanding The Risks of Malware

Using digital devices that are connected to a network puts them at risk of various forms of attack. Understanding the types of threats that are posed to devices and networks, also helps us to better protect them. Malware can be used to describe software that arrives on our devices that is simply annoying, to destructive software that can harm our machine and go on to harm others, sometimes without us knowing

As part of this lesson, you will need to understand the following key terms:

  • Malware
  • Virus
  • Worm
  • Trojan
  • Spyware
  • Adware

Activity

Activity

Use the following quiz to help you revise these terms (click on the “view this set’ for a pop out):

In your exam, you may be asked to identify different types of malware and suggest ways to detect and prevent them from infecting a system. This area links to other sections of the syllabus, such as Computing Ethics where you could also be asked about the ethical considerations of creating or intentionally sending malware.

Revision Task

Download, print and complete the revision notes on threats to networks. Remember to add colour to the key terms and more detail in the boxes provided.

Scribblit – Threats To NetworksDownload
Validation and Verification

Validation and Verification

Our Specialist Laptops

When developing your programs, it is important that you consider whether any inputs from the user will break your program. Making a program that considers plans for this in advance is known as defensive design and will make your program robust.

Using techniques like validation and verification help to make your program more robust as they prevent incorrect data from entering the system.

The phrase commonly used with this is “Garbage in, Garbage out”.

Verification

Verification is useful for user input when you want to check that what your user is inputting is what they wanted to input. For example, when entering a new password a website will often ask the user to input it twice to ensure that they didn’t make a spelling error.

The pseudocode below shows how double entry verification might be used to check that a user has entered the password that they really want to use:

password1 <-- INPUT
password2 <-- INPUT

WHILE password1 <> password2 
  OUTPUT "passwords do not match "
  password1 <-- INPUT
  password2 <-- INPUT
END WHILE

Validation

Validation is applying certain rules to the data that your user inputs into the system. By adding validation to your code, it prevents the program from crashing when incorrect data is entered.

There are a number of different types of validation that can be used within your programs:

  • Type Checks
  • Length Checks
  • Presence Checks
  • Format Checks
  • Range Checks

Each of these types of checks can be combined together to make sure that your user is entering correct data into the system.

Activity

Click on the image below to find four examples of validation on our contact form:

Validation on data input can have multiple benefits. The most important of these is that it prevents the data from creating fatal errors!

(if you’ve ever run your code and it stops running with a red error message, this is a fatal error).

Making sure that data is correct before it goes into the program is much easier than trying to fix it once the data has been stored & causes a processing error.

When a user enters data incorrectly, it is usual for a program to prevent them from moving forward until the data is correct. Knowing that we want our user to keep entering data until they get it right indicates that we want to use a type of loop that will keep repeating until the condition is met. In this case, either a WHILE or REPEAT UNTIL loop is best.

age <-- INPUT

WHILE age.Type <> Integer 
  OUTPUT "Age nust be a whole number "
  age <-- INPUT
END WHILE

Programming Tasks

Different types of check are implemented to check a variety of different rules that can be used to ensure that user entry is correct. Try the tasks below to test out types of validation that can be implemented into your programs:

Presence Check – a presence check is used to ensure that a user has input some data and not left the input blank:

Range Check – a range check is used to ensure that a numeric entry is between two numbers:

Type Check – a type check is used to ensure that the data entered matches a specific data type. Unlike other validation checks, type checks require use of built in functions that look at the values entered into the program, especially in Python as all data entry is treated as a string.

Length Check – a length check is used to ensure that the string data that has been entered is either long enough or not too long (dependent on the condition set):

Format Check – a format check is used to ensure that the user has entered the data using a set of rules that lays the data out in a particular way. This is often used for dates. For example, DD-MM-YYYY may be required and would reject the date 02/12/2019 because slashes are used instead of dashes: