AQA GCSE Computer Science: Networks, Cyber Security and Ethics

Networks, cyber security, and ethical issues form a significant portion of Paper 2 in AQA GCSE Computer Science. These topics are interconnected -- understanding how networks operate is essential for understanding how they can be attacked, and understanding attacks is essential for understanding the laws and ethical principles that govern computing.

This guide covers the full specification content for these areas. If you are looking for broader exam technique advice, see our AQA GCSE Computer Science Exam Guide.

Network Fundamentals

Types of Network

A LAN (Local Area Network) covers a small geographical area, such as a single building or school campus. The hardware is typically owned by the organisation that uses it.

A WAN (Wide Area Network) spans a large geographical area and connects multiple LANs together. The infrastructure is usually owned by third parties such as telecommunications companies. The internet is the largest WAN in existence.

When comparing LANs and WANs in an exam, focus on geographical coverage, ownership of infrastructure, and the transmission media used.

Network Topologies

A star topology connects every device to a central switch or hub. If one device fails, the rest of the network continues to operate. However, if the central switch fails, the entire network goes down. Star topologies are the most common in modern LANs.

A mesh topology connects every device to every other device (full mesh) or to several other devices (partial mesh). Mesh networks are highly resilient because data can take multiple routes. The internet uses a mesh-like structure. The drawback is the cost and complexity of maintaining many connections.

You should be able to draw both topologies and explain their advantages and disadvantages.

Wired vs Wireless

Wired connections use physical cables -- typically Ethernet (copper twisted pair) or fibre optic. They offer faster, more reliable data transfer and are harder to intercept. The trade-off is that devices must be physically connected.

Wireless connections use radio waves. They provide flexibility and mobility but are generally slower, more susceptible to interference, and easier to intercept.

Network Hardware

Understanding the role of each piece of network hardware is essential for Paper 2.

A router directs data packets between different networks. It reads the destination IP address of each packet and forwards it along the most efficient route. Your home router connects your LAN to your ISP and, through that, to the internet.

A switch connects devices within a single LAN. Unlike a hub (which broadcasts data to all connected devices), a switch reads the MAC address of each data frame and sends it only to the intended recipient.

A NIC (Network Interface Card) is the hardware component that allows a device to connect to a network. Every networked device has at least one NIC. Each NIC has a unique MAC address.

A WAP (Wireless Access Point) allows wireless devices to connect to a wired network, acting as a bridge between wireless clients and the wired infrastructure.

Transmission media refers to the physical materials or wireless signals used to carry data. Copper cables (Cat5e/Cat6 Ethernet) are affordable and widely used. Fibre optic cables transmit data as light, offering higher speeds over longer distances but at greater cost. Wireless transmission uses radio frequencies and is subject to interference and range limitations.

The Internet

DNS (Domain Name System)

The DNS translates human-readable domain names (such as www.example.com) into IP addresses (such as 93.184.216.34) that computers use to locate each other. When you type a URL into your browser, a DNS server looks up the corresponding IP address so your browser can connect to the correct server. Without DNS, you would have to memorise numerical IP addresses for every website.

Hosting and the Cloud

Web hosting means storing website files on a server that is connected to the internet so that users can access the site. Organisations can host their own servers or pay a hosting provider.

Cloud computing provides on-demand access to computing resources -- storage, processing power, applications -- over the internet, without the user owning physical hardware. Benefits include scalability, remote access, and reduced upfront costs. Drawbacks include dependence on an internet connection, ongoing costs, and privacy concerns because data is stored on third-party servers.

Client-Server vs Peer-to-Peer

In a client-server network, a central server provides resources and services to client devices that request them. The server manages security, access control, and backups centrally. Most school and business networks use this model.

In a peer-to-peer (P2P) network, all devices have equal status and can act as both client and server. P2P networks are simpler and cheaper to set up but harder to manage and secure as they grow.

Network Protocols

A protocol is a set of rules that governs how data is transmitted across a network. Without agreed protocols, devices from different manufacturers would not be able to communicate.

Key Protocols

• TCP/IP (Transmission Control Protocol / Internet Protocol) -- the fundamental protocol suite of the internet. TCP breaks data into packets and ensures reliable delivery. IP handles addressing and routing packets to the correct destination.
• HTTP (HyperText Transfer Protocol) -- transfers web pages from a server to a browser. Data is sent in plain text.
• HTTPS (HyperText Transfer Protocol Secure) -- the encrypted version of HTTP. Uses TLS/SSL to protect data in transit from interception.
• FTP (File Transfer Protocol) -- transfers files between a client and a server. Commonly used for uploading files to a web server.
• SMTP (Simple Mail Transfer Protocol) -- sends emails from a client to a server, or between email servers.
• IMAP (Internet Message Access Protocol) -- retrieves and manages emails on a server. Unlike POP3, IMAP keeps emails on the server so they can be accessed from multiple devices.

The TCP/IP Model

The TCP/IP model organises network communication into four layers. Each layer has a specific role and uses particular protocols.

1. Application layer -- provides protocols for software applications to communicate over a network. Protocols include HTTP, HTTPS, FTP, SMTP, and IMAP.
2. Transport layer -- breaks data into packets, ensures reliable delivery, and reassembles packets at the destination. TCP operates at this layer.
3. Internet layer -- handles addressing and routing. IP operates at this layer, assigning IP addresses and determining the route each packet takes.
4. Network interface layer (sometimes called the link layer) -- deals with the physical transmission of data across the network hardware, including Ethernet and Wi-Fi standards.

Data from the application layer is broken into packets at the transport layer, addressed and routed at the internet layer, and physically transmitted at the network interface layer. This layered approach means that changes to one layer do not require changes to the others.

Packet Switching

Data transmitted across a network is broken into small units called packets. Each packet contains a header (with the source and destination IP addresses, packet number, and total number of packets) and a payload (the actual data).

Packets are sent independently across the network and may take different routes depending on traffic and availability. At the destination, they are reassembled in the correct order using the packet numbers. If a packet is lost or corrupted, the receiving device requests it to be resent.

This approach is efficient and resilient -- it does not require a dedicated connection between sender and receiver, and it adapts to network conditions in real time. Exam questions often ask you to describe the steps in packet switching or the contents of a packet header.

Cyber Security Threats

Cyber security is the practice of protecting computer systems, networks, and data from unauthorised access, damage, or theft. You need to know the major categories of threats and specific examples within each.

Malware

Malware is any software designed to cause harm to a computer system or its user.

• Virus -- malicious code that attaches itself to a legitimate program. It spreads when the infected file is executed or shared, and can corrupt or delete data.
• Worm -- self-replicating malware that spreads across networks without needing user action. Worms can consume bandwidth and overload networks.
• Trojan -- malware disguised as legitimate software. Once installed, it performs malicious actions such as creating a backdoor for attackers.
• Ransomware -- encrypts the victim's files and demands payment for the decryption key. Devastating to organisations without up-to-date backups.
• Spyware -- secretly monitors user activity and collects personal data such as passwords and browsing habits without the user's knowledge.

Social Engineering

Social engineering attacks exploit human behaviour rather than technical vulnerabilities.

• Phishing -- fraudulent emails or messages that appear to come from a trusted source, designed to trick the recipient into revealing personal information, clicking a malicious link, or downloading malware.
• Pharming -- redirects users from a legitimate website to a fraudulent one by corrupting DNS settings or the user's hosts file. The user believes they are on the real site and may enter sensitive information.
• Shoulder surfing -- physically observing someone as they enter sensitive information, such as a PIN or password. This can be done in person or using a camera.

Other Attacks

• Brute force attack -- systematically trying every possible combination of characters to guess a password. Longer, more complex passwords take exponentially longer to crack. Account lockout policies and two-factor authentication help mitigate this threat.
• SQL injection -- inserting malicious SQL code into a website input field (such as a login form). If the site does not validate inputs, the code can read, modify, or delete data in the underlying database. Input validation and parameterised queries prevent this.
• DDoS (Distributed Denial of Service) -- overwhelming a server with traffic from many sources (often a botnet of compromised devices), making it unable to respond to legitimate requests.

Preventing Cyber Security Threats

No single measure provides complete protection. Organisations use multiple layers of defence -- an approach sometimes called "defence in depth."

Firewalls monitor and filter incoming and outgoing network traffic based on a set of security rules. They can block suspicious traffic and prevent unauthorised access. Firewalls can be hardware-based, software-based, or both.

Encryption converts data into an unreadable format using an algorithm and a key. Only someone with the correct decryption key can read the data. Encryption protects data in transit (HTTPS) and at rest (encrypted hard drives).

Authentication verifies a user's identity before granting access. Passwords are the most common method, but stronger approaches include two-factor authentication (2FA) and biometrics (fingerprints, facial recognition).

Access control restricts what authenticated users can do. Role-based access control assigns permissions based on job function, following the principle of least privilege.

Anti-malware software detects, quarantines, and removes malicious software using signature databases and heuristic analysis. It must be kept up to date to be effective against new threats.

Network policies are organisational rules governing acceptable use, including password policies, rules about installing software, and guidelines for handling sensitive data.

Penetration testing involves hiring ethical hackers to attempt to break into a system using the same techniques real attackers would use, identifying vulnerabilities before they can be exploited.

Ethical, Legal and Environmental Issues

Key Legislation

You must know the purpose of each of these laws and be able to apply them to scenarios in exam questions.

Data Protection Act 2018 / UK GDPR -- governs how personal data is collected, stored, processed, and shared. Organisations must have a lawful basis for processing data, keep it accurate, store it securely, and not retain it longer than necessary. Individuals have rights including access, correction, and deletion of their data.

Computer Misuse Act 1990 -- makes it a criminal offence to gain unauthorised access to a computer system (hacking), to access a system with intent to commit further offences, and to make unauthorised modifications to computer material (such as planting malware).

Copyright, Designs and Patents Act 1988 -- protects intellectual property rights. Software, music, images, and written content are protected by copyright. It is illegal to copy, distribute, or modify copyrighted material without permission. This applies to software piracy, illegal downloading, and open-source vs proprietary software.

Freedom of Information Act 2000 -- gives individuals the right to request information held by public bodies, promoting transparency and accountability in the public sector.

Environmental Impact of Computing

The environmental impact of technology is a growing concern and an increasingly examined topic.

Energy consumption -- data centres powering the internet, cloud services, and streaming platforms consume enormous amounts of electricity. The energy footprint extends to manufacturing, distribution, and daily charging of billions of devices.

E-waste -- discarded electronics contain hazardous materials such as lead, mercury, and cadmium. E-waste is often shipped to developing countries for unsafe processing. Responsible recycling and longer device lifespans help reduce this problem.

Manufacturing -- producing electronic components requires mining rare earth metals, uses large amounts of water and energy, and generates pollution. The environmental cost of a single device is substantial before it is even switched on.

Privacy, Censorship and the Digital Divide

Privacy -- the vast amounts of data collected by companies, governments, and social media platforms raise serious concerns. Surveillance, location tracking, and data profiling can erode individual privacy. The balance between security and privacy is a common exam discussion topic.

Censorship -- some governments restrict access to websites, social media, or information. Censorship can protect users from harmful content but can also suppress free speech. You should be able to argue both sides.

The digital divide -- the gap between those who have access to modern technology and the internet and those who do not. This divide can be based on geography, income, age, or disability, and it affects access to education, employment, and public services.

How These Topics Appear on Paper 2

Networks, cyber security, and ethical issues are examined on Paper 2, which is worth 50% of your GCSE. Questions on these topics typically fall into several categories.

Short-answer recall questions ask you to define a term, name a protocol, or state the purpose of a piece of hardware. These require precise technical language. For example, do not simply say a router "sends data" -- say it "directs packets between networks by reading destination IP addresses."

Comparison questions ask you to compare two things -- for example, star vs mesh topologies, or client-server vs peer-to-peer networks. Cover advantages and disadvantages of each, and relate your points to the scenario given.

Scenario-based questions describe a real-world situation and ask you to apply your knowledge. You might be told about a business that has suffered a data breach and asked to explain how the attack occurred and what preventive measures should have been in place. Always refer back to specific details in the scenario.

Extended response questions (typically 6 marks) require a well-structured answer with a logical argument. Use paragraphs, include specific technical detail, and consider multiple perspectives where appropriate.

Common pitfalls to avoid:

• Confusing a switch with a router. A switch operates within a LAN using MAC addresses; a router operates between networks using IP addresses.
• Failing to name specific protocols. Saying "the data is sent using a protocol" is too vague -- name the protocol and explain its role.
• Describing threats without explaining the mechanism. Do not just say "phishing is bad" -- explain how a phishing attack works.
• Mixing up legislation. Hacking relates to the Computer Misuse Act. Collecting personal data relates to the Data Protection Act. Copying software relates to the Copyright, Designs and Patents Act.

Prepare with LearningBro

Reinforce your understanding and test yourself with our targeted practice courses:

• AQA GCSE Computer Science: Networks -- covers LANs, WANs, topologies, hardware, protocols, and packet switching
• AQA GCSE Computer Science: Cyber Security -- covers malware types, social engineering, attack methods, and prevention strategies
• AQA GCSE Computer Science: Ethical, Legal and Environmental Issues -- covers legislation, environmental impact, privacy, censorship, and the digital divide
• AQA GCSE Computer Science Exam Guide -- detailed advice on exam technique for both Paper 1 and Paper 2