Classification of Programming Languages

Machine code
 Binary representation of instructions in a format that the CPU can decode and execute
 Have an operation code instruction and address, or data to use

High Level Language

 One instruction of high-level code represents many instructions of binary/machine code
 The same code will work for many different machines and processors
 The programmer can easily store data in lots of different structures without knowing the memory
structure
Advantages:
1. Easier to understand than low-level languages
2. Uses English words which are familiar and therefore makes it easier to write computer programs
3. The programmer has lots of data structures to use
Disadvantages:
1. High-level languages must be translated before a computer is able to understand it.
2. Less memory efficient
3. Code can be slower to execute if it is not optimized

Low Level Languages

 Written in assembly language
 Translated by an assembler into machine code
 Used for embedded systems and device drivers where instructing the hardware directly is necessary
 One instruction of assembly code only represents one instruction of machine code
Advantages:
1. User can control what the CPU does
2. The programmer works with memory directly and so is memory efficient
3. Code is fast to execute as commands in machine code can be executed directly without the need for a
translator
Disadvantages:
1. Code is very difficult to read, understand and modify
2. The programmer needs to know about the internal structure of the CPU and how it manages memory
3. The assembly code is only written for one type of machine or processor and this code won’t work on
any others
Types of Program Translators
Assembler
 Assembly code is translated directly into machine code
 The assembler takes code labels and converts it into memory addresses, this is then stored so it can
be run later
 This is a fast method when repeatedly being run

Advantages Disadvantages
No need for translation software at run-time Hard to write in Assembly with limited and hard to
understand commands
Speed of execution of code produced is quick Code needs to be reassembled when the code is
changed
Code is usually optimized Designed for a specific type of processor
Original Assembly code is kept a secret

Complier
 Translates source code (code that the programmer has written) from high-level languages into object
code and then into machine code ready to be processed by the CPU
 The whole program is translated into machine code before it is run

Advantages Disadvantages
No need for translation software at run-time Source code is easier to write in a high-level
language, but the program will not run with syntax
errors which can make it more difficult to write the
code
Speed of execution is faster Code needs to be recompiled when the code is
changed
Code is usually optimized Designed for a specific type of processor
Original source code is kept a secret

Interpreter
 Translates source code from high level languages into machine code ready to be processed by the CPU
 The program is translated line by line as the program is running

Advantages Disadvantages
Easy to write source code because the program will Translation software is needed at run-time
always run, stopping when it finds a syntax error
Code does not need to be recompiled when code is Speed of execution is slower
changed, and is easy to try out commands when the
program has paused after finding an error
This makes interpreted languages very easy for Code is not optimized
beginner programmers to learn to write code
Source code is needed
 Systems Architecture
CPU Function
 CPU interprets, processes and executes instructions usually from the hardware and software
 Hardware is any physical component that is part of the computer system
 Software is the programs executed by the hardware

Fetch-Decode-Execute Cycle
 Whenever a program is opened, data and instructions are first copied from the hard disk to the RAM
o RAM is the fastest read/write speeds compared to secondary storage
 Fetch – CPU brings data and instructions from the main memory and stores in own temporary memory
called registers
o Adress bus – CPU will send the address of the next piece of data that it needs, along the
address bus
o Data bus - Data/instructions from this address then travels from the RAM, to the CPU, on the
‘data bus’.
 Decode – The CPU breaks down the instructions and makes sense of the instruction fetched
o Looks up what the instruction means in its instruction and gets things ready for the next step
 Execute – Data processing happens, instructions are carried out on the data
o May include reading/writing from/to main memory
o Once a cycle has been completed, another begins

Von Neumann Architecture

The VNA describes the design of a stored-program computer where the data and instructions are stored in
the same memory
Clock: Regulates timing and speed of computer operation. Sends out an electrical pulse
 Overclocking – increasing the clock speed for a CPU, dangerous as can lead to CPU overheating.
Control Unit: Coordinates the actions of the CPU. Decodes instructions and sends control signals. Manages
and monitors hardware. Manages input and output signal. Manages fetch-decode execute cycle.
Register: Holds Data used when executing an instruction
Bus: Collection of wires through which data and instructions are transmitted from one component to
another
ALU (Arithmetic Logic Unit): Performs calculations and logical decisions
Cache: Stores data which needs to be immediately processed
 Takes chunks of data/instructions from RAM and keeps its close so that it always has a constant supply
of data to process
 If data and instruction were moved from the RAM one item at a time the CPU would work far slower
because the CPU cycles much faster than the RAM can deliver data
 So instead, chunks are downloaded and stored in the CPU registers so that the CPU doesn’t waste
valuable time waiting for a deliver of data/instructions
 Cache is smaller than RAM because its more expensive
Embedded Systems
 A computer system with a dedicated / specific purpose or function built into a device
o Have a larger proportion of ROM than non-embedded systems
o Embedded systems tend to have less processing power than non-embedded systems
o Embedded systems are built into a specific device while non-embedded systems are not
o Embedded systems have a specific purpose whilst non-embedded systems don’t

Factors Affecting CPU Performance

1. Clock Speed
a. The more pulses a second, the more fetch-decode-execute cycles can occur.
b. The more pulses per second / Higher clock speed, the more instructions that can be carried out per
second
2. Number of Cores
a. The greater the number of cores the greater the number of instructions that may be executed
simultaneously.
b. This is because different cores can deal with different types of instructions
3. Cache size
a. The larger the cache the less time it takes to transfer data to the processor from the cache, since
the cache is held closer to the processor

Secondary Storage
Primary Storage refers to memory areas that the CPU can access directly. It has the fastest read/write
speeds and is mostly volatile.

How is Main Memory Used

 Main memory stores instructions whilst a program is being run
 Each unique memory location holds one value
 The data and instructions are replaced in the memory as needed
Secondary Storage is non-volatile storage that isn’t directly accessible by the CPU. It is where all data is
stored when not in use.
Computers have more RAM than cache memory because it is cheaper and the cache does not have enough
capacity to store data and programs

Differences Between Primary and Secondary Storage

 RAM is volatile, so all data is lost when the computer is switched off. Secondary storage is non-volatile
so data required in the long term is stored there.
 RAM generally has a lower capacity than secondary storage
 RAM is generally faster than secondary storages as it is closer to the CPU
Cloud Storage
 Cloud Storage is where the files are hosted remotely and accessed over a network
Advantages
 Enables user to access their data from more places / devices
 Enables user to more easily share data with others
 Increases the amount of potential storage available
 Automatically backed up by the host
Disadvantages
 Need working internet connection to access the data
 Can be costly as you may need to pay for a subscription

Optical Disk
1. There is a disk that rotates at a high speed
2. A laser head moves across the disk
3. There are tiny pits which reflect light differently to the flats
4. Reflected light is interpreted into 1s and 0s representing the data stored on the disk
5. The data is stored on a single spiral track
Advantages
 For small capacity situations
 Low manufacturing costs
 Suitable for read only data distribution
Disadvantages
 Prone to theft since it is small
 Costs more per GB than any other form of storage
 No protection plastic casing

Magnetic Disk – Hard Disk Drive

1. A HDD can contain multiple platters
2. There are disks spin very quickly
3. Each platter is divided into sectors
4. There are read and write heads to read and write data
5. Data is read and written by magnetizing microscopic regions on the disks
6. Data is organised in concentric rings called tracks
7. The data is transferred via a cable
Advantages
 Suitable for low-cost situations
 Very high capacity
 Fast to access data

Disadvantages
  Easily damaged
 Will slow down
 Eventually break over time

Solid State Storage

1. In solid-state storage, data is stored by trapping or removing electrons in floating-gate transistors to
encode binary '0' or '1.'
2. These transistors are organized into pages for writing and blocks for erasing.
3. To read the data, a voltage is applied to the transistor, and the resulting current flow indicates the
stored binary value.
4. To prolong the device's lifespan, wear levelling algorithms are employed to minimize block wear-out
by evenly distributing data.
Advantages
 Fast
 Don’t need fragmenting
 More shock-proof
 Silent
Disadvantages
 Expensive compared to other types of storage
 Lower capacity than other types of storage

Cyber Security
Define the term Cyber Security:
Cyber security is the processes, practices and technologies designed to protect networks, computers,
programs and data from attack, damage and unauthorized access.

Describe each of the following Cyber Security Threats:

Malware: software that has been purposely developed to damage, disrupt or take control of computer
systems.
Social Engineering: techniques that manipulate people into giving away confidential and personal
information
Weak passwords: easy to guess. Passwords that use words are easy to crack using an algorithm that
systematically goes through all the words in a dictionary until the word matches the password.
Default passwords: Upon registration for an online account, users may be given a default password that
they do not change. Often these passwords are sent out unencrypted via email so pose a major security
vulnerability.
Removable media: such as a USB pen drive can be a vector for transmitting malware.
Unpatched/outdated software: Software needs regular updates to fix security vulnerabilities in computer
systems. Software that remains unpatched is vulnerable to attack.
Misconfigured access rights: Users should only have access to files and data that they need, but sometimes
they have access that they should not.

Explain the Different types of Penetration Testing:

Penetration testing is the process of attempting to gain access to resources without knowledge of
usernames, passwords and other normal means of access.
Malicious insider: The operation of the system is known and the tester is simulating a malicious insider. It
can be targeted to test specific vulnerabilities and it is known what is going to be tested. Since you know
what is going to be tested then all possible scenarios must be tested.
External attack: The tester does not know how the system operates and they are acting as an external
hacker. It requires a lot of investigation and guessing to find issues. May not test all of the system especially
if you do not know its full functionality.

Define Social Engineering

The art of manipulating people so they give up confidential information.

Types of Social Engineering

Blagging: Fraudsters make up a scenario to con victims into revealing something they would not ordinarily
do. They may have found out some personal information about you from social media sites, to pretend
they already know you.
How to prevent
 Use biometric measures because these cannot be divulged.
 Ensure you have your privacy settings on any social media to maximum so that fraudsters cannot find
information about you such as your date of birth, where you live etc.
Phishing: Normally an email or text messaging scam where victims are conned into believing that they are
being contacted by their bank for instance and can give sensitive personal details such as bank account
passwords
How to prevent
 Awareness and vigilance. Be particularly aware of unsolicited texts, emails and phone calls. Do not
give personal confidential information away. Official organisations such as banks will never ask for
this information.
 Apply email filtering to prevent dubious emails getting through.
Pharming: Users are redirected to a fraudulent website that they believe to be genuine because it looks like
the real site. For instance, you could be directed site that pretends to be an online store that asks you for
your credit card information.
How to prevent
 Check the URL in the web address. For secure websites such as banking or e-commerce sites the
HTTPS protocol should be used.
 Website filter
Shouldering: Fraudsters look over the shoulder of users to see what passwords or pin numbers that are
being typed into the device. This can easily occur at computer terminals and at ATMs that are out in the
street.
How to prevent
 Be aware of who is around you when typing in your pin into an ATM or into a chip and pin device.
Make sure you cover your hands and they are shielded from prying eyes.
 Place computers in locations that makes shoulder surfing difficult

Types of Malware
Computer Virus: replicate themselves and can transfer from one computer to another. They are activated
by a user often as email attachments and attachment to other files and programs.
Trojan: gains access to a computer by pretending to be legitimate software. The trojan allows unauthorised
backdoor access to a computer without the user being aware.
Spyware: records the activity on your computer such as your keystrokes, thereby logging your passwords
for instance and then send the data back over the network to a hacker. Spyware can also be used to control
your webcam and microphones.

Methods that help detect and prevent Cyber Security Threats

Biometric measures: such as fingerprints, facial recognition and iris scans are increasingly being used to
verify a user’s identity for mobile devices. These are more secure than passwords that can be guessed and
forgotten. Biometric measures require a user to be present when signing into a system.
Automatic software: updates to firewalls, operating systems, antivirus and other security software are
needed so that software can be kept up-to-date against new malware and to fix recently discovered
vulnerabilities
CAPTCHA: is a test that can distinguish between humans and bots. It uses images that machines cannot
interpret but humans can
Using email to confirm a person’s identity: Often when you register for an online service you need to
provide your email address. You are then requested to activate a link sent to you in an email. This is to
confirm that the email account is actually active. Helps to ensure that the users are human and not bots
Password systems: Virtually all accounts require passwords to access. Some secure sites such as online
banking require 2 passwords. Banks may also contact you by phone to confirm a large transaction. This is
called two-factor authentication. Password systems can force users to have strong passwords that regularly
need to be changed

Explain the concept of Authentication

 Authentication takes one or more pieces of data specific to the user and compares them to stored
credentials and only allows access to the system if the credentials are valid
 Example: Username and Password
 Security can be enhanced by asking the user to update their passwords regularly, have complex
passwords and limit login attempts

MAC Address Filtering

 MAC Address Filtering takes the specific MAC address for the device and checks to see if it is in the
safelist and only allows the device to connect to the system if it has permission to do so.
 If it is in the blocklist then the MAC address is not allowed to use the network
 Wi-Fi is offered to the public and so it is difficult to know the MAC addresses of all the devices
connecting to the network
 Not useful in cafes as Maintaining and updating the MAC address list is an inconvenience as there are
frequently changing devices.

Cyber Security Threats if Student Gain Unauthorized Access

Captcha: Log in Page, Checkout page (online payments), reset password page
Automatic software Update > Manual Update: The automatic update cannot be delayed and so the
software always remains up to date. Manual update may never be installed causing the software to be out
of date exposing it to malware and other types of cyber security threats.

Networks
Network – Two or more devices connected together in order to communicate.

Advantages of Networks
 Users can share files between one another
 Centralise the back up from the server
 Easier to collaborate
 User can share peripherals: printers and connections to other networks
 Users can share and access their files from any computer on the network
 Automatic updates can occur

Disadvantages of Networks
 Increased security risks of data
 Malware and viruses spread very easily between computers
 There is dependency on the network because if a server fails, the computers connected to it may not
work
o Client server network and the server goes down
 The computer may run more slowly, if there is a lot of data travelling on the network

Types of Networks
PAN (Personal Area Network)
 Any computer network, which is used for data transmission amongst very localised devices
 Covers a very short range, will often be formed when connecting two personal devices together
 E.g. Bluetooth  Connecting phone to wireless headphones

WAN (Wide Area Network)

 Covers a large geographical area, connecting LANs together
 Infrastructure between the LANs is leased from telecommunication companies who own and
manages it
 WANs are connected with telephone lines, fibre optic cables or satellite links

LAN (Local Area Network)

 Covers a small geographical area located on the single site
 Not on an international scale
 All the hardware for a LAN is owned by the organisation using it
 LANs are wired with UTP cables, fibre optic or wireless using Wi-Fi
 E.g. School

Advantages of Wireless Networks:

 Users can move freely within the network's coverage area, making it suitable for portable devices
like laptops and smartphones.
  Setting up a wireless network is typically easier and less time-consuming than running cables for a
wired network.
 It's easier to expand a wireless network by adding more devices without the need for additional
cabling.
 Wireless networks can reach remote or challenging-to-wire locations, improving network coverage.
 While initial setup costs can be higher, wireless networks can be more cost-effective in the long run
due to reduced cabling and maintenance expenses.

Disadvantages of Wireless Networks:

 Wireless networks are susceptible to unauthorized access, making them potentially less secure than
wired networks.
 There is more latency because the bandwidth for wired networks is faster
 Wireless signals can be affected by physical obstacles, other electronic devices, and environmental
factors, leading to potential signal disruptions.
 Wireless connections may have lower data transfer rates compared to wired connections,
particularly in crowded network environments.
 Wireless networks have a limited coverage area, and signal strength decreases with distance from
the access point
 Wireless networks can be less reliable than wired networks due to interference and signal
dropouts, which can impact the quality of connections and data transfer.

Network Topologies
Bus Network
 Bus topologies use a single ‘backbone’ cable
called a bus to connect all devices
 Two terminators are placed at the ends of the
bus to stop data reflecting back along the bus.
 Without the terminators, reflected signals
would cause interference and potentially make
the network unusable

Advantages
 The network is unaffected if a device fails
 An easy and cheap technology to set up, requires much less cabling than a star topology
 Not dependent on a central server / switch

Disadvantages:
 Data collisions are common on a bus network and this requires the whole network to be reset which
slows the network down
 Unsuitable for large networks because the more devices there are, the more likely data collisions are
 Lower security than star topology as every computer can see all data being transmitted
 If the main bus cable fails then the whole network goes down

Star Network
 In a star topology, all the devices are connected to a central switch or central switch that controls the
network
 The central switch allows many devices to access the server simultaneously

Advantages:
 Even when traffic load is heavy on the network the performance remains consistent
  If one cable fails it will not have an effect on any of the other computers connected
 Decent level of security as transmitted data is only received by the computer for which it is intended
 Easier to add more nodes/devices

Disadvantages:
 If the central server / switch fails the entire network goes down
 Can be costly topology to implement due to all the extra hardware
 Maximum number of possible connections on the network is determined by the switch – if you need
more, you might need to a new one

Network Protocols
Network Protocol – Rules that dictate how devices communicate

HTTP Provides a way for users to interact with web resources. Transmits messages between client and
server using hypertext.

HTTPS As HTTP but in addition uses an encryption protocol to ensure communications are secure.
SMTP Enables users to send (and receive) email messages. Initiates sessions between user and mail server.
Server then forwards messages. Uses a process called ‘store and forward’ to store messages and forward as
necessary. The server decides which server to send the message to and the inbox provider then downloads
the message and places it in the recipient’s inbox. Often used in conjunction with IMAP.
IMAP Stores email messages on an ISPs server but allows user to manipulate messages as though on a local
device. Local devices access the ISP server to access the messages. IMAP works with desktop clients and
webmail clients. Allows simultaneous logins from different devices to one account
FTP Allows secure transfer of files between client and server. Files are uploaded to and downloaded from
the server using FTP.
TCP Connects network devices to the Internet. It defines how applications can create channels of
communication across a network. It manages how a message is assembled into smaller packets before
transmission and reassembles packets in the correct order at destination.
UDP Communications protocol that establishes low latency and loss tolerating connections between
applications. Enables the transfer of data before an agreement is provided by the receiving party. This
speeds up transfers. Can start transferring data before agreement is received from receiving party.
IP Relays data across network boundaries. It defines how to address and route each packet to make sure it
reaches the right destination.

Which protocols sit on which layers?

Layer Protocol
Application Layer HTTP
HTTPS
SMTP
IMAP
FTP
Transport Layer TCP
UDP
Internet Layer IP
Link Layer Ethernet, WiFi, 4G, Fibre
A summary of the purpose of each of the layers:
Layer Purpose
Application Layer Provides user access to applications websites, files, email.
Transport Layer Provides transport of data between devices by splitting files into data packets
and checking that they have been sent and received correctly.
Internet Layer Provides the routing of data across the network by making use of addressing.
Link Layer Provides the physical transport of data through electrical signals etc.

More detail - purpose of each of the layers:

Layer Purpose
Application Layer Provides user access to applications websites, files, email. This is where network
applications operate;
Transport Layer Transport layer sets up the communication between the two hosts.
Transport layer splits the data into packets.

Provides transport of data between devices by splitting files into data packets
and checking that they have been sent and received correctly.
Internet Layer Internet layer adds (IP) addresses to the packets.
Internet layer routes the packets across the network
Provides the routing of data across the network by making use of addressing.
Link Layer Link layer is where network hardware operates (eg network interface card).
Link layer is where operating device drivers operate.
Provides the physical transport of data through electrical signals etc.
Authentication
 Authentication takes one or more pieces of data specific to the user and compares them to stored
credentials and only allows access to the system if the credentials are valid
 Example: Username and Password
 Security can be enhanced by asking the user to update their passwords regularly, have complex
passwords and limit login attempts

MAC Address Filtering

 MAC Address Filtering takes the specific MAC address for the device and checks to see if it is in the
safelist and only allows the device to connect to the system if it has permission to do so.
 If it is in the blocklist then the MAC address is not allowed to use the network
 Wi-Fi is offered to the public and so it is difficult to know the MAC addresses of all the devices
connecting to the network

Firewall
 A firewall is a piece of software that controls what information goes in and out of a network.
 It identifies potential threats using a set of security rules and block any unwanted data. They can be
software or hardware.
 They also keep ports closed and open only those that they expect data to receive
 Prevents unauthorised access into the network
 It makes sure only the right traffic is allowed
 Monitors network traffic

Encryption
 Encryption is when data is translated into a code which only someone with the correct key can access,
meaning unauthorised users cannot read it.
 Essential for sending data over securely
 To encrypt data, an encryption key is used which will convert ‘plain text’ into ‘cipher text’.
 An encryption key is an algorithm which will systematically alter each piece of data in a file.