Name: Fawwaz Ahammed Rafat
Class: 9B
Roll: 10
Subject: Computer Science (2210)
1 a i Cookies are small files or pieces of code stored on the user’s computer which contains
information or data that may be used repeatedly by a website, e.g. the login details of an user so that
every time the user opens a website they do not have to login to it every time and have it
automatically logged into.
ii The main difference between a session cookie and a persistent cookie is that when a session
cookie is stored temporarily in the user’s computer by the web browser and is deleted when the web
browser is closed, whereas a persistent cookie once stored on the user’s computer stays even when
the web browser is closed and its deletion depends on whether is has reached its time limit or is
required by the browser to be deleted.
iii Persistent cookies may store the login details of an user i.e. username/email and a password, with
this whenever the website that uses the login details’ cookies detects it will log in the user
automatically making it so that every time the user visits said website does not have to log in to it
every time. Persistent cookies can contain website preferences which the user has set e.g. language,
currency, and other website specific preferences so that the user does not have to configure the
website preferences upon every visit. Persistent cookies can also store user behaviour on a certain
website such as what products the user buys, or what types of products they look at, and upon
future website visits use this data from the persistent cookies to suggest more products of that type.
2 a Spyware is a software which monitors user activity and gathers information from the computer
it is on. It is used by cybercriminals to gain information on targets which is done by the spyware
monitoring internet traffic of the computer or the keystrokes made by the user on the computer
which may lead the cybercriminals into gaining personal details, bank details, or the user’s online
account details.
b When logging in to the web page the keystrokes entered on it can be encrypted and the internet
traffic used to send it to servers can be encrypted in this way spyware installed on a computer
logging in to the webpage even if it gets the account details via keylogging or snooping for the
internet traffic concerning it will be useless as it is encrypted.
c A firewall analyses internet traffic in a network, via analysis it may: block internet traffic based on
its set rules which are in place for the protection of the network, warn users of suspicious activities
detected in the network, if equipped with proper inbound rules the firewall may be able to block
malicious internet traffic such as the transfer of malware, and for the case of this company the
firewall may log the internet traffic in the company network for the network admin to review.
d Unauthorised access of data may be prevented via maintaining access levels within the company
network where each user has an account with an username and a password and depending on the
account’s access level the user may access the data which they are authorized to. The company
computers can also have anti-malware software installed which detects and prevents from malware
�being on the computers which may pose a risk of giving cybercriminals access to the data without
authority.
3 set of rules that must be obeyed when transferring files and data across the internet - hypertext
transfer protocol (http)
software used to access, translate and display web pages on a user’s screen - web browser
collection of multimedia web pages and other information on websites; these resources are accessed
by a browser - World Wide Web (WWW)
worldwide collection of interconnected network computers that make use of TCP and IP protocols -
internet
small file or program downloaded when user visits a website; it remembers user preferences and
other data - cookie
financial system which allows the transfer of funds and purchasing items electronically - digital
currency
5 a Cybercriminals can use scareware such as adverts where the user is warned about their
computer having malware and linking fake anti-virus software with malicious code in it which if the
user scared about the malware downloads will have malicious code on their computer.
Cybercriminals can also bait users with their curiosity, e.g. leaving an unknown pendrive with
malicious code on it which if the user is curious enough to plug it into their computer will get
malware on their own computer. Cybercriminals may use instant messaging to message users
malicious links with malicious code disguised as genuine links such as an important software update
but upon downloading from this link the user will be infected with malware. Cybercriminals may
send phishing emails (fake emails) with fake links or fake downloads with malicious code on them
with a legitimate disguise such as a sponsorship email with a fake sponsorship document which
contains malicious code and the user gets infected if they download and view said document.
b In stage 1, the victim of the social engineering is identified and information about them is gather
and with it the form of attack is decided, e.g. if it will be baiting, phishing, phone calls, etc. In stage 2,
the victim is targeted with the decided attack, i.e. the baiting or phishing is initiated. In stage 3, the
attack is initiated, i.e. the bait is left off or the phishing email is sent. In stage 4, the attack is
complete the cybercriminal of now removes all traces of themselves and their attacks.
c i Digital currency unlike fiat currency has no physical form and exists as computer data, Digital
currency maybe transferred account to account via online services and smartphone apps such that
physically going to the bank is not required unlike fiat currencies.
ii By blockchaining all transactions between the company and the customers are held in a
decentralised database as blocks which contains a hash unique to it, a timestamp of when the
transaction had taken place, and the details of the time stamp. In a chain each block when created is
linked to a previously created block by having its hash stored inside it along with its own hash the
only exception being the first ever block in the chain which does not have a previous has and hence
is called the genesis block. Now whenever a cybercriminal would want to create an illegitimate
transaction and insert that block in the chain it would automatically break the chain as the block has
�a different hash and the block after it has a different hash as its previous hash breaking the chain of
all the blocks after it and halting all transactions. There are also commissioned “miners” who police
the block chains looking for illegitimate blocks this is why blocks must be added 10 minutes after
initializing its addition to check its legitimacy. Every computer of a blockchain network has a database
of all blockchains so that if someone tries to illegitimately add a block, they have to add it on every
computer on the network making this practically impossible.
6 a HTML structure refers to how a webpage presents its content which has to be rendered by a
web browser in order to view it.
b The user enters the URL of the website. The browser uses the DNS server to look up the Internet
Protocol address (IP address). The browser sends a request to the web server to obtain the website
files. The website files are sent as Hypertext Markup Language (HTML).
