Introduction to Cyber Security — OCN London Digital Functional Skills Qualification Digital Skills & IT Revision
This subtopic equips learners with fundamental knowledge of cyber security, focusing on protecting personal information and devices from common digital thr
Topic Synopsis
This subtopic equips learners with fundamental knowledge of cyber security, focusing on protecting personal information and devices from common digital threats. It covers the importance of passwords, safe browsing practices, and recognising suspicious online activity. Learners will understand how these measures apply in everyday contexts, such as using email or social media safely.
Key Concepts & Core Principles
- Using Devices: Understanding how to turn on/off, log in, use a mouse/touchscreen, and navigate the desktop or home screen.
- Creating and Editing Digital Content: Using basic word processing software to type, format text (bold, italic), insert images, and save documents.
- Online Communication: Sending and receiving emails, attaching files, and understanding netiquette (polite online behaviour).
- Staying Safe Online: Recognising phishing attempts, creating strong passwords, and knowing not to share personal information with strangers.
- Searching the Web: Using search engines to find information, evaluating search results, and bookmarking useful pages.
Exam Tips & Revision Strategies
- When describing threats, use examples from your own experience, like showing a screenshot of a phishing email and explaining how you knew it was fake.
- For the 'minimising impact' criterion, structure your answer around three stages: prevention (e.g., strong passwords), immediate response (e.g., disconnecting from internet), and recovery (e.g., restoring from backup).
- In any written work, always link your cyber safety actions to the specific threat they protect against, e.g., 'I use two-factor authentication to stop someone accessing my account even if they steal my password.'
- Use everyday examples, such as receiving a suspicious text from a ‘bank’, to demonstrate understanding of threats and response strategies.
- Practice explaining cyber security concepts in simple, plain language—assessors value clear communication over technical jargon.
- When describing how to minimise attacks, be specific: say ‘install operating system updates’ rather than just ‘keep things safe’.
- For portfolio tasks, include screenshots or written explanations of security settings you have adjusted on a device to evidence practical application.
- Refer to the three core concepts—confidentiality, integrity and availability—to show deeper understanding when answering questions about the purpose of cyber security.
Common Misconceptions & Mistakes to Avoid
- Confusing a virus with a phishing attack; learners often think all cyber threats involve software damage.
- Believing that using public Wi-Fi is always safe as long as they aren't entering bank details, overlooking other data risks.
- Thinking a long password is automatically secure without considering complexity (e.g., 'password12345' is weak).
- Assuming that turning off a computer after an attack removes the threat entirely.
- Confusing malware with a virus—malware is a broad term that includes viruses, worms and ransomware; a virus is just one type.
- Thinking that cyber security only applies to computers, while mobile phones, tablets and smart devices are equally vulnerable.
Examiner Marking Points
- Award credit for clearly defining a cyber security threat, such as phishing or malware, in simple terms.
- Expect evidence of identifying at least two ways to stay safe online, like using strong passwords and not sharing personal details with unknown contacts.
- Assess practical demonstration of recognizing a suspicious email or message, explaining why it might be a threat.
- Credit responses that connect minimising impact to actions like installing updates or backing up data, with a basic example.
- Award credit for clearly defining cyber security as the practice of protecting systems, networks and data from digital attacks.
- Look for the accurate identification and description of at least two distinct cyber threats (e.g., phishing, malware) with simple examples of their impact.
- Expect the learner to propose at least two appropriate measures to reduce the likelihood or impact of an attack, such as keeping software updated, using strong passwords or not sharing personal information.
- Credit should be given for demonstrating an awareness that cyber security is everyone’s responsibility and that risks can be minimised through consistent good habits.