Know and understand scanning the data/software when downloading

IGCSE ICT (0417) – Complete Syllabus Notes

Objective

Provide a concise, exam‑focused reference for all core areas of the Cambridge IGCSE ICT syllabus, with a special emphasis on scanning data/software when downloading. The notes cover hardware, storage, networks, ICT applications, the systems life‑cycle, safety & security, communication, file management, graphics, documents, databases, spreadsheets and presentations.

1. Types of ICT Systems & Core Components

1.1. Main Hardware Elements

  • CPU (Central Processing Unit) – “brain” of the computer; executes instructions.

  • RAM (Random‑Access Memory) – volatile memory used for temporary data while programmes run.

  • ROM / Firmware – non‑volatile memory that stores permanent instructions (e.g., BIOS).

  • Motherboard – connects CPU, RAM, storage and peripheral devices.

  • Input devices – keyboard, mouse, scanner, microphone, touch screen.

  • Output devices – monitor, printer, speakers, projector.

  • Storage devices (see Section 2).

  • Micro‑processor‑controlled devices – calculators, digital watches, traffic lights, household appliances.

1.2. Health & Safety (Physical & E‑Safety)

AspectKey Points
Physical safetyElectrical shock, fire risk, cable management, proper ventilation, use of UPS.
ErgonomicsAdjust chair/desk height, keep monitor at eye level, take regular breaks to avoid RSI.
E‑safetyStrong passwords, MFA, safe browsing, recognise phishing, avoid sharing personal data online.

2. Storage Devices & Data Management

2.1. Types of Storage

DeviceTechnologyTypical Use
Magnetic hard‑disk (HDD)Spinning platters, magnetic headsPrimary PC storage, large capacity.
Solid‑state drive (SSD)Flash memory (NAND)Fast OS & application storage.
Optical disc (CD/DVD/Blu‑ray)Laser‑read/writeSoftware distribution, archival.
USB flash drive / External HDDFlash or magneticPortable data transfer, backup.
Network‑attached storage (NAS)Dedicated file server on a LANShared files, automated backups.

2.2. Data Integrity Tools

  • Checksums – MD5, SHA‑1, SHA‑256 (verify file has not been altered).

  • Digital signatures – cryptographic verification of publisher identity.

  • Backup strategies – 3‑2‑1 rule (3 copies, 2 media types, 1 off‑site).

3. Networks – Concepts, Types & Effects

3.1. What Is a Network?

A collection of devices linked together to share resources (files, printers, internet access, etc.).

3.2. Core Network Components

  • Router – directs traffic between different networks; provides NAT and DHCP.

  • Network Interface Card (NIC) – hardware that connects a device to a wired or wireless network.

  • Hub – repeats incoming signals to all ports; no intelligence, can cause collisions.

  • Bridge – connects two LAN segments; forwards frames based on MAC addresses.

  • Switch – learns MAC addresses and forwards frames only to the intended port.

  • Access point (AP) – provides Wi‑Fi connectivity for wireless devices.

  • Firewall – hardware or software that filters traffic according to rules.

3.3. Network Types

NetworkTypical CoverageCommon Uses
LAN (Local Area Network)Single building or campusFile sharing, printers, intranet.
WLAN (Wireless LAN)Same area as LAN but using Wi‑FiMobile devices, guest internet.
MAN (Metropolitan Area Network)City‑wideUniversity campuses, municipal services.
WAN (Wide Area Network)Geographically dispersed sitesCorporate branches, Internet backbone.
PAN (Personal Area Network)Few metres (Bluetooth, IR)Wearables, headphones.
InternetGlobal public networkWeb browsing, email, cloud services.
IntranetPrivate LAN/WANInternal communications, document repositories.
ExtranetSecure extension of an intranetSupplier portals, partner collaboration.
Cloud ComputingInternet‑based servicesOnline storage, SaaS applications.

3.4. Effects of Using Networks

  • Advantages: resource sharing, cost saving, collaboration, remote access.

  • Disadvantages: security risks, dependence on connectivity, possible congestion.

3.5. Network Security Controls (Quick Reference)

ControlPurposeTypical Example
FirewallFilters traffic based on rulesRouter‑built firewall, Windows Defender Firewall.
Encryption (SSL/TLS, VPN)Protects data in transitHTTPS websites, corporate VPN.
Authentication (Passwords, MFA)Verifies user identityOTP via authenticator app.
Antivirus/Anti‑malwareDetects and removes malicious codeWindows Defender, Malwarebytes.
Physical securityPrevents unauthorised hardware accessLocked server rooms, CCTV.

4. Scanning Data / Software When Downloading

4.1. Why Scanning Is Required

  • Prevents viruses, worms, Trojans, ransomware and other malicious code from executing.

  • Stops the spread of malware to other devices on the same network.

  • Ensures the integrity of the downloaded file – the file received matches the publisher’s original.

  • Helps organisations meet security policies and data‑protection regulations.

4.2. Common Threats Encountered When Downloading

  1. Viruses – self‑replicating programs that corrupt or delete data.

  2. Worms – spread automatically across networks without user interaction.

  3. Trojan horses – appear legitimate but hide malicious functions.

  4. Adware / Spyware – display unwanted ads or collect personal information.

  5. Ransomware – encrypts files and demands payment for decryption.

  6. Rootkits & Backdoors – provide hidden remote access.

4.3. Scanning Process – Step‑by‑Step

  1. Start the download from a trusted source (official website, reputable app store).

  2. Save the file to a temporary folder (e.g., “Downloads‑Temp”).

  3. Open your antivirus/anti‑malware programme.

  4. Select “Scan file” or “Scan folder” and point to the temporary location.

  5. Review the results:

    • If clean – move the file to its final folder.

    • If a threat is detected – delete or quarantine the file and report the incident.

  6. Update the virus‑definition database:

    • Automatic updates – run in the background.

    • Manual update – click “Check for updates” before a critical download.

  7. Optional – verify checksum or digital signature (see 4.4).

  8. Optional – open the file in a sandbox/virtual machine first, especially for unknown software.

4.4. Verifying Checksums & Digital Signatures

  • Publisher may provide an MD5, SHA‑1 or SHA‑256 hash. Use a hash‑checking tool (e.g., certutil on Windows) to compare.

  • Digital signatures use public‑key cryptography; Windows Explorer and macOS show a “Signed by …” status.

4.5. Tools Frequently Used for Scanning

ToolTypeKey Features
Windows DefenderBuilt‑in antivirusReal‑time protection, cloud‑based updates, integration with File Explorer.
MalwarebytesAnti‑malwareSpecialises in adware, spyware, PUPs; on‑demand scanning.
ClamAVOpen‑source scannerCommand‑line, suitable for servers and automated scripts.
AVG / AvastThird‑party antivirusWeb shield, email scanning, scheduled scans.
Bitdefender, Kaspersky, NortonCommercial suitesMulti‑layer protection, ransomware‑specific modules.

4.6. Best Practices for Safe Downloading

  • Only download from the vendor’s official website or reputable app stores.

  • Check the URL – look for “https://” and a padlock icon.

  • Verify digital signatures or checksums when provided.

  • Keep the operating system and all security software up to date.

  • Enable real‑time scanning and automatic definition updates.

  • Educate users about phishing emails and deceptive download links.

  • Use a sandbox or virtual machine for testing unknown files before installing them on the main system.

  • Maintain regular backups; ransomware cannot encrypt files that are offline.

4.7. Real‑World Example

In May 2023 the “LockBit 3.0” ransomware outbreak infected thousands of organisations worldwide. Many victims had not scanned newly‑downloaded email attachments, allowing the malicious executable to run, encrypt critical data and demand payments of up to €500 000. The incident illustrates how a single un‑scanned file can cripple an entire network and underlines the importance of regular scanning, up‑to‑date definitions and robust backup strategies.

4.8. Summary Table – Quick Reference

ActionWhen to PerformResult Expected
Check source credibilityBefore initiating any downloadReduced risk of malicious files.
Run a scan on the downloaded fileImmediately after download, before openingDetection and removal of threats.
Verify checksum / digital signatureWhen publisher provides oneAssurance that the file has not been altered.
Update virus definitionsDaily (automatic) or on‑demand (manual)Protection against the latest malware.
Apply network security controlsContinuously, as part of policyEnhanced protection of data in transit and at rest.

5. ICT Applications (Key Areas)

5.1. Communication

  • Email – structure (To, CC, BCC, Subject, Body), attachments, netiquette, spam filtering.

  • Instant messaging & chat – real‑time text, presence status, file sharing.

  • Video conferencing – Zoom, Teams, Google Meet; use of passwords, waiting rooms, end‑to‑end encryption.

5.2. Modelling Applications

  • Spreadsheets for financial, scientific or statistical modelling (e.g., budgeting, weather forecasts).

  • Simulation software for engineering or business processes.

5.3. School / Booking Systems

  • Timetable management, online registration, library catalogues.

  • Room‑booking platforms that prevent double‑booking and send confirmation emails.

5.4. Banking & Financial Systems

  • Online banking, ATM networks, electronic funds transfer (EFT), mobile payment apps.

  • Security features – PIN, chip‑and‑PIN, two‑factor authentication.

5.5. Expert Systems

  • Rule‑based programmes that mimic human decision‑making (e.g., medical diagnosis, troubleshooting wizards).

5.6. Retail & E‑Commerce Systems

  • Point‑of‑sale (POS) terminals, EFTPOS, online shopping carts, inventory management.

5.7. Recognition Technologies

  • OCR (Optical Character Recognition) – converts scanned text to editable format.

  • RFID – automatic identification of items via radio waves.

  • Biometrics – fingerprint, facial recognition, iris scan for authentication.

5.8. Satellite, GPS & GIS

  • Satellite communication – TV broadcasting, weather data.

  • GPS – location services for navigation, fleet tracking.

  • GIS (Geographic Information Systems) – mapping, spatial analysis.

6. Systems Development Life‑Cycle (SDLC)

6.1. Stages

  1. Analysis – identify user needs, define requirements, produce a feasibility study.

  2. Design – create data flow diagrams, flowcharts, UI mock‑ups, decide on hardware/software specifications.

  3. Development & Testing – write code or configure software, perform unit testing, integration testing, user‑acceptance testing.

  4. Implementation – install the system, migrate data, train users, go‑live.

  5. Documentation – user manuals, technical guides, maintenance procedures.

  6. Evaluation – review performance against objectives, collect feedback, plan future enhancements.

6.2. Artefacts & Tools

  • Flowcharts & pseudocode – algorithm design.

  • Data flow diagrams (DFD) – visualise information movement.

  • Test plans – list of test cases, expected results.

  • Version control – Git, Subversion for tracking changes.

7. Safety & Security – Full Taxonomy

7.1. Physical Safety

  • Electrical hazards – unplug devices before cleaning, use surge protectors.

  • Fire safety – keep flammable materials away from equipment, know evacuation routes.

  • Ergonomic hazards – proper posture, adjustable chairs, monitor height.

7.2. E‑Safety (Online Behaviour)

  • Cyberbullying – recognise, report, block.

  • Phishing, pharming, smishing, vishing – deceptive attempts to obtain personal data.

  • Social engineering – manipulation to bypass security controls.

  • Safe browsing – use HTTPS, avoid unknown links, enable pop‑up blockers.

7.3. Data Protection Principles (GDPR‑style)

  1. Lawfulness, fairness, transparency

  2. Purpose limitation

  3. Data minimisation

  4. Accuracy

  5. Storage limitation

  6. Integrity & confidentiality (security)

  7. Accountability

7.4. Threat Taxonomy

CategoryExamples
MalwareViruses, worms, Trojans, ransomware, spyware, adware, rootkits.
Social EngineeringPhishing, vishing, smishing, pharming, pretexting.
Network AttacksDenial‑of‑service (DoS), man‑in‑the‑middle, packet sniffing.
Physical Theft / LossStolen laptops, lost USB drives.
Card & Payment FraudSkimming, duplicate cards, online card‑not‑present fraud.

8. Audience & Copyright

8.1. Understanding the Audience

  • Identify who will use the system (students, teachers, customers, managers).

  • Tailor language, layout and functionality to their needs and skill levels.

8.2. Copyright & Licensing

  • Copyright protects original software, images, text, music.

  • Common licences – Proprietary, Freeware, Shareware, Open‑source (GPL, MIT).

  • Software piracy – illegal copying/distribution; schools must use properly licensed software.

  • Creative Commons – allows sharing under defined conditions.

9. Communication & Internet Fundamentals

9.1. Email Essentials

  • Structure – To:, Cc:, Bcc:, Subject:, body.

  • Netiquette – clear subject, polite tone, appropriate signature.

  • Attachments – keep size reasonable, scan for viruses, use cloud links for large files.

9.2. Internet Components & Protocols

Component / ProtocolPurpose
ISP (Internet Service Provider)Provides access to the Internet.
URL (Uniform Resource Locator)Web address; includes protocol, domain, path.
HTTP / HTTPSWeb page transfer; HTTPS adds SSL/TLS encryption.
FTPFile Transfer Protocol – uploads/downloads files.
SMTPSimple Mail Transfer Protocol – sends email.
POP3 / IMAPRetrieve email from a server; IMAP syncs across devices.
SSL / TLSEncrypts data in transit; used by HTTPS, VPNs.

9.3. Evaluating Web Sources

  1. Authority – Who is the author? Is the site reputable?

  2. Accuracy – Are facts supported by evidence? Check dates.

  3. Bias / Purpose – Is the information presented objectively?

  4. Currency – When was the page last updated?

  5. Relevance – Does it meet the research need?

10. File Management

10.1. Organising Files

  • Use a hierarchical folder structure (e.g., Documents / Year / Subject).

  • Adopt consistent naming conventions: YYYYMMDDProjectNameVersion.ext.

  • Include file extensions to indicate format (e.g., .docx, .xlsx, .pdf).

10.2. Compression & Archiving

  • ZIP, RAR, 7z – reduce file size for storage or email attachment.

  • Password‑protect archives for sensitive data.

10.3. Backup Strategies

  • Local backup – external HDD, NAS.

  • Cloud backup – OneDrive, Google Drive, Dropbox.

  • Follow the 3‑2‑1 rule (3 copies, 2 media types, 1 off‑site).

11. Images, Layout, Styles & Proofing

11.1. Image Basics

  • File formats: JPEG (photographs, lossy), PNG (transparent, lossless), GIF (animation, limited colours), SVG (vector).

  • Resolution – DPI (dots per inch) for print (300 dpi) vs. PPI for screens (72‑96 ppi).

  • Basic edits – resize, crop, rotate, adjust brightness/contrast.

11.2. Document Layout & Styles

  • Use headings, sub‑headings, bullet/numbered lists for structure.

  • Apply consistent paragraph styles (font, size, colour, spacing).

  • Headers/footers for page numbers, document title, date.

11.3. Proofing Techniques

  • Spell‑check & grammar tools.

  • Use “Track Changes” for collaborative editing.

  • Read aloud or print a hard copy to spot errors.

12. Graphs & Charts

12.1. Common Types

  • Bar chart – compare quantities across categories.

  • Column chart – similar to bar but vertical.

  • Line chart – show trends over time.

  • Pie chart – illustrate parts of a whole (max 5‑6 slices).

  • Scatter plot – display relationship between two variables.

12.2. Creating a Good Chart

  1. Select appropriate chart type for the data.

  2. Include clear axis titles, units and a descriptive legend.

  3. Use contrasting colours; avoid 3‑D effects that distort perception.

  4. Label data points if needed and add a concise title.

13. Document Production (Word Processing)

13.1. Core Features

  • Templates – pre‑designed layouts for letters, reports, flyers.

  • Mail merge – generate personalised letters or labels from a data source.

  • Tables – organise data; can be converted to charts.

  • Comments & reviewing – add feedback without altering original text.

  • Collaboration – cloud‑based real‑time editing (Google Docs, Office 365).

14. Databases

14.1. Fundamental Concepts

  • Table – collection of rows (records) and columns (fields).

  • Primary key – unique identifier for each record.

  • Foreign key – links tables together (relationships).

  • Query – retrieve or manipulate data (SQL SELECT, UPDATE, DELETE).

  • Form – user‑friendly data entry screen.

  • Report – formatted output for printing or sharing.

14.2. Relational Database Example

Students (StudentID PK, Name, DOB, ClassID FK)
Classes  (ClassID PK, Subject, Teacher)

Query example: “Show all students in ‘Biology’” – uses a JOIN between Students and Classes.

14.3. Data Validation

  • Field rules – numeric only, date range, mandatory entry.

  • Drop‑down lists – restrict to predefined options.

  • Error messages – guide the user to correct input.

15. Spreadsheets

15.1. Core Elements

  • Cell – intersection of row and column (e.g., B3).

  • Formula – begins with “=”, can use arithmetic operators and functions.

  • Functions – SUM, AVERAGE, IF, VLOOKUP, COUNTIF, etc.

15.2. Useful Features

  • Charts – create bar, line, pie charts directly from data ranges.

  • Conditional formatting – highlight cells that meet criteria.

  • Data validation – restrict entry (list, whole number, date).

  • Pivot tables – summarise large data sets quickly.

  • What‑if analysis – Goal Seek, Scenario Manager.

15.3. Example Formula

=IF(C2 >= 50, "Pass", "Fail")

Returns “Pass” if the score in C2 is 50 or above, otherwise “Fail”.

16. Presentations

16.1. Design Principles

  • Keep slides uncluttered – one main idea per slide.

  • Use high‑contrast text/background; limit fonts to two types.

  • Incorporate relevant images, diagrams or short videos.

  • Apply consistent slide master for headings, footers and colour scheme.

16.2. Useful Features

  • Slide transitions – use sparingly for professional effect.

  • Animations – reveal bullet points sequentially.

  • Presenter notes – private cues for the speaker.

  • Embedded media – audio clips, screen recordings.

  • Export options – PDF for handouts, video for online sharing.

17. Summary – Quick Reference Tables

17.1. Network Security Controls (Condensed)

ControlKey Benefit
FirewallBlocks unauthorised traffic.
Encryption (SSL/TLS, VPN)Protects data in transit.
MFAReduces risk of password theft.
AntivirusDetects and removes malware.
Physical locks & CCTVPrevents