Know and understand internet protocols including HyperText Transfer Protocol (HTTP), HyperText Transfer Protocol secure variant (HTTPS), File Transfer Protocol (FTP), Secure Socket Layer (SSL)

ICT 0417 – Complete Syllabus Notes (Cambridge IGCSE / A‑Level)

1. Hardware, Input/Output, Storage & Networks

  • CPU (Central Processing Unit) – executes instructions; consists of Control Unit, ALU and registers.

  • Memory

    • RAM (Random‑Access Memory) – volatile, fast, holds data while the computer is on.

    • ROM (Read‑Only Memory) – non‑volatile, stores firmware such as BIOS.

    • Cache – very small, high‑speed memory close to the CPU.

  • Operating‑system types

    • CLI (Command‑Line Interface) – e.g., MS‑DOS, Linux terminal.

    • GUI (Graphical User Interface) – Windows, macOS, Android, iOS.

    • Mobile OS – Android, iOS; optimised for touch, power‑efficiency.

    • Key functions: resource management, file system, security, user interface.

  • Input devices – keyboard, mouse, scanner, microphone, touch screen, digital camera. Consider ergonomics and data‑entry accuracy.

  • Output devices – monitor, printer, speakers, projector. Distinguish raster (bitmap) and vector displays.

  • Storage media

    • Magnetic: HDD, floppy, tape.

    • Solid‑state: SSD, USB flash drive, memory card.

    • Optical: CD‑ROM, DVD, Blu‑ray.

    • Cloud storage – remote servers accessed via the Internet; advantages (access anywhere, automatic backup) and disadvantages (dependence on connectivity, security).

  • Network fundamentals

    • Topologies – star, bus, ring, mesh; star is easy to isolate faults, bus suffers from collisions.

    • Key devices

      • Router – forwards data between networks, assigns IP addresses (DHCP).

      • Switch – connects devices within a LAN, uses MAC addresses.

      • Modem – converts digital signals to analog for telephone or cable lines.

      • Access point – provides Wi‑Fi connectivity.

    • IP addressing – IPv4 (32‑bit, dotted decimal) vs IPv6 (128‑bit, hexadecimal). Subnetting basics.

    • DNS (Domain Name System) – translates domain names to IP addresses.

    • Client‑server model – clients request services; servers provide resources (web pages, files, databases).

  • Emerging technology impact (brief) – AI‑driven tutoring apps, AR/VR visualisations, and IoT sensors are extending the range of ICT applications in education and industry.

2. Effects of ICT & Applications

  • Positive effects

    • Speed of communication, instant access to information.

    • Support for education (e‑learning, virtual labs) and business (e‑commerce, automation).

    • Facilitates collaboration across distances.

  • Negative effects

    • Health issues – eye strain, headaches, repetitive‑strain injury (RSI); prevention: regular breaks, ergonomic setup.

    • E‑waste – discarded devices contain hazardous materials; recycling programmes reduce impact.

    • Digital divide – unequal access to hardware, broadband, and digital skills.

    • Privacy & security concerns – data mining, identity theft, cyber‑bullying.

    • Environmental impact – energy consumption of data centres.

  • ICT applications (selected syllabus sub‑topics)

    Application areaTypical example
    School‑management systemAttendance and grades stored in a relational database.
    Booking systemOnline room reservation for a university.
    Banking/ATMSecure transaction processing using encryption.
    Medical information systemElectronic patient records with access control.
    Expert systemDiagnostic tool for plant diseases.
    Retail POS / EFTPOSBarcode scanner linked to inventory database.
    Recognition systemsOCR for digitising printed forms; RFID for stock tracking; biometric fingerprint login.
    Satellite / GPSNavigation app showing real‑time location.
    Simulation / ModellingSpreadsheet model of a small business cash flow.

3. Systems Life‑Cycle, Safety & Security, Audience & Copyright

  • Systems Life‑Cycle (SLC)

    1. Analysis – identify user needs, define requirements.

    2. Design – plan hardware, software architecture, data structures, UI mock‑ups.

    3. Development – write or adapt code, create databases, configure hardware.

    4. Testing – unit, integration and acceptance testing; fix defects.

    5. Implementation – install system, migrate data, train users.

    6. Evaluation – review against objectives, collect feedback, plan maintenance and future upgrades.

  • Safety & e‑safety checklist

    • Physical safety – tidy workspace, ergonomic chairs/desks, avoid overheating equipment.

    • Data protection – strong passwords, two‑factor authentication, regular backups (3‑2‑1 rule).

    • Malware protection – up‑to‑date anti‑virus, firewalls, safe browsing habits.

    • Legal & ethical – respect privacy, comply with data‑protection regulations (GDPR, Data Protection Act).

  • Audience awareness – adapt language, layout and level of detail for primary, secondary or specialist users.

  • Copyright & licensing

    • Copyright protects original literary, artistic, musical and software works.

    • Fair dealing / fair use – limited copying for teaching, research, review.

    • Creative Commons licences – CC‑BY, CC‑BY‑SA, CC‑BY‑NC, etc.

4. Communication & File Management

  • Electronic communication tools – email, instant messaging, video conferencing, blogs, discussion forums, social media.

  • Email etiquette – clear subject, professional greeting, concise body, appropriate signature, correct use of CC/BCC.

  • File‑management concepts

    • File types – text, binary, executable, image, audio, video.

    • File extensions – .docx, .pdf, .jpg, .mp3, .zip.

    • Folder hierarchy – logical structure (e.g., Project > Phase > Documents).

    • Compression – ZIP, RAR; lossless vs. lossy.

    • Backup strategies – 3‑2‑1 rule (3 copies, 2 media types, 1 off‑site).

5. Images, Layout, Styles & Proofing

  • Image formats

    • Raster – BMP, GIF, JPEG, PNG, TIFF (pixel‑based, resolution matters).

    • Vector – SVG, EPS, AI (mathematically defined, scalable).

  • Basic image editing – cropping, resizing, colour correction, layers, transparency.

  • Document layout principles – alignment, proximity, contrast, repetition, white space.

  • Styles – paragraph, character, table, list; use of style sheets for consistency.

  • Proof‑reading techniques – spell‑check, grammar check, peer review, read aloud, verify formatting.

6. Document Production (Word Processing)

  • Creating and formatting text – fonts, sizes, colour, bold/italic/underline.

  • Paragraph formatting – alignment, indentation, line spacing, justification.

  • Tables – inserting, merging cells, applying table styles.

  • Headers, footers, page numbers, footnotes/endnotes.

  • Using templates and master documents.

  • Inserting graphics, hyperlinks, bookmarks.

  • Mail merge – generating personalised letters or labels.

7. Databases

  • Relational database concepts

    • Table – rows (records) and columns (fields).

    • Primary key – unique identifier for each record.

    • Foreign key – links to a primary key in another table.

    • Normalization – reducing redundancy (1NF, 2NF, 3NF).

  • Database objects

    • Forms – data‑entry screens.

    • Queries – SELECT statements, criteria, sorting, calculated fields.

    • Reports – formatted output, grouping, totals.

  • Common operations – add, edit, delete records; import/export CSV, XML.

  • Security – user accounts, passwords, read/write permissions, role‑based access.

8. Presentations

  • Slide master – consistent layout, background, logo.

  • Use of multimedia – inserting images, audio, video, animations.

  • Effective design – limited text per slide, high‑contrast colours, readable fonts (≥24 pt for headings).

  • Transitions and animation – purposeful, not distracting.

  • Speaker notes and handouts.

  • Delivery tips – pacing, eye contact, rehearsal.

9. Spreadsheets

  • Cell referencing – relative, absolute (\$A\$1) and mixed references.

  • Formulas and functions – SUM, AVERAGE, IF, VLOOKUP/HLOOKUP, COUNTIF, DATE, TEXT.

  • Data analysis – sorting, filtering, pivot tables, conditional formatting.

  • Charts – column, line, pie, scatter; choosing the appropriate chart type.

  • What‑if analysis – Goal Seek, Scenario Manager.

  • Protection – locking cells, worksheet and workbook passwords.

10. Website Authoring & Internet Protocols

10.1. Basic Web Technologies

  • HTML (HyperText Markup Language) – defines structure of web pages (elements, attributes, nesting).

  • CSS (Cascading Style Sheets) – controls presentation (selectors, properties, layout models).

  • Responsive design – media queries, flexible grids, viewport meta tag.

10.2. HyperText Transfer Protocol (HTTP)

  • Purpose – transfer hypertext documents and associated resources between client (browser) and server.

  • Default port – 80.

  • Stateless nature – each request is independent; sessions are maintained with cookies or server‑side mechanisms.

  • Common request methods

    • GET – retrieve data (no request body).

    • POST – send data to server (e.g., form submission).

    • PUT – upload/replace a resource.

    • DELETE – remove a resource.

    • HEAD – like GET but without a response body.

  • Status‑code families

    CodeMeaningExample
    1xxInformational100 Continue
    2xxSuccess200 OK, 201 Created
    3xxRedirection301 Moved Permanently, 302 Found
    4xxClient error404 Not Found, 403 Forbidden
    5xxServer error500 Internal Server Error

  • Message structure

    1. Request line – method, URI, HTTP version.

    2. Headers – Host, User‑Agent, Accept, Cookie, etc.

    3. Optional body (for POST/PUT).

    4. Response line – HTTP version, status code, reason phrase.

    5. Response headers – Content‑Type, Content‑Length, Set‑Cookie, etc.

    6. Optional response body – HTML, JSON, image, etc.

10.3. HyperText Transfer Protocol Secure (HTTPS)

  • Purpose – provide confidentiality, integrity and authentication for HTTP traffic.

  • Default port – 443.

  • TLS handshake (simplified)

    1. ClientHello – TLS version, supported cipher suites, random data.

    2. ServerHello – chosen version & cipher suite, server certificate.

    3. Client verifies certificate (trusted CA, validity, domain match).

    4. Key exchange (RSA, Diffie‑Hellman, ECDHE) creates a shared symmetric session key.

    5. Both sides send Finished messages encrypted with the session key.

    6. Subsequent HTTP messages are encrypted (AES, ChaCha20, etc.).

  • Indicators of a secure sitehttps:// in the address bar, padlock icon, certificate details (issued to, issued by, validity period).

  • TLS versions – TLS 1.2 and TLS 1.3 are recommended; TLS 1.0/1.1 are deprecated.

10.4. File Transfer Protocol (FTP)

  • Purpose – transfer files between a client and a server.

  • Default ports – 21 for control commands, 20 for data (active mode). Passive mode uses a random high port for data.

  • Operation modes

    • Active mode – client opens control connection to port 21; server opens data connection from port 20 to a client‑specified port.

    • Passive mode – client opens both control and data connections to ports supplied by the server (works better with firewalls).

  • Common FTP commands – USER, PASS, LIST, RETR (download), STOR (upload), DELE, RNFR/RNTO (rename), MKD, RMD.

  • Security considerations

    • Credentials and data are sent in clear text – vulnerable to sniffing.

    • Secure alternatives:

      • FTPS – FTP over SSL/TLS (explicit on port 21 or implicit on port 990).

      • SFTP – SSH File Transfer Protocol (uses SSH, default port 22).

10.5. Secure Socket Layer (SSL) / Transport Layer Security (TLS)

  • Purpose – provide encryption, authentication and data integrity for any application protocol (e.g., HTTPS, FTPS, SMTP‑TLS).

  • Key components

    • Handshake – negotiates protocol version, cipher suite, and authenticates parties.

    • Cipher suite – combination of key‑exchange algorithm (RSA, DH, ECDHE), symmetric cipher (AES, 3DES, ChaCha20) and hash function (SHA‑256, SHA‑3).

    • Certificates – X.509 digital certificates issued by a Certificate Authority (CA) bind a public key to a domain.

  • Typical workflow for a secured connection

    1. Client initiates TLS handshake.

    2. Server presents its X.509 certificate.

    3. Client validates the certificate chain.

    4. Both parties agree on a cipher suite and generate a shared symmetric key.

    5. All subsequent data is encrypted with that symmetric key.

  • Current best practice – use TLS 1.3 where possible, disable older protocols and weak cipher suites, obtain certificates from trusted CAs, and renew them before expiry.