Knowledge Organiser: Technical Attacks
Part of Technical Attacks · GCSE GCSE Computer Science revision
This topic summary covers Knowledge Organiser: Technical Attacks within Technical Attacks for GCSE Computer Science. Revise Technical Attacks in Network Security for GCSE Computer Science with 15 exam-style questions and 16 flashcards. This topic appears less often, but it can still be a useful differentiator on mixed-topic papers. It is section 9 of 9 in this topic. Use this topic summary to connect the idea to the wider topic before moving on to questions and flashcards.
Topic position
Section 9 of 9
Practice
15 questions
Recall
16 flashcards
Knowledge Organiser: Technical Attacks
Key Terms
- Brute force attack: Systematically trying every possible password combination
- Dictionary attack: Trying common passwords first before exhaustive combinations
- DoS (Denial of Service): Flooding a server with requests from ONE source
- DDoS (Distributed DoS): Flooding a server from MANY sources simultaneously
- Botnet: Network of compromised computers used to launch DDoS attacks
- SQL injection: Inserting malicious SQL code into a database input field
- Man-in-the-middle (MITM): Attacker intercepts communications between two parties
Must-Know Facts
- DDoS uses MULTIPLE attacking computers; DoS uses only one
- SQL injection targets DATABASES through user input fields (forms, search boxes)
- Brute force tries ALL combinations; dictionary attack tries COMMON passwords first
- Brute force prevention: account lockout, CAPTCHA, strong passwords, MFA
- DDoS impact: website unavailable, lost revenue, reputation damage
- SQL injection prevention: input sanitisation, parameterised queries
Key Concepts
- Technical attacks exploit system/software vulnerabilities (not humans)
- DDoS: compromised computers (botnet) overwhelm target with traffic
- SQL injection: malicious input alters the database query logic
- Brute force: short simple passwords = cracked in minutes; long complex = years
- Prevention: input validation, rate limiting, account lockout, strong passwords
Common Mistakes
- Confusing DoS and DDoS: DoS comes from ONE source; DDoS comes from MANY computers simultaneously (a botnet) — always specify the difference
- Saying SQL injection "crashes" the database: SQL injection manipulates the database query to extract, modify, or delete data — it exploits logic, not crashes
- Confusing brute force and dictionary attacks: Brute force tries every possible combination; dictionary attack tries a list of common passwords first
- Saying brute force is prevented only by long passwords: Prevention also includes account lockout policies, CAPTCHAs, and multi-factor authentication
- Describing MITM as "hacking the server": A man-in-the-middle attack intercepts communications between two parties — the attacker sits between them, not inside either system
Revise this topic interactively on PrepWise — self-test mode, tap-to-reveal definitions, and Common Mistakes from examiners.
Try the interactive Knowledge Organiser — free →Keep building this topic
Read this section alongside the surrounding pages in Technical Attacks. That gives you the full topic sequence instead of a single isolated revision point.
Practice Questions for Technical Attacks
Which of the following best describes a brute force attack?
Explain what a DDoS attack is and how it affects a network.
Quick Recall Flashcards
15 questions on Technical Attacks — practise free
Instant marking, adaptive difficulty, and 16 spaced repetition flashcards. Free until your GCSEs.
Try PrepWise Free