Network Security

Correct Answer: (a) Ignorance

Justification: Ignorance is an *internal* (human/user-side) threat — it arises from a lack of awareness or knowledge by the user. Trojan horses, Adware, and Crackers are all external threats that originate from outside the system or network.

Correct Answer: (c) Stalking

Justification: Stalking refers to repeated harassment of a person by following them, making unwanted calls, or sending repeated messages/letters. It is a form of cyber crime when done through digital means (cyber stalking).

Correct Answer: (d) Concerns about biochip implants

Justification: Genetic and genomic research raises specific ethical concerns about biochip implants — tiny devices that could be embedded in the human body to store or transmit biological/genetic data, raising serious privacy and ethical issues.

Correct Answer: (b) DoS attacks

Justification: A Denial of Service (DoS) attack is a direct class of computer/network threat that disrupts the normal functioning of a system by overwhelming it with traffic. Phishing is a social engineering attack; Soliciting and Stalking are cyber crimes against persons, not classified as computer system threats.

Correct Answer: (a) True

Justification: A license is a legal agreement that grants a licensee (user) the right to use copyrighted material under specified conditions. Without a license, using copyrighted material would be illegal.

Correct Answer: (b) Firewall

Justification: A Firewall is a program or hardware device that monitors and filters incoming and outgoing network traffic based on predefined security rules. It acts as a barrier between a trusted internal network and untrusted external networks.

Correct Answer: (c) Cookies

Justification: Cookies are small text files that a website stores on the user's computer when they visit it. They contain information such as login details, preferences, and browsing history, allowing the website to remember the user on future visits.

Correct Answer: (a) Plagiarism

Justification: Plagiarism specifically refers to stealing or copying someone else's ideas, words, or creative work and presenting them as one's own without giving credit. While piracy involves unauthorized copying/distribution, plagiarism is the act of claiming others' ideas as your own.

Correct Answer: (b) False

Justification: Not all hacking is illegal. *Ethical hacking* (also called white-hat hacking) is performed with the permission of the system owner to identify vulnerabilities and improve security. Such hacking is legal and is a recognized profession. Only unauthorized hacking (cracking) is illegal.

Correct Answer: (a) Cyber ethics

Justification: Cyber ethics refers to the study and practice of appropriate and ethical behaviour in online environments and digital media. It includes issues like respecting others' privacy, avoiding plagiarism, and responsible use of the internet.

Correct Answer: (a) In some situations this statement is correct

Justification: A license grants permission to use copyrighted material under specific terms and conditions. However, not all licenses allow all types of use — some may restrict copying, redistribution, or commercial use. Therefore, the statement is correct only in certain situations depending on the type of license.

Given: Two types of software licenses — Workstation License and Site License.

Concept: Software licenses define the terms under which software can be used.

| Workstation License | Site License |
|---|---|
| Allows installation of software on a single computer/workstation only. | Allows installation of software on multiple computers at a specific location (site). |
| Purchased for individual use. | Purchased by organizations, schools, or businesses for multiple users. |
| Less expensive as it covers only one machine. | More expensive but cost-effective for large-scale use. |
| If installed on more than one machine, it violates the license agreement. | Covers all machines within the licensed site/premises. |
| Example: A single user buying MS Office for their personal laptop. | Example: A school purchasing a license for MS Office for all computers in its lab. |

Conclusion: A workstation license is for individual use on one machine, while a site license covers multiple machines at a given location.

Definition of Software Cracking:
Software cracking refers to the act of modifying or bypassing the security features of a software program to remove copy protection, license restrictions, or activation requirements, enabling unauthorized use of the software.

How it is done:
- Crackers use tools such as key generators (keygens), patches, or serial number generators to bypass software activation.
- They may also reverse-engineer the software code to remove license checks.

Types of Cracking:
1. Serial/Key Cracking: Generating fake serial numbers to activate software.
2. Patch Cracking: Modifying the software's executable file to skip license verification.
3. Loader Cracking: Using a separate program to load the software while bypassing protection.

Legal and Ethical Issues:
- Software cracking is illegal under copyright law and the IT Act.
- It deprives software developers of their rightful revenue.
- Cracked software may contain malware or viruses, posing security risks to the user.
- It is a form of software piracy.

Conclusion: Cracking software is both unethical and illegal. Users should always purchase legitimate licenses to support developers and ensure software security.

Definition: Cyber crime refers to any criminal activity that involves a computer, network, or the internet as a tool, target, or place of crime.

Categories of Cyber Crime:

1. Cyber Crimes Against Individuals:
- Cyber Stalking: Repeatedly harassing or following a person online through emails, messages, or social media.
- Identity Theft: Stealing someone's personal information (name, credit card details) to commit fraud.
- Phishing: Sending fake emails or creating fake websites to trick users into revealing personal/financial information.
- Cyber Bullying: Using digital platforms to bully, threaten, or humiliate individuals.

2. Cyber Crimes Against Property:
- Hacking/Cracking: Unauthorized access to computer systems to steal or damage data.
- Software Piracy: Illegal copying, distribution, or use of copyrighted software.
- Intellectual Property Theft: Stealing creative works, patents, or trade secrets.
- Virus/Malware Attacks: Spreading malicious programs to damage or steal data.

3. Cyber Crimes Against Organizations/Government:
- Denial of Service (DoS) Attack: Flooding a server with requests to make it unavailable to legitimate users.
- Data Breach: Unauthorized access to confidential organizational data.
- Cyber Terrorism: Using the internet to plan or execute terrorist activities.
- Cyber Espionage: Spying on government or corporate networks to steal sensitive information.

4. Cyber Crimes Against Society:
- Spreading misinformation/fake news online.
- Online fraud and scams targeting the general public.
- Child pornography and exploitation through digital media.

Conclusion: Cyber crimes are diverse and affect individuals, organizations, and society. Awareness, strong passwords, firewalls, and cyber laws help combat them.

(a) Spyware:
Spyware is a type of malicious software that secretly installs itself on a user's computer without their knowledge and collects personal information such as browsing habits, passwords, credit card numbers, and keystrokes. This information is then sent to a third party (usually advertisers or hackers).
- Example: Keyloggers that record everything typed on the keyboard.

(b) Malware:
Malware (short for Malicious Software) is a broad term that refers to any software intentionally designed to cause damage to a computer, server, network, or user. It includes viruses, worms, trojans, spyware, adware, ransomware, etc.
- Effect: It can corrupt files, steal data, slow down systems, or give unauthorized access to attackers.
- Example: A ransomware program that encrypts files and demands payment.

(c) Virus:
A computer virus is a malicious program that attaches itself to a legitimate file or program and replicates itself when that file is executed. It spreads from one computer to another and can corrupt or delete data, slow down the system, or cause it to crash.
- Key Feature: It requires a host file to spread.
- Example: The ILOVEYOU virus that spread through email attachments.

(d) Worms:
A computer worm is a self-replicating malicious program that spreads across networks without needing a host file. Unlike viruses, worms do not need to attach themselves to an existing program — they can spread independently through network connections, emails, or vulnerabilities.
- Key Feature: Self-replicating and spreads automatically without user action.
- Example: The WannaCry worm that spread across networks exploiting Windows vulnerabilities.

Summary Table:
| Term | Needs Host? | Spreads How? | Main Damage |
|---|---|---|---|
| Spyware | No | Downloads/installs | Steals data |
| Malware | Varies | Various methods | General damage |
| Virus | Yes | Infected files | Corrupts/deletes data |
| Worm | No | Network/email | Consumes bandwidth, spreads rapidly |

Ethical Hacking — A Short Note:

Definition:
Ethical hacking, also known as white-hat hacking or penetration testing, is the practice of deliberately probing a computer system, network, or application to find security vulnerabilities — but with the full knowledge and permission of the system owner.

Purpose:
The main goal of ethical hacking is to identify weaknesses before malicious hackers (black-hat hackers) can exploit them, thereby strengthening the security of the system.

Who is an Ethical Hacker?
An ethical hacker is a trained cybersecurity professional who uses the same tools and techniques as malicious hackers but does so legally and ethically. They are often called Certified Ethical Hackers (CEH).

Steps in Ethical Hacking:
1. Reconnaissance: Gathering information about the target system.
2. Scanning: Identifying open ports and vulnerabilities.
3. Gaining Access: Attempting to exploit vulnerabilities.
4. Maintaining Access: Testing if access can be sustained.
5. Reporting: Documenting findings and suggesting fixes.

Key Principles:
- Always obtain written permission before testing.
- Do not cause damage to the system.
- Report all findings honestly to the owner.
- Respect privacy and confidentiality.

Importance:
- Helps organizations protect sensitive data.
- Prevents financial losses due to data breaches.
- Ensures compliance with security standards.

Conclusion: Ethical hacking is a vital part of modern cybersecurity. It is legal, responsible, and essential for protecting digital infrastructure from malicious attacks.

Introduction:
Cyber security refers to the protection of computer systems, networks, and data from digital attacks, theft, and damage. It is essential for every internet user to practice cyber security.

Reasons Why Users Must Take Care of Cyber Security:

1. Protection of Personal Information:
The internet contains threats like phishing, identity theft, and spyware that can steal personal data such as passwords, bank details, and Aadhaar numbers. Cyber security measures protect this sensitive information.

2. Prevention of Financial Loss:
Cybercriminals can access bank accounts, make unauthorized transactions, or commit credit card fraud. Secure practices like strong passwords and two-factor authentication prevent such losses.

3. Avoiding Malware Infections:
Viruses, worms, and ransomware can corrupt or delete important files. Installing antivirus software and avoiding suspicious downloads protects the system.

4. Protection from Cyber Bullying and Stalking:
Sharing too much personal information online can make users vulnerable to stalking or bullying. Cyber security awareness helps users manage their digital footprint.

5. Safeguarding Privacy:
Without proper security, cookies, spyware, and trackers can monitor user activity. Using secure browsers and privacy settings protects user privacy.

6. Preventing Unauthorized Access:
Weak passwords or unsecured networks can allow hackers to access personal accounts and devices. Using firewalls and strong passwords prevents this.

7. Legal Compliance:
Being aware of cyber laws helps users avoid unknowingly committing cyber crimes such as downloading pirated content.

Conclusion: Cyber security is not just the responsibility of organizations — every individual user must practice safe internet habits to protect themselves and others from cyber threats.

Points to Keep in Mind While Working on Computers:

A. Security Precautions:
1. Use strong passwords: Create passwords with a mix of uppercase, lowercase, numbers, and special characters. Change them regularly.
2. Install antivirus software: Keep it updated to detect and remove malware.
3. Enable a firewall: It filters incoming and outgoing network traffic.
4. Keep software updated: Regular updates patch security vulnerabilities.
5. Avoid suspicious links/attachments: Do not click on unknown email links or download unverified files.
6. Use secure networks: Avoid using public Wi-Fi for sensitive transactions.

B. Safety Precautions:
1. Do not share personal information online with strangers.
2. Log out of accounts after use, especially on shared computers.
3. Back up important data regularly to prevent loss.
4. Be cautious of phishing — verify the authenticity of websites before entering credentials.
5. Restrict access to your computer using screen locks and passwords.

C. Ethical Precautions:
1. Do not plagiarize: Do not copy others' work and present it as your own.
2. Respect intellectual property: Do not use pirated software or download copyrighted material illegally.
3. Use appropriate language: Avoid using offensive or abusive language online.
4. Do not hack into others' systems without permission.
5. Respect others' privacy: Do not access or share others' personal data without consent.

D. Physical/Health Precautions:
1. Take regular breaks to avoid eye strain and repetitive stress injuries.
2. Maintain proper posture while working.
3. Keep the computer and workspace clean.

Conclusion: Working responsibly on computers requires a combination of security awareness, ethical behaviour, and safe practices to ensure a safe and productive digital experience.

Definition of Denial of Service (DoS) Attack:
A Denial of Service (DoS) attack is a type of cyber attack in which the attacker floods a target computer, server, or network with an overwhelming amount of traffic or requests, making it unavailable to legitimate users.

How a DoS Attack Works:
- The attacker sends a massive number of requests to the target server simultaneously.
- The server becomes overloaded and cannot process legitimate requests.
- As a result, the service (website, application, or network) becomes slow or completely unavailable.

Types of DoS Attacks:
1. Flood Attack: Sending excessive data packets to overwhelm the network bandwidth.
2. Ping of Death: Sending malformed or oversized ping packets to crash the system.
3. SYN Flood: Exploiting the TCP handshake process to exhaust server resources.
4. Distributed DoS (DDoS): A more powerful version where multiple compromised computers (botnet) simultaneously attack a single target.

How it Affects System Performance:
1. Slowdown: The server becomes extremely slow due to resource exhaustion.
2. Unavailability: Legitimate users cannot access the website or service.
3. Data Loss: Ongoing transactions may be interrupted, causing data loss.
4. Financial Loss: Businesses lose revenue when their services go offline.
5. Reputation Damage: Organizations lose customer trust due to service downtime.
6. Resource Consumption: CPU, memory, and bandwidth are fully consumed, leaving no resources for genuine requests.

Prevention:
- Use firewalls and intrusion detection systems.
- Implement rate limiting on servers.
- Use DDoS protection services.

Conclusion: A DoS attack is a serious threat that can cripple an organization's online services. Proper security measures are essential to prevent and mitigate such attacks.

Given: Two types of software distribution models — Shareware and Freeware.

Concept: Both are types of software that can be obtained without initial purchase, but they differ in terms of usage rights and limitations.

| Aspect | Shareware | Freeware |
|---|---|---|
| Definition | Software that is available for free on a trial basis for a limited time or with limited features. | Software that is available completely free of cost for unlimited use. |
| Cost | Free initially, but requires payment after the trial period to continue using full features. | Completely free — no payment required at any time. |
| Features | May have restricted features until the full version is purchased. | All features are available without any payment. |
| Time Limit | Often has a time-limited trial (e.g., 30 days). | No time limit — can be used indefinitely. |
| Purpose | Used as a marketing strategy to let users try before buying. | Distributed freely by developers as a service or for promotional purposes. |
| Source Code | Source code is not provided. | Source code is usually not provided (unlike open-source). |
| Example | WinRAR, Adobe Acrobat Reader (trial version), antivirus trials. | VLC Media Player, 7-Zip, Skype (basic version). |

Conclusion: Shareware is a try-before-you-buy model with limitations, while Freeware is completely free software available for unlimited use without any cost.

Software Licenses Used by Users:

A software license is a legal agreement that defines how software can be used, distributed, and modified. The following are the main types of licenses:

1. Proprietary/Commercial License:
- Software is owned by the developer/company.
- Users must purchase the software to use it.
- Copying, modifying, or redistributing is not allowed.
- Example: Microsoft Windows, Adobe Photoshop.

2. Freeware License:
- Software is available free of cost for unlimited use.
- Users cannot modify or redistribute the source code.
- Example: VLC Media Player, 7-Zip.

3. Shareware License:
- Software is available free for a trial period or with limited features.
- Full version requires payment.
- Example: WinRAR, antivirus trial versions.

4. Open Source License:
- Source code is freely available for anyone to view, modify, and distribute.
- Examples of open source licenses:
- GNU General Public License (GPL)
- MIT License
- Apache License
- Example Software: Linux, Mozilla Firefox.

5. Workstation/Single-User License:
- Allows installation on one computer only.
- Example: A single copy of MS Office for personal use.

6. Site License:
- Allows installation on multiple computers at a specific location.
- Example: A school purchasing software for all lab computers.

7. Network License/Floating License:
- Allows a specific number of users on a network to use the software simultaneously.

8. Creative Commons License:
- Used for creative works (music, art, writing).
- Allows sharing and use under specified conditions.

9. Public Domain License:
- Software with no copyright restrictions — anyone can use, modify, or distribute it freely.

Conclusion: Different licenses serve different purposes — from protecting developers' rights to promoting free sharing of software. Users must always check and comply with the license terms.

Open Source Software:

Definition:
Open source software (OSS) is software whose source code is freely available to the public. Anyone can view, use, modify, and distribute the software, usually under an open source license such as GPL or MIT License.

Key Features of Open Source Software:
- Source code is publicly accessible.
- Can be freely downloaded, used, and modified.
- Modifications can be redistributed under the same license.
- Developed and maintained by a community of developers.
- Usually free of cost (though not always).

Examples: Linux, Mozilla Firefox, LibreOffice, Python, Apache Web Server.

---

Difference Between Open Source and Proprietary Software:

| Aspect | Open Source Software | Proprietary Software |
|---|---|---|
| Source Code | Freely available to all. | Kept secret; not available to users. |
| Cost | Usually free. | Usually requires purchase. |
| Modification | Can be modified by anyone. | Cannot be modified by users. |
| Distribution | Can be freely redistributed. | Redistribution is restricted. |
| Support | Community-based support. | Official support from the company. |
| Security | Vulnerabilities can be found and fixed quickly by the community. | Security depends on the company's updates. |
| Customization | Highly customizable. | Limited customization. |
| Examples | Linux, Firefox, LibreOffice. | Windows, MS Office, Adobe Photoshop. |
| License | GPL, MIT, Apache License. | End User License Agreement (EULA). |

Conclusion: Open source software promotes collaboration, transparency, and freedom, while proprietary software offers controlled, commercially supported solutions. Both have their advantages depending on the user's needs.

Understanding Software Cookies — How They Are Helpful:

What are Cookies?
Cookies are small text files stored on a user's computer by a website they visit. They contain information about the user's session, preferences, and browsing activity.

How Cookies are Helpful to the USER:

1. Remembering Login Details: Cookies save login information so users don't have to enter their username and password every time they visit a website.
- Example: Staying logged in to Gmail or Facebook.

2. Personalized Experience: Websites remember user preferences (language, theme, location) through cookies, providing a customized experience.
- Example: A news website showing news in your preferred language.

3. Shopping Cart Memory: E-commerce websites use cookies to remember items added to the shopping cart, even if the user leaves and returns later.
- Example: Amazon remembering items in your cart.

4. Faster Browsing: Since cookies store some data locally, pages load faster on repeat visits.

5. Saved Settings: Cookies remember display settings, font sizes, and other preferences.

How Cookies are Helpful to WEBSITES:

1. User Tracking and Analytics: Websites use cookies to track how users navigate their site, helping them improve user experience.

2. Targeted Advertising: Cookies help websites show relevant advertisements based on the user's browsing history and interests.

3. Session Management: Cookies help websites manage user sessions securely, ensuring users remain logged in during their visit.

4. Improving Services: By analyzing cookie data, websites understand which pages are popular and improve their content accordingly.

5. Reducing Server Load: Cookies store some data on the client side, reducing the need for repeated server queries.

Conclusion: While cookies raise some privacy concerns, they are genuinely helpful tools that enhance the browsing experience for users and help websites deliver better, more personalized services. Users should regularly manage and clear cookies to maintain privacy.

Common Online Activities and Security Measures:

Activities Done While Connected to the Internet:
1. Browsing websites and reading news.
2. Using social media (Facebook, Instagram, Twitter).
3. Sending and receiving emails.
4. Online shopping and banking.
5. Watching videos and streaming content.
6. Downloading files, apps, and software.
7. Online gaming.
8. Video calling and chatting.
9. Submitting school assignments and using educational portals.
10. Searching for information on search engines.

---

Security Measures to Safeguard Yourself:

| Activity | Security Measure |
|---|---|
| Social Media Use | Use strong, unique passwords; enable two-factor authentication; keep profile private. |
| Email | Do not open attachments from unknown senders; beware of phishing emails. |
| Online Shopping/Banking | Use only secure (HTTPS) websites; never save card details on websites; use trusted payment gateways. |
| Downloading Files | Download only from reputable sources; scan downloads with antivirus before opening. |
| Browsing | Use a secure browser; check URLs for authenticity; avoid clicking on pop-up ads. |
| Video Calling/Chatting | Do not share personal information with strangers; use encrypted platforms. |
| Online Gaming | Do not share real name, address, or financial details in games. |
| General Internet Use | Keep antivirus and firewall active and updated; use a VPN on public networks. |

General Security Tips:
1. Use strong passwords and change them regularly.
2. Enable two-factor authentication on all important accounts.
3. Keep software and OS updated to patch vulnerabilities.
4. Log out of accounts after use.
5. Avoid public Wi-Fi for sensitive activities.
6. Regularly back up important data.
7. Be aware of cyber laws and your rights online.

Conclusion: Being aware of online threats and taking proactive security measures ensures a safe and enjoyable internet experience. Sharing these practices with peers helps build a safer online community.

Category: Security Precaution

Reason: Keeping your password private prevents unauthorized access to your accounts and systems. Sharing passwords can lead to data breaches and identity theft, making this a fundamental security measure.

Category: Ethical Precaution

Reason: Using respectful and appropriate language online is a matter of cyber ethics. It reflects responsible digital citizenship and ensures a respectful online environment for all users.

Category: Security Precaution

Reason: Promptly reporting security breaches helps contain damage, protect sensitive data, and prevent further unauthorized access. It is a critical step in maintaining organizational and personal security.

Category: Security Precaution

Reason: Firewalls and antivirus software are technical tools that protect computer systems from malware, unauthorized access, and cyber attacks. Installing and maintaining them is a core security practice.

Category: Ethical Precaution

Reason: Plagiarism — copying others' work and presenting it as your own — is an ethical violation. It disrespects intellectual property rights and is considered dishonest behaviour in academic and professional settings.

Category: Safety Precaution

Reason: Being cautious about strangers online and verifying information before trusting it protects users from scams, misinformation, cyber stalking, and social engineering attacks. This is primarily a personal safety measure.

Category: Security Precaution

Reason: Configuring system settings to accept data only from trusted sources (e.g., enabling trusted zones in browsers, configuring firewall rules) is a technical security measure that prevents malicious data from entering the system.

Category: Ethical Precaution

Reason: Downloading copyrighted materials without permission violates intellectual property rights and copyright law. Respecting copyright is an ethical responsibility of every internet user.

Category: Security Precaution

Reason: Downloading applications from unverified sources can introduce malware, spyware, or viruses into the system. Using reputable sources (like official app stores) ensures the software is safe and legitimate.

Category: Safety Precaution

Reason: Checking URLs helps users identify fake or phishing websites that mimic legitimate ones to steal personal information. Ensuring the URL is correct and the site uses HTTPS is a key online safety habit.

Category: Ethical Precaution (also a Legal/Security concern)

Reason: Using someone else's password or hacking into their computer without permission is both unethical and illegal. It violates the person's privacy and is a breach of cyber ethics and cyber law.

Category: Security Precaution

Reason: Restricting access to personal information through privacy settings, strong passwords, and encryption directly prevents identity theft and unauthorized use of personal data. This is a proactive security measure.

Answer: False

Reason: Not all hacking is illegal. *Ethical hacking* (white-hat hacking) is performed with the explicit permission of the system owner to identify and fix security vulnerabilities. It is a legal and recognized profession. Only unauthorized hacking (cracking) is illegal and punishable by law.

Answer: True

Reason: A license is a legal agreement that grants the licensee (user) the right to use copyrighted material under specific terms and conditions set by the copyright holder. Without a license, using copyrighted material would be an infringement.

Answer: False

Reason: Software licenses can be of various types — some are perpetual (one-time purchase with lifetime use rights), while others are subscription-based (valid for a specific period, e.g., annual licenses). Therefore, it is not true that software can *only* be licensed for a specific period.

Answer: True

Reason: A firewall is a security system (software or hardware) that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier (virtual wall) between a trusted internal network and untrusted external networks, protecting data from unauthorized access.

Answer: False

Reason: Cyber law covers a broad range of legal issues related to the internet and digital technology — including crimes committed *using* computers, crimes committed *against* computers, online contracts, intellectual property, privacy, and electronic commerce. It is not limited only to crimes committed by computers.

Answer: False

Reason: Crackers use digital/software tools — such as password crackers, exploit scripts, keyloggers, and malware — to gain unauthorized access to computer systems. They do not use physical tools. Physical break-ins are a different category of crime entirely.