Unit 3

1. Write about Internet security threats

Or Explain email threats and email security
10 marks

Internet Security

Internet security refers to the practices, tools, and measures used to protect computers,
networks, and data from unauthorized access, attacks, and damage via the internet. It
involves safeguarding information from cyber threats such as viruses, hackers, data
breaches, and malicious activities.

Email security

Email security refers to measures and practices used to protect email accounts, messages,
and attachments from unauthorized access, theft, or misuse. It involves preventing threats
like phishing, malware, and hacking, ensuring that sensitive information remains private and
safe while using email for communication. This includes using strong passwords,
encryption, and anti-virus tools to safeguard emails from potential risks.

Internet Security Threats

Or Internet Security Threats

Internet security threats are various risks that target users, systems, and networks online,
leading to data theft, damage, or loss. Some of the most common internet security threats
include:
 1. Malware: This includes harmful software such as viruses, worms, and ransomware
that can damage a system, steal data, or lock files until a ransom is paid.
2. Phishing: Cybercriminals use fake emails or websites to trick people into revealing
sensitive information, such as passwords or credit card numbers, by pretending to be
trusted organizations.
3. Man-in-the-Middle (MITM) Attacks: In these attacks, an attacker secretly intercepts
or alters communication between two parties, often to steal personal information like
login details.
4. Denial of Service (DoS) and Distributed Denial of Service (DDoS): These attacks flood
a website or server with excessive traffic to make it unavailable to users, disrupting
services.
5. SQL Injection: Attackers insert malicious code into a website’s database to access or
manipulate sensitive data, such as user information or financial records.
6. Spyware: This software secretly tracks a user’s online activities, often collecting
personal data or browsing habits without the user’s knowledge.
7. Keyloggers: Programs that record every keystroke a user makes, potentially capturing
sensitive information like passwords, credit card numbers, and personal messages.

Ways to protect against Internet Security Threats;

Or ways to Secure Email:

1. Firewalls

A firewall acts as a barrier between trusted internal networks and untrusted external
networks (like the internet). It monitors and controls incoming and outgoing traffic based on
security rules, blocking unauthorized access and preventing attacks.
 2. Multi-factor Authentication (MFA)

MFA enhances security by requiring two or more verification methods to access an account
or system. These can include something you know (password), something you have (mobile
device), or something you are (fingerprint or facial recognition).

3. URL Filtering

URL filtering restricts access to specific websites based on their content or security
reputation. It is commonly used to block malicious or harmful sites that could lead to
malware infection or phishing.

4. Data Loss Prevention (DLP)

DLP involves strategies and tools to prevent unauthorized access, use, or transmission of
sensitive data, ensuring it is not lost, stolen, or leaked outside the organization.

5. Email Security

(As explained earlier) It protects emails from malicious threats like phishing, malware, and
unauthorized access. It can include encryption, spam filters, and secure email gateways to
ensure privacy and data integrity.

2. Define Virus and Anti virus software

10 marks or 5 marks

Virus:
A computer virus is a type of software designed to cause harm to your computer. It can copy
itself and spread to other files or even other computers. Viruses often attach themselves to
files, programs, or emails. When you open or run these infected files, the virus activates and
can damage your system by deleting or corrupting files, slowing down your computer, or
stealing personal information. To spread, a virus usually relies on you or others to
unknowingly share infected files or links.
How Do Computer Viruses Attack and Spread?
In the early days of computers, viruses were spread between devices using floppy disks.
Nowadays, viruses can still be spread via hard disks and Universal Serial Bus (USB) devices,
but they are more likely to be passed between devices through the internet.

Computer viruses can be spread via email, with some even capable of hijacking email
software to spread themselves.

Types of computer viruses:

1. File Infector Virus: Attaches itself to executable files (like .com files). When the infected
file is run, the virus spreads and can corrupt or delete files.

2. Macro Virus: Infects documents or files that contain macros (e.g., Word or Excel files). It
activates when the document is opened and can spread to other documents.

3. Boot Sector Virus: Infects the boot sector of a computer's hard drive or USB drives. It can
prevent the computer from starting up properly.

4. Polymorphic Virus: Changes its code or appearance each time it spreads to avoid
detection by antivirus software. This makes it harder to detect and remove.

5. Metamorphic Virus: Similar to polymorphic viruses, but instead of just changing

appearance, it completely rewrites its code each time it spreads, making it even harder to
identify.

6. Trojan Horse: Appears as a legitimate program or file but contains malicious code that,
once run, can steal data, damage files, or allow unauthorized access.
7. Worm: Unlike viruses, worms do not require a host file. They self-replicate and spread over
networks, often causing network congestion and damage.

Antivirus Software
Antivirus software (computer protection software) is a program(s) that is created to search,
detect, prevent and remove software viruses from your system that can harm your system.
Other harmful software such as worms, adware, and other threats can also be detected and
removed via antivirus. This software is designed to be used as a proactive approach to cyber
security, preventing threats from entering your computer and causing issues. Most antivirus
software operates in the background once installed, providing real-time protection against
virus attacks.

How Antivirus Works?

Antivirus software works by comparing your computer applications and files to
a database of known malware kinds. Because hackers are continually creating
and disseminating new viruses, they will also check systems for the presence of
new or undiscovered malware threats. The antivirus checks files, programs, and
applications going in and out of your computer to its database to identify
matches. Similar and identical matches to the database are segregated,
scanned, and eliminated.

How Antivirus Works?

Most Antivirus programs will employ these four types of detection techniques:
• Signature detection is a method by which an antivirus keenly scans
files that are brought into a system to analyze more likely hazardous
files.
• Specific detection, which looks for known parts or types of malware
or patterns that are linked by a common codebase
• A genericthe detection is a type of detection that looks for known
parts or types of malware or patterns that are related to a common
codebase.
• Heuristic detection is a type of virus detection that looks for
unknown infections by spotting suspicious file structures.

3. Explain Digital signature

5 marks

A digital signature is an electronic signature that can be used to authenticate the identity of the
sender of a message or the signer of the document, and possibly to ensure that the original
content of the message or document that has been sent is unchanged. The basic idea behind the
Digital Signature is to sign a document. When we send a document electronically, we can also
sign it. Digital signature uses public and private keys to encrypt and decrypt data.

• Public key– Key which is known to everyone. Ex-public key of A is 7, this information is
known to everyone.
• Private key– Key which is only known to the person who’s private key it is.

Process of creation and verification of digital signature:

1. Sender prepares the message
The first step is that sender prepares the message/ document to be sent and attaches digital
signature to it. Example: Message prepared in the form of email and digital signature also applied
to it.
2. Application of hash value/ message digest
Once the digital signature applied to the message/ document then a hash value/ message digest
is created (hash value can be a numeric value, example 110010 etc)
3. Encryption of the message
Now the message/ document is encrypted (locked) by using the private key of sender. Now as
the message it encrypted so, changes can’t be done in it during the transit from sender to
receiver. And sender sends the message to the receiver over the electronic medium.
4. Receiver decrypts the message
Once the message reaches the receiver, then receiver decrypts (unlock) the message by using the
public key shared by sender with him.

4. What are GOI digital initiatives of higher education (SWAYAM, SwayamPrabha,

National Academic Depository, National Digital Library of India, E-Sodh-Sindhu,
Virtual labs, e-Acharya, e Yantra and NPTEL).
10 marks

The Government of India (GOI) has launched several digital initiatives to improve the quality
of higher education, promote online learning, and make educational resources more
accessible. These initiatives include:

1. SWAYAM: SWAYAM (Study Webs of Active Learning for Young Aspiring Minds)
is an online platform that offers free online courses for students in various
subjects, including engineering, science, humanities, and social sciences. It
aims to achieve the goal of education for all by providing high-quality learning
resources.

2. SwayamPrabha: SwayamPrabha is a set of 34 DTH (Direct-to-Home) channels

that offer high-quality educational content. These channels broadcast live
lectures, discussions, and educational content across various subjects, and
they are available 24/7, allowing students to access learning materials at their
convenience.

3. National Academic Depository (NAD): NAD is an online database that stores

academic awards, degrees, and certificates in a digital format. It enables
 students, employers, and educational institutions to verify academic
credentials, reducing the risk of fraud and streamlining the verification
process.

4. National Digital Library of India (NDLI): NDLI is a digital repository that

provides access to millions of academic resources, including books, journals,
research papers, and other educational materials. It supports both students
and researchers by offering free access to a wide range of resources across
disciplines.

5. E-Sodh-Sindhu: E-Sodh-Sindhu is an initiative that provides access to a wide

range of e-resources, including e-books, journals, and databases. It aims to
support academic research and enhance the learning experience by making
scholarly resources easily available to students and educators.

6. Virtual Labs: Virtual Labs provide online simulations and experiments in

various scientific disciplines, such as physics, chemistry, engineering, and
biology. These virtual labs allow students to conduct experiments remotely,
making it possible to engage in hands-on learning without the need for a
physical lab.

7. e-Acharya: e-Acharya is an initiative that offers digital content in the form of

lectures, audio-video materials, and study materials. It aims to support
teaching and learning in Indian higher education institutions by providing
resources that enhance educational quality.

8. e-Yantra: e-Yantra is a project that focuses on robotics education, offering a

platform for students and educators to learn about robotics and its
applications. The initiative includes tutorials, project-based learning, and
hands-on activities to enhance technical skills.
 9. NPTEL (National Programme on Technology Enhanced Learning): NPTEL offers
online courses, primarily in engineering and technology fields, created by top
professors from IITs and IISc. It provides video lectures, assignments, and
certification in various technical subjects, helping students improve their
skills and knowledge.

5. Write about SWAYAM

5 marks

SWAYAM (Study Webs of Active Learning for Young Aspiring Minds) is an ambitious initiative
by the Government of India aimed at achieving the goal of inclusive and accessible
education for all. Launched under the Ministry of Education, SWAYAM offers free online
courses across a wide range of subjects, ensuring that quality education is available to
learners from all backgrounds, regardless of their geographical location or economic status.

Key Features and Details of SWAYAM:

1. Comprehensive Course Offerings:

- SWAYAM offers over 2,000 courses across various disciplines, including engineering, law,
medicine, management, social sciences, humanities, arts, and more.

- Courses range from basic level to advanced, covering both undergraduate and
postgraduate curriculum, along with diploma courses.

2. Quality Content:

- The courses are designed and delivered by experienced faculty from some of India’s top
universities and institutions, such as IITs, IIMs, and IISc.

- Content includes video lectures, reading materials, quizzes, assignments, and discussion
forums, ensuring an all-rounded learning experience.
3. Free Access to Learning:

- SWAYAM’s primary goal is to democratize education by providing free access to quality

learning resources. While the courses themselves are free, learners have the option to pay
for certification.

4. Personalized Learning:

- The platform offers a self-paced learning environment, where learners can go through
courses at their own speed and convenience, making it easier for working professionals,
students, and anyone looking to upskill.

5. Certification:

- Upon successful completion of a course, students can receive a certificate. Though

learning is free, learners can choose to pay a nominal fee to obtain a verified certificate.

- Certificates are issued by the respective course providers, often from prestigious
institutions, which are recognized in academia and industry.

6. Interactive and Engaging Learning:

- SWAYAM includes features like discussion forums, peer interaction, assignments, and
quizzes that promote active engagement.

- The interactive nature of the platform helps students clarify doubts, interact with peers
and instructors, and enhance their learning.

7. Inclusive and Universal Access:

- SWAYAM aims to reach learners from remote and rural areas who may not have easy
access to physical learning resources or high-quality institutions.

- It provides an equal learning opportunity to people regardless of their socio-economic

status, educational background, or geographical location.
 6. Write about NPTEL
5 marks

NPTEL (National Programme on Technology Enhanced Learning) is an initiative by the

Government of India, aimed at enhancing the quality of education in the fields of
engineering, technology, management, and other disciplines. Launched in 2003 by the
Ministry of Education, it is a collaborative project involving India’s leading institutions,
including the Indian Institutes of Technology (IITs) and the Indian Institute of Science (IISc).

Note: same side headings of swayam for NPTEL

7. Write about firewalls

5 marks

A firewall is a network security device, either hardware or software-based, which monitors

all incoming and outgoing traffic and based on a defined set of security rules accepts,
rejects, or drops that specific traffic.

Why are firewalls important?

Firewalls serve as the first line of defense against external threats, such as hackers and
malware attacks. In particular, firewalls combined with an intrusion prevention system (IPS)
are crucial in preventing malware and certain application layer attacks.

Firewalls first emerged in the early days of the internet when networks needed new security
methods that could handle increasing complexity.

• Accept: allow the traffic

• Reject: block the traffic but reply with an “unreachable error”
• Drop: block the traffic with no reply
 Functions or uses or advantages of firewall

• Infiltration by Malicious Actors: Firewalls can block suspicious

connections, preventing eavesdropping and advanced persistent
threats (APTs).
• Parental Controls: Parents can use firewalls to block their children
from accessing explicit web content.
• Workplace Web Browsing Restrictions: Employers can restrict
employees from using the company network to access certain services
and websites, like social media.
• Nationally Controlled Intranet: Governments can block access to
certain web content and services that conflict with national policies or
values.

8. Write about cryptography

5 marks

Cryptography

Cryptography is a technique of securing information and communications through the use

of codes so that only those persons for whom the information is intended can understand
and process it. Thus preventing unauthorized access to information. The prefix “crypt”
means “hidden” and the suffix “graphy” means “writing”.

In Cryptography, the techniques that are used to protect information are obtained
from mathematical concepts and a set of rule-based calculations known as algorithms to
convert messages in ways that make it hard to decode them. These algorithms are used for
cryptographic key generation, digital signing, and verification to protect data privacy, web
browsing on the internet and to protect confidential transactions such as credit card and
debit card transactions.
Features Of Cryptography
• Confidentiality: Information can only be accessed by the person for
whom it is intended and no other person except him can access it.
• Integrity: Information cannot be modified in storage or transition
between sender and intended receiver without any addition to
information being detected.
• Non-repudiation: The creator/sender of information cannot deny his
intention to send information at a later stage.
• Authentication: The identities of the sender and receiver are
confirmed. As well destination/origin of the information is confirmed.
• Interoperability: Cryptography allows for secure communication
between different systems and platforms.
• Adaptability: Cryptography continuously evolves to stay ahead of
security threats and technological advancements.

9. Explain copyright issues

5 marks

Copyright is a legal protection given to creators of original works, like books, music, art,
movies, and software. It gives them exclusive rights to use, reproduce, distribute, and display
their work, typically for a limited time. Copyright helps creators control how their work is
used, allowing them to earn from it while preventing unauthorized use or copying.

Copyright issues in ICT focus on protecting creators’ rights over digital content, software,
and media. These issues arise when people use or share such content without permission,
which can harm creators’ income and control over their work.

Copyright issues in ICT include:

1. Digital Piracy: Unauthorized sharing of media, software, and games online,

resulting in significant financial losses for creators and companies. Piracy
occurs on file-sharing sites and peer-to-peer networks.
2. Software Licensing Violations: Software often comes with specific licenses
that limit use to certain devices or users. Violations occur when software is
installed on too many devices, cracked, or used without a license.

3. Content Sharing on Social Media: Users often post images, videos, and music
without permission, leading to copyright disputes. Social media platforms
must monitor and respond to copyright claims, but this remains challenging.

4. Streaming and Regional Restrictions: Unauthorized access to region-locked

content on streaming services undermines licensing agreements and can
reduce revenue for creators and distributors.

5. Fair Use Confusion: “Fair use” permits some use of copyrighted content for
education, commentary, and research, but its boundaries are unclear online,
creating disputes.

6. User-Generated Content: Platforms like YouTube and TikTok allow users to

create content, but many remix or include copyrighted materials, leading to
potential copyright claims.

7. AI-Generated Content: AI can generate music, art, and text, but ownership is
unclear—whether it belongs to the creator of the AI, the user, or no one, as
copyright laws haven’t fully addressed AI-generated works yet.
 10. Write about virtual labs
5 marks

Virtual labs are online platforms that simulate real-world lab environments. They allow
students and professionals to practice skills, experiment with tools, and conduct IT-related
activities like programming, network configuration, cybersecurity, and hardware
diagnostics, all from a web browser.

Virtual Labs is a project initiated by the Ministry of Education, Government of India, under
the National Mission on Education through Information and Communication Technology.
The project aims to provide remote access to Laboratories in various disciplines of Science
and Engineering for students at all levels from undergraduate to research.

Virtual Labs do not require any additional infrastructural setup for conducting
experiments at user premises. One computer terminal with broadband Internet connectivity
is all that is needed to perform the experiments remotely.

Key benefits of virtual labs include:

1. Accessibility: Users can access labs anytime, anywhere, reducing the need for physical
lab space and expensive equipment.

2. Cost-Effectiveness: Virtual labs are typically more affordable than physical labs, as they
don’t require hardware, software installations, or maintenance.

3. Hands-On Learning: They offer practical experience, allowing learners to try real-world
scenarios and projects.

4. Safety: Users can experiment in a risk-free environment. Mistakes can be reset easily,
which is especially useful in fields like cybersecurity.

5. Scalability: Virtual labs can be scaled to accommodate a large number of students,

making them ideal for remote and large-scale learning.