Q=1) Explain aims of E-Commerce. Ans: 1.

Global Reach: To transcend geographical barriers, allo

wing businesses to reach customers worldwide, expanding their market reach beyond physi cal
limitations. 2.Convenience and Accessibility: Providing a convenient shopping experien ce for
consumers, allowing them to shop anytime, anywhere, with a wide array of choices and easy
access to products/services. 3.Cost Reduction: Minimizing overhead costs associated with maint
aining physical stores, reducing the need for extensive personnel, real estate, and utilities. 4.Effic
iency and Speed: Streamlining the buying/selling process, reducing transactional time and increa
sing the speed of delivery and customer service. 5.Personalization: Tailoring shopping experience
es based on consumer behavior, preferences, and past interactions to offer personalized recomm
enddations and services. 6. Market Expansion: Enabling small and medium-sized businesses to
compete on a larger scale entering markets they might not have accessed otherwise. 7. Integrat
ion of Technology: Leveraging technological advancements to improve user experiences, opti
mize operations, and implement innovative solutions like AI-driven recommendations or virtual
try-on features. 8. Data Utilization: Using data analytics to understand consumer behavior, prefer
ences, and market trends, allowing for better decision-making and targeted marketing strategies.
Q=2) Framework Ans: 1. Business Model: Defines how the e-commerce business will generate
revenue— whether it's through direct sales, subscriptions, advertising, or a combin ation of
models. Examples include B2B (business-to-business), B2C (business-to consumer), C2C (cons
umer-to-consumer), etc. 2. User Interface (UI) and User Experience (UX): Focuses on the design
and usability of the website or application to ensure a seamless and intuitive experience for
users, leading to increased engagement and conversions. 3. Catalog Management: Involves
organizing and presenting products/services effectively, including features like categorization,
product descriptions, images, pricing, and inventory management. 4. Shopping Cart and
Checkout: Provides functionalities for users to select and store items for purchase, review their
selections, proceed to payment, and complete the transaction securely. 5. Payment Gateway:
Integrates secure payment methods to facilitate transactions, ensuring various payment options
and encryption for customer data protection. 6. Order Fulfillment: Manages the process from
order placement to delivery, involving inventory management, packaging, shipping, and
tracking.Q=3) Components of I-way Ans: 1) Consumer access equipment : - This component can
also be called ‘Network access equipment’ or ‘customer premises equipment’ or ‘the terminal
equipment’ and it is at the end of consumers, which enables the access to the network. The
hardware components such as computers, modems, routers, switches in case of computer
networks, set-top boxes for television networks and soware pla orms such as browsers and OS
are incorporated in the segment. 2) Local on-ramps : - This is another important component of
Informa on Highway that can also be called ‘Access roads or media’ or ‘Local On-Ramps’. This
component provides the communica on backbone for the transmission of data and informa on.
Local access component creates the link between businesses, organiza ons, homes, and schools
with the main communica on point, which is also referred to as ‘last-mile’. 3) Global informa on
distribu on networks : - To make the connec on for very long distance such as across the
countries and con nents we need competent infrastructure. Long distance telephone lines,
submarine communica ons cable, the satellite networks and the Internet resides inside this
component. This component can also be referred as global informa on distribu on
networks.Q=4) Transaction Models : The term “Transac ons Business Model” in itself is not a
widely recognized model itself. Instead, it refers to various business models that focus on
enabling transac ons between par es. These transac ons can be an exchange of goods, services,
or value. A few of the common examples include e-commerce, payment processing, market

1
laces, and more. These models earn revenue by enabling and o en taking a fee from these
transac ons. 1. E-Commerce: Businesses sell products or services online, allowing customers to
shop and pay for them on the internet. (Examples: Amazon, Flipkart, eBay, etc.) 2. Payment
Processing: Companies facilitate secure fund transfers between buyers and sellers, earning fees
for transac on processing. (Examples: PayPal, Stripe, Razorpay, etc.) 3. Marketplace: Online pla
orms connect buyers and sellers, earning revenue from transac on fees. (Examples: Airbnb, OLX,
etc.) 4. Online Travel Booking: Agencies help users book travel services, earning commissions
from providers. (Examples: Expedia, MakeMyTrip, Booking.com ) 5. Payment Wallet and Digital
Currency: Companies offer digital wallets or cryptocurrencies for transac ons. (Examples: Bitcoin,
Apple Pay, Paytm, etc.) Q=5) Explain B to B and B to C Ans: Website following B2B business
model sells its product to an intermediate buyer who then sells the product to the final
customer. As an example, a wholesaler places an order from a company's website and after
receiving the consignment, sells the end product to final customer who comes to buy the
product at wholesaler's retail outlet. •Website following B2C business model sells its product
directly to a customer. A customer can view products shown on the website of business organ
ization. The customer can choose a product and order the same. Website will send a notification
to the business organization via email and organization will dispatch the product /goods to the
customer. Q=6) Explain SSL Ans: Secure Sockets Layer (SSL) • This security protocol, called secure
sockets layer (SSL), provides data encryption, server authentication, message integrity, and optio
nal client authentication for a TCP/IP connection. • SSL is layered beneath application protocols
such as HTTP, SMTP, TELNET, FTP, Gopher and NNTP • It is layered above the Internet connection
protocol TCP/IP. • SSL provides a security “handshake” to initiate the TCP/IP cone ction. • This
handshake results in the client and server agreeing on the level of security they will use and
fulfills any authentication requirements for the connection. After handshake, SSL’s only role is to
encrypt and decrypt the message stream.Q=7)Just-in-Time Manufacturing: • It is viewed, as an
integrated management system, consisting of a number of different manage ment practices, is
dependent on the characteristics of specific plants. • JIT management system is based on two
principles: - – Elimination of waste (time, materials, labor and equipment) in production cycle. –
Empowering workers • Management practices associated with JIT systems: – Focused factory –
Reduced set-up times – Group technology – Total productive maintenance – Multifunction
employees – Uniform workloads – JIT purchasing – Total quality control – Quality circles Q=8)
HTTP and HTTPS? Ans: 1. HTTP stands for HyperText Transfer Protocol.// HTTPS for HyperText
Transfer Protocol Secure.2. In HTTP, URL begins with “http://”. In HTTPs, URL starts with
“https://”.3.HTTP uses port number 80 for communication.// HTTPs uses 443 port number for
communication.4. HTTP is considered to be unsecure.// HTTPs is considered as secure.5. HTTP
works at Application Layer. //HTTPS works at Transport Layer.6. In HTTP, Encryption is absent.//
Encryption is present in HTTPS.7. HTTP does not require any certificates.// HTTPS needs SSL
Certificates.8. HTTP does not improve search ranking HTTPS helps to improve search ranking9.
HTTP faster than HTTPS// HTTPS slower than HTTP10. HTTP does not use data hashtags to
secure data.// While HTTPS will have the data before sending it and return it to its original state
on the receiver side.11. In HTTP Data is transfer in plaintext.// In HTTPS Data transfer in
ciphertext.12. HTTP Should be avoided.//HTTPS Should be preferred.Q=9) Malware Malware is a
broad phrase that encompasses a wide range of cyberattacks such as Trojans, viruses, and
worms. Malware can simply be described as code written to steal data or destroy things on a
computer. How malware causes harm can assist us to classify the type of virus that we are
dealing with. So, let us talk about it! Viruses: Viruses, like their biological namesakes, attach

2
themselves to clean files and infect other clean files. Viruses can spread uncontrollably, causing
damage to the core functionality as well as deleting and corrupting files. Viruses usually appear
as executable f iles downloaded from the internet. Trojan: This type of malware masquerades as
legitimate software that can be hacked. It prefers to function invisibly and creates security
backdoors that allow other viruses to enter the system. Worms: Worms use the network’s
interface to infect a whole network of devices, either locally or via the internet. Worms infect
more machines with each successive infected machine. Phishing Phishing frequently poses as a
request for information from a reputable third party. Phishing emails invite users to click on a
link and enter their personal information. In recent years, phishing emails have become much
more complex, making it impossible for some users to distinguish between a real request for
information and a fraudulent one. Drive-by Download Attack To become infected, we no longer
need to click to accept a download or install a software update. Simply opening a compromised
webpage may now allow dangerous code to be installedon our device.Q=10) E-Mail related
Crimes : Email is one of the most useful forms of electronic communication. Of course, its
popularity is dwindling with the rise of texting. But it is still common to use email for
communicating with individuals and staying up to date with subscriptions to websites. As with
any form of online communication, email is prone to scams and criminal activity. Here are some
of the most common ways that people misuse email for criminal purposes. 1. Email SpoofingA
spoof email is an email that seems like it is from a legitimate source but is actually from an
unreliable one. Usually, the sender falsifies the name or address of the originator in order to
appear valid. For example, someone may send an email pretending to be aclose friend or a
trustworthy website in order to scam the recipient. Spoofing is often committed with the
intention of defrauding the recipient of money.2. Email Spamming Spamming is the annoying
and dangerous act of sending unsolicited bulk emails or other types of messages over the
Internet. Spam is often used to spread malware and phishing and can come your way in the form
of emails, social media, instant messages, comments, etc. Criminals can then gain access to your
system and personal files or even disable your computer this way. Ransomware and malware are
two common types of malicious software that can infect your system or even disable your access
to your own data until you pay a ''ransom.''3. Email Bombing An email bomb is a form of
Internet abuse which is perpetrated through the sending of massive volumes of email to a
specific email address with the goal of overflowing the mailbox and overwhelming the mail
server hosting the address, making it into some form of denial of service attack.Q=11) IPR
violation Ans: IP is divided into two categories: Industrial property, which includes inventions
(patents), trademarks, industrial designs, and geographic indications of source; and Copyright,
which includes literary and artistic works such as novels, poems and plays, films, musical works,
artistic works such as drawings, paintings, photographs and sculptures, and architectural
designs. • Trademarks Violations Trademark is the identification mark of any company or
organization. A customer relates any trademark the quality of products, reputation and goodwill
of the company that is using it. It is a distinctive name, word, phrase, symbol, logo, design,
image, or a combination of these elements that identifies a product, service or firm that has
been legally registered as the property of the firm Trademarks grant the owner the right to
prevent competitors from using similar marks in selling or advertising. • Theft of Computer
source code Computer source code is the most important asset of software companies. Simply
put, source code is the programming instructions that are compiled into the executable files that
are sold by software development companies. As is expected, most source code thefts take place
in software companies. Some cases are also reported in banks, manufacturing companies and

3
other organizations that get original software developed for their use.Q=12) Payment Systems
Ans: The electronic payment system has grown increasingly over the last decades due to the
growing spread of internet-based banking and shopping. E-commerce sites use electronic
payment system , in which electronic payment refers to paperless transactions. By using
electronic payment system , the business process can reduce the paperwork, transaction costs,
and labor cost. Being user friendly and less time-consuming than manual processing, it helps
business organization to expand its market reach/expansion. As these increase, improve, and
provide ever more secure online payment transactions the percentage of cheque and cash
transactions will decrease. Listed below are some of the modes of electronic payments.Q=13)
Cyber Terrorism – Cyber terrorism is the use of the computer and internet to perform violent
acts that result in loss of life. This may include different type of activities either by software or
hardware for threatening life of citizens. In general, Cyber terrorism can be defined as an act of
terrorism committed through the use of cyberspace or computer resources.Q=14) What is a
Firewall? Ans: A Firewall is a network security device that monitors and filters incoming and
outgoing network traffic based on an organization’s previously established security policies. At
its most basic, a firewall is essentially the barrier that sits between a private internal network
and the public Internet. A firewall’s main purpose is to allow non-threatening traffic in and to
keep dangerous traffic out. •Host- based Firewalls : Host-based firewall is installed on each
network node which controls each incoming and outgoing packet. It is a software application or
suite of applications, comes as a part of the operating system. Host-based firewalls are needed
because network firewalls cannot provide protection inside a trusted network. Host firewall
protects each host from attacks and unauthorized access..•Network-based Firewalls : Network
firewall function on network level. In other words, these firewalls filter all incoming and outgoing
traffic across the network. It protects the internal network by filtering the traffic using rules
defined on the firewall. A Network firewall might have two or more network interface cards
(NICs). A network-based firewall is usually a dedicated system with proprietary software
installed. •Advantages: 1. Protection from unauthorized access: Firewalls can be set up to
restrict incoming traffic from particular IP addresses or networks, preventing hackers or other
malicious actors from easily accessing a network or system. Protection from unwanted access. 2.
Prevention of malware and other threats: Malware and other threat prevention: Firewalls can be
set up to block traffic linked to known malware or other security concerns, assisting in the
defense against these kinds of attacks. 3. Control of network access: By limiting access to
specified individuals or groups for particular servers or applications, firewalls can be used to
restrict access to particular network resources or services.4. Monitoring of network activity:
Firewalls can be set up to record and keep track of all network activity. This information is
essential for identifying and looking into security problems and other kinds of shady
behavior.•Disadvantages: 1. Complexity: Setting up and keeping up a firewall can be time-
consuming and difficult, especially for bigger networks or companies with a wide variety of users
and devices. 2. Limited Visibility: Firewalls may not be able to identify or stop security risks that
operate at other levels, such as the application or endpoint level, because they can only observe
and manage traffic at the network level. 3. False sense of security: Some businesses may place
an excessive amount of reliance on their firewall and disregard other crucial security measures
like endpoint security or intrusion detection systems. 4. Limited adaptability: Because firewalls
are frequently rule-based, they might not be able to respond to fresh security threats.

4
Q=15) SQL Injection: SQL injection (SQLi) is a web security vulnerability that allows an attacker to
interfere with the queries that an application makes to its database. It generally allows an
attacker to view data that they are not normally able to retrieve. This might include data
belonging to other users, or any other data that the application itself is able to access. In many
cases, an attacker can modify or delete this data, causing persistent changes to the application's
content or behavior. In some situations, an attacker can escalate an SQL injection attack to
compromise the underlying server or other back-end infrastructure, or perform a denial-of
service attack. A successful SQL injection attack can result in unauthorized access to sensitive
data, such as passwords, credit card details, or personal user information.Q=16) Black Hat
Hacker - Evil Doer The black hat hacker is the one who hacks for malicious intent - he is the bad
guy. This type of hacker uses his or her skills to steal money or data, knock a computer system
offline, or even destroy them. Some of these hackers love to see their work and name in the
news, so they would try to target big name organizations and companies. For instance, they
might change the front page of a company website. Black hats also try to break into computer
systems to steal credit card information and possibly steal valuable information to sell on the
black market. They may even lock out the computer and network system from the owners and
then hold them for ransom. The black hat works outside of the law. .2) White Hat Hacker –
Ethical Hacker White hat hackers are cyber security professionals who are authorized or certified
to hack organizational networks and computer systems. They use their expertise and skills to
find vulnerabilities in systems. A white hacker is also known as Ethical Hacker. Typically, large
organizations, businesses, and governments hire white hat hackers to identify security
vulnerabilities before black hat hackers can. White hat hackers spot and fix the weaknesses in
the security systems and safeguard them against external attacks and data breache. Instead,
they find loopholes in a system as a part of penetration testing and vulnerability assessments.
White hat hackers usually have a good degree of technical expertise and broad skills in
programming, networking, and IT. 3) Gray hat hackers Gray hat hackers may not have the
criminal or malicious intent of a black hat hacker, but they also don’t have the prior knowledge
or consent of those whose systems they hack into. Nevertheless, when gray hat hackers uncover
weaknesses such as zero-day vulnerabilities, they report them rather than fully exploiting them.
But gray hat hackers may demand payment in exchange for providing full details of what they
uncovered.Q=17) Define cyber stalking Ans: Cyber stalking is the use of the Internet or other
electronic means to stalk someone which may be a computer crime or harassment. This term is
used interchangeably with online harassment and online abuse. A cyber stalker does not present
a direct physical threat to a victim, but follows the victim's online activity to gather information
and make threats or other forms of verbal intimidation. The anonymity of online interaction
reduces the chance of identification and makes cyber stalking more common than physical
stalking. Although cyber stalking might seem relatively harmless, it can cause victims
psychological and emotional harm, and it may occasionally lead to actual stalking. 1. Email
Stalking While the most common forms of stalking in the physical world involve telephoning,
sending mail, and actual surveillance (close watch on victim), cyber stalking can take many
forms. Unsolicited email is one of the most common forms of harassment, including hate,
obscene, or threatening mail. 2. Internet Stalking Stalkers can more comprehensively use the
Internet in order to slander (insult) and endanger their victims. In such cases. the cyber stalking
takes on a public, rather than a private, dimension. What is particularly disturbing about this
second form of cyber stalking is that it appears to be the most likely to spill over into "physical
space".3. Computer Stalking In the third category of cyber stalking, this defensive strategy is

5
undermined by the stalker. In essence, the stalker exploits the workings of the Internet and the
Windows operating system in order to assume control over the computer of the targeted victim.
Q=18) E-wallets E-wallet is a type of electronic card which is used for transactions made online
through a computer or a smartphone. Its utility is same as a credit or debit card. An E-wallet
needs to be linked with the individual’s bank account to make payments. E-wallet is a type of
pre-paid account in which a user can store his/her money for any future online transaction. An E-
wallet is protected with a password. With the help of an E-wallet, one can make payments for
groceries, online purchases, and flight tickets, among others. E-wallet has mainly two
components, software and information. The software component stores personal information
and provides security and encryption of the data. The information component is a database of
details provided by the user which includes their name, shipping address, payment method,
amount to be paid, credit or debit card details, etc. E-cash E-cash is a paperless cash system
which facilitates the transfer of funds anonymously. E-cash is free to the user while the sellers
have paid a fee for this. The e-cash fund can be either stored on a card itself or in an account
which is associated with the card. The most common examples of e-cash system are transit card,
PayPal, Google Pay, Paytm, etc. E-cash has four major components- Issuers - They can be banks
or a non-bank institution. Customers - They are the users who spend the e-cash. Merchants or
Traders - They are the vendors who receive e-cash. Regulators - They are related to authorities or
state tax agencies. E-cheque E-cheques are cheques that are written and processed
electronically. This means that the funds are transferred from the payer’s account to the payee’s
account through an electronic network instead of a physical cheque. These cheques are also
known as “digital cheques” or “electronic cheques”. The process of writing and processing an e-
cheque is similar to that of a traditional cheque. The payer fills out a form with the necessary
information, including the amount to be transferred, and submits it to the bank. The bank then
verifies the funds and processes the transaction. This work makes it a safe, fast, and easy way to
transfer money electronically. If you are looking for a more efficient and secure way to process
cheques, then e-cheques may be the solution for you.Q=19) MACAddress The MACaddress is a
device's physical address, which uniquely identifies it on a specific network. MAC is short for Media
Access Control and is also referred to as a hardware address, physical address, or burned-in address
(BIA). The MAC address works on the OSI model's data link layer. The Address Resolution Protocol
(ARP), a layer 2 communication protocol, maps the MAC addresses to the IP (Internet Protocol)
address. The MACis assigned to the Network Interface Card (NIC) of any device that can connect to
the Internet. The vendor provides the number at the time of the device's manufacturer, and it's
embedded in its NIC (hence the "burned in" description), which typically cannot be changed. IP
Address An IP address, or Internet Protocol address, is a unique string of numbers that identifies a
device connected to the internet. These addresses are assigned to computers, smartphones, and
other devices using DHCP(Dynamic Host Control Protocol). IP addresses enable these devices to
communicate with each other over the web. As more users go online and adopt digital technologies
like IoT devices, IP security grows in importance.Q=20) DHCP? − Every device on a TCP/IP-based
network must have a unique unicast IP address to access the network and its resources. Without
DHCP, IP addresses for new computers or computers that are moved from one subnet to another
must be configured manually; IP addresses for computers that are removed from the network must
be manually reclaimed. − With DHCP, this entire process is automated and managed centrally. The
DHCP server maintains a pool of IP addresses and leases an address to any DHCP-enabled client
when it starts up on the network. Because the IP addresses are dynamic (leased) rather than static
(permanently assigned), addresses no longer in use are automatically returned to the pool for
reallocation. − The network administrator establishes DHCP servers that maintain TCP/IP