Internet security relies on specific resources and standards for protecting data that gets sent through the internet. This includes various kinds of encryption such as Pretty Good Privacy(PGP). Other aspects of a secure web setup includes firewalls, which block unwanted traffic, anti-malware, anti-spyware & anti-virus programs that work from specific networks or devices to monitor internet traffic for dangerous attachments. Internet security is generally becoming a top priority for both businesses & governments. Good internet security protects financial details & much more of what is handle by a business or agency’s servers & network hardware. Insufficient internet security can threaten to collapse an e-commerce business or any other operation where data gets routed over the web.
Web security may be termed as technological & managerial procedures applied to computer systems to ensure the availability, integrity & confidentiality of computer assets & services from associated threats & vulnerabilities.
Concept of Internet Security :
Three basics security concepts important to inforation on the internet are confidentiality, integrity, &availability. Concepts relating to the people who use that information are authentication, authorization & non-repudiation. Integrity and confidentiality can also be enforced on web services through the use of transport layer security(TLS).both SSL and TSL are the same.
The concept of integrity is divided in 2 forms:
A) Data integrity:
this property, that data has not been altered in an unauthorized manner while in storage, during processing or while in transit. another aspect of data integrity is the assurances that data can only be accessed and altered by those authorized to do so. often such integrity is insured by use of a number referred to as message integrity code or message authentication code. This are abbreviated as MIC and MAC respectively.
B) System integrity:
This quality states that a system has when performing the intended function in an unimpaired manner, is free from unauthorized manipulation. Integrity is commonly an organizations most important security objective, after availability. Integrity is particularly important for critical safety and financial data used for activities such as electronic funds transfers ,air traffic control ,and financial accounting.
Confidentiality is the requirement that private or confidential information should not be disclosed to unauthorized individuals. Confidentiality protection is applies to data in storage ,during processing ,and while in transit. For many organizations ,confidentiality is frequently behind availability and integrity in terms of importance. For some types of information ,confidentiality is a very important attribute. Examples includes research data ,medical and insurance records ,new product specifications ,and corporate investments strategies. In some locations ,there may be a legal obligation to protect the privacy of individuals. This is particularly true for banks and loans companies; debt collectors; businesses is that extend credit to their customers or issue credit cards ; hospitals ,doctor offices ,and medical testing laboratories; individuals or agencies that offer services such as psychological counseling or drug treatment; and agencies that collect taxes.
Availability is a requirement intended to assure that system works promptly and services is not denied to authorized users. This objective protects against , intentional or accidental attempts to either perform unauthorized deletion of data otherwise cause a denial of service or data. Availability is frequently an organizations foremost security objective. To make information available to those who need it and who can be trusted with it, organizations used authentication and authorization.
Qus. What is Computer Ethics?
Ans. Computer ethics deals with the procedures, values and practices that govern the process of consuming computing technology and its related disciplines without damaging or violating the moral values and beliefs of any individual, organization or entity.
Qus. What is Software Piracy? How does shareware deal with software piracy?
Ans. Software piracy is used to describe the act of illegally using, copying or distributing software without ownership or legal rights. Shareware is a good way to market software. It allows consumers to evaluate an application prior to making a purchase decision. They can easily determine if it meets their business or personal needs, which usually results to a satisfied customer.
Qus . Why do you think in developing countries like India, it is difficult to stop software piracy?
Ans. Software piracy is hard to stop for several reasons:
a. It’s not a violent crime, so eliminating the criminals by killing them is not really an option. As such, the only remaining option is a legal approach - charging them with a crime and threatening them with prison if they don’t quickly agree to a guilty plea.
b. Software piracy is very easy. If you want your software to work without internet connection, then you need to put the entire code and all the data into the hands of a users; consequently, any anti-piracy measures have to be in their hands as well, making it possible for smart coders to reverse-engineer your code, find the part which performs verification of “license to use”, and remove or twist that part so that the software works without a license.
c. Sharing cracked software is ludicrously easy and hard to detect.
d. There are millions of people involved in this. Quite literally, not only your prisons, but your court-rooms as well are not big enough to realistically charge everyone. So you have to prioritize who you will go after.
e. Experts still can’t agree to what extent is piracy harmful. There were numerous cases where a pirated version of something was instrumental in making it popular, which not only later led people to buy a legal copy, but generated interest in a sequel, which then became massive hit.
f. People who can afford buying movies and games generally do so; people who cannot afford it will either pirate them, or not get them at all.
g. The price tag associated with a legal software is generally high.
Qus. What are the different ways of stopping Software Piracy?
Ans. The different ways to stop software piracy are:
• Educate your staff on the licensing requirements of your software purchases
• Conduct a self-audit of your software licenses
• Acquire any licenses needed for full compliance
• The most widely used method is the license key; code that is built into an application to require a valid key to unlock the software.
Qus. How does Spamming affect economically?
Ans. Spamming remains economically viable because advertisers have very little or sometimes no operating costs beyond the management of their mailing lists, and it is almost impossible to hold senders accountable for their mass mailings. On the other hand it costs huge to the sender and may sometime even get dubbed.
Qus. Discuss two main areas of Industrial Property.
Ans. Copyright and Trademark.
Qus. How can spamming be reduced?
Ans. By using these precautions you can greatly mitigate what spam you do receive and prevent most spam from ever happening.
• Be careful where you enter your email at.
• Create or use disposable email addresses for websites you do not trust.
• Never open spam when you receive it.
• Keep your computer virus and malware free.
• If your friends are sending you emails sent to a large recipient list, request that they use BCC instead of TO or CC, so that other recipients cannot see your email address; or request they stop including you if you do not want to receive the emails.
• Do not list your email address on your website or anywhere the public can access it.
Qus. How is phishing and pharming performed to perform Cybercrime?
Ans. Phising is a fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
Pharming is the fraudulent practice of directing Internet users to a bogus website that mimics the appearance of a legitimate one, in order to obtain personal information such as passwords, account numbers, etc.
Qus. What are the different types of Cybercrimes?
Ans. The different types of cyber crime are:
• Financial fraud crimes
• Computer as a target
• Computer as a tool
Qus. How are Hackers different from Crackers?
Ans. Hackers are those computers experts which breaks into computers to check any vulnerably so that no one can misuse the services. These are really intelligent and smart persons who use there ability to protect the community from cyber crimes and computer thefts.
Whereas, Crackers are those peoples who use there knowledge to do computer crimes for gaining popularity among peoples and to earn fast money. They break into computer networks for their enjoyment and cause harm to them. These persons does not have real knowledge and know something about using the particular software to break into computers.
Qus. What is cloud computing?
Ans: cloud computing is the delivery of computing services—servers, storage, databases, networking, software, analytics, intelligence and more—over the Internet ('the cloud') to offer faster innovation, flexible resources and economies of scale. You typically pay only for cloud services you use, helping lower your operating costs, run your infrastructure more efficiently and scale as your business needs change.
Cloud computing is a big shift from the traditional way businesses think about IT resources. Here are seven common reasons organizations are turning to cloud computing services.
Qus. What is a virus? What is anti-virus software?
Ans. A computer virus is a malicious program that self-replicates by copying itself to another program. In other words, the computer virus spreads by itself into other executable code or documents. The purpose of creating a computer virus is to infect vulnerable systems, gain admin control and steal user sensitive data. Hackers design computer viruses with malicious intent and prey on online users by tricking them.
Antivirus software is a program or set of programs that are designed to prevent, search for, detect, and remove software viruses, and other malicious software like worms, trojans, adware, and more.
Qus. How is backup utility useful? Is it necessary to take backup of data?
Ans: Backup is a very helpful utility. You can backup your data with that and whenever your data is corrupted by any virus or Trojans your data will remain safe.
It is not necessary to backup your until or unless you have something really important stuff in your machine.The backup depends on your wish if you want to make backup, go on for it and if you don't leave it. But if you have something very useful for you in future then its better to take backup.
Qus. What are different types of threats to computer security?
Ans: A Threat is a potential violation of security. When a threat is actually executed, it becomes attack. Those who execute such actions, or cause them to be executed are called attackers.
Some common threats the average computer user faces everyday are
7. PC Intrusion:
8. Denial of Service
10. Password Guessing
Qus. What type damages can be caused by viruses to your computer?
Ans: Damages caused by Viruses:
– Damage or Delete files.
– Slow down your computer.
– Invade your email programs.
Qus. What are malware? What type damages can they cause to your computer?
Ans: "Malware" is short for malicious software and used as a single term to refer to virus, spy ware, worm etc. Malware is designed to cause damage to a stand-alone computer or a networked pc. So wherever a malware term is used it means a program which is designed to damage your computer it may be a virus, worm or Trojan.
Qus What is a spam? Why has it become a big Internet issue?
Ans: Spam email is a form of commercial advertising which is economically viable because email is a very cost-effective medium for the sender. If just a fraction of the recipients of a spam message purchase the advertised product, the spammers are making money and the spam problem is perpetuated.
Qus What are denial-of-service or Sweeper attack?
Ans: A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources.
Qus. What is Authentication and Authorization? Why are these two used together?
Ans: Difference between Authentication and Authorization. Both the terms are often used in conjunction with each other in terms of security, especially when it comes to gaining access to the system. Authentication means confirming your own identity, while authorization means granting access to the system.