Chapter 12 - Security Aspects
12.1 Threats and Prevention
In the digital age, computers and networks store vast amounts of sensitive information such as personal details, financial data, examination records, and official documents. Any activity that can cause harm to these systems or data is known as a security threat.
Security threats may lead to unauthorized access, loss of data, data corruption, or system malfunction. These threats can originate from malicious users, faulty software, weak passwords, or insecure networks.
To protect systems from such threats, preventive measures are essential. Strong and unique passwords reduce unauthorized access. Regular software updates fix security loopholes. Backups ensure data recovery in case of failure. Firewalls and antivirus software act as protective barriers against external attacks. Prevention focuses on reducing risks before damage occurs.
12.2 Malware
Malware, short for malicious software, refers to programs intentionally designed to harm computers, networks, or data. Malware can disrupt operations, steal sensitive information, or take control of systems without the user’s knowledge.
A virus attaches itself to legitimate programs or files and spreads when the infected file is executed. It may delete or corrupt data. A worm is more dangerous because it spreads automatically across networks without user action, consuming bandwidth and system resources.
A Trojan horse disguises itself as useful software but performs harmful activities secretly, such as creating backdoors for attackers. Spyware secretly monitors user activities, collects personal data, and sends it to attackers. Ransomware encrypts user data and demands payment to restore access, posing serious threats to individuals and organizations.
Malware often spreads through email attachments, infected websites, pirated software, or unsecured networks.
12.3 Antivirus
Antivirus software is designed to protect systems from malware. It continuously scans files, memory, and incoming data to detect malicious programs. Once malware is detected, the antivirus may remove it, quarantine it, or block its execution.
Modern antivirus programs provide real-time protection, meaning they actively monitor system activity as it happens. They also require regular updates so that newly discovered malware can be detected. Antivirus software is a crucial layer of defense but works best when combined with safe user practices.
12.4 Spam
Spam refers to unwanted or unsolicited messages sent in bulk, most commonly through email. These messages often advertise products, promote scams, or contain malicious links.
Spam wastes time, consumes storage and bandwidth, and can expose users to malware or phishing attacks. Some spam messages are crafted to look legitimate, tricking users into revealing passwords or banking details.
To reduce spam, users should use spam filters, avoid sharing email addresses publicly, and never click on unknown links or attachments. Awareness is the most effective defense against spam-related threats.
12.5 HTTP vs HTTPS
The HyperText Transfer Protocol (HTTP) is used for transferring web pages between a browser and a server. However, HTTP sends data in plain text, making it vulnerable to interception.
HTTPS (HyperText Transfer Protocol Secure) is the secure version of HTTP. It uses encryption techniques to protect data during transmission. This ensures confidentiality, integrity, and authenticity of data exchanged between the user and the website.
HTTPS is essential for websites involving sensitive transactions such as online banking, shopping, and login systems. Modern browsers warn users when a site does not use HTTPS, emphasizing its importance in web security.
12.6 Firewall
A firewall acts as a protective barrier between a computer or internal network and external networks such as the Internet. It monitors incoming and outgoing traffic and allows or blocks data based on predefined security rules.
Firewalls help prevent unauthorized access, protect against hackers, and control data flow. They can be implemented as software firewalls on individual computers or hardware firewalls for entire networks.
By filtering traffic, firewalls play a critical role in maintaining network security and preventing external attacks.
12.7 Cookies
Cookies are small text files created by websites and stored on a user’s computer. They help websites remember user preferences, login sessions, and browsing behavior.
Cookies improve user experience by enabling features such as automatic login and personalized content. However, some cookies track user activity across websites, raising privacy concerns.
Users can manage cookies through browser settings, choosing to allow, block, or delete them. Responsible use of cookies balances convenience and privacy.
12.8 Hackers and Crackers
A hacker is a person with advanced technical knowledge of computers and networks. Hackers may explore systems out of curiosity, to identify security weaknesses, or to improve system security. Ethical hackers work legally to strengthen security.
A cracker, on the other hand, intentionally breaks into systems with malicious intent. Crackers aim to steal data, damage systems, or disrupt services. Their activities are illegal and unethical.
Understanding the difference between hackers and crackers helps clarify that technical skill itself is not harmful—intent determines legality.
12.9 Network Security Threats
Network security threats specifically target data transmitted over networks. One common threat is phishing, where attackers create fake emails or websites to trick users into sharing confidential information.
A Denial of Service (DoS) attack overwhelms a network or server with excessive traffic, making services unavailable to legitimate users. In a Man-in-the-Middle attack, an attacker intercepts communication between two parties and may steal or alter data.
Sniffing involves capturing data packets traveling through a network to obtain sensitive information such as passwords. These threats highlight the importance of secure communication protocols, firewalls, and user awareness.
📌 How to Study This Chapter Effectively (Tip)
- Focus on concepts + real-life relevance
- Understand why a threat is dangerous, not just its definition
- Memorize comparisons (HTTP vs HTTPS, Hacker vs Cracker)
- Link security tools (antivirus, firewall, HTTPS) to threats they prevent
Exam-Oriented Questions & Answers
SECTION A: SHORT ANSWER QUESTIONS
(2–4 marks each)
Q1. What is a security threat?
Answer: A security threat is any possible danger that can harm computer systems, networks, or data. It may result in unauthorized access, data loss, or system damage. Threats can arise due to malware, hackers, or weak security practices.
Q2. What are preventive measures for computer security?
Answer: Preventive measures include using strong passwords, installing antivirus software, enabling firewalls, and keeping systems updated. Regular data backup also helps in recovering lost data. These measures reduce the risk of security attacks.
Q3. Define malware.
Answer: Malware is malicious software designed to damage computer systems or steal information. It can disrupt system operations and compromise data security. Examples include viruses, worms, and ransomware.
Q4. What is a virus?
Answer: A virus is a type of malware that attaches itself to legitimate programs or files. It spreads when the infected file is executed. Viruses can delete, modify, or corrupt data.
Q5. What is ransomware?
Answer: Ransomware is a type of malware that encrypts a user’s data and demands payment to restore access. It can cause severe data loss if backups are not available. Ransomware attacks are increasing globally.
Q6. What is antivirus software?
Answer: Antivirus software detects, prevents, and removes malware from computer systems. It scans files and programs regularly and provides real-time protection. Antivirus software must be updated to remain effective.
Q7. What is spam?
Answer: Spam refers to unwanted and unsolicited messages sent in bulk, usually through email. Spam messages waste time and may contain malicious links. They can also lead to phishing attacks.
Q8. Differentiate between HTTP and HTTPS.
Answer: HTTP transfers data without encryption, making it insecure. HTTPS encrypts data, ensuring secure communication. HTTPS is used for sensitive transactions like online banking.
Q9. What is a firewall?
Answer: A firewall is a security system that monitors and controls network traffic. It blocks unauthorized access while allowing trusted communication. Firewalls protect networks from external attacks.
Q10. What are cookies?
Answer: Cookies are small text files stored on a user’s computer by websites. They store user preferences and session details. Cookies improve user experience but may affect privacy.
Q11. Who is a hacker?
Answer: A hacker is a person with advanced computer skills who explores systems to understand or improve security. Ethical hackers work legally to find vulnerabilities. Not all hackers are criminals.
Q12. Who is a cracker?
Answer: A cracker is a malicious individual who breaks into computer systems illegally. Crackers steal data, damage systems, or disrupt services. Their activities are unethical and illegal.
Q13. What is phishing?
Answer: Phishing is a cyberattack where attackers trick users into revealing sensitive information. Fake emails or websites are used. It commonly targets passwords and banking details.
Q14. What is a Denial of Service (DoS) attack?
Answer: A DoS attack floods a network or server with excessive traffic. This makes services unavailable to legitimate users. It disrupts normal network operations.
Q15. What is spyware?
Answer: Spyware is malware that secretly monitors user activity. It collects personal information without user consent. Spyware threatens privacy and data security.
SECTION B: LONG ANSWER QUESTIONS
(5–6 marks each)
Q16. Explain different types of malware.
Answer: Malware is malicious software designed to harm computer systems. A virus attaches to files and spreads when the file runs. A worm spreads automatically through networks without user action. A Trojan horse appears useful but performs harmful tasks secretly. Spyware collects user information secretly, while ransomware encrypts data and demands payment. Each type of malware poses serious security risks.
Q17. Explain the role of antivirus software in system security.
Answer: Antivirus software protects computer systems from malware attacks. It scans files, memory, and incoming data for malicious code. Antivirus programs provide real-time protection and quarantine infected files. Regular updates allow detection of new malware. Antivirus software is an essential security tool.
Q18. Compare HTTP and HTTPS. Why is HTTPS preferred?
Answer: HTTP transmits data without encryption, making it vulnerable to interception. HTTPS encrypts data using security certificates. HTTPS ensures data confidentiality and integrity. It is preferred for secure websites such as banking and e-commerce portals.
Q19. Explain the function of a firewall.
Answer: A firewall monitors incoming and outgoing network traffic. It allows or blocks data based on security rules. Firewalls protect systems from hackers and unauthorized access. They act as a barrier between internal networks and the Internet.
Q20. Differentiate between hackers and crackers.
Answer: Hackers are skilled individuals who explore systems, often to improve security. Ethical hackers work legally. Crackers, however, break into systems with malicious intent. Crackers steal data or damage systems and act illegally.
Q21. What are network security threats? Explain any two.
Answer: Network security threats target data transmitted over networks. Phishing tricks users into sharing sensitive information. A DoS attack floods servers to disrupt services. Both attacks can cause financial and data loss.
Q22. Explain cookies and their impact on privacy.
Answer: Cookies store user preferences and login information. They improve user experience by personalizing websites. However, tracking cookies may monitor user behavior across websites. This can raise privacy concerns.
Q23. Explain threats and their prevention in computer security.
Answer: Security threats include unauthorized access, malware, and data theft. Prevention involves strong passwords, antivirus software, firewalls, and regular backups. Software updates also fix vulnerabilities. Preventive measures reduce security risks.
Q24. Describe spam and methods to prevent it.
Answer: Spam consists of unwanted messages sent in bulk. It may contain malicious links or phishing content. Spam can be reduced using filters and avoiding unknown links. Users should not share email addresses publicly.
Q25. Why is security awareness important for users?
Answer: Security awareness helps users recognize threats such as phishing and malware. Informed users avoid risky behavior like clicking unknown links. Awareness reduces chances of cyberattacks. Human vigilance is a key part of security.