["Points to Know Smart Computer Science Book-10 \u2022\t The Internet is a global communication system of interconnected computer networks that use the standard internet protocol (TCP\/IP) to link several billions of devices worldwide. \u2022\t The first working prototype of the Internet came in the late 1960s with the creation of ARPANET (Advanced Research Projects Agency Network). \u2022\t World Wide Web, which is also known as a Web, is a collection of websites or web pages stored in web servers and connected to local computers through the internet. \u2022\t E-mail is one of the most commonly used services on the Internet which is a way to send and receive messages to one or more recipients across the internet. \u2022\t Telnet is a protocol that allows you to connect to remote computers (called hosts) over a TCP\/IP network (such as the internet). \u2022\t File transfer is sending of one or more digitized files from one location to another location over internet. \u2022\t A search engine is a software accessed on the Internet that searches a database of information according to the user's query. \u2022\t IRC (Internet Relay Chat) is a protocol for real-time text messaging between internet-connected computers. \u2022\t Internet banking is the system that provides the facility to the customer to conduct the financial and non-financial transactions from their internet banking account. \u2022\t E-Commerce means buying and selling of goods, products, or services over the internet. \u2022\t A newsgroup is an Internet-based discussion forum around an individual, entity, organization or topic. \u2022\t Internet telephony refers to all features of traditional telephony (phone calls, fax, voicemail, etc.) where all calls and data are sent over the Internet rather than over traditional landlines. \u2022\t Internet connection is the ability of individuals and organizations to access the Internet using computer terminals, computers, and other devices; and to access services such as e-mail and the World Wide Web. \u2022\t An Internet service provider is an organization that provides services for accessing, using, or participating in the Internet. Terms to Know Upload\t: \t The process of sending data files from client to host computer. Download\t : \t The process of getting a data file from host to client computer. Chat\t : \t A text-based communication that is live or in real-time. Symmetric\t : \t Having equal download and upload speed. Asymmetric\t : \t Having unequal download and upload speed. URL\t:\tThe address of a World Wide Web pages. Online\t:\tComputers or other devices are being connected to the Internet. Offline\t :\t Computers or other devices not connected to the internet. Approved by Curriculum Development Center (CDC) 51","Internet and Services Command-line \t :\t Process command in the form of lines of text to a computer program. Real-time\t:\t The actual time during which a process or event occurs. Interface\t:\tThe place from where interactions are made between user and computer. Voicemail\t:\tA computer-based system that allows users and subscribers to exchange personal voice messages. Hyper text\t :\t Text which contains links to other texts Hyper media\t : \t Hyperlinked text, images, audios, videos, databases, games, and other application types of interlinked Worksheet Questions types marked by * are just for testing Objective Questions higher ability but can 1. Fill in the blanks: enhance the knowledge for SEE. a. \t ...................... is a global communication system of inter connected computer network. b. \t Web documents and resources are recognized by using ..................... c. \t ............................ searches a database of information according to the user's query. d.\t .............................. is a protocol for real-time text messaging between internet connected computers or devices. e. \t\t............................... is a technology that allows users in different locations to hold face to face meeting. f.\t News group typically found on ......................... g. \t ......................... provides internet services access, usually for charging certain fee. h. \t Users of news group read posts and article using ............................. software. 2. \tWrite 'T' for true and 'F' for false statements: a. \tInternet uses the TCP\/IP protocol to link several billion devices worldwide. b. \tInternet is a network of networks. c. \tInternet allows to exchange information between two computer networks only. 52 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 d. \tInternet has become mandatory for day to day activities. e. \tWorld wide web is a collection of pages of a particular website. f. \t WWW is a bank of information. g.\t Email can be sent to only one person at a time. h.\t FTP is a client server protocol. i.\t The customer can buy and sell goods and services through the online banking system. j. \tTransaction of money, funds and data are also considered as e-commerce. k.\t Users can make comments and ask questions in response to the posts of news group. l.\t Internet telephony is the replacement of the traditional landline telephone. m.\tConnection to the internet requires specific telecommunication, networking and routing equipment. 3. \tMark the correct option: a. \t The World wide web is developed by: i) Alexander Graham Bell\t\t\t ii) Alexander Stepanovich Popov iii) William Shockley \t\t\t iv) Tim Berners b. \t In Nepal, Internet service was started by Mercantile company in i) 1994\t\t ii) 1995\t\t iii) 1992 \t\t iv) 1996\t c. \t The WWW uses the protocol to retrieve and display text and media: \t\ti) TCP\/IP\t ii) HTTP\t\t iii) FTP \t\t iv) All of the these\t d. \t Which is not an ISP of Nepal: \t\ti) Worldlink\t ii) Vianet\t\t iii) NTC \t\t iv) None of the these\t e. \t Remote access software: ii) Ammyyy Admit\t\t \t\ti) AnyDesk\t\t\t\t iv) All of the these\t \t\tiii) Windows Remote Desktop \t\t f. \t To upload and download the files, it needs the protocol \t\ti) FTP\t\t ii) TCP\/IP\t iii) HTTP \t iv) All of the these\t g. \t Search Engines are: \t i) Google\t\t ii) Yahoo\t\t iii) Ask.com \t iv) All of the these\t Approved by Curriculum Development Center (CDC) 53","Internet and Services h. \t First search engine is: \t i) Google\t\t ii) Archie\t\t iii) Ask.com \t iv) None of these\t i. \t The business transaction can be made in: \t i) B2B\t\t ii) B2C\t\t iii) C2C \t\t iv) All of these j. \t Protocol used in internet telephony: \t i) VoIP\t\t ii) FTP\t\t iii) HTTP \t iv) All of these 4. Write the full forms: a.\tNTC .......................................................... l. IRC ............................................................... b. ISP ...........................................................\t m. FTP ............................................................ c. ADSL ........................................................\t n. TCP\/IP.......................................................... d. DSL...........................................................\t o. URL ............................................................. e. ISDN ........................................................ p. www ............................................................ f. \tPSTN........................................................\t q. FTP ............................................................. g.\tDTH .........................................................\t r. HTTP ........................................................... h. VoIP .........................................................\t s. HTML .......................................................... i. \tUsenet ..................................................... t. ARPANET .................................................... j. \tE-mail........................................................ u. Telenet ........................................................ k. E-commerce.............................................\t 5. Write the terms for the following: f. \t A web based software that helps to search information according to user's query. a. \t An organization that provides services for accessing the Internet. Ans:......................................... g. \t Ability of individuals and organizations to Ans:......................................... b. \t Calls and data are sent over the Internet access the Internet using the computer and other devices. rather than over traditional landlines. Ans:......................................... Ans:......................................... h. \t Internet-based discussion forum around an c. \t Selling and buying through the internet. individual, entity, organization or topic. Ans:......................................... d. \t Face to face visual communication. Ans:......................................... i. \t Internet based postal service. Ans:......................................... e. \t A software which is used to access the Ans:......................................... j.\t Network of Networks. websiste. Ans:......................................... Ans:......................................... 54 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 k. \t A protocol that allows us to connect and log stored in web server and connected to local in into the remote computers. computers through the Internet. Ans:......................................... Ans:......................................... l. \t A program which is used for searching and o. \t Internet service that provides us real time retrieving documents from remote sites. communication. Ans:......................................... Ans:......................................... m. \t The banking transaction performed through p. \t Web based software which helps to search the internet. information on the Internet. Ans:......................................... Ans:......................................... n. \t A collection of websites or web pages 6. Match the following: a. \tNepal Telecom WWW b. \tInternet connection technology Tim Berners-Lee c. \t Landline telephone technology HTML d.\t Online store e-mail e. \tUnset POP f. \t VoIP SMTP g.\t Video conference application FTP h. \tText messaging HTTP i. \t Ask.com ISP j. \t Collection of websites ADSL k. \t Bank of information PSTN l.\tWWW Amazon m.\tCreating web page News group n.\t Online postal service Internet Telephony o.\t Protocol used to receive the e-mail Zoom p.\t Protocol used to send the e-mail IRC q.\t Transfer files between a client and server. Search engine r. Retrieval and display of text and media to your device.\t\t Web server \t\t 55 Approved by Curriculum Development Center (CDC)","Internet and Services Descriptive Questions 1. Write very short answer of the following questions: a. \tWhat is Internet? b. \tWhat is meant by going online? c. \t What is the world wide web? d. \tWhat is e-mail? e. \tWhat is Telnet? f.\t What is meant by file transfer? g. \tWhat is IRC? h.\t What is video-conferencing? i.\t What is meant by e-commerce? j.\t What is news group? k.\t What is Internet Telephony? l.\t What do you mean by Internet connection? m.\tWhat is an ISP? 2. Write very short answer of the following questions: a. \tWhy is Internet mandatory for day-to-day activities? b. \tWhy do you use search engine? c. \t Why do you use online banking? d. \tWhy is Internet Telephony more efficient than traditional PSTN? e. \tWhy is ISP needed? f.\t Write the features of online banking. g. \tWhat are the resources and medium of online banking? Case Study and Application-based Questions* 1. \tHanuman Prasad has bought a new computer set in his study purpose at home. After setting his computer, he wants to connect the internet. a. \t What are other hardware devices required to Hanuman Prasad except the computer set? Ans: ......................................................................................................................................................... .................................................................................................................................................................. b. \t Can you suggest him any Internet Service Provider where he can get an efficient internet service connection in the context of Nepal? Ans: ......................................................................................................................................................... c. \t Which type of connection technology is reliable to him? Ans: ......................................................................................................................................................... d. \tHe has to connect the internet in other devices like laptop, mobile phone and tablet. Which 56 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 technology would you suggest him in this case? Ans: ......................................................................................................................................................... e. \t Draw a complete physical diagram of internet connection of Hanuman Prasad's home in separate page. Ans: ......................................................................................................................................................... 2. \tShree Krishna and Govinda want to find synonyms and antonyms of certain difficult words through the internet connected computer. a. \t Which software should they use to access the internet? Ans: ......................................................................................................................................................... b.\t After accessing the internet, How would they solve this problem? Ans: ......................................................................................................................................................... 3. \tRadhika and Durga want to find some information from their school's website, like school's calendar, home assignment, exam syllabus, exam routine, etc. a. \t How do they access the School's website? Ans: ......................................................................................................................................................... b.\t If they want to download the mentioned information, which service of the internet would they use? Write the technical detail with diagram in separate page. Ans: ......................................................................................................................................................... c. If they want to post some terminal exam preparation assignment, which service of internet is suitable for them? Ans: ......................................................................................................................................................... d. \t If they forget URL of the website recently, in this case to find the website, which technique should they use? Ans: ......................................................................................................................................................... 4. \tOn the basis of pictures, answer the asked questions: a. b. Approved by Curriculum Development Center (CDC) 57","Internet and Services a. \t Which service of Internet is used by the user of the first mobile? Write short note. Ans: ........................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ b.\t Which service of Internet is used by the users of the second image? Write short note. Ans: ........................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ 5. \tOn the basis of the given pictures, answer the asked questions: a. \t What is represented by the first and second pictures on the basis of Internet services? Ans: ........................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ b. \t Can you illustrate, are these two services complementary to each other? Ans: ........................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ ................................................................................................................................................................ 58 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 Activity* 1. \tOrganize an inter-class speech competition on the topic \\\"Internet changes the world into the global village\\\" . School Bulletin 2. \t Write an article for your school's news bulletin on the basis of given two images with the suitable heading. 3. \tOrganize the debate competition on the topic of \\\"Internet Era is better than non-Internet Era\\\". 4. \tInterview the public for the TV 59 program 'Public Thought' in the topic 'How can we get the maximum utility from the Internet?' Approved by Curriculum Development Center (CDC)","Ethical & Social Issues in ICT CHAPTER Ethical & Social Issues in ICT 3 Chapter Includes \u2022\t Introduction to Ethics and ICT ethics \u2022\t Cyberbullying \u2022\t Ethical & Social Issues in ICT \u2022\t Cyber Law \u2022\t Code of Conduct of ICT ethics \u2022\t IT Policy 2072 \u2022\t Computer\/Cybercrime \u2022\t Electronic Transaction Act \u2022\t Digital Citizenship \u2022\t Opportunities and Threats in Social \u2022\t Digital Footprint Media INTRODUCTION TO ETHICS In simple terms, ethics is a system of moral principles that include right and wrong or good and bad. So, ethics is concerned with what is good for individuals and society. It is also referred to as moral philosophy. It affects how people make decisions and lead their lives. Our concept of ethics has been derived from society, religions, philosophies, and cultures. The term is derived from the Greek word \u2018ethos\u2019 which means custom, habit, character, or mood. ICT ICT stands for Information and Communication Technology. In present days, it is a booming technology that provides a platform to create, store, access, and transfer information through telecommunication channels which include computers, software, cellphones, wireless and wired networks, and other communication mediums. Nowadays, ICT is used in every activity of human life. It is widely used and it has transformed the world into a global village. Ethical and Social Issues in ICT Due to the use of ICT, our society is being digitized and smart. Every activity seems smart due to the advancement of ICT but the use of ICT has both negative and positive impacts on society. It has raised many ethical as well as social issues for individuals, organizations, and society. ICT ethics is also known as computer and cyber ethics. It is a moral code of conduct or behavior to use ICT. Ethical and social issues are concerned with the protection of personal p\u200b\u200b rivacy, intellectual property, user responsibility, access and use of information, software, licenses, and piracy. 60 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 ICT ethics help us distinguish between right and wrong in the use of Internet related devices and software. It is an ethical and right guideline regarding our behavior and activities in the field of ICT. To remain ethical, we must follow ethical guidelines. We should not harm people or organizations through the use of ICT. If an individual doesn\u2019t follow computer ethics, it may create legal issues that may even lead to the individual\u2019s imprisonment. Some of the moral principles and codes of conducts of ICT ethics are mentioned below: Code of conduct of ICT ethics 1. \t We should not use a computer to harm other people. 2.\t We should not interfere with other people's computer work. 3.\t We should not snoop around in other people's computer files. 4.\t We should not use a computer to bear false witness. 5.\t We should not use a computer to steal. 6.\t We should not copy or use proprietary software for which you have not paid 7.\t We should not use other people's computer resources without authorization or proper compensation. 8.\t We should not copy other people's intellectual output. 9.\t We should think about the social consequences of the program you are writing or the system you are designing. 10\t We should use a computer in ways that ensure consideration and respect for other humans. COMPUTER CRIME\/CYBER CRIME Computer crime is also called cybercrime which refers to the misuse of computer resources for unauthorized or illegal activities which may cause harm to any individual, company and society. Computer crime includes unauthorized copying of software, unauthorized modification of data, creating and spreading computer viruses and malicious programs, all sorts of unauthorized downloading, leaking and hacking data, cyberbullying to others and various other illegal activities. Approved by Curriculum Development Center (CDC) 61","Ethical & Social Issues in ICT DIGITAL CITIZENSHIP Digital citizenship is the responsible use of technology and etiquette related to an online presence. This represents our behaviors and responses to others within a digital community. Digital literacy, ethics, etiquette, online safety, norms, rights, culture and related law are common indicators of digital citizenship. Today, billions of people all over the world interact using various technologies. This interaction creates a digital society that provides opportunities to its citizens for education, employment, entertainment, and social interaction. In any society, it is expected that digital citizens would act in a certain way, according to accepted norms, rules, and laws. A digital citizen refers to a person who has the knowledge and skill to use digital technology effectively and ethically . There are nine major elements of digital citizenship. They are as follows: 1. Access: full electronic participation in society. 2. Commerce: electronic buying and selling of goods. 3. Communication: electronic exchange of information. 4. Literacy: the process of teaching and learning about technology and the use of technology. 5. Etiquette: electronic standards of conduct or procedure. 6. Law: electronic responsibility for actions and deeds. 7. Rights and Responsibilities: those freedoms extended to everyone in the digital world. 8. Health and Wellness: physical and psychological well-being in a digital technology world. 9. Security (self-protection): electronic precautions to guarantee safety. DIGITAL FOOTPRINT A digital footprint is the record of your interaction with the digital world which refers to your digital activities, actions, contributions, and communications. Whenever you use technology and devices online, digital footprint leaves a trace of data on the Internet. In this technology digital devices like cameras, smartphones, iPods, tablets, laptops, and desktops and related software are included. There are two 62 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 main classifications for digital footprints: passive and active. An 'active' digital footprint is the publicly traceable information that you share on the web, such as Facebook updates, message board posts, and tweets on Twitter. We rarely think about this type of digital footprint, but it can become a major headache in some circumstances. A \u2018passive\u2019 digital footprint is made up of the unknowingly collected information that companies are harvesting behind the scenes, such as browsing data, IP addresses, and purchasing habits. This is often collected without the user\u2019s knowledge and is used to target advertisements, build customer profiles, and for many more. Your footprints contain bits of information about you. They could include your name, nickname, or other personal information like your date of birth or address. They could have an insight about what you like, what are your interest, and the things you like to do. Some of these pieces of information are left out there knowingly or unknowingly. So, A digital footprint is also known as a cyber-shadow or digital shadow. Manage your Digital Footprint Approved by Curriculum Development Center (CDC) 63","Ethical & Social Issues in ICT Create Positive Digital Footprint CYBER-BULLYING Cyberbullying is an unwanted aggressive behavior through the use of digital technologies. It commonly takes place on social media, messaging platforms, and gaming platforms. It is repeated aggressive behavior, aimed at frightening, angering, or shaming those who are targeted. Hence, it can be defined as: \\\"Cyberbullying is a technique to harass, hurt, disturb, humiliate, or terrify another person repeatedly and intentionally using digital technologies\\\" Examples of cyberbullying are as follows: \u2022\t E-mails, texts, or messages are sent with the intensions of harassing, hurting, disturbing, humiliating, and terrifying the receiver. \u2022\t Posting inconsiderate and fake information that can hurt one\u2019s image on social media. \u2022\t Making a mockery of other online people grimly. \u2022\t Constantly attacking or killing a symbol or character in an online game on purpose to harass and get a reaction. \u2022\t Masquerading to be someone by creating a fake online profile. \u2022\t Posting an individual\u2019s disgraceful photos or videos online without consent. Face-to-face bullying and cyberbullying can often happen. But, unlike face-to-face bullying, cyberbullying leaves a digital footprint that can prove useful to provide pieces of evidence to help stop the abuse. Effects of Cyberbullying Whether you\u2019re being targeted by bullies or cyberbullies, the results are identical. They are as follows: 64 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 \u2022\t You\u2019re made to feel hurt, angry, afraid, helpless, hopeless, isolated, ashamed, and even guilty that the bullying is somehow your fault. You may even feel suicidal. \u2022\t Your physical health is likely to suffer, and you are at a greater risk of developing mental health problems such as depression, low self-esteem, inferiority or anxiety. \u2022\t You\u2019re more likely to miss, skip, or drop out of school to avoid being bullied. In many cases, cyberbullying can be more painful and humiliating than face-to-face bullying. CYBER LAW The law which is formulated to stop cybercrime is called cyber law. So, it can be defined as: \\\"Cyber law is the part of the overall legal system that deals with the Internet and cyberspace related hardware devices, software, users, and their respective legal issues.\\\" Cyberlaw is like any other legal rule or policy that should be followed in our day-to-day life to stay out of any kind of legal trouble. These laws are formed by keeping several issues into consideration such as society, morals, computer ethics, etc. The only difference is that cyberlaw is applied to the Internet and Internet related technologies only. Cyberlaw is formed to maintain discipline and justice in the cyber world. This area was introduced in the legal system because crimes related to computers and other technologies were increasing rapidly. These types of crimes did not fall under the category of any existing legal sections, therefore a separate section was formed and named cyberlaw. Cyberlaw provides legal protection to online businesses as well as regular users of internet. It is important for anyone using the Internet to be aware of the cyber laws prevailing in their country or local area so that they could know what online activity is legal and which is not. Also, if anything happened them in online, they would be known how they should act regarding that matter accordingly. The major elements included in the cyber law are: a. Electronic and Digital Law\t d. Computer Crime\/Cyber Crime Law b. Intellectual Property Law\t e. Data Protection and Privacy Law c. Telecommunication Law Approved by Curriculum Development Center (CDC) 65","Ethical & Social Issues in ICT What happens if you break a cyber law? Different countries have different cyber laws and cyber law regulating bodies. In Nepal cyberlaw is called Electronic Transaction Act (ETA) 2063, which was passed in 2004 AD. The Act is divided into 12 sections and 80 clauses. This law keeps an eye on issues which are related to computer networks and cybercrime. It brings cybercriminals under the justice of law and penalizes them as per their crimes. As a penalty, according to the ETA 2063, if anyone is found violating the cyberlaw, he\/she will be punished for a minimum of 6 months to a maximum of 3 years prison and has to pay minimum 50 thousand to maximum 3 lakh Nepali rupees. IT POLICY 2072 Information and Communication Technologies are at the core of strategies aimed at securing the goals of sustainable development and stimulating economic growth in countries around the world. These technologies are shaping for social interaction and public services are delivered in some fundamental ways. It is precisely along these lines that the Government of Nepal has placed a great deal of importance on the transformative potential of ICTs and positioning these technologies within the larger context of its far-reaching developmental aim premised around poverty reduction as an overall goal. Goals of Information and Communication Technology Policy 2072 \u2022\t Nepal will strive towards enhancing overall national ICT readiness to be at least in the top second quartile of the international ICT development index and e-government rankings by 2020. \u2022\t At least 75 percent of the population will have digital literacy skills by the end of 2020. \u2022\t Universal broadband access to all people on an equitable basis will be in place. By 2020, 90 percent of the population will be able to access broadband services. \u2022\t The role and significance of ICT industries and services (including telecom services) will increase in the Nepali economy with ICT value-added (including digital content and service industry) accounting for at least 7.5% of GDP (Gross Domestic Product) by 2020. \u2022\t The jurisdiction of Nepal Telecommunications Authority will be expanded to secure complete alignment with policy provisions outlined in IT Policy 2072. \u2022\t By 2020, the entire population of Nepal would have access to the Internet. 66 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 \u2022\t 80% of all citizens facing government services would be offered online by 2020. \u2022\t E-Procurement will be promoted as means of driving transparency through government procurement processes covering all public procurement of goods and services irrespective of cost and volume of such procurements by 2018. \u2022\t G2G (Government to Government) implementation would be promoted to complete automation of the operations of land administration, revenue administration, and management, vital registration, passport, and citizenship certificate services by 2020. \u2022\t Broadband access will be expanded across the country to achieve a broadband internet user penetration rate of 30% at a minimum of 512 kbps and to make available at least 10 Mbps download speed on- demand in urban areas by 2018. \u2022\t Special funding arrangements will be developed and implemented within 2018 to support innovation and the formation of online businesses and startups. Vision To transform Nepal into an information and knowledge-based society and economy. Mission \u2022\t To create environment for the intensified development and growth of the ICT sector as a key driver for Nepal's development and poverty reduction strategies. ELECTRONIC TRANSACTION ACT \u201cThe Electronic Transaction and Digital Signature Act-Ordinance\u201d is popularly known as the \\\"Electronic Transaction Act\u201d of Nepal which is also known as the cyberlaw of Nepal. The government of Nepal passed this law on 30th Bhadra 2061 BS (15th September 2004 AD). This law has provided new trust to the Infor- mation Technology (IT) sector, and IT professionals are hopeful that it will create a favorable situation for conducting IT business. The major interesting provisions of this Act are as follows: \u2022\t Provision of legal status to digital signatures, electronic record for introducing e-banking, e-shopping, e-commerce, etc. \u2022\t Provision for license regarding the IT customers and their duties and responsibilities. \u2022\t Provision of formation of a judicial body to listen to computer-related crimes and their duties, rights, and responsibilities. \u2022\t Provision of punishment to a hacker who damages programs or data residing in other computers or networks or illegally copies them. \u2022\t Likewise, the interpretation of the service, network facilities, telecommunication and their accountability, duty and responsibility, and clarification has been mentioned. Apart from this, the law mentions what kind of punishment laibled to person Approved by Curriculum Development Center (CDC) 67","Ethical & Social Issues in ICT who involved in computer crime, fraudulator, disclosure of secrecy, fraud, license theft, destroying devices, spreading false messages etc . If a person is involved in such crimes, he\/she can be fined as well as imprisoned. OPPORTUNITIES AND THREATS IN SOCIAL MEDIA Social media is the internet-based platform which helps to keep in touch, exchange the ideas and feelings with our friends, family, classmates, customers, etc . Social media networking can occur for social purposes, business purposes, or both of them. Facebook, Twitter, LinkedIn, Classmates and Yelp are popular social meadi network platforms. Opportunities in Social Media: Social media websites are the best tools for anyone to grab opportunities. Millions of people around the world use social media platforms for fundraising, social awareness, promoting global and local business, etc. There are a lot of benefits of social media networking sites when used properly. The list of advantages of social media platforms is given below. \u2022\t It is instant and reliable communication all over the world. \u2022\t It provides updated real-time news and information. \u2022\t It is a great opportunity for business owners to advertise and promote their products as well as connect with their customers. \u2022\t It is a global stage for people to show their talents. \u2022\t It Allows quick sharing of digital content. \u2022\t It plays the role of a motivator in diverting audiences to specified websites. Threats in Social Media As with two sides of a coin, social media websites have their fair share of advantages and disadvantages. Social media users may encounter various problems while using social networking sites. Below are some threats of social media that everyone should be aware of: \u2022\tAddiction: Addictive behavior is developed due to attraction with social networking sites. 68 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 \u2022\tMental Illness: Social networking sites are linked with an increased risk of mental health issues such as depression, and anxiety. \u2022\tFrauds and Blackmail: There are billions of fake accounts on various social networking sites including Facebook, Instagram, and Twitter. Blackmailing with a fraudulent account is a common occurrence in the social media platforms. \u2022\tMisleading Information: Fake news and incorrect information prepared to mislead the audience can go viral in no time on social media platforms. \u2022\tCyberbullying: Since anyone can express their personal views on social networking sites, some people use it to express hatred and aggression. Public figures are the commonly targeted victims of cyberbullying. Teenagers are also at the risk of cyberbullying through the use of social networking sites like Facebook, Instagram, Snapchat, etc. \u2022\tSecurity issues: Most of the users of social media sites are not fully aware of the security measures while using social media platforms. Therefore, they can be suffered by cybercrime. \u2022\tPrivacy Issues: Your behavior on social media can help people or companies to know who you are. It is not hard to find that how many of friends you meet daily, interact, or what type of activities you like. Therefore, your social media behavior can be a great threat for cybercrime. Points to Know \u2022\t Ethics is a system of moral principles that include right and wrong or good and bad. \u2022\t ICT provides us a platform to create, store, access, and transfer information through telecommunication channels which include computers, software, cell phones, wireless and wired networks, and other communication mediums. \u2022\t ICT ethics is also known as computer and cyber ethics. It is a moral code of conduct or behavior to use ICT. \u2022\t Ethical and social issues are concerned about the protection of personal privacy, Intellectual property, user responsibility, access and use of information, software, licenses, and piracy. \u2022\t Computer crime is also called cybercrime. It refers to the misuse of computer resources for unauthorized or illegal activities. It includes software piracy, unauthorized modified data, etc. \u2022\t Digital citizenship is the responsible use of technology and etiquette related to an online presence. Approved by Curriculum Development Center (CDC) 69","Ethical & Social Issues in ICT This represents our behaviors and responses to others within a digital community. \u2022\t A digital footprint is the record of your interaction with the digital world which refers to your digital activities, actions, contributions, and communications. \u2022\t Cyberbuylling is repeated aggressive behavior, aimed at frightening, angering, or shaming those who are targeted. \u2022\t The law which is formulated to stop cybercrime is called cyberlaw. \u2022\t The major elements included in cyberlaw are: d. Computer\/Cybercrime Law \t a. Electronic and Digital Law\t\t \t b. Intellectual Property Law\t\t e. Data Protection and Privacy Law \t c. Telecommunication Law \u2022\t \u201cThe Electronic Transaction and Digital Signature Act-Ordinance\u201d is popularly known as the \\\"Electronic Transaction Act\u201d of Nepal. \u2022\t Social media networking is the internet-based social media platform which helps to keep in touch, exchange the ideas and feelings with our friends, family, classmates, customers, etc . Terms to Know Digital Signature\t : \tA mathematical technique used to validate the authenticity and integrity of a message, software or digital document. Cyberspace\t: \tThe online world of computer networks and especially the Internet. Social Media\t :\tWebsites and applications that enable users to create and share content or to participate in social networking. E-Procurement\t: \tA web portal that facilitates the bidder to submit their bids through e-submission. Broadband Internet\t : \tHigh-speed Internet access that utilizes transmission of wide bandwidth data over a high-speed internet connection. IP Address\t : \tA numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. Intellectual Property\t : \tCreations of the mind: inventions; literary and artistic works; and symbols, names, and images used in commerce. Bullying\t: \tBehavior that is intended to hurt someone either emotionally or physically. Malfunction\t: Fail to function normally. Malicious Program\t : \tProgram intentionally designed to cause damage to a computer, server, client, or computer network. Hacking\t: Identifying and exploiting weaknesses in computer systems or computer networks. Privacy\t:\tBasic right and necessary protection in the digital age to avoid victimization and manipulation. 70 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 Digital Citizen\t : \tA digital citizen refers to a person who has the knowledge and skills to effectively use digital technologies to participate in society, politics, and government. Digital Society\t :\tThe modern society with adaptation and integration of information and communication technologies. Piracy\t: Unauthorized use or duplication of copyrighted content or another\u2019s work. Worksheet Questions types marked by * are just for testing Objective Questions higher ability but can 1. Fill in the blanks: enhance the knowledge for SEE. a. \t ...................... is a system of moral principles. b. \t 'Ethics' as a term is derived from the Greek word ..................... c. \t ................................ digital footprint is publicly traceable information. d. \t ........................................... leaves data trace on the internet whenever you use technology online. e. \t Social networking is the use of ................................ social media programs. f. \t Social media .................................. are the best tools for anyone to grab opportunities through social media. g. \t ................................ is aggressive behavior, aimed at frightening, angering, or shaming those who are targeted using digital technology. h. .......................... and .............................. issues are concerned with the protection of personal privacy, intellectual property, user responsibility, access and use of information, software, licenses, and piracy. i. \t .......................... is the record of your interaction with the digital world. j. \t ......................... refers to the responsible use of information and communication technology by anyone. k. \t ............................... ethics is also known as cyberethics. l. \t The law which is formulated to stop cybercrime is called ....................... m.\t The first cyberlaw Act of Nepal is divided into ..................... sections and ...................... clauses. Approved by Curriculum Development Center (CDC) 71","Ethical & Social Issues in ICT 2. Write 'T' for true and 'F' for false statements: a. \tOur concept of ethics has been derived from society and culture. b. \tDue to the use of ICT, our society is being digitized and smart. c. \tICT ethics are also known as cyberethics. d. \tA Facebook update represents a passive digital footprint. e. \tA digital footprint is useful to provide evidence to stop online abuse. f. \t Posting an individual\u2019s disgraceful photos or videos online without consent represents cyberbullying. g.\t Publishing your own creation in cyberspace is a cybercrime. h.\t Cyberlaw provides legal protection to the people using the Internet for business purposes only. i.\t Breaking the rules on a website results in the suspension or bans of your account. j.\t The government of Nepal passed the cyberlaw of Nepal on 30th Bhadra 2061 BS. k.\t Your footprints contain bits of information about you like your name, nickname, date of birth, or address. l.\t You shall think about the social consequences of the program you code. 3. \tMark the correct option: a. \t The term 'ethos' means. i) custom\t\t\t\tii) habit iii) character\t\t\t\t iv) All of these b. \t ICT components include: \t i) Computers\t\t ii) Software\t iii) Cell Phone \t\t iv) All of these\t iv) None of these\t c. \t Different types of digital footprint: iv) None of these\t \t i) Active\t\t ii) Passive\t\t iii) Both i) & ii) \t\t d. \t A digital footprint is recorded: \t i) Online\t\t ii) Offline\t\t\t iii) Both i) & ii) \t\t 72 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 e. \t An active digital footprint is represented by: \t i) Message board posts\t\t\t ii) Twits on twitter\t\t \t iii) Facebook updates\t\t\t iv) All of the these\t f. \t A passive digital footprint is made with \t i) Browsing data\t\t ii) IP Address\t iii) Purchasing habits \t iv) All of the these\t g. \t Examples of social media websites are: \t i) Facebook\t\t ii) Twitter\tiii) LinkedIn\t\t iv) All of the these\t 4. Write the full forms: a.\tICT .............................................................................................................. b. G2G ........................................................................................................... c. IP ................................................................................................................ d. GDP ............................................................................................................ 5. Write the terms for the following: Ans:......................................... a. \t Websites that make connections with friends, f. \t Misuse of computer resources for unauthor- family, classmates, customers and clients. ized or illegal issues. Ans:......................................... Ans:......................................... b. \t The use of technology to repeatedly and g. \t A system of moral principles that includes intentionally harass, hurt, disturb, humiliate, right and wrong or good and bad. or terrify another person. Ans:......................................... Ans:......................................... c. \t The law which is formulated to stop computer h. \t Technology which provides us a platform to and cyber crime. create, store access and transfer information through the telecommunication. Ans:......................................... d. \t The record of your interaction with the digital Ans:......................................... i.\t The publicly traceable information that you world. share on the web. Ans:......................................... e. \t The responsible use of technology (ICT) by Ans:......................................... anyone. Approved by Curriculum Development Center (CDC) 73","Ethical & Social Issues in ICT 6. Match the following: a. \tTwitter 30th Bhadra 2061 B.S. b. \tComputer Crime Bullying c. \t Publish own creation Part of cyber law d.\t Social media opportunity Social media e. \tElectronic and digital law Intellectual property f. \t Intentionally harass, hurt, disturb or humiliate Hacking g.\t Electronic Transaction Act\u201d of Nepal Online marketing h. \tA Person who has the knowledge and skills to Digital footprint effectively use digital technologies i. \t Illegal activities in the Internet ICT ethics j. \t Legal issues related to ICT Cyber crime k. \t A data trace in the internet Digital citizen Descriptive Questions 1.\t Write very short answer of the following questions: a.\t What is ethics? b.\t What is ICT? c.\t What may happen in the case where we don\u2019t abide by ICT ethics? d.\t What is a cyber crime? e.\t What does computer crime include? f.\t What is digital citizenship? g.\t What is a active digital footprint? h.\t What is a passive digital footprint? i.\t What does 'digital citizenship' include? j.\t What is cyberbullying? k.\t What is cyberlaw. m. What is ETA? 2. Write Short answer of the following questions: a. \tWhy is ICT ethics important? b. \tWhy should we manage our digital footprint? c. \tHow do you create a positive digital footprint? 74 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 d. \tWhy do people cyberbully others? e. \tHow does cyberbullying occur? f. \t Why is cyberlaw formulated? g. \tWhy was cyberlaw formulated in a separate section? h.\t Why is an Electronic Transaction Act enacted? i. List out the components of ICT. j.\t Write any five codes of conduct of ICT ethics. k.\t What are the ethical and social issues in ICT? l.\t What is the digital citizen? Write some of the good qualities of a digital citizen. m.\tList out the major themes of a digital citizen. n\t What is the digital society? How is a 'digital society' created? o.\t What information does 'footprint' contain? p.\t What are the major components of cyberlaw? q.\t What happens when you break cyberlaw? r.\t What is IT policy? Write any five provisions of IT policy. s.\t Define the vision and mission of IT policy 2072. t.\t What is the \\\"Electronic transaction Act\\\" of Nepal? u.\t What are the opportunities provided by social media? v.\t List out the threats of social media. Case study and Application-based Questions* 1. \tAs part of the course evaluation, Sukadev Thakur had submitted a project report in his final term. The teacher rejected the report and marked zero as his teacher found that some of the content of project work was copied from the Internet: a. \t Why did the teacher punish him by marking zero? Ans: ......................................................................................................................................................... b. \t What is the term used to describe copying someone's work? Ans: ......................................................................................................................................................... c. \t If you have to copy a definition, quote, etc. for a project, what should you do? Ans: ......................................................................................................................................................... 2. \tSuppose Radhe Shyam uncle got a message in the messenger from his bank to submit personal details of bank account, debit card, credit card, PAN, etc. Do you think that Radhe Shyam uncle should submit these details? Mention your logic. Ans: ......................................................................................................................................................... ................................................................................................................................................................. .................................................................................................................................................................. .................................................................................................................................................................. Approved by Curriculum Development Center (CDC) 75","Ethical & Social Issues in ICT 3. \tOn the basis of this chapter, write a short logical note about this picture. Ans: ...................................................................................... .............................................................................................. .............................................................................................. .............................................................................................. ..................................................................................................................................... .................................................................................................................................... 4. \t Study the following e-mail message received by Vuniya Chaudhary and answer the asked questions. a. Should Vuniya forward the asked details in the e-mail? Mention your strong logic. Ans: ............................................................................................................................ ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... b. What should you do if you are the receiver of this e-mail? Ans: ............................................................................................................................ ..................................................................................................................................... c. Write the suitable term to describe the act of sending such messages. Ans: ............................................................................................................................ 76 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 5. \t Taking the reference of this chapter, study the information given in the banner, the heading is taken away: a. What might the heading be? Ans: .............................................................. b. \t Why would someone post such information on the Internet? Justify with reasons. Ans: .............................................................. ...................................................................... ...................................................................... ...................................................................... .................................................................................................................................... ..................................................................................................................................... 6. \tNirmala Ghale gets the following message frequently from an unknown person on her mobile phone. a. \t What does this message represent? Ans: ............................................................ .................................................................... b. \t How does this message affect Nirmala? Ans: ............................................................ ..................................................................................................................................... ..................................................................................................................................... .................................................................................................................................... c. \t If you get such types of messages, what should you do? Ans: ............................................................................................................................ .................................................................................................................................... .................................................................................................................................... Approved by Curriculum Development Center (CDC) 77","Ethical & Social Issues in ICT d. \t Can an unknown person send such messages? Answer with your logic. Ans: ............................................................................................................................. ..................................................................................................................................... ..................................................................................................................................... e. \t What may be the purpose of sending such a message? Ans: ............................................................................................................................ ..................................................................................................................................... ..................................................................................................................................... f. \t How can we identify such a person? And how should the person be punished? Ans: ............................................................................................................................. ..................................................................................................................................... ..................................................................................................................................... 7. \t Pandit Kuber Subedi wants to play \u2018Dharma Darshan\u2019 videos on YouTube. So, he searches and plays Hanuman Chalisa, Ganesha Chalisa, Gayatri Mantra, etc. The next day, when he opens YouTube, he is recommended similar videos as he had played the previous day. a. \tHow was Pandit Kuber Subedi recommended similar videos on YouTube? Answer with your logic. Ans: ............................................................................................................................ ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... 78 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 8. \tShailu Chaudhary has created the given poster and posted it on a Facebook page. a. \tWhat might be suitable words or phrases to complete the heading? Ans: ............................................................................ b. \t What is the intention behind the creation of this banner? Ans: ............................................................................. ..................................................................................... ..................................................................................... c. \t Why was it posted on a Facebook page? Ans: ............................................................................................................................ ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... d. \t Is Shailu a good digital citizen? Justify it with a reason. Ans: ............................................................................................................................. ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... e. \t If you get this banner on your Facebook feed, what would you do being a good digital citizen? Write with a reason. Ans: ............................................................................................................................ ..................................................................................................................................... ..................................................................................................................................... .................................................................................................................................... Approved by Curriculum Development Center (CDC) 79","Ethical & Social Issues in ICT 9.\t On the basis of the given image, answer the asked questions. a. \t Write the single word that is represented by the activities shown in the image? Ans: ............................................................................................................................. b. \t How to control such activities? Prepare a small suggestion e-mail for the Nepal Government. Ans: ............................................................................................................................ ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... c. \t Is there any legal provision to treat such activities in the Cyberlaw of Nepal? If yes, what are the provisions? Ans: ............................................................................................................................ ..................................................................................................................................... .................................................................................................................................... .................................................................................................................................... ..................................................................................................................................... ..................................................................................................................................... 80 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 Activity* 1. \tOrganize an inter-class speech competition on the topic 'ICT has transformed us into digital citizens'. 2.\tArrange your class into three groups and organize a chart paper or digital presentation about the topic: \t a. Become a responsible digital citizen today! \t b. Cyberbullying is a slow poison for the teenagers. c. \tImportance of digital footprint. 3. \tWrite an article for your school's news bulletin School Bulletin on the basis of the given image with a suitable heading. 4. \tOrganize a debate competition on the topic of 'social media are the boons for students'. Approved by Curriculum Development Center (CDC) 81","Computer Security CHAPTER Computer Security 4 Chapter Includes \u2022\t Introduction to Computer Security \u2022\t Security Threats \u2022\t Logical and Physical Threats \u2022\t Information Security \u2022\t Information Security Mechanism \u2022\t Hardware Security and Software Security Mechanism INTRODUCTION TO COMPUTER SECURITY Computer security is also known as cybersecurity or IT security. It is the protection of computer systems and informations from harm, theft, and unauthorized use as well as from interruption or misdirection of the services. It also protects against harm that may come via network access, data, or code injection, as well as due to malpractice of operators. In short, it is the process of preventing and detecting unauthorized use of a computer system. Importance of Computer security Computer security is important because personal data on an individual\u2019s device or the remote device should be protected at all the times. Below are some reasons, because of these reasons data should remain safe and confidential: \u2022\t Prevention of theft of data such as bank account numbers, credit card information, passwords, work-related documents, etc. So, Computer security is essential. \u2022\t Data stored in a computer can also be misused by unauthorized intrusions. An intruder can modify and change the program\u2019s source codes and can also use your pictures or e-mail accounts to create and publish content such as pornographic images, fake and offensive, misleading facts, etc. So, Computer security is most important. \u2022\t Malicious intentions can also be a factor of computer security. Intruders often use your 82 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 computers for attacking other computers or websites or networks with destructive intentions. Harmful hackers might crash someone\u2019s computer system to create data loss. They can make DDOS (Distributed Denial of- Service) attacks to prevent your access to websites by crashing the server. So, Computer security plays the most important role to prevent such crimes. Types of Computer Security Nowadays, the field of computing is expanding, so a question can be raised, \u201cwhat is being secured?\u201d In a broad sense, computer security includes the following types: Information security: It deals with securing data, information and software from unauthorized access, modification and deletion. Application Security: It deals with securing an application by building security features to withstand cyber threats such as SQL(Standard Query Language) injection, DoS (Denial of Service) attacks, data breaches, etc. Hardware Security: It means securing a standalone computer hardware by keeping it updated and patched. Network Security: It deals with securing both the software and hardware technologies from the networking infrastructure. Cyber security: It deals the protection of computer systems which communicate over the internet. SECURITY THREATS Computer security threats are repeatedly inventive. These threats are masters of disguise and manipulation. They constantly evolve to find new ways to annoy, steal, and harm the computer system. Security threats are of two types. They are as follows: i) Physical threats \t\t ii) Logical threats PHYSICAL THREATS A physical threat is a potential cause of an incident that may damage the computer system\u2019s hardware and infrastructure. It is also known as a hardware security threat. The following list classifies the physical threats into three main categories: Approved by Curriculum Development Center (CDC) 83","Computer Security Internal: These threats include fire, unstable power supply, humidity in the rooms housing the hardware, etc. External: These threats include lightning, floods, earthquakes, etc. Human: These threats include theft, vandalism of the infrastructure, hardware disruption, accidental or intentional errors. LOGICAL THREATS A logical threat is related to the software, data, and informations in computer systems and cyberspace. So, it is also called informations, data, and software security threats. It is a potential cause of an incident that may result loss or corruption of system data, interruption of business operations, loss of sensitive information, monitoring of illegal activities on computer system, cyber security breaches, etc. The following list denotes the most common types of logical threats: \u2022\t Hacking \u2022\t Drive by download \u2022\t Botnet \u2022\t Fishing \u2022\t Eavesdropping attack \u2022\t Rootkit \u2022\t Keylogger \u2022\t Malware (Malicious code) \u2022\t Social Engineering Hacking Hacking is identifying weakness in computer systems or networks to exploit them to gain unauthorized access to the system. Using a password cracking algorithm to gain access to a system is a best example of hacking. Computers have been an important tool for businesses. A stand-alone computer system is not adequate, hence it is connected to a network to facilitate communication with others. Therefore this exposes the computer system to the extremities of online hacking. Hacking is the unauthorized access of the system to commit fraudulent acts such as privacy violations, stealing of data and personal informations, etc. The person who hacks a system is known as a hacker. The hacker finds and exploits weaknesses in computer systems and\/or networks to gain unauthorized access. The hackers are usually skilled computer programmers with knowledge of computer security. The hackers are classified according to the intent of their actions. The following list classifies the hackers according to their intent. 84 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 Cracker (Black hat): A cracker, also known as Black Hat or evildoer, tries to gain unauthorized access to computer systems for personal gain. The intent is usually to steal corporate data, violate privacy rights, transfer funds from bank accounts, etc. Grey hat: Grey Hats are hackers who lie between ethical hackers and Black Hat hackers. These types of hackers break into computer systems without authority intending to identify weaknesses and reveal them to the system owner. Script kiddie: Script Kiddies are non-skilled people who gain access to computer system using already made tools and technique. Hacktivist: Hacktivists are hackers who use hacking to send social, religious, and political messages. This is usually done by leaving a message on the hijacked website. Phreaker: Phreakers are hackers who identify and exploit weaknesses in telephones instead of computers. Ethical Hacker (White hat): Ethical hackers are also known as White Hats who gain access to systems with an intent to fix the identified weaknesses. They may also perform penetration tests and vulnerability assessments. Popular companies hire ethical hackers to find weaknesses and secure their systems using ethical hacking techniques. Ethical hackers must follow the following rules: \u2022\t Should get written permission from the owner of the computer system and\/or computer network before hacking. \u2022\t Should protect the privacy of the organization being hacked. \u2022\t Should transparently report all the identified weaknesses in the computer system to the organization. \u2022\t Should inform hardware and software vendors of the identified weaknesses. Approved by Curriculum Development Center (CDC) 85","Computer Security Phishing In the field of computer security, phishing is a criminally fraudulent process of attempting to collect sensitive information such as user names, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by e-mail or instant messaging and it often directs users to enter details at a fake website whose looks and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to fool users and exploits the poor usability of current web security technologies. Keylogger Keyloggers are a type of monitoring software designed to record keystrokes made by a user. It is also known as a keystroke logger. It is one of the oldest forms of cyber threat, these keystroke loggers record the information that you type into a websites or applications and send to a third party. Criminals use key loggers to steal personal or financial information such as banking details which they can sell or use for profit. However, they also have legitimate uses within businesses to troubleshoot, improve user experience, or monitor employees. Drive-by Download A drive-by download refers to the unintentional download of malicious code to your computer or mobile device that makes you open to a cyber attack. You don't have to click on anything, press download or open a malicious e-mail attachment to become infected. A drive-by download can take advantage of an app, operating system, or web browser that contains security flaws due to unsuccessful updates or lack of 86 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 updates. Unlike many other types of cyber-attack, a drive-by doesn't depend on the user to do anything to actively enable the attack. Drive-by downloads are designed to breach your device for one or more of the following: Hijack your device :- To build a botnet, infect other devices, or breach yours further. Spy on your activity :- To steal your online credentials, financial info, or identity. Ruin data or disable your device :- To simply cause trouble or personal harm to you. If you don't have proper security software or your vulnerabilities are not fixed, you could become a victim of a drive-by download attack. The best way to prevent drive-by download attacks are: \u2022\t Avoid visiting websites that could be considered dangerous or malicious which includes adult content, and file-sharing websites. \u2022\t Keep your Internet browser, and operating system up to date. \u2022\t Use a safe search tool that warns you when you navigate to a malicious site. \u2022\t Use comprehensive security software in all your devices and keep it up to date. Concept of Drive-by download Eavesdropping Attack An eavesdropping attack, also known as a sniffing or snooping attack. It is a way of theft, modification, or deletion of essential information. It is transmitted over a network by a computer, smartphone, or other connected devices. The attack takes advantage of unsecured network communications to access data as it is being sent or received by a user. Approved by Curriculum Development Center (CDC) 87","Computer Security Eavesdropping is a deceptively mild term. The attackers are usually after sensitive financial and business information that can be sold for criminal purposes, like passwords, credit and debit card informations, and other confidential information of business organizations. i) Passive eavesdropping: With passive eavesdropping, the hacker simply \u201clistens\u201d to data that is passing through the network. ii) Active eavesdropping : With active eavesdropping, the hackers disguise themselves. This allows them to impersonate a website where users would normally share their private data. Data encryption is the best way for being safe from eavesdropping attacks. Botnets A botnets are collection of internet-connected devices infected by malware which are controlled by hackers. Cybercriminals use these botnets to initiate botnet attacks, which include malicious activities such as credentials leaks, unauthorized access, data theft, and DDoS attacks. Botnet owners can have access to several thousands of computers at a time and can command them to carry out malicious activities. Cyber-criminals initially gain access to these devices by using special Trojan viruses to attack the computer's security systems before implementing command and control software to enable them to carry out malicious activities on a large scale. In these activities, all these botnets can be automated to encourage simultaneously as possible which is called DDOS attack. 88 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 Rootkit A rootkit is a collection of software tools that enables remote control and administration-level access over a computer or computer network. Once remote access is obtained, the rootkit can perform several malicious actions; they come equipped with keyloggers, password stealers, and antivirus disablers. Rootkits are installed by hiding them in legitimate software. When the user permits that software to make changes to your OS, the rootkit installs itself in your computer and waits to the hacker to be activate. Other ways of rootkit distribution include phishing e-mails, malicious links and files and downloaded software from suspicious websites. Approved by Curriculum Development Center (CDC) 89","Computer Security Malicious Code Malicious code is a kind of destructive computer code or web script which is designed to create vulnerabilities in system. It leads unauthorized remote access, security breaches, information and data theft and other potential damages in computing systems and files . It comes in different forms of malware software, so it is a very dangerous threat that may not be blocked by antivirus software. Malicious code is a self-executing application that can activate itself and take various forms with Java Applets, ActiveX controls, pushed content, plug-ins, scripting languages or other programming languages. If a malicious code enters the network environment, it can also cause network and mail server overload by sending e-mail messages; stealing data and passwords; deleting document files, e-mail files, or passwords; and even can reformat to hard drives. Some common examples of malicious code are attack scripts, viruses, worms, trojans, backdoors, and malicious active content. Social Engineering The hackers are continually becoming more and more sophisticated not only in their use of technology but also in psychology. Social engineering is a manipulation technique which is used for hacking that exploits human error to gain private information or valuable information. In cybercrime, these \u201chuman hacking\u201d blackmails turn to appeal to unsuspecting users into exposing data, spreading malware infections, or giving access to restricted systems. Attacks can happen online, in person, or via other interactions. The social engineers can be described as \u201cThe hackers who exploit the one weakness that is found in every organization's human psychology. Using a variety of media, including phone calls and social media, these attackers trick people into offering them access to sensitive information.\u201d 90 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 MALWARE Malware, \u201cmalicious software,\u201d refers to any intrusive software developed by the hackers to steal data and destroy, crash and hang computer systems. It can be a script, executable code, or any other form of software. Primarily, malware is used to gain unauthorized access to a network or harm or steal data from a system. It is generally delivered in the form of a link or file through e-mail, when the user clicks on the link or opens the file, the malicious software is executed into the system. This malicious software can also be called a computer virus. Various examples of computer viruses are Worms, Ransomware, Spyware, Scareware, Trojan, Adware, Rootkits, etc. Computer Virus : A computer virus is a malicious piece of computer code designed to spread from device to device and destruct the system. Almost all viruses are attached to an executable file or the boot sector of the disk. To activate itself, a computer virus enters a host program. A computer system gets infected when the user runs or opens the host program. Sharing infected files over a network, e-mail, through the disks like CD, pen-drive, memory card, spreads the computer virus from one computer system to another. Program\/file infector virus is very common type of virus which infects executable code files such as .exe, .com, .drv, .dll, .bin, .sys. It becomes active when the infected file is executed. Other types of viruses like Macro virus, Multipartite virus, Polymorphic virus, stealth virus also have been developed. Worms : A computer worm is a type of malware that spreads copies of itself from a computer to another computer within the network. This in turn hinders the performance of other services in the computer\u2019s operating system. Trojan horse: A Trojan horse is a type of malware which downloads onto a computer as a legitimate program. They are designed to damage, disrupt, steal or harm on your data or network. Spyware : Spyware is a type of malware that secretly collects and shares information about a computer or network without the user\u2019s consent. Adware : Adware, or advertising-supported software, is a type of malware that displays unwanted advertisements on your computer. Adware programs tend to serve the user with repeated pop-up ads, and can also change the browser\u2019s homepage. They can also add spyware and bombard the user\u2019s device with advertisements. Approved by Curriculum Development Center (CDC) 91","Computer Security INFORMATION SECURITY Information security abbreviated infosec which is a security mechanism intended to keep data secure from unauthorized access or alterations when it is being stored or transmitted from one machine or physical location to another. It is also known as software security and data security. In other words, information security refers to the processes and methodologies which are implemented to protect electronic or any other form of confidential, private, and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification or disruption. CONCERNS OF INFORMATION SECURITY Information security is concerned with four main components. They are as follows: Confidentiality:- Only authorized users can access the data and information. Integrity:- Only authorized users can be modify the data. Availability:- Data should be available to users when needed. Authentication:- After verification of users identification with the help of user and password policy, user can enter the system. INFORMATION SECURITY MECHANISM Information security mechanisms are technical tools and techniques which are used to implement security services for data, information and software. A security mechanism might operate by itself, or with others, to provide a particular service. Examples of common security mechanisms are as follows: Identification and Authentication Identification is the ability to uniquely identify a user of a system. Authentication is the ability to prove that a genuine user who is eligible to entered into the system. For example, consider a user who logs on to a system by entering user's ID and password. The system uses the user ID to identify the user. The system authenticates the user at the time of log on by checking the supplied password by user is correct. There are various identification and authentication system mechanisms. However, in this chapter, we will be discussing password policy and biometric only. 92 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 Password Policy: A password is a word, phrase, or string of characters that is memorized and kept secretly. It is usually used to confirm the identity of a user and authorize them to access a resources. A password is usually paired with a username to provide identification. Password helps to ensure whether the user is an authenticate person or not. The good password characteristics are as follows: \u2022\t A good password length is at least 12 characters long. \u2022\t It should be unique, complex, and nonsensical, comprising of a mix of nonrepeating letters, numbers, and symbols that do not contain dictionary words in any language. \u2022\t it should not have any other guessable context or sequences from a keyboard like \u2018qwerty\u2019,\u2018zxcvb\u2019, 'abcd' or '123'. \u2022\t If you ever need to share your password, change it when the other person is done using it. Biometric System: Biometric is a technology used to identify, analyze, and measure an individual\u2019s physical and behavioral characteristics. Each human being is unique in terms of characteristics, which makes an individual different from the rest. Some physical attributes make a person stand separate from the rest, such as fingerprints, color of the iris, color of hair, hand's geometry and behavioral characteristics, such as tone and accent of speech, signature, or the way of typing keys of keyboard, etc. The uniqueness of a person is measured by biometric systems to: \u2022\t Identify and verify a person. \u2022\t Authenticate a person to give appropriate rights to system operations. \u2022\t Keep the system safe from unethical handling. Approved by Curriculum Development Center (CDC) 93","Computer Security Firewall A firewall is a system designed to prevent unauthorized access to or from a private network. It can be implemented in either hardware or software form, or a combination of both of them. The firewall prevents unauthorized internet users from accessing private networks connected to the internet, especially the intranet. All messages entering or leaving the intranet must pass through the firewall which examines each message and blocks those that do not meet the specified security criteria. Therefor, in protecting private information, a firewall is considered the first line of defense. Cryptography Cryptography is associated with the process of converting an ordinary plain text into and unintelligible text and vice- versa. It is a method of storing and transmitting data in a particular form so that only authenticated people can read and process it. Cryptography not only protects data from theft or alteration but can also be used for user authentication. In cryptography, the techniques which are used to protect information are obtained from mathematical concepts and a set of rule-based calculations known as algorithms that convert messages in ways that make it hard to decode them. These algorithms are used for cryptographic key generation, digital signing, data privacy, web browsing on the internet and also to protect confidential transactions such as credit card and debit card transactions. Two types of techniques are used for cryptography. They are as follows: Encryption: Encryption is a process that transforms the original information into an unrecognizable form. It is also known as encoding data. This new form of the message is entirely different from the original message. That's why a hacker is not able to read the data as the senders use an encryption algorithm. Encryption 94 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 is usually done using key algorithms. Decryption: Decryption is a process of converting encoded\/encrypted data into a form that is readable and understood by a user. This decryption is performed by using a key used to encrypt the original data. Key differences between Encryption and Decryption \u2022\t Encryption is a process of converting normal data into an unreadable form, whereas decryption is a method of converting the unreadable\/coded data into its original form. \u2022\t Encryption is done in the system which is sending the data to the destination, but the decryption is done in the system which is receiving the data. \u2022\t The same algorithm with the same key is used for both the encryption-decryption processes. Features of Cryptography are as follows: There are four fundamental features of cryptography. They are as follows: Confidentiality:- Information can only be accessed by the person to whom it is intended and no other individual can access it. Integrity:- Information cannot be altered in storage or transition between sender and intended receiver without any addition to information being detected. Non-repudiation:- Sender cannot deny his\/her intentions in the transmission of the information at a later stage. Authentication:- The identities of sender and receiver are confirmed. As well as destination\/origin of information is confirmed. Approved by Curriculum Development Center (CDC) 95","Computer Security Antivirus Software Antivirus software is a type of program designed and developed to protect computers from malware like viruses, computer worms, spyware, botnets, rootkits, keyloggers Trojans, phishing attacks, spam attacks, and other online cyber threats. Antivirus programs scan, detect and remove viruses from a computer system. Antivirus software scans a computer's memory and disk drives for viruses. If a virus is found, the anti-virus software will notify the user. The user can then clean, delete, or quarantine any infected files. Backup System A backup system is the process of creating a copy of the data on a user\u2019s system that is used for recovery in case the original data is lost or corrupted. The purpose of the backup system is to create a copy of data that can be recovered in the event of a primary data failure. Primary data failures can be the result of hardware or software failure, data corruption, or a human- caused event, such as a malicious attack (virus or malware), or accidental deletion of data. Backup copies allow data to be restored from an earlier point in time to help the business recover from an unplanned event. Storing the copy of the data on a separate medium is important to protect against primary data loss or corruption. This additional medium can be an external drive or USB stick, or something more substantial, such as a disk storage system, cloud storage container, or tape drive. The alternate medium can be in the same location as the primary data or at a remote location. 96 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 Updating System Software Operating system updates contain new fixes that help to keep computer systems up to date. Examples of updates include service packs, version upgrades, security updates, drivers, or other types of updates. Software updates are important to the security and reliability of a computer. They offer the latest protection against malicious online activities, digital safety, and cyber security. HARDWARE SECURITY Hardware refers to the physical devices used in the computer system which includes all the input, output, processing and storage devices. For a system to be secure, the hardware devices must also be secured. The method for the protection of hardware components used in the computer system is called hardware security. Hardware security protects all peripheral devices from physical dangers such as electronic hazards, vandalism, theft, etc. To protect the hardware devices, we can use the following security mechanisms: Regular Maintenance : Regular maintenance is concerned with the following points. It helps to protect the computer system\u2019s hardware devices. \u2022\t Computer systems should be cleaned with a dry cloth or a soft brush, and the keyboard should be vacuumed regularly. LCD\/LED monitors should be cleaned with proper materials like a microfiber cloth. \u2022\t A computer system\u2019s files should be backed up. \u2022\t Mass storage usage should be checked from 'This PC' window to ensure that you don\u2019t exceed capacity on any drive. \u2022\t If a mass storage problem is suspected, the user should run the 'Check Disk' utility to scan the drive for errors. \u2022\t Ideally, issues should be detected early, before they become serious problems. \u2022\t Users should be conscious to prevent viruses and malware from infecting the computer system. \u2022\t Antivirus software should be up-to-date. Approved by Curriculum Development Center (CDC) 97","Computer Security Cleanliness Cleanliness is an important hardware security measure. Dust is very harmful to a computer\u2019s hardware devices and the entire computer system. Dust build-up is common in various parts of the system such as computer case, fan, power supply, and CPU cooler. An excess of dust build- up over time can cause serious damage to these electronic parts. Hence, the computer system must be kept clean and tidy. Below are some tips to keep the computer system clean and tidy: \u2022\t Clean floors regularly. \u2022\t Clean the inside of the computer regularly. \u2022\t Clean all the shelves and cabinets of the computer room. \u2022\t Move the computer away from doors and windows. \u2022\t Install an air filter. Insurance\t\t\t\t\t Insurance refers to the monetary cover for the loss or damage to the computer system or any part of its due to accidental or intentional harm. It is a major aspect of hardware security. A user can claim economic support for the damage of a computer system from the insurance company if the device is insured. Physical security Computer equipment needs to be protected from theft and physical harm. Therefore, the computer should be kept in a well-secured room. The room should be equipped with a standard lock at the least. It is ideal, if the room is equipped with an alarm system and CCTV (Closed-circuit television) and has full-height walls along with fireproof ceilings. Protection from Fire Fire is generally lethal for a computer system. Fire can break out due to various issues such as faulty wiring, short circuits, or overloaded circuits. Hence, it is advised that the computer room is equipped with fire detectors as well as fire extinguishers. 98 Approved by Curriculum Development Center (CDC)","Smart Computer Science Book-10 Air condition Overheating can extensively hinder a computer\u2019s performance. Hence, it is commendable if the computer room is well ventilated or equipped with an air-conditioner. Extremely abnormal heat or humidity may cause the failure of hardware devices, and subsequently, the computer may crash. The recommended computer room temperature is 21-24 degrees Celsius. Power protection devices Hardware devices, as well as the software and data can be damaged if there is a fluctuation in the electric voltage or in the case of a power failure. Power fluctuations can damage the hard disk and corrupt the operating system as well as other software and data files. To protect the computer from power fluctuations, power protection devices like UPS, volt guard, spike guard, power surge, etc. should be used Approved by Curriculum Development Center (CDC) 99","Computer Security Points to Know \u2022\t Computer security is also known as cybersecurity or IT security. It is the protection of computer systems and information from harm, theft, and unauthorized use, as well as from interruption or misdirection of the services. \u2022\t Security threats are masters of disguise and manipulation. They constantly evolve to find new ways to annoy, steal, and harm the computer system. \u2022\t A physical threat is a potential cause of an incident that may damage the computer system\u2019s hardware and infrastructure. \u2022\t A logical threat is a potential cause of an incident that may result in loss or corruption of system data, interruption of business operations, loss of sensitive information, illegal monitoring of activities on computer systems, cyber security breaches, etc. \u2022\t Common types of logical threats include Hacking, Phishing, Keylogger, Drive-by Download, Attack, Eavesdropping Attack, Malware (Malicious code), Botnet, Rootkit, Social Engineering, etc. \u2022\t Information security is a set of practices intended to keep data secure from unauthorized access or alterations, both when it's being stored or transmitted from one machine or physical location to another. \u2022\t Information security is concerned with four main components confidentiality, integrity, availability, and authentication. \u2022\t Information security mechanisms are tools and techniques that are used to implement security services for data, information, and software. \u2022\t Identification is the ability to uniquely identify a user of a system or an application that is running in the system. \u2022\t Password is a secret memorized word that is usually used to confirm the identity of a user and authorize to access a resource. \u2022\t Biometrics is a technology used to identify, analyze, and measure an individual\u2019s physical and behavioral characteristics. \u2022\t A firewall is a system designed to prevent unauthorized access to or from a private network. \u2022\t Cryptography is associated with the process of converting meaningful information into unintelligible data and vice-versa. It includes two techniques: encryption and decryption. \u2022\t Encryption is a process of converting meaningful information into unintelligible data, whereas decryption is a method of converting the unintelligible data into its original form. \u2022\t Antivirus software is a type of program designed and developed to protect computers from malware. \u2022\t A backup system is the process of creating a copy of the data on a user\u2019s system that is used for recovery in case the original data is lost or corrupted. \u2022\t The method for the protection of hardware components used in the computer system is called hardware security. Hardware security protects all peripheral devices from physical dangers such as electronic hazards, vandalism, theft, etc. 100 Approved by Curriculum Development Center (CDC)"]
Search
Read the Text Version
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
- 218
- 219
- 220
- 221
- 222
- 223
- 224
- 225
- 226
- 227
- 228
- 229
- 230
- 231
- 232
- 233
- 234
- 235
- 236
- 237
- 238
- 239
- 240
- 241
- 242
- 243
- 244
- 245
- 246
- 247
- 248
- 249
- 250
- 251
- 252
- 253
- 254
- 255
- 256
- 257
- 258
- 259
- 260
- 261
- 262
- 263
- 264
- 265
- 266
- 267
- 268
- 269
- 270
- 271
- 272
- 273
- 274
- 275
- 276
- 277
- 278
- 279
- 280
- 281
- 282
- 283
- 284
- 285
- 286
- 287
- 288
- 289
- 290
- 291
- 292
- 293
- 294
- 295
- 296
- 297
- 298
- 299
- 300
- 301
- 302
- 303
- 304
- 305
- 306
- 307
- 308
- 309
- 310
- 311
- 312
- 313
- 314
- 315
- 316
- 317
- 318
- 319
- 320
- 321
- 322
- 323
- 324
- 325
- 326
- 327
- 328
- 329
- 330
- 331
- 332
- 333
- 334
- 335
- 336
- 337
- 338
- 339
- 340
- 341
- 342
- 343
- 344
- 345
- 346
- 347
- 348
- 349
- 350
- 351
- 352
- 353
