This page contains the NCERT Computer Science class 12 chapter 12 Security Aspects. You can find the solutions for the chapter 12 of NCERT class 12 Computer Science Exercise. So is the case if you are looking for NCERT class 12 Computer Science related topic Security Aspects questions and answers for the Exercise
Exercise
Question 1
1. Why is a computer considered to be safe if it is not connected to a network or Internet?
Answer 1
A computer that is not connected to any external device, network, or the Internet is safer because many security threats come through connected systems. When there is no connection, it becomes difficult for attackers or malware to access the computer remotely. The book also notes that “being alone” reduces security threats, but staying disconnected is not practical in a connected world.
Question 2
2. What is a computer virus? Name some computer viruses that were popular in recent years.
Answer 2
A computer virus is a piece of malicious software code made to perform harmful activities and hamper resources like CPU time, memory, files, or sensitive information. A virus infects other systems by copying/inserting its code into executable files, and it usually activates when the infected file is opened by a user.
Examples (given in the book):
CryptoLocker, ILOVEYOU, MyDoom, Sasser, Netsky, Slammer, Stuxnet.
Question 3
3. How is a computer worm different from a virus?
Answer 3
Basis
Computer Virus
Computer Worm
Dependency
Needs a host file/program (it attaches itself to an executable file).
Does not need a host; it is a standalone program.
How it spreads
Spreads when the infected file/program is shared and then executed.
Spreads mainly through a network by copying itself to other computers.
User action needed
Often needs human action (user runs/opens the infected file).
Can replicate automatically without user action once it is active.
Speed/impact
Usually spreads slower compared to worms (depends on file sharing/execution).
Can spread very fast over networks and infect many systems quickly.
Question 4
4. How is Ransomware used to extract money from users?
Answer 4
Ransomware targets user data. It either:
•
blocks the user from accessing their own data, or
•
threatens to publish personal data online and then demands ransom payment.
Some ransomware also encrypts data, making it very difficult to access unless ransom is paid.
Question 5
5. How did a Trojan get its name?
Answer 5
A Trojan is named after the story of the wooden horse of Troy, where hidden soldiers were used to trick and defeat Troy. Similarly, a Trojan looks like a legitimate software, tricks the user into installing it, and then behaves like malware (e.g., may create backdoors).
Question 6
6. How does an adware generate revenue for its creator?
Answer 6
Adware displays online advertisements using pop-ups, web pages, or installation screens. It generates revenue either by:
•
showing advertisements, or
•
using pay per click (charging clients based on number of clicks on ads).
Question 7
7. Briefly explain two threats that may arise due to a keylogger installed on a computer.
Answer 7
A keylogger records the keys pressed on the keyboard and may send the logs to an external entity. Two major threats are:
1.
Password theft (banking, email, social media passwords can be captured).
2.
Privacy leakage (emails, private conversations, personal information can be revealed).
Question 8
8. How is a Virtual Keyboard safer than On Screen Keyboard?
Answer 8
The On-Screen Keyboard uses a fixed QWERTY layout, which can be exploited by sophisticated keylogger software. An Online Virtual Keyboard randomises the key layout every time, making it difficult for keylogger software to know which keys were pressed.
Question 9
9. List and briefly explain different modes of malware distribution.
Answer 9
Modes of malware distribution (as given in the book):
1.
Downloaded from the Internet: Malware may be unintentionally downloaded, often disguised as “free stuff”.
2.
Spam Email: Unsolicited emails may contain malicious links or attachments.
3.
Removable Storage Devices: Pen drives, memory cards, phones, etc. can carry malware and transfer it to other systems.
4.
Network Propagation: Malware like worms can spread from one computer to another through a network.
Question 10
10. List some common signs of malware infection.
Answer 10
Common signs of malware infection:
a.
frequent pop-up windows asking to visit websites/download software
b.
browser homepage changes
c.
mass emails being sent from your email account
d.
unusually slow computer with crashes
e.
unknown programs start on boot
f.
programs open/close automatically
g.
sudden lack of storage, random messages/sounds/music
h.
files/programs appear/disappear without your knowledge
Question 11
11. List some preventive measures against malware infection.
Answer 11
Preventive measures against malware infection:
•
Use antivirus/anti-malware and update regularly.
•
Configure browser security settings.
•
Check for lock button in address bar during payments.
•
Avoid pirated/unlicensed software (prefer FOSS).
•
Apply software updates and patches.
•
Take regular backup of important data.
•
Enforce firewall protection.
•
Avoid entering sensitive info on public/unknown computers or unknown networks.
•
Avoid clicking links/attachments in unsolicited emails.
•
Scan removable storage devices with antivirus before transfer.
•
Never share passwords/pins.
•
Remove unknown programs.
•
Don’t install antivirus/anti-spyware from pop-ups; close pop-ups using X.
Question 12
12. Write a short note on different methods of malware identification used by antivirus software.
Answer 12
Antivirus (anti-malware) identifies malware using multiple methods:
1.
Signature-based detection: Uses a Virus Definition File (VDF). Must be updated regularly; outdated VDF is almost like having no antivirus.
2.
Sandbox detection: Runs a file in a virtual environment (sandbox) and observes behaviour safely.
3.
Data mining techniques: Uses data mining / machine learning to classify file behaviour as benign or malicious.
4.
Heuristics: Matches suspected code patterns with known malware patterns in a heuristic database.
5.
Real-time protection: Runs in the background and observes suspicious activity while a program/file executes in main memory.
Question 13
13. What are the risks associated with HTTP? How can we resolve these risks by using HTTPS?
Answer 13
HTTP sends information “as it is” (not encrypted), so it is vulnerable to attacks, especially when sending passwords or banking information.
HTTPS resolves this by encrypting the data before transmission, and at the receiver end it is decrypted to recover the original data. HTTPS websites require an SSL Digital Certificate.
Question 14
14. List one advantage and disadvantage of using Cookies.
Answer 14
Advantage: Cookies store user browsing information (items in cart, login credentials, preferences), which improves user experience and saves time (auto-fill, staying logged-in).
Disadvantage: Some cookies (like third-party cookies) may share user data without consent for tracking/advertising. Some malware may disguise as cookies (e.g., “supercookies”), and “zombie cookies” can recreate after deletion.
Question 15
15. Write a short note on White, Black, and Grey Hat Hackers.
Answer 15
•
White Hat (Ethical Hacker): Uses knowledge to find and help fix security flaws; works with good intentions and is hired by organisations.
•
Black Hat (Crackers): Uses hacking knowledge unethically to break law and disrupt security by exploiting flaws.
•
Grey Hat: Neutral category; may hack by exploiting vulnerabilities but not for money or politics—often for challenge/fun.
Question 16
16. Differentiate between DoS and DDoS attack.
Answer 16
Basis
DoS (Denial of Service)
DDoS (Distributed Denial of Service)
Meaning
Attack that makes a service/resource unavailable by sending illegitimate requests and overloading it.
A DoS-like attack where the flood of requests comes from many computers/sources.
Number of attacking sources
Usually from one system / one source.
From multiple systems (distributed sources).
Use of zombies/botnet
Generally does not require a botnet.
Uses compromised computers called Zombies, controlled by a Bot, forming a Bot-Net.
Difficulty to stop
Comparatively easier to block (single source can be identified and filtered).
Harder to stop because traffic comes from many locations/sources at the same time.
Question 17
17. How is Snooping different from Eavesdropping?
Answer 17
Basis
Snooping (Sniffing)
Eavesdropping
Meaning
Secretly capturing and analysing network traffic (data packets) on a network.
Unauthorised real-time interception/monitoring of private communication.
Nature of activity
Often involves collecting/storing packets and then analysing them (data analysis).
Usually happens live (real-time) while communication is going on.
Where it happens
Mainly on computer networks (LAN/Wi-Fi) by monitoring network traffic.
Can happen on calls/messages/video meetings (VoIP calls, IM, video conference, etc.).
Special point from book
If data is not encrypted, snooping can reveal sensitive info; it may also be used by admins for troubleshooting.
Focus is on listening/monitoring private communication without permission (privacy breach).