Unit 2 Chapter 9
Unit 2 Chapter 9
Unit 2 Chapter 9
CHAPTER 9
NETWORK SECURITY
11. What are the risks associated with HTTP? How can we
resolve these risks by using HTTPS?
ANS : Both the HTTP (Hyper Text Transfer Protocol) and its variant
HTTPS (Hyper Text Transfer Protocol Secure) are a set of rules
(protocol) that govern how data can be transmitted over the WWW
(World Wide Web). In other words, they provide rules for the client
web browser and servers to communicate. HTTP sends information
over the network as it is. It does not scramble the data to be
transmitted, leaving it vulnerable to attacks from hackers. Hence,
HTTP is sufficient for websites with public information sharing like
news portals, blogs, etc. However, when it comes to dealing with
personal information, banking credentials and passwords, we need
to communicate data more securely over the network using HTTPS.
HTTPS encrypts the data before transmission. At the receiver end, it
decrypts to recover the original data. The HTTPS based websites
require SSL Digital Certificate.
13. Write a short note on White, Black, and Grey Hat Hackers.
ANS: Hackers and crackers are people having a thorough knowledge of
the computer systems, system software (operating system), computer
networks, and programming. They use this knowledge to find loopholes
and vulnerabilities in computer systems or computer networks and gain
access to unauthorized information. In simple terms, a hacker is a
person that is skilled enough to hack or take control of a computer
system. Depending on the intent, there are different types of hackers.
1. White Hats: Ethical Hacker If a hacker uses its knowledge to find and
help in fixing the security flaws in the system, its termed as White Hat
hacker. These are the hackers with good intentions. They are actually
security experts. Organizations hire ethical or white hat hackers to
check and fix their systems for potential security threats and loopholes.
Technically, white hats work against black hats.
DOS DDOS
In Dos attack single system targets the In DDoS multiple systems attacks the victims
victim system. system..
Victim PC is loaded from the packet of Victim PC is loaded from the packet of data
data sent from a single location. sent from Multiple location.
In DOS Attack only single device is used In DDoS attack,The volumeBots are used to
with DOS Attack tools. attack at the same time.
DOS Attacks are Easy to trace. DDOS Attacks are Difficult to trace.
DOS DDOS
Passwords
Financial details
Private data
Low-level internet protocol information