FUNDAMENTALS OF COMPUTER

UNIT - III
BBA II SEM
(SYLLABUS AS PER UTTAR PRADESH
UNIFIED UNIVERSITIES)

Prepared by: Ajit Singh

Assistant Professor
Dr. KNMIET , Modinagar
 Network Security and Networking
Network Security: Network security consists of the policies,
processes and practices adopted to prevent, detect and monitor
unauthorized access, misuse, modification, or denial of a computer
network and network-accessible resources.

Network security is a broad term that covers a multitude of

technologies, devices and processes. In its simplest term, it is a set
of rules and configurations designed to protect the integrity,
confidentiality and accessibility of computer networks and data
using both software and hardware technologies. Every
organization, regardless of size, industry or infrastructure, requires
a degree of network security solutions in place to protect it from
the ever-growing landscape of cyber threats in the wild today.
What are the key tools of network security?
A multi-layered approach to network security implements controls at
numerous points within a network to provide comprehensive access
control and threat control.

1- Firewall : A firewall establishes a barrier between the trusted and the

untreated areas of a network. Thus, a firewall performs access control
and macro-segmentation based on IP subnets. The same firewall may
also perform more granular segmentation, known as micro-
segmentation.

2- Load Balancer : A load balancer distributes load based on metrics. By

implementing specific mitigation techniques, a load balancer can go
beyond traditional load balancing to provide the capability to absorb
certain attacks, such as a volumetric DDoS attack.
 What are the key tools of network security?
3- IDS/IPS : The classic IDS/IPS is deployed behind a firewall and provides
protocol analysis and signature matching on various parts of a data packet.
Protocol analysis is a compliance check against the publicly declared
specification of the protocol. Signature matching prevents known attacks such as
an SQL injection.

4- Sandbox : A sandbox is similar to an IDS/IPS, except that it does not rely on

signatures. A sandbox can emulate an end-system environment and determine if
a malware object is trying, for example, to execute port scans.
5- NTA/NDR : NTA/NDR looks directly at traffic (or traffic records such as
NetFlow) and uses machine learning algorithms and statistical techniques to
evaluate anomalies and determine if a threat is present. First, NTA/NDR tries to
determine a baseline. With a baseline in place, it identifies anomalies such as
traffic spikes or intermittent communication.
 What is Networking?
Networking, also known as computer networking, is the practice of transporting and
exchanging data between nodes over a shared medium in an information system.
Networking comprises not only the design, construction and use of a network, but
also the management, maintenance and operation of the network infrastructure,
software and policies.

A basic understanding of networking is important for anyone managing a server. Not

only is it essential for getting your services online and running smoothly, it also gives
you the insight to diagnose problems.

This document will provide a basic overview of some common networking concepts.
We will discuss basic terminology, common protocols, and the responsibilities and
characteristics of the different layers of networking.

For a specific purpose if things are connected together, are referred to as

a NETWORK. A network can be of many types, like a telephone network, television
network, computer network, or even a people network.
 What is Networking?
Networking, also known as computer networking, is the practice of transporting and
exchanging data between nodes over a shared medium in an information system.
Networking comprises not only the design, construction and use of a network, but
also the management, maintenance and operation of the network infrastructure,
software and policies.

A basic understanding of networking is important for anyone managing a server. Not

only is it essential for getting your services online and running smoothly, it also gives
you the insight to diagnose problems.

This document will provide a basic overview of some common networking concepts.
We will discuss basic terminology, common protocols, and the responsibilities and
characteristics of the different layers of networking.

For a specific purpose if things are connected together, are referred to as

a NETWORK. A network can be of many types, like a telephone network, television
network, computer network, or even a people network.
Types of Network
 Types of Network
1. Personal Area Network (PAN)
The smallest and most basic type of network, a PAN is made up of a wireless modem, a
computer or two, phones, printers, tablets, etc., and revolves around one person in one
building. These types of networks are typically found in small offices or residences, and are
managed by one person or organization from a single device.

2. Local Area Network (LAN)

We’re confident that you’ve heard of these types of networks before – LANs are the most
frequently discussed networks, one of the most common, one of the most original and one of
the simplest types of networks. LANs connect groups of computers and low-voltage devices
together across short distances (within a building or between a group of two or three buildings
in close proximity to each other) to share information and resources. Enterprises typically
manage and maintain LANs.

3. Wireless Local Area Network (WLAN)

Functioning like a LAN, WLANs make use of wireless network technology, such as Wi-Fi. Typically
seen in the same types of applications as LANs, these types of networks don’t require that
devices rely on physical cables to connect to the network.
 Types of Network
4. Campus Area Network (CAN)
Larger than LANs, but smaller than metropolitan area networks (MANs, explained
below), these types of networks are typically seen in universities, large K-12 school
districts or small businesses. They can be spread across several buildings that are
fairly close to each other so users can share resources.

5. Metropolitan Area Network (MAN)

These types of networks are larger than LANs but smaller than WANs – and
incorporate elements from both types of networks. MANs span an entire geographic
area (typically a town or city, but sometimes a campus). Ownership and maintenance
is handled by either a single person or company (a local council, a large company,
etc.).

6. Wide Area Network (WAN)

Slightly more complex than a LAN, a WAN connects computers together across longer
physical distances. This allows computers and low-voltage devices to be remotely
connected to each other over one large network to communicate even when they’re
miles apart.
 Types of Network
7. Storage-Area Network (SAN)
As a dedicated high-speed network that connects shared pools of storage devices to several
servers, these types of networks don’t rely on a LAN or WAN. Instead, they move storage
resources away from the network and place them into their own high-performance network.
SANs can be accessed in the same fashion as a drive attached to a server. Types of storage-area
networks include converged, virtual and unified SANs.

8. System-Area Network (also known as SAN)

This term is fairly new within the past two decades. It is used to explain a relatively local
network that is designed to provide high-speed connection in server-to-server applications
(cluster environments), storage area networks (called “SANs” as well) and processor-to-
processor applications. The computers connected on a SAN operate as a single system at very
high speeds.

9. Passive Optical Local Area Network (POLAN)

As an alternative to traditional switch-based Ethernet LANs, POLAN technology can be
integrated into structured cabling to overcome concerns about supporting traditional Ethernet
protocols and network applications such as PoE (Power over Ethernet). A point-to-multipoint
LAN architecture, POLAN uses optical splitters to split an optical signal from one strand of single
mode optical fiber into multiple signals to serve users and devices.
 Types of Network
10. Enterprise Private Network (EPN)
These types of networks are built and owned by businesses that want to securely
connect its various locations to share computer resources.

11. Virtual Private Network (VPN)

By extending a private network across the Internet, a VPN lets its users send and
receive data as if their devices were connected to the private network – even if
they’re not. Through a virtual point-to-point connection, users can access a private
network remotely.
 Network Topology
Topology:
A Network Topology is the arrangement with which computer systems or network
devices are connected to each other. Topologies may define both physical and logical
aspect of the network. Both logical and physical topologies could be same or different
in a same network.

Types of Topologies:

1- Point-to-Point
Point-to-point networks contains exactly two hosts such as computer, switches or
routers, servers connected back to back using a single piece of cable. Often, the
receiving end of one host is connected to sending end of the other and vice-versa.
 Network Topology
2- Bus Topology
In case of Bus topology, all devices share single communication line or cable. Bus
topology may have problem while multiple hosts sending data at the same time.
Therefore, Bus topology either uses CSMA/CD technology or recognizes one host as
Bus Master to solve the issue. It is one of the simple forms of networking where a
failure of a device does not affect the other devices. But failure of the shared
communication line can make all other devices stop functioning.
 Network Topology
3- Star Topology
All hosts in Star topology are connected to a central device, known as hub device,
using a point-to-point connection. That is, there exists a point to point connection
between hosts and hub. The hub device can be any of the following:
Layer-1 device such as hub or repeater
Layer-2 device such as switch or bridge
Layer-3 device such as router or

gateway
 Network Topology
4- Ring Topology
In ring topology, each host machine connects to exactly two other machines, creating
a circular network structure. When one host tries to communicate or send message
to a host which is not adjacent to it, the data travels through all intermediate hosts.
To connect one more host in the existing structure, the administrator may need only
one more extra cable.
 Network Topology
5- Mesh Topology
In this type of topology, a host is connected to one or multiple hosts. This topology has hosts in
point-to-point connection with every other host or may also have hosts which are in point-to-
point connection to few hosts only.
Hosts in Mesh topology also work as relay for other hosts which do not have
direct point-to-point links. Mesh technology comes into two types:
Full Mesh: All hosts have a point-to-point connection to every other host in the network. Thus
for every new host n(n-1)/2 connections are required. It provides the most reliable network
structure among all network topologies.
Partially Mesh: Not all hosts have point-to-point connection to every other host. Hosts connect
to each other in some arbitrarily fashion. This topology exists where we need to provide
reliability to some hosts out of all.
 Network Topology
6- Tree Topology
Also known as Hierarchical Topology, this is the most common form of network topology in use
presently. This topology imitates as extended Star topology and inherits properties of bus
topology.
This topology divides the network in to multiple levels/layers of network. Mainly in LANs, a
network is bifurcated into three types of network devices. The lowermost is access-layer where
computers are attached. The middle layer is known as distribution layer, which works as
mediator between upper layer and lower layer. The highest layer is known as core layer, and is
central point of the network, i.e. root of the tree from which all nodes fork.
 Network Topology
7- Daisy Chain
This topology connects all the hosts in a linear fashion. Similar to Ring topology, all hosts are
connected to two hosts only, except the end hosts. Means, if the end hosts in daisy chain are
connected then it represents Ring topology.

8- Hybrid Topology
A network structure whose design contains more than one topology is said to be hybrid
topology. Hybrid topology inherits merits and demerits of all the incorporating topologies.
 Digital Privacy Management
Digital Privacy
Digital privacy is often used in contexts that promote advocacy on behalf of individual
and consumer privacy rights in e-services and is typically used in opposition to the
business practices of many e-marketers, businesses, and companies to collect and
use such information and data.

Electronic commerce and the Internet are changing the way information about
customers is gathered and used. Unfortunately, most of the changes have resulted in
the reduction of consumer privacy. The ease of processing, obtaining and
transmitting information has made easier both trading in data as well as collating
information from different sources, and information about individuals is often
collected and sold without their knowledge/consent. The ease of breaking into data
stores and wiretapping has reduced the security of stored and transmitted
information. Transfer of data from one location to another with different laws
complicates the privacy problem further. There is an increasing awareness among
consumers about privacy violations, and, with it, an increasing resistance to go along
with the privacy dilution. This is making the legal position of the data collector
extremely fragile.
 Digital Rights Management
Digital Privacy
Digital privacy is often used in contexts that promote advocacy on behalf of individual
and consumer privacy rights in e-services and is typically used in opposition to the
business practices of many e-marketers, businesses, and companies to collect and
use such information and data.

Electronic commerce and the Internet are changing the way information about
customers is gathered and used. Unfortunately, most of the changes have resulted in
the reduction of consumer privacy. The ease of processing, obtaining and
transmitting information has made easier both trading in data as well as collating
information from different sources, and information about individuals is often
collected and sold without their knowledge/consent. The ease of breaking into data
stores and wiretapping has reduced the security of stored and transmitted
information. Transfer of data from one location to another with different laws
complicates the privacy problem further. There is an increasing awareness among
consumers about privacy violations, and, with it, an increasing resistance to go along
with the privacy dilution. This is making the legal position of the data collector
extremely fragile.
 Digital Privacy Management
While the current focus and a critical component of digital privacy
management is the management of personal data (data-related technology
and policies), individuals' privacy concerns extend to the preservation of
personal spaces, and thus, personal boundary management.

5 Methods for Data Privacy Enhancement

1) Minimize What Data You Collect

Data minimization is the first step towards an all-encompassing
approach to data privacy. If you don’t need it, don’t collect it.
This action reduces the privacy overhead of a system and is
sometimes referred to as the “minimal dataset,” or MDS.
 Digital Privacy Management
2) Minimize the Data You Release
In a similar manner, you can configure your system to minimize the data you
release. This is, of course, dependent on the IT tools you are using, but many
systems now come with privacy-enhancement settings. One example is an
age request for purchase of an age-restricted item. Instead of offering, or
requiring the user’s date of birth to complete the transaction, an age-over
request could be made: the response would return the answer yes/no to the
request “is this person over 21?”

3) Controlling Data Access

The data you do collect needs to be only accessible on a need-to-know basis.
Data access is the devil in the detail of data privacy. You can do all of the
minimization you like, but if a malicious entity accesses these data and
decides to expose them, all privacy enhancements are out the door —
literally.
 Digital Privacy Management
4) Data Encryption is Your Friend
Every day, 4.8 million data records are exposed. Of those, only 4% are
encrypted; the rest are open to full exploitation. Encryption is Security 101
and should always be used where sensitive or personal data is collected,
stored and shared.

5) Respect of Personal Data

Having respect for the privacy of an individual’s data will go a long way
towards a general enhancement of privacy across a system. Adopting a
culture of privacy in your organization begins by understanding that personal
data should be given the same respect as you would give a person.
 Cyber security
Cyber Security Definition:
Cyber security is the application of technologies, processes and
controls to protect systems, networks, programs, devices and data
from cyber attacks.
It aims to reduce the risk of cyber attacks and protect against the
unauthorized exploitation of systems, networks and technologies.

Who needs cyber security?

It is a mistake to believe that you are of no interest to cyber attackers.
Everyone who is connected to the Internet needs cyber security. This
is because most cyber attacks are automated and aim to exploit
common vulnerabilities rather than specific websites or organizations.
 Types of cyber threats
Common cyber threats include:

1- Malware, such as ransomware, botnet software, RATs

(remote access Trojans), rootkits and bootkits, spyware,
Trojans, viruses and worms.
2- Backdoors, which allow remote access.
3- Formjacking, which inserts malicious code into online forms.
4- Cryptojacking, which installs illicit cryptocurrency mining
software.
5- DDoS (distributed denial-of-service) attacks, which flood
servers, systems and networks with traffic to knock them
offline. 6-DNS (domain name system) poisoning attacks,
which
compromise the DNS to redirect traffic to malicious sites.
 Types of cyber securities
1. Critical infrastructure cyber security
Critical infrastructure organizations are often more vulnerable to attack than others
because SCADA (supervisory control and data acquisition) systems often rely on older
software.
2. Network security
Network security involves addressing vulnerabilities affecting your operating systems
and network architecture, including servers and hosts, firewalls and wireless access
points, and network protocols.
3. Cloud security
Cloud security is concerned with securing data, applications and infrastructure in the
Cloud.
4. IoT (Internet of Things) security
IoT security involves securing smart devices and networks that are connected to the
IoT. IoT devices include things that connect to the Internet without human
intervention, such as smart fire alarms, lights, thermostats and other appliances.
5. Application security
Application security involves addressing vulnerabilities resulting from insecure
development processes in the design, coding and publishing of software or a website.
 Cyber laws
Cyber laws are formed to punish people who perform any illegal activities online.
They are important to punish related to these types of issues such as online
harassment, attacking another website or individual, data theft, disrupting the online
workflow of any enterprise and other illegal activities.

Cyber Laws of India

In Simple way we can say that cyber crime is unlawful acts wherein the computer is
either a tool or a target or both. Cyber crimes can involve criminal activities that are
traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of
which are subject to the Indian Penal Code. The abuse of computers has also given
birth to a gamut of new age crimes that are addressed by the Information Technology
Act, 2000.
We can categorize Cyber crimes in two ways
The Computer as a Target :-using a computer to attack other computers.
e.g. Hacking, Virus/Worm attacks, DOS attack etc.
computer as a weapon :-using a computer to commit real world crimes.
e.g. Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, Pornography etc.
 Cyber laws
Cyber Law also called IT Law is the law regarding Information-technology
including computers and internet. It is related to legal informatics and
supervises the digital circulation of information, software, information
security and e-commerce.

According to Ministry of Electronic and Information Technology,

Government of India :

Cyber Laws yields legal recognition to electronic documents and a structure

to support e-filing and e-commerce transactions and also provides a legal
structure to reduce, check cyber crimes.
Importance of Cyber Law:
It covers all transaction over internet.
It keeps eyes on all activities over internet.
It touches every action and every reaction in cyberspace.
 Cyber laws
Area of Cyber Law:

1- Fraud:
Consumers depend on cyber laws to protect them from online fraud. Laws
are made to prevent identity theft, credit card theft and other financial
crimes that happen online.

2- Copyright:
The internet has made copyright violations easier. In early days of online
communication, copyright violations was too easy.

3- Defamation:
Several personnel use the internet to speak their mind. When people use the
internet to say things that are not true, it can cross the line into defamation.
Defamation laws are civil laws that save individuals from fake public
statements that can harm a business or someone’s personal reputation.
 Cyber laws
4- Harassment and Stalking:
Sometimes online statements can violate criminal laws that forbid
harassment and stalking. When a person makes threatening statements
again and again about someone else online, there is violation of both civil
and criminal laws.
5- Freedom of Speech:
Freedom of speech is an important area of cyber law. Even though cyber laws
forbid certain behaviors online, freedom of speech laws also allow people to
speak their minds.
6- Trade Secrets:
Companies doing businesses online often depend on cyber laws to protect
their trade secrets. For example, Google and other online search engines
spend lots of time developing the algorithms that produce search results.

7- Contracts and Employment Law:

Every time you click a button that says you agree to the terms and conditions
of using a website, you have used cyber law.
 Internet Information
Internet:
Internet is the foremost important tool and the prominent resource that is being
used by almost every person across the globe. It connects millions of computers,
webpage's, websites, and servers. Using the internet we can send emails, photos,
videos, messages to our loved ones. Or in other words, the internet is a widespread
interconnected network of computers and electronics devices(that support internet).
It creates a communication medium to share and get information online. If your
device is connected to the Internet then only you will be able to access all the
applications, websites, social media apps, and many more services. Internet
nowadays is considered as the fastest medium for sending and receiving information.

Origin Of Internet:
The internet came in the year 1960 with the creation of the first working model called
ARPANET (Advanced Research Projects Agency). It allowed multiple computers to
work on a single network that was their biggest achievement at that time. ARPANET
use packet switching to communicate multiple computer systems under a single
network. In October 1969, using ARPANET first message was transferred from one
computer to another. After that technology continues to grow.
 Internet Information
How is the Internet set up?
The internet is set up with the help of physical optical fiber data transmission
cables or copper wires and various other networking mediums like LAN,
WAN, MAN, etc. For accessing the Internet even the 2g, 3g, and 4g services
and the wifi require these physical cable setup to access the Internet. There
is an authority named ICANN (Internet Corporation for Assigned Names and
Numbers) located in the USA which manages the Internet and protocols
related to it like IP addresses.

How does the internet works?

The actual working of the internet takes place with the help of clients and
servers. Here the client is a laptop that is directly connected to the internet
and servers are the computers connected indirectly to the Internet and they
are having all the websites stored in those large computers. These servers
are connected to the internet with the help of ISP (Internet Service
Providers) and will be identified with the IP address.
 Internet Information
What is an IP address?
IP address stands for internet protocol address. Every PC/Local machine is
having an IP address and that IP address is provided by the Internet Service
Providers (ISP’s).
There are four different types of IP addresses are available:
Static IP address
Dynamic IP address
Private IP address
Public IP address

World Wide Web(WWW)

The worldwide web is a collection of all the web pages, web documents that
you can see on the Internet by searching their URLs (Uniform Resource
Locator) on the Internet. For example, www.geeksforgeeks.org is a URL of
the GFG website and all the content of this site like WebPages and all the
web documents are stored on the worldwide web.
 Internet Information
Uses of the Internet
Some of the important usages of the internet are:
1- Online Businesses (E-commerce)
2- Cashless transactions
3- Education
4- Social
Networking 5-
Entertainment

Advantages of the Internet

1- Online Banking and Transaction
2- Education, online jobs,
freelancing 3-Entertainment
4- New Job roles
5- Best Communication Medium
6-Comfort to humans
7-GPS Tracking and google maps
 Internet Services
Internet
Services
Internet Services allows us to access huge amount of information such as
text, graphics, sound and software over the internet. Following diagram
shows the four different categories of Internet Services.
 Internet Services
1- Communication Services
There are various Communication Services available that offer exchange of information
with individuals or groups. The following table gives a brief introduction to these
services: 1- Electronic Mail
Used to send electronic message over the internet.
2- Telnet
Used to log on to a remote computer that is attached to
internet. 3-Newsgroup
Offers a forum for people to discuss topics of common interests.
4-Internet Relay Chat (IRC)
Allows the people from all over the world to communicate in real
time. 5-Mailing Lists
Used to organize group of internet users to share common information through e-mail.
6-Internet Telephony (VoIP)
Allows the internet users to talk across internet to any PC equipped to receive the
call. 7-Instant Messaging
Offers real time chat between individuals and group of people. Eg. Yahoo messenger, MSN
messenger.
 Internet Services
2-Information Retrieval Services
There exist several Information retrieval services offering easy access to
information present on the internet. The following table gives a brief
introduction to these services:
1-File Transfer Protocol (FTP)
Enable the users to transfer
files. 2-Archie
It’s updated database of public FTP sites and their content. It helps to search
a file by its name.
3- Gopher
Used to search, retrieve, and display documents on remote sites.
4- Very Easy Rodent Oriented Netwide Index to Computer Achieved
(VERONICA)
VERONICA is gopher based resource. It allows access to the information
resource stored on gopher’s servers.
 Internet Services
3- Web Services
Web services allow exchange of information between applications on the
web. Using web services, applications can easily interact with each other.
The web services are offered using concept of Utility Computing. World
Wide Web (WWW)

WWW is also known as W3. It offers a way to access documents spread over
the several servers over the internet. These documents may contain texts,
graphics, audio, video, hyperlinks. The hyperlinks allow the users to navigate
between the documents.

4- Video Conferencing
Video conferencing or Video teleconferencing is a method of communicating
by two-way video and audio transmission with help of telecommunication
technologies.
Internet, Intranet, Extranet, Ethernet Services
1- Internet: The Internet is a vast network that connects computers all over the
world. Through the Internet, people can share information and communicate from
anywhere with an Internet connection.
2- Intranet: An intranet can be defined as a private network used by an organization.
Its primary purpose is to help employees securely communicate with each other, to
store information, and to help collaborate. Modern intranets use social intranet
features that allow employees to create profiles and to submit, like, comment, and
share posts.
3- Extranet: An extranet is an organization’s private network and its available only for
selected users. It’s a way to connect to third parties like vendors, customers, and
partners in a secure and controlled way. The users typically have a login mechanism
such as username and password to access the network. Extranet in simple terms
provides a secure network for an organization to share information with relevant
people outside the organization. It is part of an organization’s intranet divided via a
firewall.
4- Ethernet: Ethernet is a type of communication protocol that connects computers
within what’s called a “local area network (LAN)” and a “wide area network (WAN).”
LAN and WAN connect various devices, such as laptops and printers, within homes,
buildings, and even small neighborhoods.
Difference Between Internet, Intranet, Extranet
Difference Between Internet, Intranet, Extranet