a) Define computer security with its major types.

Computer Security: Computer security, also known as cybersecurity, involves protecting computer systems and networks from information disclosure, theft or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.

Major Types of Computer Security:

1. Network Security: Protects the network infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure.
2. Information Security: Protects the integrity, confidentiality, and availability of information.
3. Endpoint Security: Secures end-user devices such as desktops, laptops, and mobile devices.
4. Internet Security: Protects information involved in online transactions and communications.
5. Application Security: Focuses on keeping software and devices free of threats.
6. Operational Security: Processes and decisions for handling and protecting data assets.

b) Write any four hardware security measures.

1. Physical Locks and Enclosures: Use physical locks on computer cases and server racks to prevent unauthorized access.
2. Biometric Access Controls: Implement biometric security systems like fingerprint or retina scanners to restrict access to critical hardware.
3. Security Cables: Utilize security cables and locking mechanisms to physically secure laptops and other portable devices to immovable objects.
4. Hardware Tokens: Use hardware tokens or smart cards for multi-factor authentication to access sensitive hardware.

c) Why is regular maintenance of hardware parts necessary?

Regular maintenance of hardware parts is necessary to:

1. Ensure Longevity: Regular checks and cleaning can prevent hardware failures and extend the lifespan of components.
2. Maintain Performance: Regular maintenance ensures that hardware operates efficiently and at optimal performance levels.
3. Prevent Downtime: Regular maintenance can detect potential issues before they lead to system failures, thus reducing downtime.
4. Safety: Regular checks can identify and rectify safety hazards such as overheating or electrical faults.

d) How can computers be protected from fire?

Computers can be protected from fire by:

1. Using Fire Suppression Systems: Install fire suppression systems like sprinklers or gas-based systems in server rooms and data centers.
2. Placing Fire Extinguishers Nearby: Keep fire extinguishers specifically designed for electrical fires near computer equipment.
3. Implementing Fireproof Enclosures: Store critical hardware in fireproof cabinets or enclosures.
4. Regular Fire Safety Audits: Conduct regular fire safety audits to identify and mitigate fire hazards in computer environments.

e) Write the use of UPS in computer systems as a major power protection device.

A Uninterruptible Power Supply (UPS) is used in computer systems to provide emergency power when the main power source fails. It offers the following benefits:

1. Power Continuity: Ensures continuous power supply during power outages, preventing data loss and hardware damage.
2. Power Conditioning: Protects against power surges, spikes, and dips by regulating voltage.
3. Graceful Shutdown: Provides sufficient time to save data and shut down the computer system properly during extended power outages.
4. Protection Against Electrical Noise: Filters out electrical noise and stabilizes power supply, which helps in maintaining system performance.

f) Define information security with its importance.

Information Security: Information security refers to the processes and methodologies involved in protecting information from unauthorized access, disclosure, modification, destruction, or disruption.

Importance:

1. Protects Confidentiality: Ensures that sensitive information is only accessible to authorized individuals.
2. Maintains Integrity: Protects information from being altered by unauthorized users, ensuring its accuracy and reliability.
3. Ensures Availability: Ensures that information is readily available to authorized users when needed.
4. Compliance: Helps organizations comply with legal and regulatory requirements.

g) Mention any four information security threats.

1. Phishing: Fraudulent attempts to obtain sensitive information by disguising as a trustworthy entity in electronic communications.
2. Malware: Malicious software designed to disrupt, damage, or gain unauthorized access to computer systems.
3. Insider Threats: Threats posed by individuals within the organization who have access to confidential information.
4. Ransomware: A type of malware that encrypts the victim's data and demands payment for the decryption key.

h) What is malicious code? Write its any two forms.

Malicious Code: Malicious code is a type of harmful software or script designed to exploit vulnerabilities in software, hardware, or user behavior to perform unauthorized actions.

Two Forms:

1. Viruses: Malicious programs that attach themselves to legitimate files and replicate themselves, often causing harm to the system.
2. Worms: Standalone malicious programs that replicate themselves to spread to other computers over a network, often causing widespread damage.

i) List any four information security mechanisms.

1. Encryption: Converts data into a coded format to prevent unauthorized access.
2. Firewalls: Monitors and controls incoming and outgoing network traffic based on predetermined security rules.
3. Access Controls: Restricts access to information and resources based on user credentials and permissions.
4. Intrusion Detection Systems (IDS): Monitors network traffic for suspicious activity and alerts administrators of potential threats.

j) Difference between encryption and decryption.

• Encryption: The process of converting plaintext into ciphertext using an algorithm and a key to ensure data confidentiality.
• Decryption: The process of converting ciphertext back into plaintext using an algorithm and a key, making the data readable again.

k) What is antivirus? Write any two examples.

Antivirus: Antivirus software is a program designed to detect, prevent, and remove malware from computer systems.

Examples:

1. Norton Antivirus
2. McAfee Antivirus

l) What are the goals of information security?

The goals of information security are often referred to as the CIA Triad:

1. Confidentiality: Ensuring that information is accessible only to those authorized to have access.
2. Integrity: Maintaining the accuracy and completeness of information and processing methods.
3. Availability: Ensuring that authorized users have access to information and associated assets when required.