📊 View Lecture Slides Full-screen presentation with navigation

Learning Objectives

By the end of this module, you will be able to:

  • Explain the difference between domain names and hosting
  • Understand DNS basics and how websites work
  • Implement essential security measures (SSL, 2FA)
  • Recognize phishing attempts and social engineering
  • Use AI to explain technical concepts and suggest domain names

1. Understanding Web Architecture

Domain vs. Hosting: The Address & The Building

Think of your website like a physical business:

Concept Physical World Digital World
Address Street address Domain name (yoursite.com)
Building Physical store Web hosting (server space)
Directions GPS coordinates DNS (Domain Name System)

How It All Connects

User types: yoursite.com
      ↓
DNS looks up IP: 192.168.1.1
      ↓
Request goes to hosting server
      ↓
Server returns your website files
      ↓
User sees your website

Key Terminology

  • Domain Name: Your website’s address (e.g., mystore.com.np)
  • Hosting: Server space where your files live
  • DNS: The “phone book” that translates domain names to IP addresses
  • IP Address: The actual numerical address of a server
  • SSL Certificate: Encrypts data between user and server (https://)

2. Choosing Your Digital Identity

Domain Name Best Practices

Do:

  • Keep it short and memorable
  • Make it easy to spell and pronounce
  • Include keywords if natural (e.g., kathmanducoffee.com)
  • Consider .com, .com.np, or relevant TLDs

Don’t:

  • Use hyphens or numbers (hard to remember)
  • Make it too long
  • Use trademarked names
  • Choose obscure extensions

Domain Registration in Nepal

Popular registrars:

  • Mercantile (mercantile.com.np) - Official .np registrar
  • HostingNepal
  • AGM Web Hosting
  • International: Namecheap, GoDaddy, Cloudflare

🤖 AI Integration: Domain Brainstorming

Prompt Template:

I'm starting a [business type] in [location].
My target audience is [description].
Suggest 10 domain name ideas that are:
- Short (under 15 characters)
- Easy to spell
- Available in .com or .com.np
Include variations with relevant keywords.

3. Understanding Hosting Options

Hosting Types Comparison

Type Best For Cost Technical Skill
Shared Hosting Beginners, small sites NPR 1,000-3,000/yr Low
VPS Growing sites NPR 5,000-15,000/yr Medium
Cloud Hosting Scalable projects Pay-as-you-go Medium
Dedicated High-traffic sites NPR 50,000+/yr High

Free/Low-Cost Options for Learning

  • Netlify - Free static hosting
  • Vercel - Free for personal projects
  • GitHub Pages - Free for static sites
  • 000webhost - Free with limitations
  • WordPress.com - Free tier available

4. Essential Cyber Security

The Security Triad: CIA

  1. Confidentiality: Only authorized people access data
  2. Integrity: Data isn’t modified without authorization
  3. Availability: Systems are available when needed

SSL Certificates: The HTTPS Lock

Why SSL Matters:

  • Encrypts data in transit
  • Required for Google ranking
  • Builds user trust
  • Required for payment processing

Types:

  • Domain Validation (DV): Basic, automated verification
  • Organization Validation (OV): Business verification
  • Extended Validation (EV): Highest trust level

Free SSL Options:

  • Let’s Encrypt (most hosts support this)
  • Cloudflare (free tier)

Two-Factor Authentication (2FA)

What is 2FA? Something you know (password) + Something you have (phone/key)

2FA Methods:

  1. SMS codes - Basic (least secure)
  2. Authenticator apps - Google Authenticator, Microsoft Authenticator, Authy
  3. Hardware keys - YubiKey (most secure)

Essential Accounts to Protect with 2FA:

  • Email (Gmail, Outlook)
  • Social media (Facebook, Instagram, LinkedIn)
  • Banking
  • Hosting/Domain accounts
  • Analytics tools

5. Recognizing Phishing & Social Engineering

Common Phishing Red Flags

🚩 URL Red Flags:

  • Misspelled domains (go0gle.com, faceb00k.com)
  • Suspicious subdomains (google.malicious-site.com)
  • HTTP instead of HTTPS

🚩 Email Red Flags:

  • Generic greetings (“Dear Customer”)
  • Urgency and threats
  • Suspicious sender addresses
  • Grammar/spelling errors
  • Unexpected attachments

Social Engineering Tactics

Tactic Description Defense
Pretexting Fake scenario to get info Verify through official channels
Baiting Offering something enticing Don’t click unknown links
Quid Pro Quo Offering help for info Never share passwords
Tailgating Following into secure areas Challenge unknown people

🤖 AI Integration: Security Education

Prompt for AI:

Explain [technical security concept] to someone who
has never used computers professionally. Use simple
analogies and real-world examples relevant to Nepal.

6. Password Management

Creating Strong Passwords

Bad Passwords:

  • password123
  • nepal2024
  • yourname123
  • qwerty

Strong Password Formula:

[Random Word] + [Symbol] + [Random Word] + [Number] + [Symbol]
Example: Coffee#Mountain42!

Password Managers

Recommended tools:

  • Bitwarden (Free, open-source)
  • 1Password (Paid, excellent features)
  • LastPass (Free tier available)
  • Dashlane (User-friendly)

Benefits:

  • Generate strong unique passwords
  • Auto-fill across devices
  • Secure sharing for teams
  • Security alerts for breaches

Hands-on Activity: “Secure Setup”

Duration: 45 minutes

Part 1: Security Audit (15 min)

  1. Check your main email for 2FA status
  2. Enable 2FA if not already active
  3. Review connected apps and revoke unnecessary access

Part 2: Domain Research (15 min)

  1. Use AI to brainstorm 5 domain name ideas for your project
  2. Check availability on Namecheap or Mercantile
  3. Document your top 3 choices and reasoning

Part 3: Hosting Exploration (15 min)

  1. Create a free Netlify account
  2. Explore the dashboard
  3. Note: We’ll deploy a site in Module 2

Deliverables

  • Screenshot of 2FA enabled on primary email
  • List of 5 domain name ideas with availability status
  • Netlify/Vercel account created
  • 1-paragraph security checklist for your project

Key Takeaways

  1. Domain + Hosting = Website - Understand the relationship
  2. SSL is non-negotiable - Always use HTTPS
  3. 2FA everywhere - Especially email and financial accounts
  4. Passwords matter - Use a password manager
  5. Stay skeptical - Verify before clicking

Additional Resources

Next Module: E-Commerce Essentials & Offer Creation