Difference between Session and Cookies

It is used to store user information in server memory. Usually it stores userid, name etc.. sensitive information stored in session and it will maintain its state when you navigate through a website.  You can store the session information either in cookies or cookieless mode.
If cookieless = false, session value stored in cookies, if it true it will be stored in the browser URL. but if you copy the URL and paste in another tab of  the same browser the session will be expired.

You can store the session in three modes
State server
SQL server

Session["userName"] = "Ganesh Ram";

if(Session["UserName"] != null)
  lblUserName.Text = Session["UserName"].ToString();
Cookies are stored per-user on the users machine. A cookie is usually just a bit of information. Cookies are usually used for simple user settings colours preferences etc. No sensitive information should ever be stored in a cookie.
You can never fully trust that a cookie has not been tampered with by a user or outside source however if security is a big concern and you must use cookies then you can either encrypt your cookies or set them to only be transmitted over SSL. A user can clear there cookies at any time or not allow cookies altogether so you cannot count on them being there just because I user has visited your site in the past.

//add a username Cookie
Response.Cookies["UserName"].Value = "Ganesh Ram";
Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(10);

//request a username cookie
if(Request.Cookies["UserName"] != null)
   lblUserName.Text = Server.HtmlEncode(Request.Cookies["UserName"].Value);