SHORT QUESTIONS.

Q1 DEFINE CYBER SECURITY

Ans:cyber security is the practices of protecting systems ,networks from digital attacks.

Cyber refers to wide range of technology

Security-safeguarding of system/network.

Q2.WRITE SHORT NOTES ON CYBER THREATS

A cyberthreat refers to anything that has the potential to cause serious harm to a computer
system. A cyber threat is something that may or may not happen but has the potential to cause
serious damage.Cyber threats can lead to attack on computer systems,networks and more.

NOTE: A Threat is a possible security risk that might exploit the vulenerability of a system or asset.

Q3.LIST COMMON SOFTWARE VULNERABILITIES

Vulnerability in software means:A security flaw or weakness found in software code that could be
exploited by an attacker.

Cryptographic failures:Sensitive data such as passwords and account no’s should be properly be
protected.taking advantages of this vulnerability untrusted person can gain access

Injection: injection flaw occurs when untrusted data is send as a part of command or query.

An attack can allow untrusted persons to access protected data.

Sql injection

 Missing data encryption.

 Buffer overflow.
 Missing authentication for critical function.
 Missing authorization.

Q4.WRITE ABOUT MANDATORY ACCESS CONTROL.

Mandatory Access Control, or MAC for short, refers to a cybersecurity system that looks to allow
or deny access to private and protected information in an organization. This allocation of access
privileges depends on the hierarchy of employees and personnel in said organization.
Q5.WRITE SHORT NOTES ON TYPES OF DOS FILTERS

expl

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it
inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or
sending it information that triggers a crash.

The main difference between data egress and ingress is the direction of data flow: ingress refers to
data entering a system or network, while egress refers to data leaving a system or network.

Ingress filtering is one type of packet filtering. Its counterpart is egress filtering, which examines
outbound traffic and only enables packets to leave the network if they meet predetermined
policies set by an administrator.

ESSAY QUESTIONS

DISCUSS BRIEFLY ABOUT CYBER SECURITY

Cybersecurity means protecting data, networks, programs and other information from
unauthorized or unattended access, destruction or change.

Main goal of cyber security

-ensure secure storage

-control access and prevent unauthorized processing,transfer or deletion of data.

It safeguards the confidentiality,integrity and availability of information

DEFINE INTERNET GOVERNANCE.WHAT ARE THE CHALLENGES AND CONSTRAINTS

Internet governance refers to the rules, policies, standards and practices that coordinate and
shape global cyberspace.

While Internet connectivity generated innovative new services, capabilities and unprecedented
forms of sharing and cooperation, it also created new forms of crime.

Internet governance is the process whereby cyberspace participants resolve conflicts over these
problems and develop a workable order.

Challenges of internet governanace.

The changing nature of internet: Governance mechanisms aren’t always scalable. Ways of
governing the internet that worked when it was smaller and less complex won’t be sufficient now
it’s larger and more complex.

The concentration of digital power. Networks give powerful advantages to big players that can
maximise numbers of users, achieve economies of scope and scale, and leverage data to maximise
value to consumers and themselves.

The result has been the concentration of online power in a few large companies with global reach
Getting countries to work together towards a unified policy can be a challenge. Countries can have
different ideologies and views on how to run the Internet

Moreover, different organizations and governments often have conflicting ideas about how the
Internet should be managed.

Participation in decision making:the challenge of equitable and inclusive digital governance

Governance is inclusive when it effectively serves and engages all people

Challenge of regulation. Unlike traditional media like television or newspapers, the Internet does
not reside in one place. Because it is global and interconnected, no one country can enforce its
laws on the entirety of the Internet.

Contraints of internet governance.

Privacy: End user privacy must be ensured in all digital transactions carried through internet.

Authentication :services must be provided only t legitimate users.this can be done using digital
signatures which involves additional cost.

DEFINE CYBER THREAT.EXPLAIN THE VARIOUS CYBER THREATS

These threats can come in the form of malware, phishing, and other malicious activity.

Cyber threat can be viewed as damage caused to computer,networks by an unauthorized third

party.

Various cyber threats are as follows

Cyber warfare refers to conflict based on internet

Cyberwarfare is a series of strategic cyber attacks against a nation-state, causing it significant

harm. This harm could include disruption of vital computer systems.

Cyber crime:A cyber crime can be defined as a criminal activitiy done using a computer.

Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized

access, steal sensitive information

Cyber Terrorism: Cyber terrorism (also known as digital terrorism) is defined as disruptive attacks
by recognised terrorist organisations against computer systems with the intent of generating
alarm, panic, or the physical disruption of the information system.
Meaning only
What are disruptive cyber threats? Malicious software that is created and deployed
with the intent of damaging and disrupting critical business functions.

The more mainstream idea of cyber terrorism is the hacking of government or

private servers to access sensitive information or even siphon funds for use in
terror activities.

Cyber Espionage: Cyber espionage, or cyber spying, is a type of cyberattack in which an

unauthorized user attempts to access sensitive.

Intention to cause reputation harm,create a competitive advantage..attacks with miltary

operations.

--

DEFINE SECURITY POLICY.WHAT IS THE NEED FOR COMPRENSIVE SECURITY POLICY

A format statement that is prepared based on security requirements,goals and objectives of an

organization is referred as security policy.

This policy specifies certain rules that are to be followed by every member of an organization.

Features of security policy

-Must be properly defined.

-It must be up to date(covering current technologies of an organization)

-must be presented in a way that it can be easily be understood

NEED FOR SECURITY POLICY

A cybersecurity policy establishes the guidelines for data security activities such as encrypting
emails, limiting access to critical systems, and maintaining data integrity. These policies are crucial
since cyberattacks and data leaks can be extremely expensive.

They provide awareness of security among the users.

--

WHAT IS THE NEED FOR A NODAL AUTHORITY

Nodal authority of an organization is used to respond to a computer security incident when they
occur in real time.

For example ICERT (INDIAN COMPUTER EMERGENCY RESPONSE TEAM) or CERT(computer

emergency response team)-is the nodal authority that is responsible for computer security
incident.

Operations of nodal authority

1.it is used to gather,examine and distribute information on cyber security incidents

2.it is used to enable emergency measure to manage cyber security incidents

3.it is used to coordinate the various activities of cyber security response team

4.it is used to provide a set of rules and standards related to information security
policies,preventive techniques and reporting of cyber security incidents.

--

EXPLAIN IN DETAIL ABOUT SOFTWARE VULNERABILITY

Software vulnerability can be defined as software defect that helps attacker gain control over the
system.

Common software vulnerabilities are

Broken access control:- can lead to security problem like theft of data.

This occurs when user restriction are not applied properly.

In most cases of Broken Access Control attacks, a malicious user takes advantage of weak or non-
implementation of access control in the target application.

Cryptographic failures.

Cryptographic failures are where attackers often target sensitive data, such as passwords, credit
card numbers, and personal information, when you do not properly protect them. This is the root
cause of sensitive data exposure.

Injection:occurs when unauthorized content are sent as query to system.

=>placement of malicious code in sql statements

--

DISCUSS IN BRIEF ABOUT SYSTEM ADMINISTRATION

System administration is the field of work in which someone manages one or more systems, be
they software, hardware, servers or workstations. Its goal is ensuring the systems are running
efficiently and effectively.

ROLE OF SYSTEM ADMINISTRATORS

System administrators support, troubleshoot, and maintain computer servers and networks.

-They make sure systems are functioning to meet the needs of an organization

-installing new system and software/hardware

-provide security policy for users

-creating backup

-installing and updating operating system with new operating system

-maintaining user accounts and passwords

-Arranging repairs of hardware in case of failures

-incorporating new technologies into existing environment

-documenting system configuration.

--

DESCRIBE THE MODEL FOR NETWORK SECURITY WITH A NEAT SKETCH

Page no 8 diagram

Network security model is security process of interconnecting various computer networks to

protect them from unwanted threats and access.

This security model provide top safety to network architecture

->a stream or block of data can be transmitted over network between 2 parties.

->entity responsible for sending data is called sender

->entity which receives data is called receiver

->both parties should have certain level of coordination to exchange data.

Following are the 2 components for providing security

1. A security-related transformation on the information to be sent.
2. Some secret information is shared by the two principals and, it is hoped, unknown to
the opponent.
This model shows that there are four basic tasks in designing a particular security service:

1. Design an algorithm for performing the security-related transformation.

2. Generate the secret information to be used with the algorithm.

3. Develop methods for the distribution and sharing of secret information.
4. Specify a protocol which employs security algorithm for achieving security services used
by both sender and receiver

WHAT IS THE EFFECT OF ENABLING OPEN ACCESS TO ORGANISATIN DATA

Ans

Open access (OA) means free access to information and unrestricted use of electronic resources
for everyone. Any kind of digital content can be OA, from texts and data to software, audio, video,
and multi-media.

Due to open access of data in an organization feature,cyber terrorism has gained

popularity.
It is conducted against organizations and goverments.
The attackers makes use of various computer tools and internet facilities to get
secret access to private information of the citizen.
It also destroys the programs,files.
It plants programs to acquire access of complete network.
The common types of cyber criminal activities include sending corrupted
msgs,malicious emails and fraudulent links.

Procedure
First attacker identies weak points in the target(individual or organization) using
various methods or tools
In principle attacker makes use of 2 attacks

Active Attack: in an active attack,an attacker tries to modify the contents of the
messages making a a bad impact on availability ,integrity and authenticity of the
data.
Passive attack: in a passive attack,an attacker observes the messages and copies
them.it is used to get information about the target.
Morever there exists other attacks also.

INSIDE ATTACK:- ATTACK INTIATED BY A PERSON WORKING WITHIN THE ORGANISATION

OUTSIDE ATTACK:-

is initiated from outside the security perimeter, by

an unauthorized or illegitimate user of the system (an "outsider").

In the Internet, potential outside attackers range from amateur

pranksters to organized criminals, international terrorists.
”
DISCUSS IN DETAIL ABOUT WEAK AUTHENTICATION
Weak authentication can be defined as a process that involves authentication
Either through a password(easily guess password)
or through simple question that should be answered by the user.

TWO DIFFERENT CLASSES OF WEAK AUTHENTICATION ARE AS FOLLOWS

1.PASSWORD BASED AUTHENTICATION
Allows users to login based on username and password.if correctly entered,it
is authenticated that user is a genuine party.
=>intelligent people can guess PASSWORD and use them to steal confidential
information of user.

2.PIN BASED AUTHENTICATION.

Used in banking transaction such as 4 DIGIT PASSWORD FOR ATM CARD.Pin
can be identified or cracked by attackers easily.

WRITE SHORT NOTES ON UNPROTECTED BROADBAND COMMUNICATION

Broadband provide high speed internet access using multiple technologies which
include fiber,cable etc. Speed is measured in MegaBits per second.
These channels possess better reliability and efficiency.
The communication using these connection is considered as unprotected as it leads
to cyber attacks.
Some of the unprotected broadband communication technologies are.
CableModem connection:
The modem translates the digital signals from your Internet Service Provider to
your computer for a wired internet connection.
prone to hackers as it is connected 24*7 to the internet.

Connecting to public wifi connection leads to theft by

attackers/hackers

DEFINE CYBER SECURITY SAFEGUARDS.EXPLAIN IN DETAIL ABOUT

UNDERSTANDING ACCESS CONTROL
Safeguard in cybersecurity refers to the set of measures taken to protect computer
systems, networks, and data from unauthorized access, theft, or damage.
It includes a range of security solutions such as firewalls, antivirus software,
encryption, and intrusion detection systems.

Access control
Access control refers to an ability of either allowing or disallowing a user
from accessing a particular resource.
There are many mechanism that exist which are employed for performing access
control.
Access control system incorporates the following

File permissions
The read permission grants the ability to read a file
The write permission grants the ability to modify a file
Program permission is an access control that can be used by users for
executing a program .
Data rights permission: it is an access control that can be used for
retrieving,updating information in the data base.

WHAT IS SECURITY AUDIT? EXPLAIN THE AREAS IN WHICH AUDIT IS

PERFORMED
Solution.
Security audit is a process of reviewing and examining activities of a
system.it provides a checklist for validating security of the system.

Cyber audit reviews the following areas

Data security:review security measure for data.review data encryption
technique

Physical security:- in this area multifactor authentication is reviewed

Network security:- in this area,antivirus configuration and security
monitoring are checked.

Advantages of security audit.

It helps to identify gaps in security.
Provides assurance to vendors,employees and client.

WHAT IS BIOMETRIC AUTHENTICATION? EXPLAIN THE BIOMETRIC TECHNIQUES

BIOMETERIC AUTHENTICATION uses human characteristic feature to

verify persons identity and grant acess
Types of biometric
Finger scan
Facial feature scan
Retina scan
Finger scan .scans finger prints which are unique for each person
Working
Data comes from scanner that read various aspects of finger data.Then
the information is used to verify the users.
Uses
Investigate criminal cases
Authorizing users at ATM.
Adv
User friendly
Provides high performance
Easy way to authenticate a person.

Disadvantage
Error prone when skin is dry or dirty(old age).

Facial feature scan:- differentiate humans based on features like

eye,nose etc.
Uses
Used in survelliance(watching) purpose to find criminals
Used in multinational companies.
Adv
Non expensive technology
Helps in finding missing people
Used in law enforcement areas

Disadvantages
The results gets effected with change in age,hair style.

Retina scan uses unique pattern of person retinal blood vessel

Working
Delicate sensor retina scan examine pattern of retina blood vessels
Uses
Used in prison for identity verification

Adv
Highly accurate
Performs verification at high speed.

Disadvantage
Expensive technique
Results may vary based on poor infrared light.

DISCUSS IN BRIEF ABOUT CRYPTOGRAPHY

Crytography is process of hiding information so that only the intended person can
read it
=>Used in Bank Cards,computer password and Ecommerce

Modern cryptography concerns itself with the following four objectives:

1.Confidentiality: confidential data are not disclosed to unauthorized people.

2.Integrity: Data in transit cannot be altered.if altered,it will be detected by the
receiver.
3.Non-repudiation means a user cannot deny (repudiate) having performed a
transaction. It combines authentication and integrity: non-repudiation
authenticates the identity of a user who performs a transaction, and ensures the
integrity of that transaction.

4.Authentication. The sender and receiver can confirm each other's identity and
the origin/destination of the information.

--

EXPLAIN THE CONCEPT OF ETHICAL HACKING

ETHICAL HACKERS or white hat hackers aim at finding loop holes in the
system and report to owners
Ethical hacking is performed by professionals and computer network
experts.
They are enriched with professional soundness and possess a variety of
skills relating to programming,networking,hardware and software
security ,knowledge of web etc.

Aspects to be considered while performing ethical hacking.

Identify areas which require high protection
If unwanted person gain access,what is the consequence
How soon access of unwanted person gets noticed.

DISCUSS IN BRIEF ABOUT FIREWALLS

Firewall is network security system that monitors incoming and
outgoing network traffic and decides whether to allow or block specific
traffic based on security rules.

A firewall is a barrier(wall) between internal network and outside

network

Capabilities of firewall
1.firewalls provide protection against cyber attacks by shielding ur
computer
2.firewall also prevents malicious software from accessing a computer
or network via internet
3.firewall filters unsafe incoming services which attacks authenticated
users
4.firewall minimizes the burden of security management services
5.firewall handles security related issues by starting alerts and audits on
firewall system.
Firewall audit: it's an ongoing process in which existing defenses are constantly
reviewed, audited, and improved upon to provide the best-possible network and data
protection.

DEFINE INCIDENT RESPONSE.EXPLAIN VARIOUS PHASES INVOLVED IN

INCIDENCE RESPONSE CYCLE.

Incident response.the main objective of this plan is to manage and

handle incident by taking effective counter measure.
(HANDLE COVID EXAMPLE)
Page 118
It include four main stages
Preparation
Detection/analysis
Containment/eradication/recovery
Post incident activity.

Prepare for potential incidients

Implement response check list,provide staff with cybersecurity training

Detection and analysis

Access whether an event is cyber attack.evaluate its intensity and
classify cyber security incident based on nature of attack.

Containing the impact

Isolate effected systems and prevent incident from propagating further.
Make sure threat is no longer present in the network and eradicating
any threats from the system
Restore effected system to their pre incident state.

Post incidence activity:-

Document everything that occurred during incident and the response.
Use this information to recognize areas of improvement.

Strengthen your security by continuously testing and evaluating your

incidence response plan.
---

OVER OF UNIT1 CRIME TOPIC…