Asiqnment -oL

" Avihs is
Ca type of malictous softwJahe (malware) thot
attuches itsel! to Aagitimate phogam feles and aeplicakes
tbsee? by
trom nemodifyging othen þhoghama infeting fila. aheIt can spraad
computer to another whun infected fles Share.
" Vinues Can Cause
CONupting deleting vaniety
files, hasmfud efecs, ncluding
stealing dota, nsable syaem
heratio and eveh Vhendeing a cbmputer inupting
Unlike wOrms, vinuse requie humen
execut an infected þogham. Cnevention to spraad, suh
iy Wonmsi
WoHms e tandalone maliciouy prbgam Ehat eplicafes
themselves
without
and spkead acsoss netohks on
thhough the internet
aguihing human
in operahing systems, netwokkinterventon. They explott vulnerabili ties
Computey. proto co, or Xoftwa to infect cthua
Worm Can
(ompute andpropaqate
casing rapidly, infecting large
widespredd langesuch
numbers cenauminsy
oft
netoo banduidt cishuptìng service alble, ok instading backdooxs
fon
Unlike
access
viHuses, ohns do not nead to attach themseles to
existing files phoghäm to spead.
i) Taofan Horae;
"A Trojan Horse, ok Trojan, is a type of malwe clisg uised
or fles to trick wses into habaling
Oh e~ecting them. Unlike vihse and wOkÍn, Toj and do no
keplicate themseles b but hely engineng tehnique
to spraad.
Once intall, Inoj aN can perfom vanio uy maliious actvilies.
uch as stealing aensti ve information, tnatalliA other
modi tying oh moluwau
to the tocke.
delehng ls and ganing lunauthonizd acea
Common typ o Thojay inlde amote acos Thojans (RATEl
hih cte backdooy foh attacke to conthol comphomibed
syslems tamotuly
ivy Backdookt
" A back doon a hidden enthy point in a computea Syetem
Joftwa application that allous unauthonized accey ot contol
he often cuated intentionally by
Over the dystem Backdoohd ahe
de velohe fon egitmate pwpo ses, such as dystem madtenanu
Or debugging, bu they can aldo be erploitet by ctackav fon
maliciou punposes.
Attacku may instal backdooS thnough maluene, erploiting secunity
sing weak paswONd. Once a backdoo
installing attachers can gain hemote access to th oystem by
passingnormal Quthentication me chanim.
Backdoohs con be used to steal sent tive infomation, launch
futher attack install additiona malae, Oh control Compaamsel
byotems fon uanou malicious ativities.

Ques2 Explain -
9 Steganogaphy
Jteganogathy is a phactee of comcealing a masage 4le, on
dota within another mesdage, le, oh data in such a
that the existing the hiddan infometion is not acily pf
make it
Unlike coyptoqaphy ,which focus on enoyping data to aims
unititetligibe to unauthonized patted ateganogaphy to
hide the existence o the infohm ation itzelf.
" Comnon metody of steqanoqrabhy inducing embesding tert oN
images witin othes iogeaking the exst sifea
bit o ciqta fle hidin data in audio tile, o even waig
nvizble ink on document.

has vaniog applieotios, incluing covet

seganogayJ
Commuri coi on, dlgltal weterm kig copyight protection, and
data autherttcaton . Tt combinati n with
often usecd in
encyption ton added secwity
) Derial a! Service (Dos) t
Denial-of- Senvice (DoS) is a type ybaattaak hat cims
to
o lita ble te nomal opration of a computer syste
disupt hiqh volume f
netoonk, oh eice by ouerwhelming it with a
atack
thafic, kegustk , o maliciow actuity. The goal cf Doslegittmate
in to make the tavgt sysbem OA AeVce unavailable to
Wsers.
take vaious
DoS atHa cks Can take vorous form, including looding the
taqet wth excesive neookk taffic, exhausting'onsyslem
applicotio,
expoiting vulheabilities in nehwok protoco lu
or launhing dis tbibuted atteck thom mulible comphomised
System
Tha impat DeS attecka can Kange fasom temporany
venienca to significant financial lonses, naputational
danaqe, Cnd even Secuuty breachw if atackers use DoS as
distaction to cover tho other mol'cio ww acivitie.
Bufer Qvenflos:
" Bufer Ouerflow b a type of softane vulnaabilitie that
OCcwrs hen a proram wites more dota to a buffer that
it can hold, causlng tha ex ce date to ouerfb tnto adjaent
memery location This can lead to unbditable behauiown.
Chashe,of explotteton by ttackes
ttackeu to ex eute anbitary code
On qain unauthortzed acces to the oystem.
Butfer ouenflous vulnerabilities typically nise fhom pko ghammnq
erons, uch as impopen inbut validaon on inadequate boundi
chckig wshileallow attacky to overoite CHi tical late
stuetu, Such as tetuwn addesses, unction pointers or contnol
ow veables.
Exploiting buffer aveflow vneabilihes of len invalvet injecking
malicious code into the tanget pkocess umony tggeing ha
oufo Condition, and kádikackisg the prognam's
exete
ute the injecked cada.
exeiton to
Ques) Erplatn
SAL Injectiont
SQL injection is a Aype of yber attak that atacks
databases by maniþulating SQL quey thhough input feldo
On a web apbleatton or other softoae intefaces. It occws
when an attacker injects maleious sQL code into input fred,
Suoh as loqin form oh Seasch boxes, wtth the intentan of alteing
the behaio of tho application 's database.
SQL injetton attacks expbit vulherabilites in poo tly sanitzed
user
input ,allowing atockers to bypass authentatn machanå ma,
exthact senttive blad, modtfy ooh detate database kecoOdo oR
exeute abttraySaL commords
Common techniques used in sQL injection atacks incudes
inserting molicious SQL stotemnts into te input fields to
the attetus oh contents of database quenies, erplacting motty
erO
mesages oA tining diffeances to infer inforyation abo the
dotabase dehma oh data, and Leveaging automated toola o
idsntify cnd explott wuhorble objeh.
Buvenive mesws 3us gainst SqL Injection include using
pavcmeterized queies on praponed atatetenta with boun
parametes to sanitize wser inbt, inplementing inbut validaton and
phoper cor handlng minimlztng the privileges grantd to datatase
user, Mgudonty updating and puthing softoa to cddres known
Vulherabilities.
y PesuJord Caacking - Kay loggenim
" fasuwohd chacking 's the proces of thu atlempttng to guess ar
deduce a passwond by oystema t'cally testing mutple combinations
of chaacteys untl the couct pRSsLONd in found. Key loqger ia a
type of softoane oh hardwau devtce that kecOrds kay athokes
ente by a wser, often covotly with te punpoxe of caphuning
sensitue infonmattion such as pastond.
"Keylogge can be implemented as softwae prognams instalhd
on a a computer, malusare hidden withn legttmate softwa, oh
handuae devtces attached to kaybo ands oh o other input devtces.
Ihay capbuuchedtt
wename, kaysthokes
card typed by the and
hum, wwen,othr
incduding passod,
contidantial infomotio
Atcker use kylog9e to collect 8enattive informai¡n aptitiaul
wstich tey can
Can thy
t then se fon idantity theft financiad fraud,
espionage oh othr malicíous activitie,.
Peventve measwes agoinst kylogg es include wsing Qntfvikus and
antimalware sofwa to ditect and temove malicious sotars
ugulypdating soptae and openakirg oystema to pateh
knoon as elnerabi littes,avoidirg sspiious websites and clownloadk
using vihtual ky boccs
ards Or %euwhe input methods o enteing
denstive informotion, and mplemanttng bÏo - facton authuntt caion
to add an extha laye of secwiby beyond pasokda.