Pir Mehr Ali Shah Arid Agriculture University Rawalpindi

University Institute of Information Technology

Assignment

Course Code CS-497

Course Title Information Security

Instructor’s Name Dr. Saif Ur Rehman

Class/Section/Mor/Eve BSCS-A Evening

Assignment No 1 (A)

Due Date 12 – 11 - 2024

Question No. 1 Answer the followings

a. Define the terms Virus, Malware, and Ransomware.

b. What is Cryptography

c. What are the common techniques for securing a computer network?

d. What is the difference between Threat, Vulnerability, and Risk?

e. Difference between Symmetric and Asymmetric encryption

f. Explain CIA triad

g. Encryption Vs Hashing

h. Why is Cyber Crime increasing day by day every year?

i. What is a Firewall and why is it used

j. Define SSL Encryption

k. What is the difference between active and passive cyber attacks?

l. Define Data Leakage & Why it is dangerous

m. What are some of the common Cyberattacks

n. What is a Brute Force Attack? How can you prevent it?

o. Explain Phishing and how to prevent it?

p. Explain the concept of Public Key Infrastructure (PKI).

q. What is a zero-day vulnerability?

r. What are the common methods of authentication for network security?

s. What are the latest tools and frameworks for Cyber Security?
a. Definitions:

 Virus: A malicious software program that can replicate itself and spread to other
computers. It attaches itself to legitimate software, and when that software is executed,
the virus is activated.
 Malware: Short for "malicious software," it refers to any software intentionally designed
to cause damage or disruption to a computer system. This includes viruses, worms,
trojans, ransomware, and more.
 Ransomware: A type of malware that encrypts the victim's data and demands payment
(ransom) for the decryption key. It holds the victim's files hostage until payment is made.

b. Cryptography: Cryptography is the practice of securing communication and data through the
use of codes and ciphers. It involves creating algorithms to protect data confidentiality, integrity,
authentication, and non-repudiation.

c. Common techniques for securing a computer network:

 Firewalls: A network security system that monitors and controls incoming and outgoing
traffic.
 Encryption: Encrypting data to protect it during transmission or storage.
 Multi-Factor Authentication (MFA): Using more than one method to verify a user's
identity.
 Intrusion Detection Systems (IDS): Detecting unauthorized access attempts.
 Virtual Private Networks (VPNs): Ensuring secure remote access to a network.
 Access Control: Limiting access to sensitive resources based on user roles.

d. Differences:

 Threat: A potential cause of an unwanted impact on a system, such as hackers or natural

disasters.
 Vulnerability: A weakness in a system or network that can be exploited by a threat.
 Risk: The likelihood of a threat exploiting a vulnerability, resulting in harm to the
system.

e. Symmetric vs. Asymmetric encryption:

 Symmetric encryption uses the same key for both encryption and decryption. Example:
AES (Advanced Encryption Standard).
 Asymmetric encryption uses a pair of keys: a public key for encryption and a private
key for decryption. Example: RSA (Rivest-Shamir-Adleman).

f. CIA Triad: The CIA Triad refers to the three core principles of information security:

 Confidentiality: Ensuring that data is accessible only to authorized individuals.

 Integrity: Ensuring that data is accurate and has not been tampered with.
 Availability: Ensuring that data and services are available when needed.
g. Encryption vs. Hashing:

 Encryption: Converts data into a coded format that can be reversed back to its original
form using a key.
 Hashing: Converts data into a fixed-length value or hash, which cannot be reversed back
to the original data.

h. Reasons for increasing Cyber Crime:

 Increased reliance on technology: More devices and systems are connected to the
internet.
 Anonymity: Cyber criminals can operate anonymously online.
 Financial gain: Cybercrime can be lucrative, especially with activities like ransomware
and identity theft.
 Lack of cybersecurity awareness: Many individuals and businesses are still unaware of
security risks and best practices.

i. Firewall: A firewall is a network security system designed to monitor and control incoming
and outgoing network traffic based on predetermined security rules. It is used to block
unauthorized access and protect against cyber threats.

j. SSL Encryption: Secure Sockets Layer (SSL) is a cryptographic protocol used to secure
communication over a computer network, ensuring that data transferred between a web server
and a browser remains private and integral. SSL has been replaced by TLS (Transport Layer
Security), but the term SSL is still widely used.

k. Active vs. Passive Cyber Attacks:

 Active Cyber Attack: The attacker attempts to alter system resources or affect the
system's functionality. Examples include DoS (Denial of Service) attacks, man-in-the-
middle attacks.
 Passive Cyber Attack: The attacker intercepts or eavesdrops on communications without
modifying the system or data. Examples include packet sniffing or traffic analysis.

l. Data Leakage & its dangers:

 Data Leakage: The unauthorized or unintentional release of sensitive or confidential data

to outsiders.
 Dangers: Data leakage can lead to identity theft, financial losses, reputation damage, and
legal penalties.

m. Common Cyberattacks:

 Phishing: Deceptive emails or websites to trick users into providing sensitive

information.
 Ransomware: Malicious software that locks or encrypts data and demands a ransom.
  DDoS: Distributed Denial of Service attacks overwhelm a system with traffic to disrupt
services.
 Man-in-the-Middle (MITM): Intercepting and altering communication between two
parties.

n. Brute Force Attack & Prevention:

 Brute Force Attack: An attack method where an attacker tries all possible combinations
to guess a password or encryption key.
 Prevention: Use strong, complex passwords, implement account lockout mechanisms
after failed attempts, and employ multi-factor authentication.

o. Phishing & Prevention:

 Phishing: A type of social engineering attack where attackers impersonate legitimate

entities to steal personal or financial information.
 Prevention: Be cautious with unsolicited emails, verify links before clicking, use spam
filters, and train employees on identifying phishing attempts.

p. Public Key Infrastructure (PKI): PKI is a framework that manages digital keys and
certificates to enable secure communications and authentication. It involves a combination of
hardware, software, policies, and standards to ensure secure exchanges.

q. Zero-Day Vulnerability: A zero-day vulnerability is a security flaw in software that is

unknown to the vendor, and hence, has no patch or fix available at the time of discovery. It is
often exploited by attackers before a patch is issued.

r. Common methods of authentication for network security:

 Password-based authentication: Using a secret password to authenticate users.

 Two-Factor Authentication (2FA): Requires two forms of verification (e.g., password
and mobile app code).
 Biometric authentication: Using fingerprints, facial recognition, or retina scans.
 Smart cards or tokens: Physical devices that generate unique authentication codes.

s. Latest tools and frameworks for Cyber Security:

 Wireshark: A network protocol analyzer used for network troubleshooting and analysis.
 Metasploit: A penetration testing framework for identifying vulnerabilities.
 Nmap: A tool for network discovery and vulnerability scanning.
 Kali Linux: A Linux distribution specifically designed for penetration testing.
 SIEM (Security Information and Event Management): Tools like Splunk and ELK
stack that aggregate and analyze security data for real-time threat detection.
 Endpoint Protection Platforms (EPP): Tools like CrowdStrike and Sophos that protect
endpoints from threats.