Exam No:

GANPAT UNIVERSITY
B. rECH. CSE (CS) SEM- VI
REGULAR/REM EDIAL EXAMINATION April-Julre 2023
2CSE6O4 CYBER CRIME AND LAW
MAX. TIME: 3 HRS TOTAL MARKS:60

Instructions: (1) This Question paper has two sections. Attempt each section in separate answer book
[2) Figures on right indicate marks.
(3) Assume suitable data if necessary.
(4) Standard terms and notation are used.

SECTION - I

Q-1 (1) Define: Cyber Law [01]

(2) Describe difference between cybercrime and traditional crime? [01]
(3) Identify the technique of stealing credit card numbers by using a special "hidden" device t01l
when you are processing a transaction on your card is called?
(4) Detect the virus that infects a storage device's master boot record (MBR). [01]
(s) ldenti$r the device that is a dedicated computer or a software system running on a t01l
computer that acts as an intermediary between an endpoint device.
(6) Define: Cyber Crime [01]
(7) Traceroute can be used during which type of attack? [01]
(B) Name the scanning technique that attempts to connect to all 65,535 port' [01]
(e) Classiry section 66A of lT Act 2000. t01I
(10) Identify the section of IT Act 2000 deals with the punishment for cyber terrorism. [01]

A Chief Security officer in Inflrtechnics tT company observed that thele are some issues t0 sl
Q-2 (A)
related to Information Security. How he should secure the system? Describe your
perception.
s]
Q-2 (B) blaboiate any tlvo case study of someone being victim of credit card frauds. [0

OR

(B) consider you are an lT Engineer and expert in understanding all operating system.
How [05]
Q-2
what
you would help your friends to protect their passwords in windows? Also discuss
are the impacts of security Ievel in today's era?

[10]
Q-s Attempt ANY TWO from following questions'
cybercrime? Demonstrate all
(A) How a criminal will plan and attack on any people to do
possible tricks with its importance'

(B) Namethecolorsofhatintroducedincybersecuriry.Whichhatyouwouldliketowear
and why? Elaborate Your thoughts'
of Social Engineering?
(c) Ho* ,r.. should piotect theilselves by not becoming a victim
Demonstrate any case study for the same'

Page I of 2
 ExamNo:

SECTION - II

Q-4 (1) Name the Section of lT Act 2000 that deals with breach of confidentiality and privacy. [01]
(2) What do you mean by blind SQL injection? [01]
(3) Mention the steps to prevent from DoS attack on any server. [01]
(4) How can you recognize a phishing email? [01]
(s) Identitrthe type ofbuffer where overflow occurs in heap area of memory. [01]
(6) Name the Section of IT Act 2000 that deals with illegal login where using password of [01]
another person.
(7) Mention the maior difference between phishing and spear phishing. [01]
(B) 0n which date was an IT Act 2000 enacted in India? [01]
(e) Describe how ransomware is harmful? [0-'
(10) IdentiE/ the IPC Section that deals with abusing to any person via email. t01l

Q-S (A) Demonstrate and design how would you implement phishing via email? AIso elaborate [05]
ideas to be aware and safe from such attacks.

Q-s (B) Elaborate how many ways you can attack on targeted server with millions of request to [05]
make server busy so that users accessing that server gets disappointed.
OR
Q-s (B) How would you enter into the system from back door and apply malicious activity? [05]
Demonstrate its usage.

Q-6 Attempt ANY TWO from following questions. [10]

(A) Name the tools to find vulnerability of any website. Now consider you found some bug
and using SQL Injection you want to enter into the system. Examine the preventive
measures for not getting affected by such attacks.
(B) How security can be applied to any cloud? Classifo the principles of security for the
same.
(C) According to Indian IT Act 2000, what are the pros and cons of lT Act 200? Describe
your perception for the same.

-: END OF PAPER:-

Page 2 of 2
 Exam No:
GANPAT UNIVERSITY
B. rECH. CSE (CS) SEM- Vr
REGULAR/REMEDIAL EXAMINATION April-f une 2O23
2CSE6O4 CYBER CRIME AND LAW
MAX. TIME: 3 HRS TOTAL MARKS: 60

Instructions: [1J This Question paper has tlvo sections. Attempt each section in separate answer book
(2) Figures on right indicate marks.
(3) Assume suitable data if necessary.
(4) Standard terms and notation are used.

SECTION _ I

Q-1 (1) Define: Cyber Law t01l

Ans : Cyber law is a branch of law that deals with the legal issues related to the use
of computers, networks, and the internet.
(2) Describe difference between cybercrime and traditional crime? [01]
Ans : Cybercrime is a type of crime that is committed using computers, networks,
and the internet, while traditional crime is committed using more traditional
methods such as physical force.
(3) Identifrr the technique of stealing credit card numbers by using a special "hidden" device t01I
when you are processing a transaction on your card.
Ans : Skimming
(4) Detect the virus that infects a storage device's master boot record [MBR]. [01]
Ans : Boot Sector Virus
(s) Identi$z the device that is a dedicated computer or a software system running on a t01l
computer that acts as an intermediary betvveen an endpoint device.
Ans : Proxy
(6) Define: Cyber Crime [01]
Ans : Cybercrime refers to criminal activities that are committed using computers,
networks, and the internet'
(7) Traceroute can be used during which type of attack? [01]
Ans : Passive Attack
(8) Name the scanning technique that attempts to connect to all 65,535 port' [01]
Ans : Vanilla
(e) Classifu section 66A of IT Act 2000 [01]
Ans : Publishing offensive, false or threatening information
(10) Identis, the section of IT Act 2000 deals with the punishment for cyber terrorism. I01l
Ans : Section 66F

A Chief Security officer in Infiztechnics lT company observed that there

are some issues [0s]
Q-2 (A)
Describe your
related to Information Security. How he should secure the system?
perception.
Ans : Confi dentiality, Integrity, Availability

Elaborate any tvvo case study of someone being victim of

credit card frauds' t0sl
Q-Z (B)

Page 1 of8
 Exarn No:

A russian hacker, Roman Seieznev

A $50 million online identity theft case
He Created a website where he sod stolen credit cards aftd
identity data. for which he was sentenced 14 years in prisgn

Case-$tudy #2
" Just a year later $3.5 rnillion was
eforted by Kenneth Gilbefi Gibson,
who using stolen identities created
more than 8000 f.audulent onllne
accounts r,*ith PayPal. I
" The police discovercd his offlge
computers lhat were 'n running an
automatic script to open up online
accounts.

Case-$tudy #2
He stole the data from empbyees and customers of the
company that he woiked for.
To avokl dotection he only moved small amounts of money,
whbh did not raise any red llags with the fnancial institutions.
Many of his victims didn't realise that their identity was slolen
until they tried to gel a loan, or were contactod by the
authorities or collection agencies.

OR
consider you are an lT Engineer and expert in understanding all operating system.
How [05]
Q-2 (B)
what
you would hetp your friends to protect their passwords in windows? Also discuss
are the impacts of security level in today's era?
. Set or change password )
Windows generates a LM hash and a NT hash'
. Two hashing functions used to encrypt passwords
- LAN Manager hash (LM hash)
Password is padded with zeros until there are 14 characters'
-
It is then converted to uppercase and split into two 7-character
-
Pieces
Page 2 of 8
 Exam No:
- Each half is encrypted using an 8-byte DES (data encryption
standardJ key
- Result is combined into a 16-blte, one way hash value
- NT hash (NT hash)
- Converts password to Unicode and uses MD4 hash algorithm to
obtain a 16-byte value
Hashes are stored in the Security Accounts Manager database
- Commonly known as " SAM" or "the SAM file"
SAM is locked by system kernel when system is running.
- Filelocation: C:\WINNT\SYSTEM32\CONFIG
SYSKEY

What we found on AI Qaeda computers were two things:

1) Simple hacking tools are available to anyone who looks for them on the lnternet.
2) Tools such as Lophtcrack allow admittance into almost anyone's account if a
simple eight-digit password is used. People are frightened when they learn that using
only an eight-digit password with standard numbers and letters will allow anyone to
figure out their passwords in less than two minutes when one downloads a publicly
available tool like LOphtCrack from the Internet. This was the kind of tool which we
found, nothing terribly sophisticated.

Q-3 Attempt ANY TWO from following questions. [10]

(A) How a criminal will plan and attack on any people to do cybercrime? Demonstrate all
possible tricks with its importance.

Ans :

o Phases involved in planning cybercrime:

o Reconnaissance : information gathering , first phase, passive attack

o Scanning and scrutinizing the gathered information for validity of the

information as well as to identify the existing vulnerabilities
o Launching an attack : gaining and maintaining the system access

(B) Name the colors of hat introduced in cyber security. which hat you would like to wear
and why? Elaborate Your thoughts.
Ans :
o
Black Hat -
o|ustlikeintheoldwesterns,thesearethebadguys.Ablackhatisa
cracker.
oToaddinsulttoinjuryblackhatsmayalsoshareinformationaboutthe
"breakin"withotherblackhatcrackerssotheycanexploitthesame
vulnerabilities before the victim becomes aware and takes appropriate
measures'
. White Hat -
o While black hats use their skitl for malicious purposes, white hats are
ethical hackers'
the
. ff,"y rtu if,.it knowledge and skill to thwart the black hats and secure
Page 3 of 8
 Exam No:
integrity of computer systems or networks.
o If a black hat decides to target you, it's a great thing to have a white hat
around.
a Gray Hat -
o A gray hat, as you would imagine, is a bit of a white hat/black hat hybrid.
o Thankfully, like white hats, their mission is not to do damage to a system
or network, but to expose flaws in system security.
o The black hat part of the mix is that they may very well use illegal means
to gain access to the targeted system or network, but not for the purpose
of damaging or destroying data: they want to expose the security
weaknesses of a particular system and then noti$z the "victim" of their
success.
o Often this is done with the intent of then selling their services to help
correct the security failure so black hats can not gain entry and/or access
for more devious and harmful purposes"

(C) How people should protect themselves by not becoming a victim ofSocial Engineering?
Demonstrate any case study for the same.
Ans :
o Slow down
r Research the facts
. Delete any request
. Reject requests for help or offers of help
. Don't let a link in control of where you land
o Email hiiacking is rampant
o Beware of any download
o Set your spam filters to high
. S.ecure your computing devices

SECTION - II

Q-4 (1) Name the Section of lT Act 2000 that deals with breach of confidentiality and privacy. [01]
Ans : Section 72
(2',) What do you mean by blind SQL injection? [0u
Ans : Blind sQL Iniection is used when a web application is vulnerable to an sQL
iniection but the results of the iniection are not visible to the attacker'
(3) Mention the steps to prevent from DoS httack on any server' [01]
Ans : Filtering, Moving Black Holing
(4) How can you recognize a phishing email? [01]

Ans : The email asks you to click on a link or download an attachment

(s) Identify the type of buffer where overflow occurs in heap area of memory' [01]

Ans : Heap Buffer Overflow

Page 4 of 8
 Exam No:
(6) Name the Section of IT Act 2000 that deals with illegal login where using password of [01]
another person.
Ans : Section 66C
(71 Mention the major difference between phishing and spear phishing. t01I
-
Ans : Phishing is a type of cyber attack that uses social engineering to trick
individuals into divulging sensitive information, while spear phishing is a more
targeted form ofphishing that specifically targets individuals or organizations.
(8) On which date was an IT Act 2000 enacted in India? [01]
Ans : 17o October 2000
(e) Describe how ransomware is harmful? [01]
Ans : Ransomware is a type of malware that encrypts a victim's files and demands
payment in exchange for the decryption key.
(10) Identi$r the IPC Section that deals with abusing to any person via email. t01I
Ans : Section 500

Q-s tA) Demonstrate and design how you would implement phishing via email? Also elaborate [05]
ideas to be aware and safe from such attacks.
. Planning : use mass mailing and address collection techniques- spammers
. Setup : E-Mail / webpage to collect data about the target
. Attack: send a phony message to the target
. Collection: record the information obtained
. Identity theft and fraud: use information to commit fraud or illegal purchases
Tips to protect yourself:
. I.T. will NEVER ask for your password over email. Please be wary of any emails
asking for passwords. Never send passwords, bank account numbers, or other
private information in an email.
. Be cautious about opening attachments and downloading files from emails,
regardless of who sent them. These files can contain viruses or other malware
that can weaken your computer's security. Ifyou are not expecting an email with
an attachment from someone, such as a fax or a PDF, please call and ask them if
they indeed sent the email. If not, let them know they are sending out Phishing
emails and need to change their email password immediately.
. Never enter private or personal information into a popup window'
. If there is a link in an email, use your mouse to hover over that link to see if it is
sendingyoutowhereitclaimstobe,thiscanthwartmanyphishingattempts'
. Look for 'https://' and a lock icon in the address bar before entering any private
information on a website.
. Look for spelling and bad grammar' Cybercriminals are not known for their
grammar rna ,f"tting. professional companies or organizations usually
have
you notice
ltaff tfrat will noi allow a mass email like this to go out to its users. If
mistakes in an email, it might be a scam'

Q.5(B)Elaboratehowmanywaysyoucanattack'ontargetedserverwithmillionsofrequestto[05I
that server gets disappointed'
make server busy s; thai u;ers accessing
Ans :
Page 5 of8
 Exam No:
. Flood the traffic, thereby preventing network traffic
. Disrupt connections between two systems- preventing access to service
. Prevent a particular individual from accessing a service
. Disrupt service to a specific system or person
Classification of DOS:
. Bandwidth attacks
. Logic attacks
. Protocol attacks
. Unintentional DoS attack
OR
Q-s (B) How you would enter into the system from back door and apply malicious activity? [05]
Demonstrate its usage.
Ans :
. A backdoor in a computer systemis a method of bypassing normal
authentication, securing unauthorized remote access to a computer, obtaining
access to plaintex! and so on, while attempting to remain undetected.
. Also called a trapdoor. An undocumented way of gaining access to a program,
online service or an entire computer system.
. The backdoor is written by the programmer who creates the code for the
program. It is often only known by the programmer. A backdoor is a potential
security risk.
Functions of Backdoor: Allows an attacker to
. create, delete, rename, copy or edit any file
. Execute commands to change system settings
. Alter the windows registry
. Run, control and terminate applications
. Install arbitrary software and parasites
. Control computer hardware devices,
. Shutdown or restart computer
. Steals sensitive personal information, valuable documents, passwords, login
name...
. Records keystrokes, captures screenshots
. Sends gathered data to predefined E-mail addresses
. Infects files, corrupts installed apps, damages entire system
. Distributes infected files to remote computers
. Installs hidden FTP server
. Degrades internet connection and overall system performance
. Decreases system security
. Provides no uninstall feature, hides processes, files and other obiects

Attempt ANY TWO from following questions' [10]

Q-6
(A)Namethetoolstofindvulnerabilityofanywebsite.Nowconsideryoufoundsomebug
andusingSQLlnjectionyouwanttoenterintothesystem.Examinethepreventive
."r.u.eJ fo. not getting affected by such attacks'
Ans :
Tools :
Website:
- : 1: Finding Vulnerablewebsites(hackable
Step
websites) using Google Dork list'
find the-Vulnerable .
. google dork is searching ior vulnerable websites using the google
searching tricks

Page 6 of 8
 Exam No:
. use "inurl:" command for finding the vulnerable websites.
Some Examples:
inurl:index.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:pageid=
How to use?
copy one ofthe above command and paste in the google search engine box,
Hit enter.
You can get list of web sites.
We have to visit the websites one by one for checking the vulnerability.

Preventive Measures :
. Input validation
. Replace all single quotes to two single quotes
. Sanitize the input clean characters like;, --, select, etc
. Numeric values should be checked while accepting a query string value
. Keep all text boxes and form fields short
. Modifu error reports
. SQL errors should not be displayed to the outside world
. Other preventions
. Never use default system accounts for SQL server 2000
. Isolate database server and webserver: different machines
. Extended stored procedures, user defined functions should be moved to
an isolated server.

(B) How security can be applied to any cloud? Classify the principles of security for the
same.
Ans :

Brute force attack

Denial of Service attack
. There are some principles that we always have to remember when we speak
about IT security, since they can really help to prevent the most common security
problems
' The princiPle of insecuritY
' The PrinciPle ofleast Privilege
' The principle ofseparation ofduties
' The principle of internal security

(C)AccordingtolndianlTAct2000,whataretheprosandconsoflTAct200?Describe
your perception for the same.
Ans :
Positive AsPects of ITA 2000:
l, Before the enactment of the I.T, Act, 2000, the usual means of communication such as

emailsandtextswerenotconsideredasalegalformofcommunicationandduetothis,
theywerenotadmissibleasevidenceinacourtoflaw.Butaftertheenactmentofl.T.
and now they are
Act, 2000 electronic formats and communication got legal recognition,
admissible as evidence in a court of [aw'
carry out e-commerce and
2. with the introduction of the l.T. Act,2000, now companies can
e.businessandpromoteonlinetransactionscommerciallyusingthelegalinfrastructure

Pase 7 of8
 Exam No:
provided by this Act.
3. Digital signatures and authentications have been legalised after the I.T. Act, 2000, which
is a great assistance to carry out transactions online as they help in verifying the identity
of an individual on the intemet.
4. The I.T. Act, 2000, provides for corporate to have statutory remedies if anyone hacks and
breaks into their computer systems or networks and causes any kind ofdamages. The I.T.
Act, 2000 provides for monetary damages, by the way, compensation, as a remedy for
such crimes.
5. The I.T. Act, 2000 has defined, recognised and penalised various cyber crimes such as
hacking, spamming, identity theft, phishing and many more. Prior to this Act, cybercrimes
were not included in any legislation, and there was no legal remedy for such crimes.
6. The Act allows companies to issue digital certificates by becoming Certi$ring
Authorities.
7. This Act also allows the Govemment to issue notices on the intemet through e-
govemance.

Weak Areas of ITA 2000:

l. The I.T. Act,2000 may cause a conflict ofjurisdiction.
2. Electronic commerce is based on the system of domain names. The I.T' Act, 2000 does
not address the issues relating to domain names, rights and liabilities of domain owners.
3. The I.T. Act, 2000 does not provide for the protection of Intellectual Property Rights as
issues regarding copyrights and patents are very common in relation to computer
programs and networks.
4. The offences covered and defined under the I.T. Act, 2000 are not exhaustive in nature.
Since, with the advancements in technologies, computer programs and networks are
constantly changing and evolving, and with this advancement, the nature of cybercrimes
is also evolving. This Act does not cover various kinds of cybercrimes such as
cyberstalking, cyber fraud, chat room abuse, theft of internet hours and many more.
5. The I.T. Act, 2000 has not addressed issues like privacy and content regulation, which is
very necessary, considering the vulnerability intemet poses.
6. Lastly, the main issue with this Act is its implementation. The I.T. Act, 2000 does not lay
down any parameters for its implementation and regulations.

-: END OF PAPER:-

Page 8 of 8