Q.What is cyber disaster planning?

Discuss the guidelines for cyber disaster planning

❔
Cyber disaster planning involves creating strategies and procedures to prepare for,
respond to, and recover from cyber incidents that could disrupt an organization’s
operations, compromise sensitive data, or cause financial or reputational damage.
These incidents could include cyberattacks like ransomware, data breaches, denial-
of-service (DoS) attacks, or system failures caused by software or hardware issues.

#Guidelines for Cyber Disaster Planning

1. Risk Assessment and Identification

- Identify and evaluate potential cyber threats and vulnerabilities.

- Conduct regular risk assessments to understand the organization’s exposure to

cyber risks.

- Prioritize critical systems, data, and assets that require protection.

2.Develop a Cybersecurity Framework:-

- Establish policies and procedures for cybersecurity management.

- Align with established frameworks like NIST Cybersecurity Framework, ISO 27001,
or COBIT for comprehensive planning.

- Define roles and responsibilities for cybersecurity and disaster recovery teams.

3. Incident Response Plan (IRP):-

- Develop a detailed IRP outlining steps to detect, contain, mitigate, and recover from
cyber incidents.

- Include clear communication protocols to inform stakeholders, employees, and, if

necessary, regulatory bodies.

- Regularly update the IRP to address emerging threats.

4. Disaster Recovery Plan (DRP):-

- Focus on restoring IT systems, data, and operations after a cyber incident.

 - Ensure backups of critical data are created, encrypted, and stored in secure
locations.

- Test the recovery process periodically to confirm its effectiveness.

5. Business Continuity Plan (BCP):-

- Ensure essential business functions can continue during and after a cyber disaster.

- Identify alternate resources, facilities, or methods to maintain operations during

disruptions.

6. Employee Training and Awareness:-

- Train employees on recognizing phishing emails, social engineering, and other

cyber threats.

- Conduct regular cybersecurity awareness programs and drills.

- Emphasize the importance of following security protocols.

7. Secure IT Infrastructure:-

- Implement robust cybersecurity measures, such as firewalls, intrusion detection

systems (IDS), and endpoint security solutions.

- Regularly update and patch software to protect against vulnerabilities.

- Use multi-factor authentication (MFA) for critical systems.

8. Third-Party Risk Management

- Assess the cybersecurity measures of vendors, partners, and contractors.

- Include cybersecurity requirements in contracts and monitor compliance.

9. **Legal and Regulatory Compliance**

- Understand and comply with relevant laws, regulations, and industry standards
(e.g., GDPR, HIPAA, or CCPA).

- Ensure incident reporting aligns with regulatory requirements.

10. **Testing and Simulations**

- Conduct regular tabletop exercises and simulations to test the effectiveness of the
cyber disaster plan.

- Identify gaps and areas for improvement in the plan.

11. **Post-Incident Analysis**

- Perform a thorough review after a cyber incident to understand what went wrong.

- Update the cyber disaster plan based on lessons learned to prevent similar
incidents in the future.

Cyber disaster planning is a continuous process that evolves as new threats emerge. It
ensures organizations can minimize the impact of cyber incidents and maintain
resilience in the face of evolving challenges.

Q.Discuss the concept of information security briefly and explain its main principles ?

Ans. Information Security

The term information security can be defined as the way of protecting information
systems and the information stored in it from the unauthorized access, use,
modification, disclosure, or disruption.

Information security refers to the process of ensuring and maintaining confidentiality,

availability and integrity of data. Confidentiality refers to the protection of information
from unauthorized access. The information is disclosed only to those who are
authorized to access it.

Integrity refers to the assurance that information is trustworthy, accurate and genuine.
It protects information from unauthorized modification. Availability means only
authorized users should be able to access the information whenever needed. It
ensures the timely access to data whenever it is needed by the authorized users.

Principles of Information Security

The main principles of information security are as follows:

1. Confidentiality
2. Integrity
3. Availability

1.Confidentiality :-The property of the system which ensures that the unauthorized
systems and individuals are unable to access the information is known as
confidentiality. This ensures that someone who is not authorized to access the system
is unable to view the information.

Thus, confidentiality is a necessary property but not sufficient alone to ensure the
privacy of person whose information is stored in computer systems.
2.Integrity :-Integrity is the property of information security that prevents modification
of information by an unauthorized person or system. If an employee deletes an
important file accidently or intentionally, then violation of integrity takes place.

3.Availability :-According to this principle, for any information system to serve its
purpose, the information must be available when it is needed. This ensures the
correct and smooth operation of the computers and networks and sees that the
needed information can be accessed by the authorized users. If the users are unable
to access the system, then it becomes impossible to assess the integrity and
confidentiality aspect.

It is necessary that information system must be available to the users, to serve its
purpose and it is also necessary to ensure the proper functioning of the computing
system that processes and stores the information.

Q.Discuss the different criminal threats to IT infrastructure. What can be the

preventive measures for these threats ❔

Ans. Criminal Threats to IT Infrastructure and the Preventive Measures for these
Threats

Cybercrimes are those instances when criminals, known as hackers or attackers,

access your computer for malicious reasons. They might be seeking sensitive,
personal identification information stored on your computer, like credit card numbers
or private account logins they use for financial gain or to access your online services
for criminal purposes.

Following are the different types of threats to the IT infrastructure along with the
preventive measures that can be taken to reduce your susceptibility to these threats:

1. Vulnerabilities
2. Spyware
3. Malware
4. Spam
5. Phishing

1.Vulnerabilities:-

Vulnerabilities are the flaws in computer software that create weaknesses in your
computer or network’s overall security. They can also be created by improper
computer or security configurations. Threats exploit the weaknesses of
vulnerabilities, resulting in potential damage to the computer or its data.
Preventive measures:-

• Keep software and security patches up to date.

•Configure security settings for your operating system, Internet browser and security
software.

• Companies should develop personal security policies for online behavior, and
individuals should be sure to adopt their own policies to promote online safety.

•Install a proactive security solution like Norton Internet Security to block the threats
targeting vulnerabilities.

2. Spyware:-Spyware is a software that surreptitiously gathers information and

transmits it to interested parties. It can be downloaded from websites, email
messages, instant messages and direct file-sharing connections. Also, a user may
unknowingly receive spyware by accepting an End User License Agreement from a
software program. Spyware frequently attempts to remain unnoticed, either by
actively hiding or simply not making its presence on a system known to the user.

Preventive measures:

• Use a trustworthy Internet security program to proactively protect from spyware and
other security risks.

• Configure the firewall in the reputable Internet security program to block unsolicited
requests for outbound communication.

• Do not accept or open suspicious error dialogs from within the browser.

• Always carefully read the End User License agreement during installation.

• Keep software and security patches up to date.

3.Malware:-Malware is a category of malicious code that includes viruses, worms and

Trojan horses. Destructive malware will use popular communication tools to spread,
including worms sent through email and instant messages, Trojan horses dropped
from Web sites and virus-infected files downloaded from peer-to-peer connections.
Malware will also seek to exploit existing vulnerabilities on systems making their entry
quiet and easy.

Preventive measures:

• Open only those e-mails, web-links or attachments that come from trusted sources
and are expected.
• Have email attachments scanned by a reputable Internet security program prior to
opening.

• Delete all the unwanted messages without opening.

• Use a reputable Internet security program to block all unsolicited outbound

communication.

• Keep security patches up to date.

4.Spam:-Email spam is the electronic version of junk mail. It involves sending

unwanted messages, often unsolicited advertising, to a large number of recipients.
Spam is a serious security concern, as it can be used to deliver email that could
contain Trojan horses, viruses, worms, spyware and targeted attacks aimed at
obtaining sensitive, personal identification information. Messages that do not include
your email address in the TO or CC fields are common forms of spam.

Preventive measures:

• Install Spam filtering/ blocking software.

• If you suspect an email is spam, do not respond to it and delete it.

• Do not click on URL links within IM unless they are from a known source and
expected.

• Keep software and security patches up to date.

6.Phishing:-Phishing is a process of acquiring personal and sensitive information of an

individual via email by disguising as a trustworthy entity in an electronic
communication. The purpose of phishing is identity theft and the personal
information like username, password, and credit card number etc. may be used to
steal money from user nuount. Hackers create forged websites that pretend to be
other websites in order for users to leave their personal information.

Preventive measures:

• Check whether your virus scan running or not.

• Keep your virus definitions up to date.

• Perform full disk / memory virus scan.

• Ensure the security of your online accounts.

• Enable your Phishing Filter in Windows Internet Explorer.

• Contact your anti-spyware / virus vendor to find out other steps you can take.

Q Describe the following:

A.Political orientation of terrorism

B.Economic consequences of cyber terrorism

Political Orientation of Terrorism

Cyber-terrorism activities are politically motivated and Information Technology is

used to commit and spread terrorist activities such as unlawful attacks for
threatening government and citizens to achieve political objectives.

Cyber terrorism denotes unlawful attacks and threats of attack against computers,
networks and information stored therein to intimidate or coerce a government or its
people for propagating hidden political or unlawful social and religious agendas. It has
an objective to destroy or damage specific targets such as political, economic, energy,
civil, and military infrastructure.

In 1998, a politically motivated cyber attack was conducted by ethnic Tamil guerrillas
who attempted to disrupt Sri Lankan embassies by sending hundreds of e- mails a day
over a two-week period. It was characterized as a terrorist attack on a country’s
computer system.

Economic Consequences of Cyber Terrorism

Cyber terrorists can affect the overall economy of a country by targeting the critical
infrastructure, which includes telecommunications sector, food & agriculture sector,
energy sector, financial sector, government sector, and health care sector.

Today, Internet has become the center of all the personal and professional activities.
Everything depends on Global Information Infrastructure. If any of its services block, it
causes huge economic impact. By targeting the Critical Infrastructure of country,
cyber terrorists can affect the overall economy of a country.

Various economic consequences of a cyber terrorism attack are as follows:-

• Terrorists can cause economic loss by hacking a financial transaction which involves
huge amount Of money because all the transactions are done over Internet which is
not secure edge.
•Stock markets may react negatively because negative publicity gives the competitors
a competitive.

•Cyber terrorism attacks make the cost of doing business in the affected region very
high as these attacks target the Critical Infrastructure and hence cause huge
economic losses.

• Internet is central element for all the businesses and hence it is exploited by the
cyber terrorists. It is used by the terrorists to affect the overall economy.

• Internet shut down can have a huge impact on various domestic businesses as well
as foreign investments.

• Cyber terrorism attacks lead to loss of confidence and credibility in the financial
systems of the targeted country, reputation loss, ruined business partner
relationships, staff-turnover and loss of trust in the government and IT industry of the
targeted country.

• Cyber terrorism attacks also affect the GDP (Gross Domestic Product) of a country.

• After cyber terrorism attacks, investors withdraw their investments from the
affected country.

• Nowadays intellectual property also resides on networked systems. Terrorists can

gain unauthorized access on these properties, which will cause a great economic loss.

Q Write a short note on Information Society. Also discuss its characteristics

Ans. Information Society

Information society refers to a society in which the creation, distribution and

manipulation of information has become the most significant economic and cultural
activity.

Information society is a society characterized by rapid growth in the use of information

a society in which quality of life and economic development depend largely on
information and its exploitation, the increasing use of computers, the
commoditization of information, e commerce, and the use of technology for
community development.

Today, information plays an increasingly important role in the economic, social,

cultural and political sectors. Countries are becoming information-intensive to
achieve a competitive edge, to lock-in customers, to lock-out competitors and to
participate in growing international market.
Aims of Information Society

Countries are being transformed into information societies with the following aims:

• To achieve a competitive edge internationally.

• To maintain their position in global markets.

• To improve the relative competitiveness.

• To achieve the competitive edge.

• To attain more general economical, cultural, political and social advancement.

Characteristics or Attributes of Information Society

Following are the main characteristics or attributes of an information society:

• It is a society where the creation, distribution, use, integration and manipulation of

information are significant economical, cultural, political and social activities.

• An information society is a society surrounded by the information and it cannot

survive without the computers, internet, mobile phones etc.

• An information society is based on the information rather than material goods as the
chief driver of socio-economics.

• It offers various benefits to the public. People use information in their activities as
consumers to make informed choices between different products.

• It is a society which is based on the production and distribution of the information

especially by means of computers.

• It is a society in which all the work is information- based. Information is the key-
factor for all the tasks.

Visions of Information Society

Following are the visions of an information society:

• Technological Vision: The most common vision of information society is based on

technology. It is the main criteria for defining an information society.

•Economical Vision: Information society has an economical vision as it can be defined

as a society where economy is driven by ht e information.
• Occupational Vision: Information society is a society in which predominance of
occupations is found in information work such as researchers, scientists, teachers,
computer operators, developers, etc.

Knowledge Society

Knowledge society is a society whose economy depends upon the knowledge of their
citizens and the success of this society is dependent on the innovation and creativity
of the citizens.

A knowledge society is a society in which the generation, diffusion and exploitation of

knowledge play the major role in the creation of nation’s wealth.

A knowledge society is a society where the production, diffusion and utilisation of

knowledge are significant economic, cultural, political and social activities. In theses
societies, knowledge is recognised as the driver of social, cultural and economic
growth.

Characteristics of Knowledge Society

Following are the main characteristics of a knowledge society:

• There are multiple centres of expertise and a poly. Centric production of knowledge
utilisation.

• A large portion of the population of a knowledge society attains higher education.

• A vast majority of the population have access to information and communication

technology and Internet.

• A large portion of the labour forces are knowledge workers, who need a higher
degree of education and experience to perform their job well.

• Both individuals and the state invest heavily in education and research and
development.

• Members of knowledge society are more creative and innovative in comparison to

other societies.

•Organisations in a knowledge society are forced to innovate continually.

Q.What do you mean by cyberspace? Discuss its characteristics in brief

Ans. Cyberspace

Cyberspace is a virtual world which consists of a worldwide network of computer

networks that use the Internet and Telecommunication infrastructure for data
exchange and transmissions.

Cyberspace is an environment in which communication occurs over Internet. It

comprises of thousands of connected computers, servers, routers, switches, and
fibre optic cables. It permits critical infrastructures to work effectively and serves as
the nervous system of the global economy and societal health and wellness.

Cyberspace is the virtual environment in which communication over computer

networks occurs without regard to geographical barriers. It comprises thousands of
computers, networks, servers, bridges, routers, gateways switches and cables. It
serves as the nervous system for all the sectors of critical infrastructure of nation.

Characteristics of Cyberspace

Following are the characteristics of the cyberspace:

• Cyberspace is a virtual and a boundary-less space.

• Information and Communication Technologies are the foundation of Cyberspace.

• The cost of entry for access to cyberspace is very low. Only a communication device
and a network connection are required.

• Cyberspace is virtual but it is made up of physical objects such as cables,

computers, routers, repeaters, servers, bridges, gateways etc.

• Cyberspace acts as a backbone for organisations as well as for countries.

• Activities and benefits of cyberspace are open for everyone who can afford to use it.

• Cyberspace has two main components – information and connections.

Applications of Cyberspace

Following are the applications of cyberspace:

• Different ways of communication like conferencing, e-mail, discussion forums etc.

• Social interactions like Facebook, Whatsapp, Chat rooms, etc.

• Cloud computing

• Military applications

QDefine Hacking. Describe types of hacking and also describe hacking techniques ❔

Ans. Hacking

Hacking is the process of gaining unauthorized access to computer system and

resources with / without the intention of causing harm or destroying data.

Hacking is an illegal intrusion into a computer system and / or network. Every act
committed towards breaking into a computer and / or network is hacking. Hackers
write or use ready-made computer programs to attack the target computer. They
possess the desire to destruct and they get the kick out of such destruction.

Hacking is a crime even if there is no visible damage to the system, since it is an

invasion in to the privacy of data. Hacking involves identifying the weakness in
computer systems or networks to exploit its weaknesses to gain access for the
purpose of profit, enjoyment, protest and challenge etc. Hackers make use of the
weaknesses and loop holes in operating systems to destroy data and steal important
information from victim’s computer.

Types of hacking

Hacking can be of two types:

a) Ethical Hacking
b) Unethical Hacking

A] Ethical Hacking:- When hacking is done with the intention of improving the security
of a network or protecting against cyber attacks, it is called ethical hacking. It is
performed by White Hat Hackers to find the security vulnerabilities of the system and
prevent the Black Hat hackers from illegally infiltrating and stealing data from any
system.

Ethical hacking is performed as per the rules and regulations set by the legal
authorities. Generally, the device owners or the organization on which the ethical
hacking is performed knows about the hacking being performed on them

B] Unethical Hacking:-When hacking is done with malicious intentions to destabilize a

computer network, it is called unethical “hacking. Unethical Hacking or Black Hat
hacking is performed by cyber criminals with the false intention of stealing sensitive
data, money, and access the restricted networks and systems.
Such type of hacking is practiced to disrupt official website networks and infiltrate
communication between two or more parties.

Hacking Techniques

Following are the various hacking techniques used by the backers:

1. Phishing
2. Denial of Service Attack
3. Cookie Theft
4. DNS Spoofing
5. Social Engineering
6. Injection Attacks
7. Brute Force Attack

Q.Explain the features, scope and objectives of Information Technology Act, 2000.

Ans. Information Technology Act, 2000

The IT Act 2000, the cyber law of India, gives the legal framework so that information is
not denied legal effect, validity or enforceability, solely on the ground that it is in the
form of electronic records. The Information Technology Act, 2000 and the institutional
infrastructure derived out of it are very important components of the regulatory
regime in the field of internet use in India.

Objectives of the IT Act.

Following are the main objectives of Indian IT Act, 2000:

• To facilitate the authentic electronic storage of documents.

• To facilitate the legal recognition and attribution of the electronic transactions.

• To give legal recognition to digital signature | electronic signature for authentication.

• To facilitate attribution of electronic records.

• To facilitate the lawful execution of e-commerce.

•To facilitate electronic filing of documents with government agencies.

• To facilitate the mitigation and checking of cyber crimes.

• To facilitate the investigation of cyber crimes.

• To provide facility for safe electronic storage.

• To protect information over Internet from misuse.

• To provide lawful protection for intellectual property.

• To facilitate electronic storage of data.

Features of the Act

The main features of the IT Act, 2000 are as follows:

1.Electronic contracts have been made legally valid if made through secure electronic
communications’.

2.Legal recognition has been granted to digital signatures.

3.Security procedures for electronic records and digital signatures have been laid
down.

4.To facilitate e-governance, provisions have been included to build the required
system.

5.Various types of computer-related crimes have been defined and stringent penalties
provided under the Act.

Q Explain the concept of Information Society and also explain Its aim & drawbacks?

Characteristics of an Information Society

1. *Widespread use of ICTs*: ICTs are ubiquitous and play a vital role in various
aspects of life, including education, work, and leisure.

2. *Information-intensive economy*: The economy is driven by the creation,

processing, and dissemination of information.

3. *Knowledge-based society*: The society values knowledge and innovation, and

there is a strong emphasis on education and research.

4. *Global connectivity*: The society is globally connected, and information can be

shared and accessed from anywhere in the world.

5. *Digital literacy*: The society has a high level of digital literacy, and people have the
skills to effectively use ICTs.

Aims of an Information Society

1. *Improved economic growth*: IS aims to promote economic growth by increasing

productivity, innovation, and competitiveness.
2. *Enhanced quality of life*: IS aims to improve the quality of life by providing access
to information, education, and healthcare.

3. *Increased social inclusion*: IS aims to promote social inclusion by providing

access to information and opportunities for marginalized communities.

4. *Better governance*: IS aims to promote better governance by increasing

transparency, accountability, and citizen participation.

5. *Environmental sustainability*: IS aims to promote environmental sustainability by

reducing carbon emissions, promoting renewable energy, and encouraging
sustainable practices.

Drawbacks of an Information Society

1. *Digital divide*: The unequal access to ICTs and the internet can exacerbate existing
social and economic inequalities.

2. *Information overload*: The vast amount of information available can lead to

information overload, making it difficult to discern accurate and relevant information.

3. *Cybersecurity threats*: The increased reliance on ICTs can make societies

vulnerable to cybersecurity threats, such as hacking and data breaches.

4. *Job displacement*: The automation of jobs can lead to job displacement,

particularly in sectors where tasks are repetitive or can be easily automated.

5. *Social isolation*: The increased reliance on ICTs can lead to social isolation, as
people spend more time interacting with technology and less time interacting with
other humans.

6. *Dependence on technology*: The increased reliance on ICTs can lead to a loss of

traditional skills and a dependence on technology.

7. *Environmental impact*: The production and disposal of ICTs can have a significant
environmental impact, including e-waste and carbon emissions.

Strategies to Address the Drawbacks

1. *Digital literacy programs*: Implementing digital literacy programs to ensure that

everyone has the skills to effectively use ICTs.

2. *Investing in cybersecurity*: Investing in cybersecurity measures to protect against

cybersecurity threats.