JSPM’s

Bhivrabai Sawant Polytechnic,

Wagholi, Pune- 412207.
Assingnment-1
(Academic Year 2022-23)

B
Sub: -NIS Subject Code: -22620
Semester: 06
Chapter : 1
Date:

Sr. Assign Que Assignment Questions Marks Relevance Bloom

No. ment stion to Course leve
Outcome
No. No.
1 Assign 1 Describe spoofing. 2 R
ment 01 ANS:
The practice or technique of monitoring, gathering, capturing, and
logging some or all data packets passing through a given computer
network is called sniffing or packet sniffing. A packet sniffer is
composed of two parts namely; a network adapter and software that is
used by a network to observe or troubleshoot network traffic.
Attackers use these sniffers to seize data packets that contain valuable
information and analyze the network traffic. Sniffing is categorized
into active sniffing and passive sniffing. In Active sniffing, there is
the constant activity by the attacker to obtain information and sniff
the traffic from the switch network. In passive sniffing, the attacker is
hidden and sniffs through.
2 Define Virus and logic bomb. 2 U
ANS:
virus is a small collection of genetic code, either DNA or RNA,
surrounded by a protein coat. A virus cannot replicate alone. Viruses CO605.1
must infect cells and use components of the host cell to make copies
of themselves. Often, they kill the host cell in the process, and cause
damage to the host organism.Logic bombs are small bits of code
contained in other programs. Although they might be malicious,
they're not technically malware — it's a fine line. Common types of
malware include viruses and worms, which can contain logic bombs
as part of their attack strategy. A logic bomb is a malicious program
that is triggered when a logical condition is met, such as after a
number of transactions have been processed, or on a specific date
(also called a time bomb). Malware such as worms often contain
logic bombs, behaving in one manner, then changing tactics on a
specific date and time.
3 Difference between Passive attacks and Active attacks. 4
ANS:
SR
Key Active Attack Passive Attack
NO
 In Active
Modificatio Attack, In Passive Attack, information
1
n information is remain unchanged.
modified.
Active Attack
is dangerous
Dangerous Passive Attack is dangerous
2 for Integrity as
For for Confidentiality.
well as
Availability.
Attention is to
Attention is to be paid on
3 Attention be paid on
prevention.
detection.
In Active
Impact on In Passive Attack,
4 Attack, system
System system has no impact.
is damaged.
Victim gets
Victim does not get
5 Victim informed in
informed in passive attack.
active attack
System
System Resources can System Resources are
6
Resources be changed in not changed in passive attack.
active attack.
4 Explain Intruders and Insiders. 4
ANS:
Intruders- Intruders are the attackers who attempt to breach the
security of a network. They attack the network in order to get
unauthorized access. Intruders are of three types, namely,
masquerader, misfeasor and clandestine user. Intrusion techniques
The objective of the intruders is to gain access to a system or to
increase the range of privileges accessible on a system. Generally,
this requires the intruders to acquire information that should be
protected. In most cases, the information is in the form of a user
password. Typically, a system must maintain a file that associates a
password with each authorized user. If such a file is stored with no
protection, then it is an easy matter to gain access to it.
Insiders- Insider threats in cyber security are threats posed by
individuals from within an organisation, such as current or former
employees, contractors and partners. These individuals have the
potential to misuse access to networks and assets to wittingly or
unwittingly disclose, modify and delete sensitive information.
Information at risk of being compromised could include details about
an organisation’s security practices, customer and employee data,
login credentials and sensitive financial records. The nature of insider
threats means that traditional preventative security measures are often
ineffective.
5 Define computer security. Explain the need of computer security. 4
ANS: Computer security, also called cybersecurity, is the protection
of computer systems and information from harm, theft, and
unauthorized use. Computer hardware is typically protected by the
same means used to protect other valuable or sensitive equipment—
namely, serial numbers, doors and locks, and alarms. Computer
security is the process of preventing and detecting unauthorized use
of your computer. Prevention measures help you stop unauthorized
 users (hackers) from accessing any part of your computer system.
Detection helps you to determine whether or not someone attempted
to break into your system, if they were successful, and what they may
have done.  Our computers have become an extension of everything
we do from banking and investing to shopping and communicating
with others through email or chat. You may not consider your
communications "top secret," most likely you do not want strangers
reading your email, using your computer to attack other systems,
sending forged email from your computer, or examining personal
information stored on your computer.  Hackers do not care about
your identity. Often they want to gain control of your computer so
they can use it to launch attacks on other computer systems.
Importance of Computer Security in Organizations Today  To
preserve company assets – Company assets include information kept
in the computer networks, which are every bit as vital and useful as
the physical assets of the company.  To conform with governing
requirements and moral responsibilities – Each organization creates
policies and procedures which deal with the security requirements of
the organization in question.  For competitive benefit – Financial
services and e-commerce considers network security to be of prime
importance.  To help curb the increasing volume and sophistication
of cyber security threats – Threats of this nature include targeting
phishing scams, data theft, and the exploitation of other
vulnerabilities in the network. The internet can be a dangerous place:
thousands of attacks per minute can infiltrate a network and cause
serious, long-term harm. An unprotected computer can become
impacted or damaged within the first few seconds after
beingconnected to the network.

6 Explain Man-in-middle and TCP/IP Hacking attacks. 4 R

ANS: A man in the middle (MITM) attack is a general term for

when a perpetrator positions himself in a conversation between
a user and an application—either to eavesdrop or to
impersonate one of the parties, making it appear as if a normal
exchange of information is underway.The goal of an attack is to
steal personal information, such as login credentials, account
details and credit card numbers. Targets are typically the users
of financial applications, SaaS businesses, e-commerce sites
and other websites where logging in is required.

TCP/IP Hacking attacks-TCP/IP Hijacking is when an

authorized user gains access to a genuine network connection of
another user. It is done in order to bypass the password
authentication which is normally the start of a session.The
TCP/IP stack is divided into several layers, each of which is
important for particular aspects of communication. It is possible
to develop each of these layers without affecting adjacent ones.
With TCP/IP, data encapsulation is achieved in different
headers across different transportation layers of the protocol
stack.