Suggestions of Cyber Security

1.
What is Cyber Security? Write advantage & disadvantage.

The technique of protecting internet-connected systems such as computers, servers, mobile

devices, electronic systems, networks, and data from malicious attacks is known as cyber
security

ADVANTAGES
- Cyber security will defend us from critical cyber- attacks.
- It helps us to browse the safe website.
- Cyber security will defend us from hacks & virus.
- The application of cyber security used in our PC needs to update every week.
- Internet security processes all the incoming & outgoing data on our computer.
- It helps to reduce computer chilling & crashes.
- Gives us privacy.

DISADVANTAGES
- It was expensive; most of the users can’t afford this.
- A normal user can’t use this properly, requiring special expertise.
- Lack of knowledge is the main problem.
- It was not easy to use.
- It makes the system slower.
- It could take hours to days to fix a breach in security

2.
What is Trojans?

It is a type of malware or code that appears as legitimate software or file to fool us into
downloading and running. Its primary purpose is to corrupt or steal data from our device or do
other harmful activities on our network.

3.
What is Malware?
Explain all types.

Malware means malicious software, which is the most common cyber attacking tool. It is used
by the cybercriminal or hacker to disrupt or damage a legitimate user's system. The following are
the important types of malware created by the hacker:

Types of Malware

Virus: It is a malicious piece of code that spreads from one device to another. It can clean files
and spreads throughout a computer system, infecting files, stoles information, or damage device.

Spyware: It is a software that secretly records information about user activities on their
system. For example, spyware could capture credit card details that can be used by the
cybercriminals for unauthorized shopping, money withdrawing, etc.
Trojans: It is a type of malware or code that appears as legitimate software or file to fool us into
downloading and running. Its primary purpose is to corrupt or steal data from our device or do
other harmful activities on our network.

Ransomware: It's a piece of software that encrypts a user's files and data on a device, rendering
them unusable or erasing. Then, a monetary ransom is demanded by malicious actors for
decryption.

Worms: It is a piece of software that spreads copies of itself from device to device without
human interaction. It does not require them to attach themselves to any program to steal or
damage the data.

Adware: It is an advertising software used to spread malware and displays advertisements on our
device. It is an unwanted program that is installed without the user's permission. The main
objective of this program is to generate revenue for its developer by showing the ads on their
browser.
Botnets: It is a collection of internet-connected malware-infected devices that allow
cybercriminals to control them. It enables cybercriminals to get credentials leaks, unauthorized
access, and data theft without the user's permission.

4.
What is Sniffing?
A sniffing attack is an act of intercepting or capturing data while in transit through a
network.Sniffing is a process of monitoring and capturing all data packets passing through given
network. Sniffers are used by network/system administrator to monitor and troubleshoot network
traffic. Attackers use sniffers to capture data packets containing sensitive information such as
password, account information etc. Sniffers can be hardware or software installed in
the system.

Active Sniffing: Sniffing in the switch is active sniffing. A switch is a point to point network
device. The switch regulates the flow of data between its ports by actively monitoring the MAC
address on each port, which helps it pass data only to its intended target. In order to capture the
traffic between target sniffers has to actively inject traffic into the LAN to enable sniffing of the
traffic. This can be done in various ways.

Passive Sniffing: This is the process of sniffing through the hub. Any traffic that is passing through
the non-switched or unbridged network segment can be seen by all machines on that segment.
Sniffers operate at the data link layer of the network. Any data sent across the LAN is actually sent
to each and every machine connected to the LAN. This is called passive since sniffers placed by the
attackers passively wait for the data to be sent and capture
them.

5.
Write the Difference
between Hackers and Crackers?

1. Hackers are people who use their knowledge for a good purpose and do not damage the data,
whereas a cracker is
someone who breaks into the system with a malicious purpose and damages data intentionally.
2. Hackers possess advanced knowledge of computer systems and programming languages, while
crackers might not
necessarily be so skilled and well-versed with computing knowledge.
3. The hackers work for an organization to improvise their network and solve any issues. Crackers
are someone
from whom the hacker protects the organization. Crackers work just because a system might be
challenging or to get
illegal gains.
4. Hacking is ethical, while cracking is illegal and unethical.
5. Hackers have ethical certificates, while the Crackers do not possess any certificates.
6. Hackers continuously work towards making new tools rather than using the existing ones. The
crackers, on the
other hand, have inadequate computing knowledge to make new tools and use tools already used by
other crackers.

6.
What Is Cyber Warfare?

Cyberwarfare is typically defined as a set of actions by a nation or organization

to attack countries or institutions' computer network systems with the intention
of disrupting, damaging, or destroying infrastructure by computer viruses or
denial-of-service attacks.

7.
What is Information Assurance (IA)?

1. Information Assurance (IA) is the practice of managing information-related risks and the
steps involved to protect information systems such as computer and network systems. \
2. Information assurance is the practice of assuring information and managing risks related
to the use, processing, storage, and transmission of information.
3. Information assurance includes protection of the integrity, availability, authenticity and
confidentiality of user data.

8.
What is Cyber threats ?

A cybersecurity threat is the threat of a malicious attack by an individual or organization attempting

to gain access to a computer network, corrupt data, or steal confidential information.

9.
What is CIA triad?

We can break the CIA model into three parts: Confidentiality, Integrity, and
Availability. It is actually a security model that helps people to think about various parts
of IT security.

Confidentiality
Confidentiality is equivalent to privacy that avoids unauthorized access of information. It involves
ensuring the data is accessible by those who are allowed to use it and blocking access to others. It
prevents essential information from reaching the wrong people. Data encryption is an excellent
example of ensuring confidentiality.

Integrity
This principle ensures that the data is authentic, accurate, and safeguarded from unauthorized
modification by threat actors or accidental user modification. If any modifications occur, certain
measures should be taken to protect the sensitive data from corruption or loss and speedily recover
from such an event. In addition, it indicates to make the source of information genuine.

Availability
This principle makes the information to be available and useful for its authorized people always. It
ensures that these accesses are not hindered by system malfunction or cyber-attacks

10.
What is Ethical hacking?

Ethical Hacking is also called as penetration Testing. It is an act of penetrating networks or systems
to find out threats and vulnerabilities in that system which the attacker would have exploited and
caused the loss of data, financial loss or other major damages to a business.

11.
What is Cyberspace?

1. Cyberspace can be defined as an intricate environment that involves interactions between

people, software, and services.
2. It is maintained by the worldwide distribution of information and communication
technology devices and networks.
3. With the benefits carried by the technological advancements, the cyberspace today has
become a common pool used by citizens, businesses, critical information infrastructure,
military and governments in a fashion that makes it hard to induce clear boundaries
among these different groups.
4. The cyberspace is anticipated to become even more complex in the upcoming years, with
the increase in networks and devices connected to it

12.
Write common types of cyberattack vectors?

Virus: It is a malicious piece of code that spreads from one device to another. It can clean files
and spreads throughout a computer system, infecting files, stoles information, or damage device.

Spyware: It is a software that secretly records information about user activities on their
system. For example, spyware could capture credit card details that can be used by the
cybercriminals for unauthorized shopping, money withdrawing, etc.

Trojans: It is a type of malware or code that appears as legitimate software or file to fool us into
downloading and running. Its primary purpose is to corrupt or steal data from our device or do
other harmful activities on our network.
Ransomware: It's a piece of software that encrypts a user's files and data on a device, rendering
them unusable or erasing. Then, a monetary ransom is demanded by malicious actors for
decryption.

Worms: It is a piece of software that spreads copies of itself from device to device without
human interaction. It does not require them to attach themselves to any program to steal or
damage the data.

Adware: It is an advertising software used to spread malware and displays advertisements on our
device. It is an unwanted program that is installed without the user's permission. The main
objective of this program is to generate revenue for its developer by showing the ads on their
browser.
Botnets: It is a collection of internet-connected malware-infected devices that allow
cybercriminals to control them. It enables cybercriminals to get credentials leaks, unauthorized
access, and data theft without the user's permission.

13.
What is Backdoors in cyber security?

A backdoor is a means to access a computer system or encrypted data

that bypasses the system's customary security. A backdoor is any method that allows somebody —
hackers, governments, IT people, etc. — to remotely access your device without your permission
or knowledge. Hackers can install a backdoor onto your device by using malware, by exploiting
your software vulnerabilities, or even by directly installing a backdoor in your device’s
hardware/firmware.

14.
What is Threats and Attack Vectors in cyber security?

A Cyber Threat or a Cyber Security Threat is a malicious act performed by hackers to

intentionally steal data or other assets, misuse them, or simply cause disruption in digital life
ingeneral. Cyber Threats can come from remote locations by unknown parties or even within an
organization by trusted users

An attack vector, or threat vector, is a way for attackers to enter a network or system. Common
attack vectors include social engineering attacks, credential theft, vulnerability exploits, and
insufficient protection against insider threats.