Sort Question

1. What Is Computer Security?

 Computer security refers to the protection of computer systems and data from
theft, damage, or unauthorized access. It includes implementing measures to
ensure the confidentiality, integrity, and availability of information.

2. Types of Cybercrime
  Common types of cybercrime include:
1. Identity theft
2. Hacking
3. Phishing
4. Fraud
5. Cyberstalking
6. Malware attacks
7. Denial-of-service (DoS) attacks.

3. What Is Cybercrime?
 Cybercrime refers to illegal activities carried out using computers or the internet.
This includes crimes like hacking, online fraud, identity theft, and spreading
viruses.

4. What is Masquerade?
 Masquerade is a type of cyberattack where an attacker pretends to be a legitimate
user or system to gain unauthorized access to data or systems.

5. Define Denial of Service (DoS)

 A Denial of Service (DoS) attack is an attempt to make a computer or network resource
unavailable to its intended users by overwhelming it with a flood of traffic or requests.

6. Method of Defense in Information Security

 Information security defenses include methods like encryption, firewalls,
intrusion detection systems (IDS), multi-factor authentication, and regular
software updates to protect against attacks.

7. Full Form of IDS, IPS, UTM

  IDS: Intrusion Detection System
  IPS: Intrusion Prevention System
 UTM: Unified Threat Management

8. What is Antivirus?
 Antivirus is software designed to detect, prevent, and remove malware like
viruses, worms, and trojan horses from a computer system. 
9. Define Cracker
 A cracker is an individual who breaks into computer systems, bypassing
passwords or licenses, often with malicious intent to steal or corrupt data.

10. What Is Intruders?

 Intruders are unauthorized users who gain access to computer systems or
networks to steal, damage, or disrupt services.

11. Define Worm

 A worm is a type of malicious software (malware) that self-replicates and
spreads through networks, often causing damage by consuming bandwidth
or overwhelming systems.

12. Define Trojan Horse

 A Trojan horse is a type of malware that disguises itself as legitimate software but,
once installed, allows attackers to access or damage a computer system. 

13. Define Rootkit

 A rootkit is a type of malicious software that enables attackers to gain control
over a computer system without being detected. It often hides its presence and
allows continued unauthorized access.

14. What Is Fabrication?

 Fabrication refers to the creation of fake data or messages to deceive users or
systems, typically to gain unauthorized access or disrupt operations.

15. What is Interception?

 Interception is a security breach where an unauthorized party captures or
monitors data being transmitted between two systems or individuals.

16. Define Vulnerability

 Vulnerability is a weakness or flaw in a computer system, network, or
software that can be exploited by attackers to gain unauthorized access or
cause harm.

17. What is Cryptography?

 Cryptography is the science of securing communication by converting
information into a code (encryption) so that only authorized parties can read and
understand it.
Long Question
1. What is Computer Security? Explain Types of Computer Security.
 Computer Security refers to the protection of computer systems from theft, damage, disruption, or
unauthorized access to hardware, software, or data. The goal is to ensure confidentiality, integrity, and
availability of information.

Types of Computer Security:

1. Network Security: Protects network infrastructure from unauthorized access, misuse, or theft. It
involves using firewalls, encryption, and antivirus software.
2. Information Security: Protects sensitive information from unauthorized access or
alteration. Methods include encryption, access control, and secure data storage.
3. Application Security: Ensures software applications are protected from vulnerabilities. This
includes secure coding practices, regular updates, and patches.
4. Operational Security: Focuses on processes and decisions regarding how to handle and protect data
assets. It includes managing user permissions and operational protocols.
5. Physical Security: Protects hardware and infrastructure from physical threats like theft,
damage, or natural disasters. This includes using locks, surveillance, and backup power
systems.

2. What is Computer Security? Explain Security Basics in Detail.

 Computer Security involves safeguarding computer systems, networks, and data from cyber threats.
It is a crucial aspect of ensuring safe and reliable computer operation.

Security Basics:

1. Confidentiality: Ensures that only authorized individuals can access sensitive data.
Confidentiality is maintained using encryption and access control measures.
2. Integrity: Protects data from being altered by unauthorized parties. Data integrity ensures that
information remains accurate and trustworthy.
3. Availability: Ensures that information and resources are accessible to authorized users when
needed. This involves minimizing downtime and protecting against DoS (Denial of Service)
attacks.
4. Authentication: Verifies the identity of users or devices trying to access a system. This can be
achieved through passwords, biometric data, or two-factor authentication.
5. Authorization: Ensures users have the right level of access to perform specific actions based
on their identity.
6. Non-repudiation: Ensures that a user cannot deny their actions or transactions, typically using
digital signatures.

3. Why Global Businesses Need Information Security?

  Global businesses need information security for the following reasons:

1. Protection of Sensitive Data: Businesses handle vast amounts of sensitive data such as customer
information, financial records, and intellectual property. Ensuring this data is
 protected from unauthorized access or theft is critical to avoid financial loss and
reputational damage.
2. Compliance with Regulations: Various laws and regulations, such as GDPR (General Data
Protection Regulation) and HIPAA (Health Insurance Portability and Accountability Act),
require businesses to implement strong security measures. Failure to comply can result in legal
penalties.
3. Protection from Cyber Threats: As businesses go digital, the risk of cyberattacks, such as
malware, phishing, and ransomware, increases. Information security helps protect against these
threats.
4. Maintaining Trust and Reputation: Customers and partners expect businesses to safeguard
their data. A breach can erode trust, damage a company's reputation, and lead to the loss of
business.
5. Ensuring Business Continuity: Security breaches can disrupt business operations, leading
to downtime and financial losses. Information security ensures continuity by preventing
attacks and ensuring swift recovery if a breach occurs.

4. Difference Between Active Attack and Passive Attack

Active Attack Passive Attack

Involves direct interaction and attempts to alter data or
disrupt system functions.
Examples: Masquerading, Denial of Service (DoS), and
modification of data.
Difficult to detect, but can be prevented by
encryption and authentication.
Causes data loss, modification, or system disruption.
Only monitors or intercepts data without affecting system
performance or data.
Examples: Eavesdropping, traffic analysis.
Difficult to prevent, but encryption can protect data from
being understood.
Focuses on gaining information without changing the
data.

5. Difference Between Hacker and Cracker

Hacker
A hacker is typically skilled at programming and finds
vulnerabilities in systems to improve security or gain
knowledge.
Hackers can be ethical (white-hat) or unethical (black-hat).
Often work with organizations to improve cybersecurity.
Cracker
A cracker has malicious intent and breaks into
systems to steal, destroy, or modify data illegally.
Crackers are always unethical and cause harm to
systems.
Typically involved in illegal activities like data
theft, fraud, or cybercrime.

6. What is a Firewall? Explain Characteristics and Limitations of Firewalls.

 Firewall: A firewall is a network security system that monitors and controls incoming and outgoing
network traffic based on predetermined security rules. It acts as a barrier between a trusted internal
network and untrusted external networks.
 Characteristics of a Firewall:

1. Packet Filtering: Inspects packets of data and decides whether to allow or block them based
on rules.
2. Stateful Inspection: Keeps track of the state of active connections and makes decisions based
on context.
3. Proxy Services: Can act as an intermediary between internal users and the internet to filter
content.
4. Network Address Translation (NAT): Conceals internal IP addresses from external users,
enhancing security.

Limitations of a Firewall:

5. Cannot Protect Against Internal Threats: Firewalls do not protect against attacks or threats
originating from inside the network.
6. Cannot Detect New Threats: Firewalls often rely on predefined rules and may not detect
zero-day vulnerabilities or new attack patterns.
7. Not a Complete Security Solution: Firewalls are part of a broader security strategy but need to be
supplemented with other tools like IDS/IPS, encryption, and security policies.

7. Discuss Interception, Interruption, Modification, and Fabrication

  Interception: This involves an unauthorized party gaining access to data or messages as they are
 being transmitted. Example: Eavesdropping or man-in-the-middle attacks.
 Interruption: This attack occurs when a system or data is made unavailable or inaccessible to its
 intended users. Example: Denial of Service (DoS) attacks.
  Modification: The unauthorized party alters the content of the data or messages. This could
involve changing emails, files, or transaction records. Example: Changing bank account details in a
payment request.
  Fabrication: This is when fake data or messages are created and sent to a system to mislead or
deceive users. Example: Sending fraudulent transactions or generating fake alerts.




8. What is Cryptography? Explain Its Types.

 Cryptography: Cryptography is the practice of securing information by converting it into an

unreadable format (encryption) that can only be understood by authorized users. It ensures
confidentiality, integrity, and authenticity of data.

Types of Cryptography:

1. Symmetric Key Cryptography: Uses the same key for both encryption and decryption.
It is fast and efficient but requires secure key distribution. Example: AES (Advanced
Encryption Standard).
2. Asymmetric Key Cryptography: Uses a pair of keys—a public key for encryption and a private
key for decryption. It is more secure but slower than symmetric encryption. Example: RSA
(Rivest–Shamir–Adleman).
3.Hash Functions: Does not use keys. Instead, it generates a fixed-size hash value from the input
data. It ensures data integrity by detecting changes to the original data. Example: SHA-256 (Secure
Hash Algorith