Course Code -ILO7016

Cyber Security and Laws

Question Bank

1. Explain Phishing and its type.

What is Phishing?

Phishing is a type of online scam where attackers pretend to be someone you trust—like a
bank, a popular website, or even a friend—to trick you into sharing personal information,
such as passwords, credit card details, or other sensitive data.

Types of Phishing:

1. Email Phishing:
o Attackers send fake emails that look like they’re from real
companies (like your bank).
o The email often asks you to click a link and enter your details on
a fake website that looks real.
2. Spear Phishing:
o A more personalized type of phishing.
o Attackers gather information about you and customize the
message to make it feel more believable.
o For example, they might use your name or mention a project
you're working on.
3. Whaling:
o Targets high-ranking people like company executives (CEOs).
o The fake message might involve important topics like business
transactions to trick them into revealing information.
4. Smishing (SMS Phishing):
o Phishing through text messages.
o The attacker sends a message that looks like it’s from a known
company, asking you to click a link or provide info.
5. Vishing (Voice Phishing):
o Phishing done through phone calls.
o The caller pretends to be from a trusted organization (like a
bank) and asks for information.
6. Clone Phishing:
o The attacker copies a real email you received before and makes a
few changes, like adding a fake link.
 o It looks almost identical to the original email, making it harder to
spot the trick.
7. Pharming:
o Instead of tricking you with a fake message, attackers redirect
you to a fake website, even if you type the correct web address.
o This way, they can steal your details without you realizing it.

How to Avoid Phishing:

• Be careful with links: Don’t click on links or download attachments

from unknown emails or texts.
• Check the sender’s details: Look closely at email addresses or phone
numbers to see if they’re real.
• Don’t share sensitive info: Legitimate companies won’t ask for
passwords or personal info through email or text.

2. Write a note on Virus and Worms.

Viruses and worms are both types of malware—malicious software designed to harm or
exploit computer systems. While they share some similarities, their methods of spreading
and causing damage are different.

1. What is a Virus?

• Definition: A computer virus is a piece of malicious code that attaches itself to a

legitimate program or file. It requires human action to spread, such as opening an
infected file or running a program.
• How It Works: Once activated, a virus can replicate itself and attach to other files,
corrupting data, slowing down the system, or causing other types of damage.
• Examples of Damage: Viruses can delete files, corrupt system data, or create
annoying pop-up messages. They can be hard to remove once they’ve spread
throughout a system.
• Real-Life Example: The ILOVEYOU virus from the year 2000 spread through
email, disguised as a love letter, and caused massive damage by overwriting files
and spreading itself to other contacts.

2. What is a Worm?

• Definition: A computer worm is a standalone program that doesn’t need to attach

itself to other software or require human action to spread. It replicates itself
automatically and can quickly infect entire networks.
• How It Works: Worms exploit security flaws in software or networks to spread
from one computer to another without any user interaction.
 • Examples of Damage: Worms can slow down networks, consume bandwidth, and
even carry payloads that cause direct damage, such as deleting files or creating
backdoors for attackers.
• Real-Life Example: The WannaCry worm in 2017 used a vulnerability in
Windows systems to spread across networks, encrypting files and demanding a
ransom to unlock them.

Key Differences Between Viruses and Worms:

• Dependency: A virus needs a host file or program to spread, while a

worm can spread on its own.
• Spread Mechanism: Viruses spread when an infected file is executed
by the user, whereas worms spread automatically over networks.

3. Explain Key logger and Spyware.

Keylogger and Spyware: Overview

Keyloggers and spyware are types of malicious software (malware) designed to gather
information from a user’s device without their knowledge. They are used for stealing
sensitive information, such as passwords, banking details, or other private data, which can
lead to identity theft or financial loss.

1. What is a Keylogger?

• Definition: A keylogger (short for keystroke logger) is a type of

malware that records every keystroke a user makes on their keyboard. It
can be software-based or hardware-based.
• How It Works: Keyloggers run in the background on a device,
capturing everything typed, including login credentials, messages, and
other text data. The recorded keystrokes are then sent back to the
attacker.
• Purpose: Keyloggers are often used by cybercriminals to steal sensitive
information like usernames, passwords, credit card details, or personal
identification numbers (PINs).
• Example: A user unknowingly downloads a keylogger hidden within a
free software program. The keylogger then records everything the user
types, including bank login information, and sends it back to the
attacker.
 2. What is Spyware?

• Definition: Spyware is a broader category of malware designed to

monitor a user’s activity on their computer or device and collect data
without their consent.
• How It Works: Spyware can monitor various activities, such as
browsing history, application usage, and even screen content. Some
spyware can also capture screenshots, record conversations through the
microphone, or track GPS location.
• Purpose: While some spyware is used for legitimate purposes (like
parental controls or monitoring employee activities), most spyware is
used for malicious reasons, such as identity theft, advertising, or
corporate espionage.
• Example: A user visits a compromised website, which installs spyware
on their device. The spyware then tracks their browsing habits and
sends targeted ads or, worse, steals login information for online
accounts.

4. Describe Security Aspects in cyber law.

What Are Security Aspects in Cyber Law?

Cyber law is like the rules of the internet that help keep people, businesses, and their data
safe when they are online. It deals with protecting personal information, preventing online
crimes, and making sure that digital activities are secure.

Security Aspects in Cyber Law

1. Data Protection and Privacy:

o Purpose: Keep people’s data private and safe.
o How: Laws make sure data is handled securely, using encryption
and proper storage methods.
o Example: The GDPR in Europe sets strict rules for how
personal data is managed.
2. Cybercrime Prevention:
o Purpose: Define and punish online crimes like hacking and
fraud.
o How: Laws set penalties for cybercrimes and help authorities
investigate them.
o Example: India’s IT Act 2000 punishes unauthorized access to
computer systems.
3. Network Security:
 o Purpose: Protect the internet and communication systems from
attacks.
o How: Requires security measures like firewalls and encryption.
o Example: Businesses must have measures to prevent data
breaches.
4. Intellectual Property Rights (IPR):
o Purpose: Protect digital content like music, software, and books
from being copied illegally.
o How: Allows creators to take action against piracy.
o Example: The DMCA in the U.S. allows takedown requests for
stolen content.
5. Digital Signatures:
o Purpose: Make online transactions and contracts secure.
o How: Recognizes digital signatures as legally valid.
o Example: India’s IT Act 2000 allows digital signatures for
secure online deals.
6. Cybersecurity for Businesses:
o Purpose: Ensure companies follow security practices.
o How: Requires audits and reporting data breaches.
o Example: U.S. businesses follow the CISA for secure digital
practices.
7. Protection Against Cyber Terrorism:
o Purpose: Secure critical systems like banks and government
networks.
o How: Defines and punishes cyber-attacks targeting national
security.
o Example: Laws in many countries help protect important
infrastructure from cyber-attacks.

5. Explain need of India Cyber law.

India's cyber law is essential for several reasons, reflecting the growing significance of
digital technology and the internet in various aspects of life. Here are some key points
explaining the need for cyber law in India:

1. Protection of Information: With the increase in online transactions and data

sharing, there's a heightened risk of data breaches and cybercrimes. Cyber laws
help safeguard personal and sensitive information from unauthorized access and
misuse.
2. Regulation of Cyber Crimes: Cyber crimes such as hacking, identity theft, online
fraud, and cyberbullying are on the rise. Cyber laws provide a legal framework to
define, prosecute, and penalize such offenses, ensuring accountability.
 3. Facilitating E-Commerce: The growth of e-commerce in India necessitates legal
protections for online businesses and consumers. Cyber laws establish regulations
for electronic contracts, digital signatures, and online payment systems, fostering
trust in online transactions.
4. Intellectual Property Protection: The digital environment poses challenges to
intellectual property rights, including copyright infringement and piracy. Cyber
laws help protect creators' rights and promote innovation.
5. Cyber Security Framework: A robust legal framework is vital for enhancing
national security against cyber threats. Cyber laws facilitate the establishment of
security protocols and guidelines for organizations to protect their networks and
data.
6. International Compliance: As cyber activities often cross borders, having a well-
defined cyber law aligns India with international standards and agreements,
facilitating cooperation with other countries in addressing cyber crimes and
security.
7. Awareness and Education: Cyber laws also promote awareness and education
regarding responsible internet usage and the legal implications of cyber activities,
fostering a safer online environment for all users.
8. Digital Governance: With the Indian government's push towards digital
governance and services, cyber laws ensure that electronic records and transactions
are legally recognized, promoting efficiency and transparency in public services.
9. Conflict Resolution: Cyber laws provide mechanisms for dispute resolution in
digital transactions, ensuring that parties have legal recourse in case of
disagreements, thus enhancing consumer confidence.

6. Explain IT act 2000.

What is the IT Act 2000?

The IT Act 2000 is a law in India that aims to promote and regulate the use of digital
technology and online communication. It addresses issues like electronic transactions,
cybercrime, and data protection.

Key Features:

1. Legal Validity of Electronic Documents: Electronic records are recognized as

valid evidence in courts, just like traditional paper documents.
2. Digital Signatures: The Act allows for digital signatures, which are used to
authenticate electronic documents and ensure they haven’t been altered.
3. Cyber Crime Regulation: It defines cybercrimes, such as hacking and identity
theft, and sets penalties for offenders.
4. Intermediary Protection: Internet service providers and online platforms are not
liable for third-party content, as long as they follow certain guidelines.
5. Data Protection: While not comprehensive, the Act includes some rules for
handling and protecting personal data.
6. Cyber Appellate Tribunal: A specialized tribunal is established to handle disputes
related to cyber laws.
7. Amendments: The Act has been updated over the years to address new challenges
in cyber security and technology.

Importance:

• Supports E-Governance: It helps make government services available online,

making them easier for citizens to access.
• Encourages E-Commerce: By providing a legal framework, it builds trust in
online transactions, promoting business growth.
• Enhances Cybersecurity: The Act helps protect against cyber threats, contributing
to national security.
• Fosters Innovation: The recognition of digital documents encourages new ideas
and technologies.

7. Describe Evidence Aspects in cyber law.

In cyber law, the aspect of evidence is crucial, especially given the unique
challenges posed by digital communication and online activities. Here’s
an overview of the key points related to evidence in cyber law:

1. Types of Digital Evidence:

• Electronic Records: Emails, messages, and social media posts.

• Digital Documents: Files like PDFs and Word documents.
• Log Files: Records of activities on servers or networks.
• Metadata: Information about other data, like when a file was created.

2. Legal Recognition:

• The IT Act 2000 in India gives legal validity to electronic documents

and digital signatures, making them acceptable in court.

3. Admissibility of Evidence:

• Digital evidence must be relevant and authentic to be used in court. It

should show that it hasn’t been tampered with.
• A proper chain of custody is important to prove that the evidence has
been securely handled from collection to presentation.

4. Authentication:

• Digital evidence needs to be verified to ensure it's valid. This may

involve showing where the data came from and that it hasn't been
changed.
 • Digital signatures help confirm that documents are genuine and
unaltered.

5. Forensic Analysis:

• Cyber forensics involves collecting and examining digital evidence.

Experts use special tools to analyze data from devices.
• This is crucial for investigating cyber crimes and ensuring the evidence
can be trusted in court.

6. Challenges:

• Volatility: Digital data can be easily changed or deleted, so it’s

important to secure evidence quickly.
• Jurisdiction: Cyber crimes often involve multiple countries,
complicating the collection of evidence.
• Complexity: Understanding digital evidence can be challenging for
legal professionals without technical expertise.

7. Reforms and Updates:

• Cyber laws are continuously updated to address new technologies and

challenges related to data privacy and security.

8. Write short notes on DoS and DDoS Attack?

Denial of Service (DoS) Attack

A Denial of Service (DoS) attack is a malicious attempt to disrupt the normal functioning
of a targeted server, service, or network by overwhelming it with a flood of traffic or
sending it malicious data. The primary goal is to make the target unavailable to its intended
users.

Key Characteristics:

• Single Source: A DoS attack typically originates from a single

computer or IP address.
• Flooding: The attacker sends excessive requests or data to the target,
exhausting its resources (such as bandwidth, memory, or CPU).
• Impact: A successful DoS attack can lead to the website or service
becoming slow or completely inaccessible to legitimate users.
 Distributed Denial of Service (DDoS) Attack

A Distributed Denial of Service (DDoS) attack is a more advanced version of a DoS

attack, where the attack traffic comes from multiple sources, often thousands of
compromised computers or devices (known as a botnet). This makes DDoS attacks harder
to mitigate because they originate from many locations.

Key Characteristics:

• Multiple Sources: DDoS attacks are launched from numerous

compromised systems, making it difficult to identify and block the
attackers.
• Higher Volume: They generate significantly more traffic than a typical
DoS attack, overwhelming the target more effectively.
• Impact: Like DoS attacks, DDoS attacks can cause significant
downtime, financial loss, and reputational damage to businesses and
organizations.

Common Techniques Used in DoS and DDoS Attacks:

• TCP SYN Flood: Exploiting the TCP handshake process to overwhelm

resources.
• UDP Flood: Sending a large number of UDP packets to random ports
on the target.
• HTTP Flood: Sending seemingly legitimate requests to web servers to
exhaust their resources.
• Amplification Attacks: Exploiting the functionality of certain
protocols to generate a much larger response than the initial request.

9. Explain Identity Theft.

What is Identity Theft?

Identity theft is a crime where someone steals another person's personal information, like
their name, Social Security number, or credit card details, to commit fraud or other illegal
activities without their permission.

Key Points:

1. Types of Information Stolen:

o Financial Info: Bank account numbers and credit card details.
o Personal Identification: Social Security numbers and driver's
license information.
 o Online Accounts: Usernames and passwords.
2. How It Happens:
o Phishing: Fraudulent emails or messages tricking people into
giving away personal information.
o Data Breaches: Cybercriminals hack into organizations to steal
data.
o Skimming: Devices that capture credit card information when
swiped.
o Social Engineering: Manipulating people into revealing
sensitive information.
3. Consequences for Victims:
o Financial Loss: Unauthorized charges or debt from fake loans.
o Credit Damage: A harmed credit score, making it hard to get
loans or credit in the future.
o Legal Issues: Time and effort spent to clear their name from
fraudulent activities.
o Emotional Distress: Feelings of anxiety and violation.
4. Prevention Tips:
o Secure Personal Information: Use strong passwords and enable
two-factor authentication.
o Monitor Accounts: Regularly check bank and credit card
statements for unauthorized transactions.
o Limit Sharing: Be cautious about sharing personal information
online.
5. Legal Protection:
o Many countries have laws against identity theft, making it a
crime and setting penalties for those who commit it. Victims can
also seek legal help to recover their losses.

10. Explain Amendment in IT Act 2008.

What is the IT Amendment Act 2008?

The IT Amendment Act, 2008 updated the original IT Act of 2000 to improve laws
around cybersecurity, data protection, and cybercrimes in India.

Key Changes and Provisions:

1. Expanded Cyber Crimes:

o The amendment included new definitions for cyber crimes, such
as identity theft, cyberstalking, and data theft, along with
penalties for these offenses.
2. Data Protection:
 o Organizations are now required to protect sensitive personal data
and implement security measures to keep it safe.
3. Increased Penalties:
o Penalties for cyber crimes were made stricter to discourage
offenders.
4. New Sections Added:
o New sections were introduced, including:
▪ Section 66: Punishment for hacking.
▪ Section 66A: Originally addressed sending offensive
messages (later struck down by the Supreme Court in
2015).
▪ Section 66C: Punishment for identity theft.
▪ Section 66D: Punishment for cheating using computer
resources.
5. Cyber Appellate Tribunal:
o A tribunal was established to handle disputes and appeals related
to cyber laws, making the legal process more efficient.
6. Certifying Authorities:
o Clarified who can issue digital certificates, which are important
for digital signatures.
7. Intermediary Responsibility:
o Online platforms (like ISPs) must take down illegal content when
notified.
8. Reporting Data Breaches:
o Organizations must report any data breaches to authorities,
ensuring transparency and accountability.

Importance of the Amendment:

• Better Cybersecurity: The amendment aimed to improve India’s

defenses against cyber threats.
• Consumer Protection: It addressed privacy concerns to protect users
in the digital space.
• Clearer Laws: Provided clearer definitions and consequences for cyber
crimes, helping law enforcement.
• Adapting to Technology: Recognized the need for laws to keep up
with fast-changing technology.

11. Write short note on ISO

ISO stands for the International Organization for Standardization. It is an international

body that develops and publishes standards for various industries to ensure quality, safety,
and efficiency in products and services.
 Key Points:

1. Purpose: ISO creates guidelines that help organizations improve their processes
and products. These standards are not mandatory but are widely used to enhance
quality and safety.
2. Global Presence: Founded in 1947 and based in Geneva, Switzerland, ISO has
published over 23,000 standards and works with organizations from 165 countries.
3. Types of Standards:
o Quality Management: ISO 9001 focuses on ensuring quality in
products and services.
o Environmental Management: ISO 14001 helps organizations
minimize their environmental impact.
o Information Security: ISO/IEC 27001 provides a framework for
managing information security risks.
4. Benefits of ISO Standards:
o Efficiency: Helps organizations streamline their processes and
reduce waste.
o Customer Satisfaction: Ensures higher product quality, leading
to more satisfied customers.
o Market Access: Compliance with ISO standards can help
businesses enter new markets and attract more customers.
5. Certification: Organizations can get certified by accredited bodies to show that
they meet ISO standards, although ISO itself does not provide certification.