0% found this document useful (0 votes)

7 views91 pages

CSL

Cyber security and Laws Mumbai University Final exam imp

Uploaded by

hamzaplayht

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

7 views91 pages

CSL

Cyber security and Laws Mumbai University Final exam imp

Uploaded by

hamzaplayht

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 91

1.Explain about digital evidence. Where one can find it.

Digital Evidence

Digital evidence refers to any information or data of probative value

that is stored or transmitted in digital form and can be used in legal
proceedings. It is retrieved from electronic devices or systems and is
often used in cases like cybercrimes, fraud, theft, or digital forensics.
Digital evidence can be volatile and easily altered, making its proper
collection, preservation, and analysis crucial for ensuring its
admissibility in court.

Where Can Digital Evidence Be Found?

Digital evidence can be located in various places depending on the

nature of the investigation and the devices involved. Below are the
primary sources where it can be found:

1. Personal Computers and Laptops:

○ Stored files (documents, images, videos).
○ System logs and browser history.
○ Deleted files or data recoverable from hard drives.
2. Mobile Devices:
○ Call logs, text messages, emails, and app data.
○ GPS and location-based services.
○ Media files and social media interactions.
3. Network Systems:
○ Servers storing large-scale data, emails, and transaction
records.
○ Logs of firewalls, routers, and switches indicating network
activity.
○ Cloud storage platforms like Google Drive or OneDrive.
4. Online Platforms:
○ Social media accounts containing messages, posts, and
activity logs.
○ E-commerce websites and payment gateways tracking
transactions.
○ Email providers maintaining communication records.
5. Internet of Things (IoT) Devices:
○ Smart home systems (cameras, thermostats).
○ Wearables like fitness trackers and smartwatches.
○ Connected devices storing logs or user activity.
6. Removable Media:
○ USB drives, SD cards, CDs, and DVDs.
○ Portable external hard drives.
7. CCTV and Surveillance Systems:
○ Video footage stored digitally, often with timestamps.

Characteristics of Digital Evidence

1. Fragile: Easily altered or destroyed without proper handling.

2. Duplicable: Can be copied without degrading quality.
3. Time-Stamped: Often includes metadata like timestamps for
authenticity.

Applications of Digital Evidence

Digital evidence is critical in criminal investigations, cyber forensics,

civil litigation, and corporate fraud detection. It helps in proving or
disproving allegations and ensuring justice is served.

2.Explain different password cracking techniques.

Password Cracking Techniques

Password cracking refers to the process of recovering passwords

from data transmitted or stored in a computer system. It is often used
in ethical hacking to test security or by malicious actors to gain
unauthorized access. Below are the most common
password-cracking techniques:

1. Brute Force Attack:

○ Tries all possible password combinations until the correct
one is found.
○ Time-consuming and computationally intensive, especially
for long passwords.
2. Dictionary Attack:
○ Uses a predefined list of common passwords or words (a
dictionary).
○ Faster than brute force but ineffective for complex or
unique passwords.
3. Hybrid Attack:
○ Combines brute force and dictionary attacks.
○ Adds variations (e.g., numbers or symbols) to dictionary
words to guess passwords.
4. Phishing:
○ Tricks users into revealing their passwords through fake
websites, emails, or messages.
○ Relies on human error rather than computational methods.
5. Rainbow Table Attack:
○ Uses precomputed hash values for common passwords to
quickly find matches.
○ Effective against poorly encrypted password databases.
6. Credential Stuffing:
○ Involves using stolen usernames and passwords from one
breach to access other accounts.
○ Exploits the reuse of passwords across multiple sites.
7. Keylogging:
○ Records keystrokes on a user’s device to capture
passwords as they are typed.
○ Typically deployed using malware or physical devices.
8. Social Engineering:
○ Manipulates individuals into sharing passwords by
exploiting trust or deception.
○ Often involves pretending to be a trusted individual or
organization.
3.What are different Security Risks for Organizations?

Security Risks for Organizations

Organizations face various security risks that can jeopardize their

data, operations, and reputation. Below are some key risks:

1. Cyberattacks:
○ Threats like ransomware, phishing, and Distributed Denial
of Service (DDoS) attacks can disrupt operations and
compromise data.
2. Data Breaches:
○ Unauthorized access to sensitive data can result in
financial losses, legal consequences, and reputational
damage.
3. Insider Threats:
○ Employees, contractors, or partners with access to
systems may intentionally or accidentally cause security
breaches.
4. Weak Passwords and Authentication:
○ Poor password policies and lack of multi-factor
authentication make systems vulnerable to unauthorized
access.
5. Malware and Viruses:
○ Malicious software can infect systems, steal information,
or corrupt data, disrupting business operations.
6. Third-Party Vulnerabilities:
○ Partnering with vendors or suppliers who have weak
security measures can expose the organization to risks.
7. Physical Security Breaches:
○ Unauthorized physical access to servers, devices, or
offices can lead to theft or sabotage of critical assets.
8. Lack of Regular Updates:
○ Outdated software and systems are vulnerable to exploits
and attacks.
Preventive Measures:

● Implement robust cybersecurity policies.

● Train employees on security best practices.
● Regularly update and patch systems.
● Monitor third-party security compliance

4. What is Cybercrime? Who are Cybercriminals? Explain.

What is Cybercrime?

Cybercrime refers to illegal activities conducted using computers,

networks, or digital systems. These crimes exploit technology to
harm individuals, organizations, or governments. Common examples
include hacking, phishing, identity theft, ransomware attacks, and
cyberbullying. Cybercrime can be classified into:

1. Crimes Against Individuals: Identity theft, financial fraud, online

harassment.
2. Crimes Against Organizations: Data breaches, espionage,
ransomware attacks.
3. Crimes Against Governments: Cyberterrorism, attacks on
critical infrastructure.

Who are Cybercriminals?

Cybercriminals are individuals or groups who use technology to

commit illegal activities for financial gain, political motives, or
personal vendettas. They can be:

1. Hackers:
○ Individuals who exploit vulnerabilities in systems.
○ Includes black hat (malicious intent) and grey hat (mixed
intent) hackers.
2. Organized Crime Groups:
○ Professional groups conducting large-scale cyberattacks
for profit.
○ Often target banks, businesses, and governments.
3. Insiders:
○ Employees or contractors exploiting access to harm the
organization.
4. Script Kiddies:
○ Inexperienced individuals using pre-written scripts or tools
to perform attacks.
5. Hacktivists:
○ Use cybercrime to promote political or social agendas.
6. State-Sponsored Actors:
○ Government-backed groups targeting rival nations for
espionage or sabotage.

Preventive Measures:

● Employ strong cybersecurity policies.

● Educate users about threats.
● Monitor and protect networks effectively.

5. Explain about Credit card frauds in Mobile and Wireless Computing

era.

Credit Card Frauds in the Mobile and Wireless Computing Era

Credit card frauds have become increasingly prevalent with the rise of
mobile and wireless computing. These frauds involve unauthorized
use of credit card information to steal funds or make transactions
without the owner’s consent. The rapid adoption of mobile payments
and wireless technologies has introduced new vulnerabilities.

Types of Credit Card Frauds in this Era

1. Phishing Attacks:
○ Cybercriminals trick users into revealing credit card details
through fake websites, emails, or apps.
2. Card Skimming:
○ Devices installed on POS systems or ATMs capture card
information and PINs, often targeting wireless payment
systems.
3. NFC and RFID Exploits:
○ Contactless payment cards are vulnerable to unauthorized
access using near-field communication (NFC) or RFID
scanners.
4. Man-in-the-Middle Attacks:
○ Attackers intercept data during wireless transactions to
steal card information.
5. Malware in Mobile Devices:
○ Malicious apps or software can capture sensitive card
information entered during online transactions.
6. SIM Swapping:
○ Fraudsters gain control of a victim's mobile number to
bypass two-factor authentication and access credit card
details.

Preventive Measures

● Use secure and trusted payment platforms.

● Enable multi-factor authentication for transactions.
● Avoid using public Wi-Fi for sensitive transactions.
● Regularly monitor credit card statements for suspicious activity.

6.If a hacker creates a website similar to a university website to cheat

students, identify the attack and explain different types of it. How to
prevent such an attack?

Identifying the Attack

The described scenario is a Phishing Attack, specifically Website

Spoofing. In this attack, hackers create fake websites resembling
legitimate ones to deceive users into providing sensitive information,
such as login credentials, financial data, or personal information.
Types of Phishing Attacks

1. Email Phishing:
○ Attackers send emails impersonating trusted entities (e.g.,
universities, banks) with links to fake websites.
○ The aim is to trick users into sharing sensitive information.
2. Spear Phishing:
○ A targeted form of phishing aimed at specific individuals or
groups (e.g., students of a particular university).
○ Uses personalized details to increase credibility.
3. Clone Phishing:
○ A legitimate email or website is cloned, and malicious links
replace genuine ones to mislead users.
4. Whaling:
○ Targets high-profile individuals, such as university officials
or executives, by pretending to be someone important.
5. Smishing and Vishing:
○ Smishing: Phishing via SMS, urging users to click on
malicious links.
○ Vishing: Voice-based phishing, where attackers pose as
trusted entities over calls.
6. Website Spoofing:
○ Fake websites are created to mimic legitimate ones, like a
university portal, to collect sensitive user data.

Preventive Measures

1. Verify URLs:
○ Always check the website’s URL for authenticity.
Legitimate websites often use HTTPS and have accurate
domain names.
2. Avoid Clicking Unknown Links:
○ Do not click on links in unsolicited emails, messages, or
SMS.
3. Enable Multi-Factor Authentication (MFA):
○ Adds an extra layer of security by requiring additional
verification steps.
4. Educate Users:
○ Conduct awareness campaigns to help users identify
phishing attempts.
5. Use Anti-Phishing Tools:
○ Employ browser extensions or security software that alerts
users about malicious websites.
6. Report Suspicious Activities:
○ Encourage users to report phishing emails or fake
websites to the concerned authorities.
7. Monitor Certificates:
○ Ensure legitimate websites have valid SSL/TLS certificates.

7. Discuss the steps involved in planning cyberattacks by criminals.

Planning cyberattacks is a methodical process that involves several

stages, with each step aimed at maximizing the success of the attack
while minimizing the chances of detection. The steps typically
include:

1. Reconnaissance: This initial phase involves gathering

information about the target. Criminals may use open-source
intelligence (OSINT) tools to identify vulnerabilities in a target's
network, infrastructure, and personnel. This stage is crucial as it
helps attackers understand the target's defenses and
weaknesses.
2. Planning and Strategy Development: Once the reconnaissance
is complete, cybercriminals develop a strategy based on the
weaknesses identified. They may choose to exploit
vulnerabilities in software, social engineering tactics, or
phishing methods. The strategy is often aligned with the
intended goal, such as stealing data, causing financial loss, or
disrupting operations.
3. Weaponization: In this step, attackers create or acquire the
necessary tools to carry out the attack. This could involve
developing malicious software (malware) like viruses, worms, or
ransomware. Criminals may also purchase tools from
underground markets, including botnets or exploit kits, to
facilitate the attack.
4. Delivery: The delivery phase involves the deployment of the
attack tools. This can be done through various means such as
phishing emails, malicious attachments, or exploiting known
vulnerabilities in the target’s systems. Criminals carefully select
the delivery method to ensure the attack reaches the intended
target without detection.
5. Exploitation: After successful delivery, the attacker executes the
malware or takes control of the vulnerable systems. This phase
is when the attacker gains unauthorized access to sensitive
data, systems, or networks, and may escalate privileges to
maintain control.
6. Installation: In this phase, the cybercriminal ensures that the
attack persists. They may install backdoors or other malicious
tools that allow them continued access even if the initial
vulnerability is patched. This ensures that the attacker can retain
control of the compromised system for as long as needed.
7. Command and Control (C2): At this stage, attackers establish
communication with the compromised systems, allowing them
to remotely control and manipulate the systems. This control
can be used for a variety of malicious purposes, including data
exfiltration or further exploitation.
8. Execution: This phase is the actual carrying out of the
cyberattack's objectives. Whether it’s stealing data, disrupting
operations, or deploying ransomware to demand a ransom, the
attack’s goal is executed.
9. Covering Tracks: After the attack has been carried out,
cybercriminals take steps to hide their tracks. This may involve
deleting logs, covering up traces of the malware, or altering the
systems to avoid detection by cybersecurity teams.
10. Post-Attack Actions: After executing the attack, criminals may
monitor the impact, such as tracking the success of a
ransomware payment or selling stolen data. They also analyze
the attack’s success and learn from any mistakes to improve
future attacks.

8. Explain different types of Cybercrimes and how security can

provide protection.

Cybercrime refers to illegal activities conducted via computers or the

internet. Below are different types of cybercrimes and how security
measures can provide protection against them:

Types of Cybercrimes:

1. Hacking: Unauthorized access to systems or data.

○ Example: Stealing sensitive information or modifying files.
○ Protection: Use firewalls, secure passwords, and
encryption.
2. Phishing: Fraudulent attempts to obtain sensitive information by
impersonating trusted entities.
○ Example: Fake emails asking for bank details.
○ Protection: Implement spam filters, verify sender
authenticity, and educate users.
3. Identity Theft: Stealing personal information to commit fraud.
○ Example: Using stolen Social Security numbers for
financial gain.
○ Protection: Secure personal data and use identity theft
protection services.
4. Malware Attacks: Using malicious software like viruses, worms,
or ransomware.
○ Example: Encrypting user data and demanding a ransom.
○ Protection: Install antivirus software, regularly update
systems, and avoid suspicious links.
5. Denial of Service (DoS) Attacks: Overloading a system to make it
unavailable.
○ Example: Flooding a website with traffic to crash it.
○ Protection: Use intrusion detection systems (IDS) and
scalable cloud infrastructure.
6. Cyberstalking: Using the internet to harass or stalk individuals.
○ Example: Sending repeated threatening messages.
○ Protection: Block and report abusive accounts and secure
personal profiles.
7. Financial Frauds: Manipulating online transactions or stealing
credit card information.
○ Example: Fraudulent e-commerce transactions.
○ Protection: Use secure payment gateways and multi-factor
authentication (MFA).
8. Social Engineering: Manipulating individuals to reveal
confidential information.
○ Example: Pretending to be an IT technician to gain access
to credentials.
○ Protection: Conduct awareness training and verify
identities before sharing information.
9. Data Breaches: Exposing or stealing sensitive data from
organizations.
○ Example: Hackers leaking customer databases.
○ Protection: Encrypt data, restrict access, and conduct
regular audits.
10. Cyberterrorism: Using the internet to disrupt services or
systems for political motives.
○ Example: Hacking into critical infrastructure like power
grids.
○ Protection: Collaborate with government cybersecurity
agencies and deploy advanced monitoring systems.

Security Measures for Protection:

1. Network Security: Implement firewalls, virtual private networks
(VPNs), and intrusion prevention systems.
2. Endpoint Protection: Install antivirus and endpoint detection
software on devices.
3. Access Controls: Enforce strong authentication and role-based
access.
4. Regular Updates: Keep systems, applications, and software up
to date to patch vulnerabilities.
5. Data Encryption: Use encryption for data at rest and in transit.
6. Incident Response Plans: Develop a response strategy for quick
containment of breaches.
7. User Education: Conduct training programs on recognizing
threats like phishing and social engineering.
8. Legal Enforcement: Collaborate with law enforcement to monitor
and counter cyber threats.

9. Explain the steps for an SQL Injection attack and how to prevent
SQL Injection attacks.

SQL Injection Attack Steps:

1. Identification of Input Fields: The first step in an SQL Injection

attack is to identify input fields or query parameters on a
website or web application where user input is processed.
Attackers typically look for forms, search bars, login fields, or
URL parameters that interact with a database.
2. Testing Input Fields: Attackers test input fields by injecting SQL
statements into them. A common test is entering a single quote
(') or a semicolon (;) to observe whether the application properly
handles the input. If an error message related to SQL is
returned, this indicates the possibility of a vulnerability.
3. Crafting Malicious SQL Queries: Once the vulnerability is
confirmed, the attacker crafts a malicious SQL query designed
to manipulate the database. For example, they may enter ' OR
'1'='1 into a login field, which could bypass authentication by
always evaluating to true.
4. Exploiting the Vulnerability: After crafting the SQL injection, the
attacker injects it into the application. This could allow them to
retrieve, alter, or delete data from the database. Common attack
goals include viewing confidential information (e.g., usernames,
passwords), deleting or modifying records, or inserting
malicious data into the database.
5. Escalating Privileges: In some cases, attackers use SQL
Injection to escalate their privileges within the application or
even execute administrative commands. This can allow them to
access sensitive information, modify database structures, or
escalate attacks further to the server or underlying systems.

SQL Injection Attack Steps:

1. Identification of Input Fields: The first step in an SQL Injection

Preventing SQL Injection Attacks:

1. Use Prepared Statements (Parameterized Queries): The most

effective way to prevent SQL Injection is to use prepared
statements or parameterized queries. These ensure that user
input is treated as data, not executable code, by separating the
SQL logic from the user-supplied data. For example:

cursor.execute("SELECT * FROM users WHERE username = %s AND

password = %s", (username, password))

1. This approach ensures that the input cannot alter the structure
of the SQL query.
2. Use Stored Procedures: Stored procedures can reduce SQL
injection risks by encapsulating SQL logic in predefined
database functions. However, stored procedures should also be
written with care, avoiding dynamic SQL that incorporates user
input.
3. Input Validation and Sanitization: Proper validation of user input
is crucial. All user inputs should be checked for expected
patterns (e.g., only alphanumeric characters for a username).
Additionally, input sanitization removes or escapes special
characters that could be used in SQL injection, such as single
quotes ('), double quotes ("), or semicolons (;).
4. Least Privilege Principle: Database accounts should be
assigned only the minimum necessary privileges. For instance,
if a user doesn’t need to modify database tables, the account
used for their interactions should not have write or delete
permissions. This limits the damage in case an attack is
successful.
5. Error Handling: Error messages should not reveal details about
the underlying database or application structure. Generic error
messages such as "An error occurred" should be shown to
users instead of specific SQL error messages that could help
attackers craft their injections.
6. Web Application Firewalls (WAFs): A WAF can help detect and
block SQL injection attempts by inspecting incoming traffic for
malicious patterns and blocking them before they reach the
database. While not a complete solution, WAFs add an
additional layer of defense.
7. Regular Security Testing: Regular security audits, vulnerability
scanning, and penetration testing should be conducted to
identify and patch SQL injection vulnerabilities. Tools like
SQLmap or Burp Suite can help test web applications for SQL
injection risks.
8. Escape User Inputs: When dynamic SQL queries cannot be
avoided, escaping special characters in user input (e.g., using
backslashes or HTML encoding) can prevent the injected data
from being interpreted as part of the query. However, this is less
secure than using parameterized queries.
9. Database Security Patches and Updates: Keeping the database
management system (DBMS) and the application platform up to
date with security patches is crucial. Many SQL injection
vulnerabilities arise from known flaws in outdated systems.
10. Use of ORM (Object-Relational Mapping): ORMs abstract SQL
queries and help prevent SQL injection by automatically
parameterizing queries. While not foolproof, using an ORM can
help reduce the risk of SQL injection by making it easier to write
secure database interactions.

10. If an attacker creates heavy traffic on the college website so that it

becomes inaccessible to the legitimate user, which is this attack?
Explain in detail with its types.

The described attack is a Denial of Service (DoS) attack. This type of

attack involves overwhelming a system, server, or network with
excessive traffic or requests, rendering it inaccessible to legitimate
users. When multiple systems are used to conduct the attack, it is
called a Distributed Denial of Service (DDoS) attack.

Detailed Explanation of DoS Attack:

In a DoS attack, the attacker floods the target system (e.g., a college
website) with a large volume of traffic or data packets, exhausting the
server's resources (e.g., bandwidth, processing power, or memory).
As a result, legitimate users are unable to access the service.

● Objective: To disrupt normal operations, causing inconvenience,

financial loss, or reputational damage.
● Tools Used: Attackers often use botnets (a network of
compromised devices) to execute large-scale attacks.

Types of DoS Attacks:

1. Volume-Based Attacks (Flood Attacks):
○ Purpose: Overwhelm the bandwidth of the target.
○ Methods:
■ UDP Flood: Sends a large number of User Datagram
Protocol (UDP) packets to random ports on the target,
consuming bandwidth.
■ ICMP Flood (Ping Flood): Overloads the target with
Internet Control Message Protocol (ICMP) echo
requests (pings).
■ HTTP Flood: Bombards the target with HTTP
requests, mimicking legitimate user behavior to
evade detection.
2. Protocol Attacks:
○ Purpose: Exploit vulnerabilities in network protocols to
consume server resources.
○ Methods:
■ SYN Flood: Exploits the TCP handshake process by
sending numerous incomplete connection requests,
causing the server to wait indefinitely for responses.
■ Ping of Death: Sends oversized or malformed ping
packets, causing crashes or freezes.
■ Smurf Attack: Spoofs the victim’s IP address and
sends ICMP requests to a network, causing all
devices to send responses to the victim.
3. Application Layer Attacks:
○ Purpose: Target specific applications to exhaust server
resources.
○ Methods:
■ Slowloris Attack: Sends partial HTTP requests at a
slow rate to keep server connections open
indefinitely.
■ Application Flood: Targets application-specific
services like databases or web servers by sending
excessive requests.
4. Distributed Denial of Service (DDoS):
○ Description: A variant of DoS where multiple compromised
devices (botnet) launch coordinated attacks.
○ Example: Using thousands of infected devices to send
massive traffic simultaneously, making mitigation
challenging.

Protection Against DoS Attacks:

1. Traffic Monitoring and Filtering:

○ Use tools to monitor traffic patterns and detect anomalies.
○ Deploy firewalls and intrusion detection systems (IDS) to
filter malicious traffic.
2. Load Balancing:
○ Distribute traffic across multiple servers to prevent
overloading a single server.
3. Rate Limiting:
○ Limit the number of requests from a single IP address.
4. Content Delivery Network (CDN):
○ Use a CDN to absorb and mitigate high traffic loads.
5. Blackholing or Sinkholing:
○ Redirect malicious traffic to a "black hole" where it is
discarded.
6. Cloud-Based DDoS Protection Services:
○ Leverage services like Cloudflare or Akamai to manage and
mitigate large-scale attacks.
7. Updating Systems:
○ Regularly patch vulnerabilities in software and hardware.

11. What are the illegal activities observed in Cyber Cafes? What are
the safety and security measures while using a computer in a Cyber
Cafe?

Illegal Activities Observed in Cyber Cafes:

1. Accessing Inappropriate or Illegal Content: Some users may
access illegal or inappropriate content, including child
pornography, gambling sites, or pirated software, which is
prohibited under various national and international laws.
2. Cybercrime Activities: Cybercriminals may use public
computers in cyber cafes to conduct illegal activities such as
hacking, identity theft, online fraud, phishing attacks, or
distributing malware. The anonymity provided by public internet
access makes it easier for criminals to operate undetected.
3. Data Theft and Privacy Violations: Malicious users may steal
personal information or login credentials from other customers
through techniques like keylogging or session hijacking. This is
a common form of cybercrime that occurs in shared computer
environments.
4. Using Pirated Software: Cyber cafes may sometimes run illegal
or unlicensed software, such as pirated versions of operating
systems, office suites, or gaming software, which violates
copyright laws.
5. Distribution of Malware: Some individuals may use cyber cafes
to spread viruses, worms, ransomware, or other forms of
malware through infected files or websites. This could
compromise the security of other users' devices.

Safety and Security Measures While Using a Computer in a Cyber

Cafe:

1. Use Private Browsing Mode: Always use the private or incognito

browsing mode when using a public computer to prevent
history, cookies, and cache from being stored. This minimizes
the risk of others accessing your browsing data after you leave.
2. Avoid Logging Into Personal Accounts: It's advisable not to log
into sensitive accounts, such as banking, email, or social media,
on public computers. If absolutely necessary, ensure that you
log out of all accounts and clear any cached credentials when
finished.
3. Enable Two-Factor Authentication (2FA): Whenever possible,
enable two-factor authentication (2FA) on your online accounts.
This provides an extra layer of security in case your account
credentials are compromised.
4. Avoid Saving Passwords: Never allow the browser to save
passwords on public computers, as it can be easily accessed by
other users who may use the same computer after you.
5. Use a Virtual Private Network (VPN): A VPN encrypts your
internet traffic and hides your IP address, making it harder for
third parties to monitor your online activities. It’s a critical tool
for ensuring privacy when using a public Wi-Fi connection in a
cyber cafe.
6. Check for Malware and Keyloggers: Before using a public
computer, check whether any unusual software, keyloggers, or
malware might be installed. If possible, use a trusted security
tool to scan for malware. Avoid downloading files from unknown
sources.

12. What are the basic security precautions to be taken to safeguard

Laptops and Wireless devices? Explain.

Basic Security Precautions to Safeguard Laptops and Wireless

Devices:

1. Use Strong Passwords and Authentication:

○ Laptops: Set strong, complex passwords for your laptop's
operating system to prevent unauthorized access. A
password should contain a mix of uppercase and
lowercase letters, numbers, and symbols. Additionally,
enable multi-factor authentication (MFA) wherever
possible, such as requiring a fingerprint or PIN along with
a password.
○ Wireless Devices: Secure your wireless network with a
strong WPA3 encryption (or WPA2 if WPA3 is unavailable).
Avoid using default router passwords and change them
regularly.
2. Enable Full Disk Encryption:
○ Laptops: Full disk encryption tools, such as BitLocker
(Windows) or FileVault (macOS), encrypt the data on your
laptop’s hard drive. This ensures that even if your laptop is
stolen, unauthorized users cannot access your files
without the encryption key. Encryption provides a layer of
security to protect sensitive data like personal information
or business data.
○ Wireless Devices: While not all wireless devices can be
encrypted in the same way as laptops, ensuring that data
transmitted over Wi-Fi is encrypted (e.g., using HTTPS for
websites) is essential.
3. Keep Software and Operating Systems Updated:
○ Laptops: Always ensure that your operating system and
software are up-to-date with the latest security patches.
Many malware attacks exploit vulnerabilities in outdated
software. Set your laptop to automatically update to
prevent security gaps.
○ Wireless Devices: Keep the firmware of your wireless
routers and access points updated. Manufacturers often
release updates to fix security vulnerabilities that could be
exploited by attackers. This also applies to mobile devices
that connect to wireless networks.
4. Use Firewalls and Antivirus Software:
○ Laptops: Enable the built-in firewall on your operating
system and use reputable antivirus or anti-malware
software to protect against threats such as viruses,
ransomware, and spyware. Regularly scan your system for
malicious software.
○ Wireless Devices: Many routers come with built-in
firewalls; ensure that it is enabled to block unauthorized
access. On mobile devices, use antivirus apps to protect
against malware and phishing attacks.
5. Secure Wi-Fi Networks:
○ Laptops: When connecting to public Wi-Fi networks, avoid
accessing sensitive information such as banking or
personal accounts. If necessary, use a Virtual Private
Network (VPN) to encrypt your internet traffic and protect
your data from interception.
○ Wireless Devices: Set your Wi-Fi router to use WPA3
encryption (or WPA2 if necessary), and avoid broadcasting
your SSID (the network name) to make it harder for
attackers to discover your network. Additionally, change
the default administrator password of your router to a
strong one.
6. Backup Important Data:
○ Laptops: Regularly back up your data using cloud storage
services or external drives. In the event of a system failure,
theft, or malware attack, backups ensure that your
important files can be restored without significant data
loss.
○ Wireless Devices: For mobile devices, use cloud-based
backup services like Google Drive, iCloud, or third-party
solutions to ensure your data is stored safely and can be
restored in case of device loss or failure.
7. Use Secure Connections (VPN):
○ Laptops: Always connect to the internet using a VPN when
on unsecured or public networks (e.g., cafes, airports). A
VPN encrypts your internet traffic, hiding it from potential
eavesdroppers and protecting sensitive data like login
credentials.
○ Wireless Devices: When using mobile devices on public
Wi-Fi, it is equally important to use a VPN to protect
against unauthorized access and potential hacking.
8. Disable Sharing and Remote Access Features:
○ Laptops: Disable file and printer sharing unless it is
absolutely necessary. Also, turn off remote access tools
(like Remote Desktop or VNC) unless they are required for
specific work tasks. These features, if left enabled, can be
exploited by attackers to gain unauthorized access to your
system.
○ Wireless Devices: Disable features like AirDrop (on Apple
devices) or file sharing over Bluetooth when not in use, as
these can serve as attack vectors.
9. Physical Security:
○ Laptops: Use strong physical security measures such as
device locks or security cables to prevent theft. Avoid
leaving laptops unattended in public spaces or vehicles. If
you must, ensure the laptop is securely stored or use a
lock.
○ Wireless Devices: For mobile devices, enable features like
Find My Device (for Android or iOS) to help track and
remotely wipe the device if lost or stolen. Also, consider
using a physical lock for wireless routers in public or
shared spaces.
10. Be Cautious with External Devices:
○ Laptops: Be cautious when connecting external devices,
such as USB drives, to your laptop. Malicious software can
be transferred through infected USB drives. Use antivirus
software to scan external devices before opening any files.
○ Wireless Devices: Be cautious when pairing wireless
devices (e.g., Bluetooth speakers, headphones) with your
mobile devices. Make sure to pair only with trusted devices
to prevent unauthorized access or data interception.

13. Write short notes on any FOUR of the following: (5 marks each)
a) Salami attack
b) HIPAA
c) Mobile/Cell phone attacks
d) Cyberstalking and harassment
e) SOX

1. Salami Attack (5 Marks)

A Salami attack is a type of cyber attack in which a small, seemingly
insignificant amount of data or money is stolen or manipulated
repeatedly, leading to significant cumulative losses over time. The
term "salami" refers to cutting small slices from a larger whole, as the
attacker targets minimal amounts that go unnoticed. Typically, the
attack involves manipulating financial transactions, such as rounding
off amounts in banking systems or stealing fractions of cents from a
large number of accounts. Over time, these small amounts
accumulate, and the attacker can retrieve substantial sums without
detection. Salami attacks are often hard to detect due to their subtlety.

2. HIPAA (5 Marks)

HIPAA stands for the Health Insurance Portability and Accountability

Act, a U.S. law enacted in 1996 to safeguard the privacy and security
of health information. HIPAA sets national standards for electronic
healthcare transactions, including the handling, storage, and sharing
of patient information. The act ensures that personal health
information (PHI) is protected from unauthorized access or
disclosure, and it requires healthcare organizations to implement
security measures such as encryption, access controls, and audit
logs. HIPAA also grants patients the right to access their own medical
records and correct any inaccuracies. Non-compliance with HIPAA
regulations can result in severe penalties, including fines and legal
consequences.

3. Mobile/Cell Phone Attacks (5 Marks)

Mobile/Cell phone attacks involve malicious activities targeting

mobile devices, such as smartphones and tablets. These attacks can
include malware, phishing, data theft, and unauthorized access.
Common types of mobile attacks include:
● Malware: Malicious software designed to steal information or
damage the device.
● Phishing: Fraudulent attempts to gain sensitive data through
deceptive emails, messages, or apps.
● Man-in-the-Middle (MitM) Attacks: Attackers intercept
communications between the mobile device and the network,
often on unsecured Wi-Fi.
● Spyware: Software that monitors and collects user data, often
without the user's knowledge.
● SIM Swapping: The attacker convinces the carrier to transfer the
victim's phone number to a new SIM card, enabling them to
intercept calls and messages, including two-factor
authentication codes.

To protect against mobile attacks, users should avoid downloading

apps from untrusted sources, use strong passwords, enable device
encryption, and keep the device's operating system updated.

4. Cyberstalking and Harassment (5 Marks)

Cyberstalking refers to the use of the internet or other electronic

communication to stalk, harass, or threaten an individual or group. It
often involves the repetitive and deliberate targeting of a person to
cause fear, anxiety, or distress. Common methods of cyberstalking
include sending threatening messages, spreading false information,
monitoring online activities, and making unsolicited contact via social
media, email, or messaging apps. Cyberharassment includes a range
of abusive behaviors, such as offensive comments, explicit threats, or
posting derogatory content online with the intent to harm the victim
emotionally or psychologically. Victims of cyberstalking and
harassment may experience lasting trauma, and laws exist in many
jurisdictions to prosecute offenders involved in such online
behaviors.
(5 marks)
14 . Explain various security challenges posed by mobile devices.

Security Challenges Posed by Mobile Devices:

1. Malware and Virus Attacks: Mobile devices are increasingly

targeted by malicious software (malware), which can be
distributed through infected apps, websites, or links. Once
installed, malware can steal sensitive data, monitor user activity,
or even turn the device into a botnet for launching further
attacks. Mobile malware includes types such as spyware,
adware, and ransomware.
2. Phishing and Social Engineering Attacks: Mobile devices are
often used for communication via email, text messages, and
social media apps. Attackers exploit these platforms to launch
phishing attacks, where they impersonate legitimate
organizations or individuals to trick users into revealing
personal information like passwords, financial details, or credit
card numbers. SMS-based phishing (SMiShing) is also a
common threat on mobile platforms.
3. Data Breaches and Unauthorized Access: Mobile devices store a
large amount of sensitive personal and financial information,
making them prime targets for theft. If a device is lost, stolen, or
accessed by an unauthorized user, personal data such as
contacts, emails, photos, and banking details can be exposed.
Without proper security mechanisms like strong passwords,
encryption, or biometric authentication, mobile devices are
vulnerable to unauthorized access.
4. Insecure Wi-Fi Connections: Mobile devices are frequently
connected to public Wi-Fi networks, which are often not
encrypted or secured. Attackers can exploit these unsecured
connections to intercept data sent over the network, a method
known as a Man-in-the-Middle (MitM) attack. Users may
unknowingly transmit sensitive data, such as login credentials
or personal messages, which can be intercepted by malicious
actors.
5. Lack of Security Updates and Patching: Mobile operating
systems, such as iOS and Android, regularly release security
updates to patch vulnerabilities. However, many users delay or
ignore these updates, leaving their devices exposed to known
security risks. Attackers often exploit these vulnerabilities in
outdated software to gain unauthorized access to devices or
launch attacks like privilege escalation.
6. Weak App Security: Many mobile apps, especially those
downloaded from third-party stores, may have poor security
practices. They can contain security flaws, such as insufficient
data encryption, insecure data storage, or improper handling of
user credentials. Additionally, some apps may request excessive
permissions that expose users' personal data without their
knowledge. Users may unknowingly install malicious apps or
apps with vulnerabilities, putting their security at risk.
7. Physical Theft and Loss: The portability of mobile devices
makes them susceptible to theft or loss. A stolen or lost phone
can easily fall into the wrong hands, potentially leading to a
breach of privacy and unauthorized access to sensitive data. If
devices are not adequately protected with features like remote
wipe or data encryption, the consequences of theft can be
severe.

15. Explain the need for Cyber Law in India.

Need for Cyber Law in India:

1. Addressing Cybercrime:
With the rapid increase in internet users and digital transactions,
cybercrimes such as hacking, identity theft, cyberstalking, and
online fraud have also risen. Cyber laws are essential to define
and penalize such offenses, providing a legal framework for
investigating and prosecuting cybercriminals effectively.
Without proper laws, it becomes difficult to combat these crimes
and protect citizens from digital threats.
2. Protection of Personal Data and Privacy:
As more personal information is stored and shared online, the
risk of data breaches and privacy violations increases. Cyber
laws are needed to ensure the protection of individuals' personal
data, regulate how companies collect, store, and use data, and
establish rights to privacy. Laws such as the Personal Data
Protection Bill (still under discussion) aim to address these
concerns.
3. Promoting E-Commerce and Digital Transactions:
With the growth of online business, digital payments, and
e-commerce platforms, a legal framework is necessary to ensure
secure online transactions. Cyber laws help establish rules for
secure payment systems, fraud prevention, and consumer
protection in digital transactions, fostering trust in the digital
economy.
4. Intellectual Property Protection:
In the digital age, intellectual property (IP) such as software,
content, and inventions are often targeted for illegal
reproduction or piracy. Cyber laws provide protection for
copyrights, patents, trademarks, and other IP rights in the online
environment, ensuring that creators and innovators are
safeguarded from theft and misuse.
5. Regulation of Digital Content and Communication:
The internet is a platform for free speech, but it also leads to the
spread of harmful, defamatory, or false information. Cyber laws
help regulate digital content, including guidelines for online hate
speech, defamation, and misinformation. They establish
accountability for online communication platforms, making them
responsible for moderating illegal content.
6. Cybersecurity and National Security:
Cyber threats, including hacking, cyber terrorism, and attacks
on critical infrastructure, can have severe consequences for
national security. Cyber laws play a crucial role in ensuring the
protection of government networks, private organizations, and
citizens from cyberattacks. Laws related to cybersecurity, such
as the Information Technology Act, 2000, are essential for
maintaining the integrity and security of digital infrastructures.

16. Explain E-contracts and its different types.Discuss E-contract Act

1872.

E-Contracts and its Different Types (10 Marks)

An E-contract is a contract that is formed electronically, typically over

the internet, where the terms of the contract and the offer and
acceptance are exchanged digitally. E-contracts have gained
popularity due to the growth of online businesses and digital
transactions, and they provide a convenient, fast, and legally
recognized means of conducting agreements between parties.

Types of E-Contracts:

1. Clickwrap Contracts:
○ These are agreements where the user explicitly agrees to
the terms and conditions by clicking on an "I Agree" button
on a website or software application. The contract is
formed when the user clicks the button, signifying their
consent to the terms of service. These contracts are often
used for software licensing, online subscriptions, and
e-commerce transactions.
2. Browsewrap Contracts:
○ Browsewrap agreements are contracts in which the user is
deemed to have agreed to the terms and conditions simply
by using the website or app, without actively clicking an "I
Agree" button. The terms and conditions are usually linked
at the bottom of the page. It is presumed that the user has
read and agreed to the terms by browsing or using the
service.
3. Shrinkwrap Contracts:
○ These contracts are typically associated with software
purchases. The terms and conditions are enclosed in the
packaging of the product, and by opening the packaging or
using the product, the buyer is deemed to have accepted
the terms. This type of contract is less common today but
was widely used for software CDs or DVDs.
4. Electronic Data Interchange (EDI) Contracts:
○ EDI contracts are used in business-to-business (B2B)
transactions. These contracts involve the exchange of
business data (like purchase orders and invoices) in a
standardized electronic format between companies. They
ensure a seamless and efficient exchange of goods and
services while legally binding the parties involved.
5. Email Contracts:
○ These contracts are formed through email exchanges
where the parties communicate their offers, acceptances,
and terms of agreement. Once both parties agree to the
terms via email correspondence, a valid e-contract is
formed. This is commonly used for agreements between
businesses or individuals who communicate online.

E-Contract Act 1872 (10 Marks)

The Indian Contract Act, 1872 governs all contracts in India, including
E-contracts. Although the act was established long before the digital
era, it provides the basic legal framework for forming contracts, and
its provisions apply to e-contracts as well. Here's how the Indian
Contract Act, 1872 relates to e-contracts:

Key Provisions of the Indian Contract Act Relevant to E-Contracts:

1. Section 10 – Free Consent:

○ Section 10 of the Indian Contract Act lays down the general
requirements for a valid contract: it must be entered into
with the free consent of the parties involved. In e-contracts,
consent is usually given by clicking on "I Agree" or
accepting terms through other electronic means. The
validity of consent in these digital forms is upheld by the
act, as long as it is not coerced or fraudulent.
2. Section 2(h) – Definition of Contract:
○ Section 2(h) of the Indian Contract Act defines a contract
as an agreement enforceable by law. E-contracts fall within
this definition, as agreements made online or electronically
are legally binding, provided all other conditions (such as
offer, acceptance, and lawful consideration) are met.
3. Section 2(e) – Agreement:
○ An agreement, as defined in the Indian Contract Act, is an
offer that has been accepted by the other party. In
e-contracts, the process of offer and acceptance can occur
through email, websites, or other electronic means. Once
both parties agree to the terms, the contract is formed.
4. Section 11 – Competency of Parties:
○ According to Section 11, only individuals who are of sound
mind, of legal age, and not disqualified by law can enter
into a contract. This applies to e-contracts as well. A
person entering an e-contract must be legally competent to
do so.
5. Section 12 – Contract with Specific Terms:
○ An e-contract must have clearly defined terms and
conditions, just like a traditional paper contract. This
ensures that the parties are aware of their rights and
obligations.
6. Section 4 – Communication of Offer and Acceptance:
○ Section 4 of the Indian Contract Act stipulates that
communication of offers, acceptances, and revocations
can be made through post, fax, or other methods. In the
case of e-contracts, electronic means (like emails or clicks
on websites) are considered valid communication
methods. This enables the formation of a contract even
without a physical document.
17. What are Botnets? How is it exploited by an attacker to cause a
cyber-attack?

Botnets:

A botnet is a network of compromised computers or devices, often

referred to as "zombies," that are infected with malicious software
(malware) and controlled remotely by a cybercriminal (often called the
"botmaster" or "herder"). The infected devices, which can include
computers, smartphones, IoT (Internet of Things) devices, and
servers, are used collectively to carry out a variety of cyberattacks,
without the knowledge or consent of the device owners.

Exploitation of Botnets in Cyber-Attacks:

1. Distributed Denial of Service (DDoS) Attacks:

○ One of the most common ways botnets are exploited is in
DDoS attacks. In these attacks, the botnet is directed to
flood a target server, network, or website with an
overwhelming amount of traffic, causing it to become slow,
unresponsive, or completely unavailable. DDoS attacks can
be used to disrupt services, extort organizations for
money, or act as a smokescreen for other malicious
activities.
○ Example: A botnet may be instructed to send millions of
requests to a website in a short period, thereby
overwhelming the server and causing it to crash.
2. Spamming and Phishing:
○ Botnets can be used to send massive amounts of
unsolicited emails, often used in spam campaigns. These
emails can include malicious attachments, links to
phishing sites, or solicitations for sensitive personal
information. By leveraging thousands or even millions of
infected devices, attackers can send large volumes of
spam emails, evading traditional spam filters.
○ Example: Botnets can send phishing emails that
impersonate legitimate organizations to steal sensitive
information like usernames, passwords, and credit card
details.
3. Data Theft and Exfiltration:
○ Botnets can be used to secretly collect sensitive
information from infected devices, such as login
credentials, financial data, or personal files. This stolen
data can be exfiltrated back to the attacker, who may use it
for identity theft, fraud, or further exploitation.
○ Example: A botnet can capture keystrokes or take
screenshots from infected computers to steal login
credentials for banking sites or corporate networks.
4. Cryptojacking:
○ Botnets can be exploited to perform cryptojacking, where
the infected devices are used to mine cryptocurrency
without the user's consent. The attacker benefits from the
processing power of the botnet, while the victim
experiences slowed performance and potentially increased
electricity consumption.
○ Example: An attacker may use a botnet to secretly mine
cryptocurrencies like Bitcoin or Monero on compromised
devices.
5. Spreading Malware:
○ Botnets can be used as a means of distributing additional
malicious software. The compromised devices in the
botnet can be used to propagate malware to other systems,
leading to a wider infection. This can include ransomware,
which locks files and demands payment, or other types of
malware for financial gain or espionage.
○ Example: Once a device is infected, the botnet can be used
to distribute ransomware to other computers on the same
network or to additional victims.

18. Explain the classification of cybercrimes with examples.

Classification of Cybercrimes

Cybercrimes can be classified into different categories based on the

nature of the crime, the methods used, and the targets involved.
These crimes involve illegal activities that are committed using the
internet or digital technologies. Below is the classification of
cybercrimes, along with examples for each type:

1. Cybercrimes Against Individuals

These crimes directly affect individuals and their privacy or personal

data.

● Identity Theft: This occurs when a cybercriminal steals

someone’s personal information, such as Social Security
numbers, credit card details, or login credentials, to impersonate
them. The attacker might use this information for fraud or to
access sensitive accounts.
○ Example: A hacker obtains a person's credit card details
through phishing and uses it for online purchases without
their knowledge.
● Cyberstalking: This refers to the use of the internet to stalk or
harass someone. It often involves repeated threats, unwanted
emails, or social media messages that cause distress to the
victim.
○ Example: A person repeatedly sends threatening emails or
posts on social media with the intent to intimidate the
victim.

2. Cybercrimes Against Property

These crimes target digital or physical property and often involve the
theft or damage of data, software, or hardware.

● Hacking: Unauthorized access to computer systems or networks

with the intention to steal, modify, or destroy data.
○ Example: A hacker breaks into a company's network to
steal sensitive financial records.
● Data Breaches: This involves unauthorized access to and
release of sensitive data, typically by exploiting vulnerabilities in
systems. The data can include personal information, passwords,
or corporate secrets.
○ Example: A company’s database is breached, exposing
millions of users' personal information, including names,
addresses, and credit card details.

3. Cybercrimes Against Government and Public Services

These crimes target government entities, public services, or critical

infrastructure.

● Cyberterrorism: The use of the internet to carry out acts of

terrorism, often with the aim of causing disruption to national
security or public safety. This can involve attacks on
government websites, infrastructure, or services.
○ Example: A cyberattack on a nation’s power grid, causing
widespread outages and chaos, as part of a political or
ideological motive.
● Cyberespionage: This involves the use of hacking or other
digital methods to gain unauthorized access to government or
corporate secrets for political, economic, or military advantage.
○ Example: A state-sponsored hacker group infiltrates
another nation's military network to steal confidential
defense-related information.

4. Cybercrimes Against Organizations or Businesses

These crimes target corporate networks, intellectual property, and

financial resources.

● Intellectual Property Theft: This involves stealing proprietary

information, patents, trade secrets, or copyrighted materials,
often with the aim of copying or using them for personal gain.
○ Example: A hacker steals the source code of a popular
software application and sells it to competitors.
● Business Email Compromise (BEC): Involves the use of social
engineering tactics to manipulate employees or executives into
transferring money or sensitive information to the attacker.
○ Example: A cybercriminal impersonates a CEO via email
and asks an employee to wire funds to an account
controlled by the attacker.
● Ransomware Attacks: Malicious software that locks a victim's
data or systems and demands payment (usually in
cryptocurrency) for its release. These attacks can target both
individuals and organizations.
○ Example: A hospital’s computer system is encrypted by
ransomware, and the attacker demands a ransom to
decrypt the files, which may include patient medical
records.

5. Cybercrimes Involving Content

These crimes are related to the distribution of harmful or illegal

content on the internet.

● Cyberbullying: The use of digital platforms, such as social

media, to harass or bully someone, often through offensive
messages, rumors, or threats.
○ Example: A teenager uses social media to post hurtful
comments and spread rumors about a peer, leading to
emotional distress.
● Obscene and Offensive Content: The creation, distribution, or
possession of explicit or offensive materials, such as child
pornography, which is illegal in many jurisdictions.
○ Example: A person shares or downloads illegal content like
child pornography from dark web forums, which is a
criminal offense.
● Copyright Infringement: Uploading, downloading, or distributing
copyrighted materials, such as movies, music, or software,
without permission from the copyright holder.
○ Example: A user uploads a pirated version of a movie to a
file-sharing website, making it available for free download.

6. Cybercrimes Involving Fraud

These crimes involve using digital technologies to deceive individuals

or organizations for financial gain.

● Credit Card Fraud: The unauthorized use of someone else’s

credit card information to make purchases or withdraw money.
○ Example: A hacker obtains a person’s credit card details
through a data breach and uses it to make online
purchases.
● Online Auction Fraud: Fraudulent activities related to online
auctions where scammers deceive buyers or sellers by
misrepresenting products or failing to deliver after payment.
○ Example: An attacker sets up a fake online auction for a
high-demand product like a smartphone and collects
payments from buyers without delivering the goods.
● Online Banking Fraud: Cybercriminals target individuals or
organizations using online banking services to steal funds
through phishing, keylogging, or malware.
○ Example: An attacker uses a fake email that impersonates
a bank to steal a user’s login credentials and transfer
money from their account.

19. Explain Phishing and Identity Theft in detail.

1. Phishing:

Phishing is a cybercrime technique where attackers attempt to

deceive individuals into revealing sensitive information, such as
usernames, passwords, credit card details, or other personal
information. Phishing attacks typically occur through fraudulent
communication, most commonly via email, but can also occur
through other communication channels, such as social media, SMS
(known as "smishing"), or phone calls (known as "vishing").

How Phishing Works:

● Baiting with False Information: Attackers create emails,

websites, or messages that appear to come from trusted
sources like banks, online stores, government agencies, or
social media platforms. These fake messages often contain
urgent calls to action, such as "Your account has been
compromised, please click here to secure it."
● Malicious Links or Attachments: The fraudulent messages
usually contain links that direct victims to fake websites
designed to look identical to legitimate ones. Once the victim
enters their personal details (e.g., login credentials), the attacker
captures this information.
● Deceptive Tactics: Phishing attacks use a variety of deceptive
tactics, including:
○ Impersonation of Legitimate Entities: Emails or websites
may appear to be from well-known companies or
organizations.
○ Urgency or Threats: Messages may create a sense of
urgency, warning of an account being locked, or demand
immediate action to prevent consequences, such as
account suspension or a financial penalty.

Types of Phishing Attacks:

● Spear Phishing: A targeted form of phishing where attackers

focus on a specific individual or organization. The attacker
customizes the phishing attempt based on information gathered
about the victim, making it appear more legitimate.
○ Example: An employee at a company receives an email that
appears to come from the company’s HR department,
asking for login credentials to access important tax
documents.
● Whaling: A type of spear phishing that targets high-profile
individuals such as executives or public figures. These attacks
are more sophisticated and often focus on stealing sensitive
business or financial information.
○ Example: A phishing email impersonates the CEO of a
company, asking an employee to wire funds to an overseas
account.
● Clone Phishing: This involves creating an exact replica of a
legitimate email that the victim has previously received, with
malicious alterations. For instance, an email that appeared to be
from a bank may be duplicated, with a link leading to a
fraudulent website.
○ Example: The attacker uses a legitimate email from an
online service and replaces the links with those pointing to
a fake site designed to steal login credentials.

20. Explain electronic banking in India and what laws are related to
electronic banking in India.

Electronic Banking in India (10 Marks)

Electronic banking (e-banking) in India refers to the use of electronic

means to conduct banking transactions. This includes online
banking, mobile banking, ATMs (Automated Teller Machines),
point-of-sale (POS) transactions, and digital wallets. Over the years,
the banking industry in India has witnessed significant growth in
digital banking services, which has made banking more accessible,
efficient, and secure. Electronic banking helps individuals and
businesses carry out various financial transactions without needing
to visit a physical branch.

Types of Electronic Banking in India:

1. Internet Banking (Online Banking):

○ Internet banking allows customers to access their bank
accounts and perform banking transactions through the
bank's website.
○ Example: A customer can log into their bank's website to
transfer money to another account or pay utility bills.
2. Mobile Banking:
○ With mobile banking, customers can access their bank
accounts via mobile applications on smartphones. Banks
offer mobile apps for performing banking transactions
such as checking balances, transferring funds, and paying
bills.
○ Example: A customer uses their bank's mobile app to
transfer money to a friend's account or to make payments
using a mobile wallet.
3. ATM (Automated Teller Machines):
○ ATMs are widely used in India to withdraw cash, deposit
money, check balances, and transfer funds between
accounts.
○ Example: A customer uses an ATM to withdraw cash from
their savings account.
4. Point-of-Sale (POS) Transactions:
○ POS transactions are used by businesses to accept card
payments. Debit and credit cards can be used for
purchases at retail outlets, and payments can be made
through magnetic stripe cards, chip-based cards, or
contactless payments.
○ Example: A customer uses their debit card to pay for
groceries at a supermarket.
5. Digital Wallets (E-Wallets):
○ Digital wallets are applications or online services that allow
users to store and transfer money electronically.
○ Example: Paytm, PhonePe, and Google Pay are popular
e-wallets in India.
21. What do you understand by DOS and DDOS attacks? Explain in
detail.

Laws and Regulations Related to Electronic Banking in India:

India has established various laws and regulations to govern

electronic banking, ensuring security, privacy, and consumer
protection in digital financial transactions. Some key laws related to
e-banking in India are:

1. Information Technology Act, 2000 (IT Act):

○ The IT Act, 2000 provides the legal framework for
e-commerce and electronic transactions in India. It aims to
promote and regulate the use of digital signatures,
electronic records, and online banking. The IT Act also
outlines penalties for cybercrimes and offenses related to
electronic banking, such as hacking, identity theft, and
phishing.
○ Important Sections:
■ Section 43: Deals with unauthorized access to
computer systems, data, or networks.
■ Section 66: Covers cybercrimes related to hacking
and data theft.
■ Section 72: Deals with the breach of confidentiality
and privacy.
○ The IT Act also facilitates electronic contracts and digital
signatures, which are legally recognized in India.
2. Reserve Bank of India (RBI) Guidelines:
○ The RBI plays a central role in regulating e-banking
activities in India. The RBI issues various guidelines to
ensure secure and efficient electronic banking operations.
Some important guidelines include:
■ RBI's Master Directions on Electronic Payment
Transactions (2017): These directions cover aspects
like customer authentication, fund transfers, and
security of transactions. They aim to enhance the
security of digital transactions and reduce the risks
associated with fraud.
■ RBI Guidelines on Mobile Banking (2015): These
guidelines focus on the security and regulation of
mobile banking operations, including mobile wallets
and apps, to ensure customer protection.
■ Security of Card Transactions: The RBI has mandated
strict regulations for the security of card transactions,
including the implementation of two-factor
authentication for online card payments and the use
of tokenization for card details.
3. Payment and Settlement Systems Act, 2007:
○ The Payment and Settlement Systems Act, 2007 empowers
the RBI to regulate and oversee payment systems in India,
including electronic funds transfer systems, mobile
banking services, and digital wallets. The Act ensures that
the payment systems are secure, efficient, and reliable.
○ It also grants the RBI authority to license payment systems
providers and enforce security standards.
4. Banking Regulation Act, 1949:
○ The Banking Regulation Act governs the functioning of
banks in India, including electronic banking services. It
ensures that banks follow strict compliance and consumer
protection norms in their digital banking services.
○ Under this Act, banks are required to implement security
measures such as encryption, fraud detection, and risk
management systems to protect customers' digital
transactions.
5. Consumer Protection Act, 2019:
○ The Consumer Protection Act addresses consumer
grievances related to e-banking services. It ensures that
consumers have access to complaint redress mechanisms
in case of issues like fraud, unauthorized transactions, or
faulty electronic banking services. The Act also empowers
the Consumer Protection Council to take action against
fraudulent e-banking services.

22. Write a note on Intellectual Property Aspects in cyber law.

Intellectual Property Aspects in Cyber Law (6 Marks)

Intellectual Property (IP) refers to creations of the mind, such as

inventions, literary and artistic works, designs, symbols, names, and
images used in commerce. In the digital age, where information is
easily accessible and transferable across the internet, protecting
intellectual property has become a critical issue. Cyber law addresses
these concerns by providing legal frameworks to safeguard
intellectual property in the digital world.

Key Aspects of Intellectual Property in Cyber Law:

1. Copyright:
○ Copyright protects original works of authorship, such as
books, software, music, movies, and art. In the context of
cyber law, copyright issues often arise from the
unauthorized downloading, distribution, or reproduction of
digital content on the internet.

Trademarks:

● Trademarks protect symbols, names, or logos that distinguish

goods or services from others. In the cyber world,
cybersquatting (the act of registering domain names that are
similar to well-known trademarks) and the misuse of trademarks
online can lead to legal issues.

Patents:

● Patents protect inventions and innovations that provide a new

solution to a technical problem. In the digital space, patents are
often related to software, algorithms, and technological
inventions.

Trade Secrets:

● Trade secrets include formulas, practices, processes, designs,

instruments, or any other business information that is
confidential and provides a competitive edge.

Domain Names:

● Domain names serve as a form of online identity for businesses

and individuals. Disputes over domain names, such as when
someone uses a name similar to an established trademark to
deceive users or profit from it, are handled under intellectual
property law.

23. Explain the objectives and features of the IT Act 2000.

The Information Technology (IT) Act 2000 was enacted in India to

provide a legal framework for electronic governance and to address
cybercrime. Below are its objectives and features:

Objectives of the IT Act 2000:

1. Legal Recognition of Electronic Transactions: To facilitate and

promote the use of electronic documents and digital signatures
in business, legal, and government transactions.
2. E-Governance Enablement: Enable government services to be
delivered electronically, ensuring efficiency and transparency.
3. Cybercrime Prevention: Provide legal provisions to prevent and
penalize cybercrimes, ensuring a secure digital environment.
4. E-Commerce Regulation: Promote and regulate e-commerce
activities to facilitate online business and trade.
5. Data Protection and Privacy: Ensure the security of sensitive
data exchanged over electronic mediums.
6. International Alignment: Align India’s cyber laws with
international laws and practices for seamless cross-border
digital transactions.

Key Features of the IT Act 2000:

1. Legal Recognition of Digital Signatures and Electronic Records:

○ Digital signatures are considered equivalent to handwritten
signatures for authentication.
○ Electronic records have the same legal standing as
physical documents.
2. Cybercrime Penalties and Offenses:
○ Defines and penalizes cybercrimes such as hacking,
identity theft, data breaches, and phishing.
○ Imposes fines and imprisonment for offenses under the
Act.
3. Establishment of a Certifying Authority (CA):
○ CAs are authorized to issue digital certificates to ensure
secure online transactions.
4. E-Governance Provisions:
○ Facilitates the submission of applications, filing of forms,
and maintenance of records electronically with government
agencies.
5. Adjudication and Cyber Appellate Tribunal:
○ Provides mechanisms for resolving cyber disputes and
grievances.
○ Allows appeals against decisions made by adjudicating
officers through the Cyber Appellate Tribunal.
6. Amendments to Existing Laws:
○ Modifies laws like the Indian Penal Code (IPC), the
Evidence Act, and the Bankers' Books Evidence Act to
include provisions for electronic records and cyber
offenses.

24. Explain the term evidence and different types of evidence.

Definition of Evidence:

Evidence refers to any material or information presented in a legal

proceeding to establish or disprove facts in a case. It helps the court
ascertain the truth and make a fair judgment. Evidence must be
legally admissible and relevant to the matter under consideration.

Types of Evidence:

1. Oral Evidence:
○ Testimony given by witnesses under oath in court.
○ Example: A witness describing what they saw during a
crime.
○ Legal Basis: Section 59 of the Indian Evidence Act states
that all facts except documents can be proved by oral
evidence.
2. Documentary Evidence:
○ Written or recorded information submitted to the court.
○ Example: Contracts, emails, agreements, or photographs.
○ Legal Basis: Section 61 of the Indian Evidence Act governs
documentary evidence.
3. Real or Physical Evidence:
○ Tangible objects related to the case that can be physically
examined.
○ Example: Weapons, fingerprints, blood samples, or other
physical traces.
4. Direct Evidence:
○ Evidence that directly proves a fact without the need for
inference.
○ Example: Eyewitness testimony stating they saw the
accused commit a crime.
5. Circumstantial Evidence:
○ Evidence that suggests a fact by implication or inference
rather than directly proving it.
○ Example: Finding the accused’s fingerprints at the crime
scene.
6. Primary Evidence:
○ Original documents or objects presented in their authentic
form.
○ Example: An original signed contract.
7. Secondary Evidence:
○ Copies or substitutes for original evidence, used when the
original is unavailable.
○ Example: A photocopy of a lost document.
○ Legal Basis: Section 63 of the Indian Evidence Act
provides for secondary evidence.
8. Hearsay Evidence:
○ Statements made outside the court that are presented as
evidence.
○ Example: A witness recounting what someone else said
about the incident.
○ Generally inadmissible unless exceptions apply.
9. Electronic Evidence:
○ Information stored electronically, admissible under the IT
Act 2000 and the Indian Evidence Act.
○ Example: Emails, social media messages, CCTV footage.
10. Expert Evidence:
○ Opinions or findings presented by experts in specialized
fields.
○ Example: A forensic report or a medical expert's testimony.

25. Write key IT requirements for SOX and HIPAA.

Key IT Requirements for SOX (Sarbanes-Oxley Act):

The Sarbanes-Oxley Act focuses on financial transparency and

corporate governance, with IT playing a crucial role in meeting
compliance requirements. Key IT requirements include:

1. Data Integrity and Accuracy:

○ Ensure financial records are accurate, complete, and
protected from unauthorized alterations.
○ Implement strong version control and audit trails.
2. Access Controls:
○ Restrict access to sensitive financial systems and data
based on roles and responsibilities.
○ Use multi-factor authentication and robust password
policies.
3. Audit Trails and Monitoring:
○ Maintain detailed logs of all access and changes to
financial data.
○ Regularly review logs for suspicious activities.
4. Data Retention:
○ Preserve financial records and related documents for at
least seven years.
○ Use secure storage solutions for archiving.
5. IT General Controls (ITGC):
○ Implement controls for system development, data backup,
disaster recovery, and change management to ensure
reliability and security.

Key IT Requirements for SOX (Sarbanes-Oxley Act):

The Sarbanes-Oxley Act focuses on financial transparency and

corporate governance, with IT playing a crucial role in meeting
compliance requirements. Key IT requirements include:

1. Data Integrity and Accuracy:

Key IT Requirements for HIPAA (Health Insurance Portability and

Accountability Act):

The HIPAA Act focuses on the protection of sensitive healthcare

information (PHI). Key IT requirements include:

1. Access Control:
○ Limit access to electronic Protected Health Information
(ePHI) to authorized personnel only.
○ Use unique user IDs and authentication measures.
2. Data Encryption:
○ Encrypt ePHI both in transit and at rest to protect against
unauthorized access.
3. Audit Controls:
○ Enable systems to log and monitor access to and activity
around ePHI.
○ Conduct periodic reviews of audit logs.
4. Data Integrity:
○ Ensure that ePHI is not improperly altered or destroyed.
○ Use checksums or hashing to validate data integrity.
5. Transmission Security:
○ Safeguard ePHI during electronic transmission using
secure protocols like SSL/TLS.
6. Disaster Recovery and Contingency Plans:
○ Develop policies for data backup, recovery, and emergency
access to ePHI during system failures or disasters.
7. Training and Policies:
○ Train employees on HIPAA requirements and establish
policies to handle data securely.

26. List General guidelines for password policies.

General Guidelines for Password Policies (5 Marks)

1. Password Length:
○ Passwords should be at least 8-12 characters long. Longer
passwords are more secure as they increase the
complexity and reduce the chances of being guessed or
cracked.
2. Complexity Requirements:
○ Passwords must include a mix of uppercase letters,
lowercase letters, numbers, and special characters (e.g., !,
@, #, $, etc.). This makes passwords harder to guess
through brute-force attacks.
3. Avoiding Common Passwords:
○ Users should avoid using easily guessable passwords,
such as "password123", "admin", or common dictionary
words. Encouraging the use of random combinations or
passphrases is important.
4. Password Expiry and Renewal:
○ Passwords should be set to expire every 60-90 days. Users
should be required to change their passwords periodically
to reduce the risk of old passwords being compromised.
5. Multi-Factor Authentication (MFA):
○ Implementing multi-factor authentication (MFA) is highly
recommended. It adds an additional layer of security by
requiring users to provide two or more verification factors
(e.g., a password and a one-time code sent to a mobile
device).

27. Difference between virus and worm.

Aspect Virus Worm

Definition A virus is a malicious A worm is a standalone

program that attaches malicious program that
itself to a legitimate replicates and spreads without
file or program. needing to attach itself to
another file.

Propagati Requires a host Spreads independently through

on program or file to networks or systems.
spread.

Activation Activated when the Activates automatically as it

infected file or self-replicates and spreads.
program is executed.

Infection Typically spreads via Spreads primarily through

Method infected files or networks, exploiting
programs that users vulnerabilities.
run.

Damage Often causes system May cause system slowdowns,

crashes, data network congestion, and
corruption, or loss. widespread disruption.

User Requires user Does not require user

Interactio interaction (e.g., interaction to spread.
n
opening an infected
file).

Size Usually smaller in size Can be larger and more

compared to worms. resource-intensive due to
self-replication.

Dependen Dependent on a host Does not need a host to spread;

ce program or file to can operate autonomously.
spread.

Detection Often detected when Often detected by network

the host file or monitoring systems due to its
program is executed. rapid spread.

Examples CIH virus, Sasser Blaster worm, MyDoom worm

virus

28. How cybercrimes differ from most terrestrial crimes?

Differences Between Cybercrimes and Terrestrial Crimes (5 Marks)

1. Nature of the Crime:

○ Cybercrimes occur in the digital world and involve
computers, networks, or the internet. They include
activities such as hacking, identity theft, phishing, and
distributing malware.
○ Terrestrial crimes are physical and occur in the real world,
involving actions like theft, assault, fraud, or murder.
2. Location and Jurisdiction:
○ Cybercrimes can be committed from anywhere in the
world, making it difficult to define a specific jurisdiction,
especially since the perpetrators and victims can be in
different countries.
○ Terrestrial crimes are geographically confined to a
particular location, making the jurisdiction and legal
enforcement more straightforward.
3. Anonymity:
○ Cybercrimes allow criminals to hide their identities behind
digital tools, such as proxies, VPNs, or anonymous
accounts, making it harder to trace the perpetrator.
○ Terrestrial crimes typically require physical presence, and
criminals leave behind evidence, making it easier to
identify and apprehend them.
4. Scope and Impact:
○ Cybercrimes can have a global reach, affecting millions of
people simultaneously with a single attack (e.g.,
ransomware spreading across countries).
○ Terrestrial crimes usually affect a smaller, localized group
of individuals or a specific community.
5. Tools and Techniques:
○ Cybercrimes rely on technology, using tools like malware,
phishing emails, or hacking software to exploit systems.
○ Terrestrial crimes rely on physical actions, such as theft,
violence, or fraud, without the need for advanced
technological tools.

29. What is vishing attack? How it works? How to protect from

vishing attack?

Vishing Attack: Definition, How it Works, and Protection (7 Marks)

What is Vishing Attack?

● Vishing (Voice Phishing) is a type of social engineering attack

where cybercriminals use voice calls, typically through
telephone systems, to trick individuals into disclosing sensitive
information such as personal details, credit card numbers, or
login credentials.
● It is a form of phishing where the attacker pretends to be
someone trustworthy (e.g., a bank representative, government
official, or customer service agent) to manipulate the victim into
sharing confidential information.

How Vishing Works:

1. Initial Contact:
○ The attacker calls the victim, often using a spoofed phone
number to make it appear as though the call is coming
from a legitimate source, such as a bank or a government
agency.
2. Creating Urgency or Trust:
○ The attacker creates a sense of urgency, claiming that the
victim's account has been compromised, a suspicious
transaction has been detected, or there is an emergency
that requires immediate action.
3. Request for Sensitive Information:
○ The caller asks the victim to verify personal details, such
as Social Security numbers, passwords, credit card
numbers, or bank account information.
4. Exploiting the Information:
○ Once the victim provides the requested details, the
attacker uses the information for fraudulent activities, such
as identity theft or unauthorized financial transactions.

How to Protect from Vishing Attacks:

1. Do Not Share Personal Information:

○ Never share sensitive information (e.g., PIN, passwords, or
account details) over the phone, especially if you did not
initiate the call.
2. Verify the Caller’s Identity:
○ If you receive a suspicious call, hang up and call the
organization directly using a verified phone number from
their official website. Do not rely on the phone number
provided by the caller.
3. Be Wary of Unsolicited Calls:
○ Be cautious if the caller is pressuring you to act quickly or
threatening negative consequences if you do not comply.
Legitimate organizations usually give you time to make
decisions.
4. Use Call Blockers:
○ Use call-blocking apps or services to filter out suspicious
calls or numbers associated with known scams.
5. Educate and Raise Awareness:
○ Regularly educate yourself and others, especially
vulnerable individuals, on the dangers of vishing and how
to recognize fraudulent calls.

30. What is e-commerce? Explain different types of e-commerce with

suitable examples.

What is E-Commerce?

E-commerce (electronic commerce) refers to the buying and selling of

goods or services over the internet. It also includes online financial
transactions and data exchange. E-commerce enables businesses
and consumers to operate in a digital marketplace, offering
convenience, global reach, and efficiency.

Types of E-Commerce:

1. Business-to-Consumer (B2C):
○ Definition: Transactions between businesses and
individual consumers.
○ Example: Buying clothes from online retailers like Amazon
or Flipkart.
○ Features:
■ Direct interaction with consumers.
■ Involves smaller transaction sizes but higher
volumes.
2. Business-to-Business (B2B):
○ Definition: Transactions between two businesses.
○ Example: A company purchasing raw materials from a
supplier’s online platform, such as Alibaba.
○ Features:
■ Large transaction sizes.
■ Recurring orders and long-term relationships.
3. Consumer-to-Consumer (C2C):
○ Definition: Transactions between individual consumers,
often facilitated by a third-party platform.
○ Example: Selling used items on platforms like OLX or eBay.
○ Features:
■ Peer-to-peer interaction.
■ Platforms act as intermediaries to ensure secure
transactions.
4. Consumer-to-Business (C2B):
○ Definition: Individuals selling goods or services to
businesses.
○ Example: A freelance graphic designer offering services
through platforms like Fiverr or Upwork.
○ Features:
■ Consumer sets the price or terms.
■ Businesses select the services or products they
need.
5. Business-to-Government (B2G):
○ Definition: Transactions between businesses and
government organizations.
○ Example: A software company providing IT services to a
government department via an online tender system.
○ Features:
■ Often involves contracts and formal procurement
processes.
6. Government-to-Citizen (G2C):
○ Definition: Government services offered directly to citizens
online.
○ Example: Paying taxes online or applying for documents
like passports.
○ Features:
■ Aims to provide efficiency and transparency in public
services.
7. Mobile Commerce (M-Commerce):
○ Definition: E-commerce conducted through mobile
devices.
○ Example: Using mobile apps for shopping, like Myntra or
BigBasket.
○ Features:
■ Accessibility on-the-go.
■ Enhanced user experience with mobile-specific
features.

31. Cyber Defamation.

Cyber Defamation:

Definition:
Cyber defamation refers to publishing false, defamatory, or harmful
statements about an individual, organization, or entity through online
platforms such as websites, social media, emails, or messaging apps.
It is a form of defamation conducted in the digital realm.

Key Elements of Cyber Defamation:

1. False Statement: The content must be false and intended to

harm someone's reputation.
2. Publication: The statement must be published or shared online
where others can access it.
3. Reputation Damage: The content must negatively impact the
victim's reputation.
4. Intent or Negligence: It may involve deliberate intent to defame
or negligence in verifying the truth.

Examples of Cyber Defamation:

1. Posting false allegations on social media about someone's

personal or professional life.
2. Publishing fake reviews or defamatory content on blogs or
forums.
3. Sharing doctored images or videos intended to harm someone's
reputation.

32. Buffer overflow attack.

Buffer Overflow Attack:

Definition:
A buffer overflow attack occurs when a program writes more data to a
buffer (a temporary storage area) than it can hold. This can cause the
excess data to overwrite adjacent memory locations, potentially
leading to system crashes, data corruption, or unauthorized code
execution.

How Buffer Overflow Works:

1. Buffer Allocation: Buffers are allocated fixed memory sizes in

programs.
2. Excess Data: If input exceeds the allocated buffer size, it
overflows into adjacent memory.
3. Exploitation: Attackers exploit this overflow to overwrite
memory with malicious code or manipulate program behavior.

Types of Buffer Overflow Attacks:

1. Stack-Based Buffer Overflow:

○ Overflows the stack memory, which stores temporary
variables.
○ Example: Injecting malicious code to overwrite the return
address of a function, redirecting execution.
2. Heap-Based Buffer Overflow:
○ Targets the heap memory used for dynamic memory
allocation.
○ Example: Corrupting dynamic data structures or function
pointers stored in the heap.

Impacts of Buffer Overflow Attacks:

1. Unauthorized Code Execution: Attackers can run malicious code

on the target system.
2. System Crashes: Overwriting memory can cause the system or
application to crash.
3. Privilege Escalation: Attackers can gain higher system
privileges, compromising security.

33. Steganography.

Definition:
Steganography is the practice of concealing data within other
non-secret files or media to ensure secure and undetectable
communication. Unlike encryption, which makes the data unreadable,
steganography hides the existence of the data itself.

How Steganography Works:

1. Embedding Data: The secret message is embedded into a carrier

file, such as an image, audio, video, or text file.
2. Carrier File: The carrier file appears normal and retains its
original functionality, making the hidden data undetectable.
3. Extraction: The recipient uses a specific method or key to
extract the concealed information.
Techniques of Steganography:

1. Image Steganography:
○ Hides data in image files by modifying pixel values, often in
the least significant bits (LSB).
○ Example: Embedding a text message in an image’s pixel
color values.
2. Audio Steganography:
○ Conceals data in audio files by altering frequency, phase,
or amplitude.
○ Example: Modifying sound waves slightly to embed a
secret message.
3. Video Steganography:
○ Embeds data into video frames or motion data.
○ Example: Hiding data in unused or less noticeable areas of
video frames.
4. Text Steganography:
○ Hides information within text files by manipulating
formatting, spacing, or font characteristics.
○ Example: Adding extra spaces or invisible characters in a
document.
5. Network Steganography:
○ Embeds data within network packets during transmission.
○ Example: Modifying packet headers to carry hidden
information.

34. Short note Trojan horse and backdoor.

Trojan Horse:

● A Trojan Horse is a type of malicious software that disguises

itself as a legitimate, useful program or file to deceive the user. It
is named after the ancient Greek myth where the Greeks hid
soldiers inside a wooden horse to enter the city of Troy.
● Once activated, the Trojan horse can perform a variety of
malicious actions, such as stealing sensitive information (e.g.,
passwords, credit card details), corrupting or deleting files, or
providing a backdoor for further attacks.
● Trojans typically spread through deceptive methods like email
attachments, fake software downloads, or infected websites.
They often rely on the user’s action to be executed, such as
opening a suspicious file.
● Example: A Trojan may appear as a game or utility program, but
once downloaded and executed, it silently installs malware.

Backdoor:

● A Backdoor is a hidden method that allows unauthorized access

to a computer or network, bypassing the normal authentication
process. Attackers use backdoors to gain control over systems
and maintain access even after the system's security measures
are updated or fixed.
● Backdoors can be installed by exploiting vulnerabilities or by
using other forms of malware, like a Trojan horse, to ensure the
attacker’s access remains persistent.
● Unlike other malware, backdoors are often undetected and work
silently in the background, allowing attackers to remotely
control the compromised system at any time.
● Example: A hacker installs a backdoor on a server to gain
access whenever needed without being detected by the
system’s regular security measures.

35. Differentiate between cybercrime and cyber fraud.

Aspect Cybercrime Cyber Fraud

Definiti Illegal activities involving Deceptive actions for

on computers and networks. financial gain or personal
benefits.

Scope Broad, includes hacking, Focused on financial

malware, and deception.
cyberbullying.
Objecti To harm or exploit victims To deceive victims for
ve in various ways. monetary or personal gain.

Types Hacking, DDoS attacks, Phishing, fake auctions,

identity theft. investment fraud.

Impact Affects data, systems, and Primarily results in financial

privacy. loss or identity theft.

Exampl Data breaches, Fake e-commerce websites,

es ransomware, cyberbullying. fraudulent investment
schemes.

36. Explain various threats associated with cloud computing.

Threats Associated with Cloud Computing

1. Data Breaches:
○ Cloud computing stores data on remote servers, making it
vulnerable to unauthorized access, hacking, or data leaks.
Sensitive information, if compromised, can lead to identity
theft or financial loss.
2. Data Loss:
○ Cloud service providers may experience data loss due to
technical failures, human error, or even malicious attacks.
Without proper backup and disaster recovery plans, critical
data can be permanently lost.
3. Account Hijacking:
○ Cybercriminals may gain unauthorized access to cloud
accounts by exploiting weak passwords, phishing attacks,
or other social engineering tactics, potentially leading to
identity theft or data manipulation.
4. Insufficient Data Security:
○ Cloud providers may have insufficient security measures,
such as weak encryption or inadequate access control,
making data vulnerable to unauthorized access or
interception.
5. Service Downtime:
○ Cloud services are dependent on the provider's
infrastructure. Service outages, caused by technical issues
or cyber-attacks, can disrupt business operations and
result in significant financial losses.
6. Insecure APIs:
○ Cloud providers often offer APIs for clients to interact with
their services. Vulnerabilities in these APIs can lead to
unauthorized access, data breaches, or system
manipulation.

37. Explain different attack vectors in cyber security.

Different Attack Vectors in Cybersecurity

1. Phishing:
○ Attackers use fraudulent emails, websites, or messages
that appear legitimate to trick users into disclosing
sensitive information like usernames, passwords, or
financial details. It often involves social engineering tactics
to exploit trust.
2. Malware:
○ Malicious software (e.g., viruses, worms, ransomware, and
Trojans) is used to infect systems, steal data, disrupt
operations, or cause damage. It can spread through email
attachments, downloads, or compromised websites.
3. Social Engineering:
○ Attackers manipulate individuals into revealing confidential
information or taking harmful actions. Common methods
include impersonation, baiting, pretexting (creating a false
scenario), or tailgating (gaining physical access to
restricted areas).
4. Denial-of-Service (DoS) Attacks:
○ In a DoS attack, an attacker overwhelms a system or
network with excessive requests or traffic, making it slow
or unavailable. Distributed Denial-of-Service (DDoS)
attacks use multiple systems to amplify the attack.
5. SQL Injection:
○ Attackers insert malicious SQL queries into input fields on
websites to gain unauthorized access to databases. This
can lead to data breaches, data loss, or unauthorized
manipulation of data.
6. Man-in-the-Middle (MitM) Attacks:
○ In MitM attacks, the attacker intercepts and potentially
alters communications between two parties. This could
involve stealing sensitive data, such as login credentials,
or injecting malicious content into communications.

38. Explain various types of credit card frauds.

Various Types of Credit Card Frauds (10 Marks)

1. Card Not Present Fraud (CNP):

○ This type of fraud occurs when a credit card is used for
online or phone transactions without physically presenting
the card. The fraudster can use stolen credit card details
(card number, expiry date, and CVV) to make unauthorized
purchases.
○ Example: Fraudulent online shopping or subscription
services using stolen card data.
2. Card Present Fraud:
○ This occurs when a physical card is used to make
unauthorized transactions in person. The fraudster may
have stolen the card, cloned it, or obtained it through
fraudulent means.
○ Example: Using a lost or stolen card at a retail store or
ATM.
3. Credit Card Skimming:
○ In skimming, fraudsters use a small, discreet device (called
a skimmer) attached to a legitimate point-of-sale (POS)
machine or ATM. The skimmer captures the magnetic
stripe data of the card when it's swiped, allowing criminals
to duplicate the card.
○ Example: Skimming devices on ATMs or gas station card
readers, leading to unauthorized withdrawals or purchases.
4. Phishing:
○ Phishing attacks involve tricking cardholders into
disclosing their credit card details, typically via fraudulent
emails, fake websites, or phone calls. The attacker may
pose as a legitimate entity, such as a bank, requesting card
information under false pretenses.
○ Example: An email claiming to be from the bank asking for
verification of account details or a fake website asking for
credit card information.
5. Account Takeover:
○ In account takeover, the fraudster gains control of the
victim's credit card account by stealing personal
information (such as login credentials). Once they have
control, they can make fraudulent transactions, change
account details, or even request new cards in the victim's
name.
○ Example: Fraudsters using stolen login information to
access a person’s credit card account and make
unauthorized purchases.
6. Synthetic Identity Fraud:
○ This type of fraud involves creating a fake identity by
combining real and fictitious information (e.g., a real name
with a fake Social Security number or date of birth) to apply
for credit cards. The fraudster may build a good credit
history using the synthetic identity and then apply for more
credit.
○ Example: A fraudster applying for a credit card using a mix
of real and fake details and using it to rack up debt.
7. Credit Card Cloning:
○ Cloning involves copying the magnetic stripe data from a
legitimate card onto a blank card. This allows criminals to
create duplicate cards and use them to make unauthorized
transactions. Cloning typically happens through physical
access to the card or skimming.
○ Example: Using stolen card data to create a duplicate card
for fraudulent purchases.
8. Application Fraud:
○ In application fraud, the fraudster applies for a credit card
using false information (e.g., fake address, phone number,
or income details) to obtain a credit card under someone
else’s name. This can also involve using stolen personal
information to apply for cards in someone else's name.
○ Example: A fraudster applying for a credit card using
fabricated personal information or using stolen
documents.
9. Friendly Fraud (Chargeback Fraud):
○ This type of fraud occurs when the cardholder makes a
legitimate purchase and then disputes the transaction with
their credit card issuer, claiming the purchase was
unauthorized or that the goods/services were never
received. In some cases, the cardholder may intentionally
exploit this process.
○ Example: A person buys an item online and later claims
they never made the purchase, asking the card issuer to
reverse the charge.
10. Mail Theft and Intercept Fraud:
● Fraudsters steal credit card statements or new credit cards sent
by mail. With the card details or PIN, they can make fraudulent
transactions. This type of fraud usually happens when mail is
intercepted before it reaches the cardholder.
● Example: Stealing a new credit card from the mail and using it
for unauthorized purchases.
39. Explain different buffer overflow attacks also explain how to
mitigate buffer overflow attack.

Different Types of Buffer Overflow Attacks

Stack-based Buffer Overflow:

○ Description: Occurs when data overflows from a buffer in

the stack, corrupting the return address of a function.
When the function returns, control is transferred to the
attacker's injected code, allowing the attacker to execute
arbitrary instructions.
○ Example: A malicious user exploits a vulnerable program
that doesn't check the bounds of a buffer (e.g., a string
copy) to overwrite the return address with a pointer to
malicious code.
2. Heap-based Buffer Overflow:
○ Description: Happens when the overflow occurs in the
heap, which is used for dynamic memory allocation. The
attacker may overwrite memory used by other variables,
affecting the control flow of the program or causing data
corruption.
○ Example: An attacker exploits a bug in dynamic memory
allocation functions (e.g., malloc) to overwrite the memory
of other variables or control structures.
3. Integer Overflow:
○ Description: Occurs when an arithmetic operation results
in an integer value that exceeds the size that can be stored
in a variable, causing unexpected behavior. In buffer
overflow attacks, an integer overflow can cause the
program to allocate insufficient space for buffers.
○ Example: An attacker manipulates input to cause a buffer
to be allocated with a size smaller than required, leading to
overflow.
4. Format String Vulnerabilities:
○ Description: This is a specific type of buffer overflow
where user-controlled input is used in functions like printf,
leading to the overflow of the buffer. It can allow attackers
to leak information or overwrite memory.
○ Example: An attacker uses a format string like %n to write
arbitrary values to specific memory addresses.

Mitigation of Buffer Overflow Attacks:

1. Bounds Checking:
○ Description: Programs should implement proper bounds
checking when copying data into buffers. This prevents the
overflow by ensuring that the data does not exceed the
buffer size.
○ Example: Using safer functions like strncpy (instead of
strcpy) ensures that the buffer limit is respected.
2. Use of Safe Functions:
○ Description: Using functions that automatically check
buffer sizes can prevent buffer overflows. For example,
snprintf() ensures that the number of characters written to
the buffer does not exceed its capacity.
○ Example: Replace unsafe functions like gets() with fgets()
to limit the input length.
3. Stack Canaries:
○ Description: A "canary" value is placed before the return
pointer in the stack. If a buffer overflow overwrites this
value, it causes the program to detect the anomaly and
terminate, preventing the attack.
○ Example: GCC compiler options like -fstack-protector
insert stack canaries to detect stack overflows.
4. Address Space Layout Randomization (ASLR):
○ Description: ASLR randomizes the memory addresses
used by system and application processes. This makes it
harder for attackers to predict the location of buffers or
functions, preventing them from injecting malicious code
into known memory locations.
○ Example: Enabling ASLR on Linux or Windows randomizes
the stack, heap, and library locations.
5. Data Execution Prevention (DEP):
○ Description: DEP prevents code execution from data
regions such as the stack and heap. By marking these
areas as non-executable, it prevents attackers from
executing injected code through buffer overflow.
○ Example: Enabling DEP on Windows or using NX (No
Execute) flags on Linux helps protect against the execution
of injected payloads.
6. Compiler Security Options:
○ Description: Modern compilers offer security mechanisms
that help detect and mitigate buffer overflow attacks. For
example, using -fstack-protector in GCC adds protection to
the stack.
○ Example: Enabling the -D_FORTIFY_SOURCE=2 compiler
option improves buffer overflow detection during
compile-time.
7. Use of Memory Safe Languages:
○ Description: Languages such as Java, Python, and Rust
automatically handle memory management, eliminating the
risk of buffer overflows. Using these languages reduces
the chances of buffer overflow vulnerabilities.
○ Example: Using Rust, which guarantees memory safety
through ownership rules, can prevent buffer overflow
vulnerabilities from occurring.

40. Explain what is Information Security Standard and Explain HIPAA

act in detail.

Information Security Standards

Information Security Standards are frameworks, guidelines, and best

practices developed to ensure the protection of sensitive information
from unauthorized access, use, disclosure, disruption, modification,
or destruction. These standards are essential for organizations to
maintain the confidentiality, integrity, and availability of data and
comply with various regulatory and legal requirements.

1. ISO/IEC 27001:
○ One of the most widely recognized information security
standards. It provides a systematic approach to managing
sensitive company information, ensuring its confidentiality,
integrity, and availability.
○ Key Features: It focuses on the implementation of an
Information Security Management System (ISMS), risk
management, continuous improvement, and compliance
with security policies.
2. NIST Cybersecurity Framework (NIST 800-53):
○ Developed by the National Institute of Standards and
Technology (NIST), it offers a set of cybersecurity
guidelines and standards designed to manage
cybersecurity risks.
○ Key Features: It includes categories such as Identify,
Protect, Detect, Respond, and Recover to safeguard
against cyber threats.
3. PCI-DSS (Payment Card Industry Data Security Standard):
○ A standard that applies to organizations that handle credit
card information, aiming to protect cardholder data.
○ Key Features: It covers requirements for encryption,
access control, and network security, among others.
4. GDPR (General Data Protection Regulation):
○ While not a typical "security standard," GDPR is a
regulation aimed at protecting personal data and ensuring
privacy.
○ Key Features: It mandates strict guidelines for how
organizations handle personal data, especially of EU
citizens, and requires organizations to implement adequate
security measures.
5. SOC 2 (System and Organization Controls):
○ A framework used for evaluating the security, availability,
processing integrity, confidentiality, and privacy of a
service provider’s systems.
○ Key Features: It is relevant for businesses that provide
services such as cloud computing, SaaS, and data hosting,
ensuring their operations align with established trust
principles.

HIPAA Act in Detail

HIPAA (Health Insurance Portability and Accountability Act) is a U.S.

law enacted in 1996 aimed at improving the portability and
accountability of health insurance coverage, as well as protecting the
privacy and security of individuals’ health information. It establishes
standards for the protection of electronic health information and
mandates how this information must be handled by healthcare
providers, insurers, and clearinghouses.

1. HIPAA Privacy Rule:

○ Objective: To protect the privacy of individuals' health
information.
○ Key Features:
■ It sets standards for the protection of "protected
health information" (PHI), which includes any health
information that can identify an individual (name,
address, health records).
■ It limits who can access and share PHI, and it grants
individuals certain rights over their health data,
including the right to request access and
amendments to their health records.
■ The rule applies to healthcare providers, health plans,
and healthcare clearinghouses, known as "covered
entities."
2. HIPAA Security Rule:
○ Objective: To safeguard electronic PHI (ePHI) against
unauthorized access, alteration, or destruction.
○ Key Features:
■ It requires healthcare organizations to implement
security measures such as encryption, access
control, audit logs, and secure transmission channels
for electronic health information.
■ It mandates the use of safeguards including
administrative (policies), physical (facilities), and
technical (software, hardware) controls to protect
data.
■ Entities must regularly assess risks to ePHI and
adopt security measures to mitigate those risks.
3. HIPAA Transaction and Code Set Rule:
○ Objective: To standardize the electronic exchange of health
information.
○ Key Features:
■ It defines standardized formats for electronic
healthcare transactions such as billing, patient
eligibility checks, and claims submissions.
■ This standardization aims to reduce costs and
improve efficiency in the healthcare industry.
4. HIPAA Enforcement Rule:
○ Objective: To establish procedures for investigating
violations and penalizing non-compliance.
○ Key Features:
■ The enforcement rule allows the U.S. Department of
Health and Human Services (HHS) to enforce
compliance and issue penalties for HIPAA violations.
■ Penalties for non-compliance can range from fines to
criminal charges depending on the severity and
willfulness of the violation.
5. HIPAA Breach Notification Rule:
○ Objective: To notify individuals and authorities of data
breaches.
○ Key Features:
■ If a covered entity or business associate experiences
a breach of unsecured PHI, they must notify affected
individuals, the Secretary of Health and Human
Services (HHS), and in some cases, the media.
■ The breach notification must include details about the
breach and steps affected individuals can take to
protect themselves

41. Compare Active attacks and Passive attacks.

Aspect Active Attacks Passive Attacks

Definitio Attacks where the attacker Attacks where the attacker

n actively alters or disrupts only listens or monitors the
the data or communication without
communication. altering it.

Goal To disrupt, modify, or To gain unauthorized access

inject harmful data. to information without
altering it.

Impact Alters or damages the No alteration to data, only

on Data data. observation.

Example Denial of Service (DoS), Eavesdropping, Traffic

s Man-in-the-Middle (MitM), Analysis, Packet Sniffing.
Data Injection.

Detectio Easier to detect because it Harder to detect as no direct

n causes visible disruption interference with the data
or data changes. occurs.
Risk High, as it leads to service Moderate, as it may lead to
Level disruption or loss of data privacy violations but
integrity. doesn't alter data.

42. Explain various types of key-loggers in brief

Types of Keyloggers (5 Marks)

1. Software Keyloggers:
○ Description: These are programs or malware installed on a
computer or device that secretly record keystrokes. They
capture everything typed, including passwords, credit card
details, and other sensitive information.
○ Example: A keylogger that runs in the background while
the user works, recording their input and sending the data
to the attacker.
2. Hardware Keyloggers:
○ Description: Physical devices that are attached between
the keyboard and the computer. They record all keystrokes
made on the connected keyboard and store the data for
later retrieval.
○ Example: A small device plugged into a USB port or
between the keyboard cable and the computer to capture
keystrokes.
3. Wireless Keyloggers:
○ Description: These keyloggers capture keystrokes from
wireless keyboards. They intercept the wireless signals
sent between the keyboard and the receiver.
○ Example: A device placed nearby that can intercept signals
from a wireless keyboard, recording all keystrokes
transmitted to the computer.
4. Rootkit-based Keyloggers:
○ Description: These keyloggers are embedded within
rootkits, which are a type of malware designed to hide their
presence. They operate at a low level of the system,
making them difficult to detect.
○ Example: A rootkit that embeds itself into the operating
system and captures keystrokes without being easily
noticed by security software.
5. Screen-based Keyloggers (Video Keyloggers):
○ Description: Instead of recording keystrokes directly, these
keyloggers capture screenshots or video recordings of the
user's screen and actions. Some may also record mouse
movements and clicks.
○ Example: Software that takes periodic screenshots or
videos of the user's screen to infer what was typed based
on the visual context.

43. Explain how the appeals can be made under The IT ACT 2000.

Appeals Under The IT Act 2000 (5 Marks)

Under The Information Technology Act, 2000 (IT Act 2000), appeals
can be made to address grievances related to various provisions of
the Act. The following points explain how appeals can be made:

1. Appeal to the Appellate Tribunal:

○ Description: Any person aggrieved by the decision or order
made by the Adjudicating Officer or the Controller of
Certifying Authorities (CCA) can appeal to the Cyber
Appellate Tribunal.
○ Time Frame: The appeal must be filed within 45 days from
the date of the decision or order. The Tribunal may extend
the period by an additional 45 days in exceptional cases.
2. Appellate Procedure:
○ Filing: The appeal is filed in writing with the Cyber
Appellate Tribunal. The appellant must state the grounds
for the appeal, along with supporting documents or
evidence.
○ Tribunal Review: The Tribunal reviews the case, hears both
parties, and makes a decision. The Tribunal can confirm,
modify, or reverse the decision of the Adjudicating Officer
or CCA.
3. Appeal to High Court:
○ Description: If the person is dissatisfied with the decision
of the Cyber Appellate Tribunal, they can appeal to the
High Court.
○ Time Frame: The appeal to the High Court must be filed
within 60 days from the date of the Tribunal’s order.
4. Nature of Decisions:
○ Adjudicating Officer: Deals with offenses like hacking,
identity theft, cyber fraud, etc.
○ Controller of Certifying Authorities: Handles disputes
related to digital certificates and certification authorities.
5. Finality of Orders:
○ Orders made by the Cyber Appellate Tribunal are binding
unless challenged in the High Court. Decisions of the High
Court are considered final on matters related to appeals
under the IT Act.

44. Write brief note on: Cyber-terrorism.

Cyber-Terrorism (5 Marks)

Cyber-terrorism refers to the use of the internet and digital

technologies to carry out attacks with the intent to cause fear, harm,
or disruption, often to achieve political, religious, or ideological
objectives. These attacks can target critical infrastructure,
government systems, or civilians.

1. Nature of Attack:
○ Cyber-terrorism involves hacking, data breaches, system
disruption, or spreading malicious software (malware) to
cause chaos or destruction.
○ Common targets include government websites, power
grids, financial systems, and communication networks.
2. Methods:
○ Distributed Denial of Service (DDoS) Attacks: Overloading
a system with traffic to make it unusable.
○ Malware: Inserting viruses, worms, or ransomware to
damage systems or steal sensitive data.
○ Hacking: Breaching secure networks to steal or alter
information, often for political or social motives.
3. Objectives:
○ Disrupt normal life and create panic among the public.
○ Target national security, financial institutions, or other vital
infrastructures.
○ Cause economic losses or harm to the reputation of
organizations or countries.
4. Example:
○ In 2007, Estonia faced a large-scale cyber-attack that
targeted its government, financial, and media sectors,
resulting in massive disruption and data loss. This attack
is widely considered one of the first major instances of
cyber-terrorism.
5. Consequences:
○ Cyber-terrorism can lead to severe damage to national
security, economies, and the public’s trust in technological
systems, requiring extensive efforts to safeguard digital
infrastructures.

45. Explain how Intellectual property laws protect the rights of the
owner of the intellectual Property

Intellectual Property Laws and Protection of Owners’ Rights (8-10

Marks)

Intellectual Property (IP) laws are designed to safeguard the creations

of the mind, such as inventions, artistic works, designs, and symbols,
ensuring that the creators or owners have exclusive rights to their
work. These laws provide protection for the intangible assets that
hold significant value for individuals and organizations. Below is an
explanation of how intellectual property laws protect the rights of the
owner:

1. Copyright

● Description: Copyright law protects original works of

authorship, such as literary, musical, and artistic works,
including software and databases.
● Owner’s Rights:
○ Exclusive Rights: The copyright owner has the exclusive
right to reproduce, distribute, perform, display, and create
derivative works.
○ Duration: Copyright typically lasts for the life of the author
plus 70 years (depending on jurisdiction), ensuring
long-term control over the use of the work.
○ Protection Against Infringement: If someone uses the work
without permission, the copyright owner can take legal
action to stop the infringement and claim damages.

2. Trademarks

● Description: A trademark is a distinctive sign or symbol used by

a business or individual to distinguish their goods or services
from those of others.
● Owner’s Rights:
○ Exclusive Use: Trademark owners have the exclusive right
to use the mark in commerce and prevent others from
using similar marks that might cause confusion.
○ Protection Against Infringement: Trademark law allows the
owner to take legal action against any unauthorized use,
passing off, or counterfeiting of the trademark.
○ Duration: Trademarks can be renewed indefinitely, as long
as they are in use and meet certain requirements, thus
providing long-term protection.
3. Patents

● Description: A patent is granted to an inventor for a new and

useful invention, such as a product, process, or machine, giving
the inventor exclusive rights to the invention.
● Owner’s Rights:
○ Exclusive Rights: The patent holder has the exclusive right
to make, use, sell, or license the patented invention for a
specified period, usually up to 20 years.
○ Protection Against Infringement: Patent owners can
prevent others from making, using, or selling their
patented invention without permission and can seek legal
remedies if their rights are violated.
○ Licensing: Patent owners can license their inventions to
others for royalties or other compensation.

4. Trade Secrets

● Description: Trade secrets protect valuable business

information, such as formulas, processes, or methods that give
a business a competitive edge.
● Owner’s Rights:
○ Confidentiality: The owner has the right to keep trade
secrets confidential and can take legal action against
individuals or organizations that unlawfully obtain or
disclose these secrets.
○ Duration: Trade secret protection lasts as long as the
information remains confidential and retains its economic
value.
○ Legal Action: If a trade secret is misappropriated, the
owner can sue for damages, and in some cases, seek
injunctive relief to prevent further disclosure.

5. Industrial Designs
● Description: Industrial design protection applies to the aesthetic
aspects of an object, such as its shape, pattern, and
ornamentation, that are new and original.
● Owner’s Rights:
○ Exclusive Rights: The owner has the right to use the
design exclusively and prevent others from copying or
imitating the design.
○ Protection Against Infringement: If someone produces an
object that copies the protected design, the owner can take
legal action to prevent further use and seek damages.
○ Duration: Protection lasts for a fixed period, typically up to
15-25 years, depending on the jurisdiction.

6. Geographical Indications (GI)

● Description: GI laws protect names or signs used on products

that have a specific geographical origin and possess qualities or
a reputation due to that origin, like Darjeeling tea or Swiss
watches.
● Owner’s Rights:
○ Exclusive Use: Only producers in the specific region or
locality are allowed to use the GI and market their products
with that designation.
○ Protection Against Misuse: GI laws prevent unauthorized
use of the geographical name or sign by others outside the
designated region or for products that do not meet the
required standards.
○ Duration: The protection lasts as long as the product
maintains its reputation and quality, subject to periodic
renewal.

7. Enforcement and Remedies

● Civil and Criminal Remedies: IP laws provide mechanisms for

enforcement, allowing owners to pursue civil litigation or even
criminal prosecution in cases of infringement, depending on the
jurisdiction and severity of the violation.
● Damages and Injunctions: The owner may be entitled to recover
actual damages or profits from the infringer, and courts may
issue an injunction to stop the infringing activities.
● Customs Protection: In many cases, customs authorities can
seize counterfeit goods at borders to protect IP rights.

46. Compare Vishing, Phishing and Smishing in cyber security.

Comparison of Vishing, Phishing, and Smishing in Cybersecurity

Aspect Vishing (Voice Phishing Smishing (SMS

Phishing) Phishing)

Definition Uses phone calls Fraudulent Uses text

to trick victims into attempt to steal messages to
revealing personal sensitive info steal personal
info. via email. information.

Medium Phone calls Emails or fake SMS or text

Used (landline or websites. messages to
mobile). mobile devices.

Targeted Credit card Login Bank details,

Informatio numbers, bank credentials, login
n details, personal financial info, credentials,
info. personal data. personal info.

Method of Pretends to be a Sends fake Sends fake SMS

Attack trusted figure, asks emails with asking for info
for sensitive info. malicious links or links to
or attachments. malicious sites.

Level of High, uses direct High, fake Moderate, SMS

Deception communication, emails appear looks urgent and
more convincing. legitimate. trustworthy.
Technique Spoofing phone Fake websites, Fake urgent
s Used numbers, urgency misleading messages,
tactics. email mimicking
addresses. trusted sources.

Impact Identity theft, Account Identity theft,

financial fraud. breach, malware,
financial loss, financial fraud.
identity theft.

Examples Call from a “bank” Email asking for Text claiming to

asking for login info with a be from a bank,
verification details. fake link. asking to click a
link.

Detection Hard to detect, Detectable if Hard to detect,

Difficulty real-time cautious about SMS is often
interaction. links and email trusted more
sources. than emails.

Protection Don’t share info Verify sender, Avoid links in

Measures over the phone, avoid clicking SMS, verify with
verify caller. links in emails. the organization
directly.

47. What is Bluetooth hacking? Explain Bluetooth hacking tools in

brief.

Bluetooth Hacking and Bluetooth Hacking Tools

Bluetooth Hacking refers to the unauthorized access or manipulation

of devices that use Bluetooth technology for communication. Since
Bluetooth allows wireless connections between devices over short
distances, hackers exploit vulnerabilities in Bluetooth protocols to
gain unauthorized access to devices, steal data, or launch attacks.
Bluetooth Hacking and Bluetooth Hacking Tools (10 Marks)

Bluetooth Hacking refers to the unauthorized access or manipulation

Types of Bluetooth Hacking Attacks

1. Eavesdropping: Attackers intercept and listen to the data being

transmitted between two Bluetooth devices.
2. Bluejacking: Sending unsolicited messages or data to another
Bluetooth-enabled device.
3. Bluesnarfing: Unauthorized access to a Bluetooth-enabled
device to steal data such as contacts, calendar events, or
messages.
4. Bluebugging: Gaining control over a Bluetooth device to make
calls, listen to conversations, or send messages without the
user’s knowledge.

Bluetooth Hacking Tools

Below are some commonly used tools for Bluetooth hacking:

1. BlueMaho
○ Description: A hacking tool designed for Bluetooth
vulnerability exploitation.
○ Function: Used for performing various Bluetooth attacks
like Bluejacking and Bluesnarfing by exploiting
weaknesses in Bluetooth protocol.
2. BlueSniff
○ Description: A Bluetooth scanning tool.
○ Function: Allows users to discover Bluetooth devices in
the vicinity and identify any open ports or weaknesses in
security.
3. Bluescan
○ Description: A Bluetooth scanning and enumeration tool.
○ Function: Scans for Bluetooth-enabled devices and
identifies services, helping hackers find devices with
vulnerabilities like open ports or weak encryption.
4. BTScanner
○ Description: A Bluetooth scanning tool.
○ Function: Helps in discovering active Bluetooth devices
and analyzing their services and vulnerabilities. It is mainly
used for sniffing and reconnaissance.
5. Wireshark
○ Description: A network protocol analyzer.
○ Function: Used for sniffing Bluetooth packets to capture
and analyze data transmitted between Bluetooth devices. It
helps in eavesdropping attacks by intercepting
communication.
6. BlueBugger
○ Description: A tool used to exploit Bluetooth-enabled
mobile phones.
○ Function: Allows the hacker to gain control over a phone
and execute commands, make calls, and read messages by
exploiting Bluetooth vulnerabilities.

How Bluetooth Hacking Works

1. Scanning for Devices: The hacker uses tools like BlueMaho or

Bluescan to scan for available Bluetooth devices within range.
2. Discovering Vulnerabilities: Tools such as BlueSniff or
Wireshark are used to identify vulnerabilities, such as open
ports or weak encryption methods.
3. Exploiting Vulnerabilities: Once a vulnerability is identified, the
hacker may exploit it by launching a Bluejacking, Bluesnarfing,
or Bluebugging attack, depending on the goal.
4. Accessing or Manipulating Data: In cases like Bluesnarfing,
hackers may steal personal information like contacts or
messages. Bluebugging allows hackers to control the device
and carry out unauthorized activities.
5. Denial of Service: Tools like Ubertooth One can also be used to
overwhelm the Bluetooth devices with excessive requests,
causing them to crash or become unresponsive.

How to Prevent Bluetooth Hacking

1. Disable Bluetooth When Not in Use: Turn off Bluetooth to

prevent unauthorized access when it is not required.
2. Use Strong Pairing: Always use secure pairing methods like
authentication codes or PINs when connecting devices.
3. Update Device Firmware: Ensure that devices are regularly
updated to patch vulnerabilities.
4. Use Encryption: Enable strong encryption for Bluetooth
communications to prevent eavesdropping and unauthorized
data interception.
5. Limit Discoverability: Set Bluetooth devices to non-discoverable
mode so that only paired devices can connect.

48. How the Indian penal code IPC 1860 addresses cybercrime?

Cybercrime and the Indian Penal Code (IPC) 1860 (10 Marks)

The Indian Penal Code (IPC) 1860 is the primary legislation that
governs criminal law in India. While the IPC was enacted long before
the advent of modern technology, it has been used to address
cybercrimes in India by applying traditional criminal offenses to the
digital realm. However, with the increasing prevalence of cybercrimes,
the Information Technology Act, 2000 (IT Act) was introduced to
specifically address cybercrimes. Despite this, the IPC continues to
play a critical role in addressing various cyber offenses.

Here’s how IPC 1860 addresses cybercrime:

1. Section 378: Theft

● Applicability: Cyber theft refers to the unlawful taking or stealing
of data, software, or other digital assets.
● Example: Illegally accessing someone’s account and stealing
their money or confidential data.
● Punishment: Imprisonment and/or fine, depending on the
severity of the offense.

2. Section 379: Punishment for Theft

● Applicability: If someone steals digital property (e.g., files,

software), this section can be applied. This includes
unauthorized copying of files or stealing sensitive data from
devices.
● Punishment: Imprisonment of up to 3 years or a fine or both.

3. Section 420: Cheating and Dishonest Inducement

● Applicability: This section covers cybercrimes related to online

fraud and scams, such as phishing, online frauds, and deceptive
practices in digital transactions.
● Example: Fraudulent transactions, cheating through fraudulent
emails or websites.
● Punishment: Imprisonment up to 7 years and fine.

4. Section 463: Forgery

● Applicability: Cyber forgery involves the creation of fake

documents or tampering with electronic records, often used in
identity theft and financial fraud.
● Example: Forging an e-signature or creating false digital
documents to manipulate financial transactions.
● Punishment: Imprisonment and/or fine, with a maximum term of
2 years.

5. Section 468: Forgery for Purpose of Cheating

● Applicability: Covers the act of digitally forging documents with
the intent to cheat, especially in cases of financial fraud, fake
IDs, or tampered e-documents.
● Example: Using forged digital documents to gain unauthorized
access to someone’s accounts or resources.
● Punishment: Imprisonment up to 7 years and a fine.

6. Section 469: Forgery of Documents with Intent to Harm Reputation

● Applicability: This section can be applied in cases of cyber

defamation, where false information is spread online with the
intent to damage someone's reputation.
● Example: Creating and distributing fake defamatory content
about an individual on social media.
● Punishment: Imprisonment up to 3 years or a fine.

7. Section 503: Criminal Intimidation

● Applicability: Cybercrimes like cyberbullying, online threats, and

blackmail fall under this section.
● Example: Sending threatening emails, messages, or online
posts intending to cause fear or harm.
● Punishment: Imprisonment up to 2 years, or fine, or both.

8. Section 509: Word, Gesture, or Act Intended to Insult the Modesty

of a Woman

● Applicability: This section can be invoked in cases of cyber

harassment, cyberstalking, or online insults directed at women.
● Example: Posting obscene content, photos, or messages
intended to insult or harass women.
● Punishment: Imprisonment up to 3 years and fine.

9. Section 66: Cybercrimes (General Provisions under IT Act 2000)

● Applicability: Though primarily covered under the Information
Technology Act, 2000, Section 66 addresses cybercrimes such
as hacking, identity theft, cyberstalking, and cyber pornography.
● Example: Hacking into a computer system or unauthorized
access to digital devices or networks.
● Punishment: Imprisonment up to 3 years or a fine, or both.

10. Section 71: Misuse of Digital Signatures

● Applicability: This section covers the misuse or falsification of

digital signatures for fraudulent activities.
● Example: Using someone else’s digital signature without
authorization to sign documents or make transactions.
● Punishment: Imprisonment up to 3 years and/or fine.

49. Shorts note on Computer Sabotage.

Computer Sabotage

Computer Sabotage refers to the intentional destruction, alteration, or

disruption of computer systems, software, or data to harm
individuals, organizations, or governments. It involves malicious
actions aimed at damaging computer resources, stealing sensitive
information, or causing operational disruptions.

Key Points:

1. Purpose: The goal of sabotage is often to disrupt the normal

functioning of computer systems, resulting in loss of data,
unauthorized access, or financial harm.
2. Methods: Common techniques include introducing viruses,
worms, or malware to corrupt files, damage hardware, or exploit
system vulnerabilities.
3. Examples:
○ Deleting critical files or data.
○ Introducing malicious software to slow down systems or
cause crashes.
○ Denial of Service (DoS) attacks, which overwhelm and
disable websites or networks.
4. Legal Consequences: Computer sabotage is considered a
cybercrime under various laws, such as the Information
Technology Act, 2000 in India, and can result in fines and
imprisonment.
5. Prevention: Regular software updates, antivirus programs,
firewalls, and strong security protocols help prevent sabotage
and minimize damage.

Computer sabotage can cause significant financial and operational

damage, making it a serious threat to both individuals and
organizations.

50. Shorts note on Indian Information Technology Act 2000

Indian Information Technology Act, 2000 (5 Marks)

The Information Technology Act, 2000 (IT Act 2000) is the primary
legislation in India that governs cybercrimes and electronic
commerce. It provides a legal framework for the use of digital
signatures, electronic records, and cyber transactions.

Key Points:

1. Objective: To promote e-commerce, secure digital transactions,

and address cybercrimes by establishing legal recognition of
electronic documents and signatures.
2. Cybercrime Provisions: The Act defines various cybercrimes
such as hacking, identity theft, cyberstalking, online fraud, and
cyber terrorism, along with penalties for these offenses.
3. Digital Signature: The IT Act recognizes digital signatures as
valid for authentication, ensuring secure transactions and
communications online.
4. Cyber Appellate Tribunal: The Act establishes a Cyber Appellate
Tribunal to resolve disputes related to cybercrimes and
violations.
5. Amendments: In 2008, the Act was amended to address
emerging cyber threats, and to include offenses related to
privacy, child pornography, and data protection.

Cyber Report
No ratings yet
Cyber Report
121 pages
Cyber Security Seminar Report
79% (28)
Cyber Security Seminar Report
19 pages
Unit - 2
No ratings yet
Unit - 2
17 pages
Cyber Security 1
No ratings yet
Cyber Security 1
81 pages
Hacking
0% (1)
Hacking
28 pages
Module 1
No ratings yet
Module 1
16 pages
Unit 4
No ratings yet
Unit 4
38 pages
Cyber Security
No ratings yet
Cyber Security
67 pages
Security Word
No ratings yet
Security Word
5 pages
Cyber Security
No ratings yet
Cyber Security
14 pages
A Survey On The Different Firewall Technologies
No ratings yet
A Survey On The Different Firewall Technologies
3 pages
Chapter 9 Part 1
No ratings yet
Chapter 9 Part 1
15 pages
Cyber Crime
No ratings yet
Cyber Crime
10 pages
Fcs
No ratings yet
Fcs
11 pages
ISP PPT Unit 1 - Naveen N
No ratings yet
ISP PPT Unit 1 - Naveen N
53 pages
PCNSC
No ratings yet
PCNSC
31 pages
CCNA Security - Chapter 1 - Modern Network Security Threats PDF
No ratings yet
CCNA Security - Chapter 1 - Modern Network Security Threats PDF
73 pages
Chapter 5
No ratings yet
Chapter 5
33 pages
Cyber Security
No ratings yet
Cyber Security
9 pages
Cyberlaw and Security
No ratings yet
Cyberlaw and Security
14 pages
Cyber Security All Units Notes 2021-2022 (B.tech 2-2) Cse-Cs
No ratings yet
Cyber Security All Units Notes 2021-2022 (B.tech 2-2) Cse-Cs
58 pages
Cyberspace Question Bank
No ratings yet
Cyberspace Question Bank
75 pages
sc900 Prereq
No ratings yet
sc900 Prereq
62 pages
Computer Maintenance: Cyber Crime
No ratings yet
Computer Maintenance: Cyber Crime
2 pages
CHAPTER 4 - Fraud and Computer Attacks
No ratings yet
CHAPTER 4 - Fraud and Computer Attacks
24 pages
Tools and Methods Used in Cybercrime
No ratings yet
Tools and Methods Used in Cybercrime
105 pages
Unit 6 IS
No ratings yet
Unit 6 IS
7 pages
4b - Security Management - Cyber Security MGT
No ratings yet
4b - Security Management - Cyber Security MGT
29 pages
Model Question Paper of Cyber Security With Solution
No ratings yet
Model Question Paper of Cyber Security With Solution
33 pages
Financial Cyber Crime
No ratings yet
Financial Cyber Crime
13 pages
Fundamental of Cyber Security
No ratings yet
Fundamental of Cyber Security
42 pages
Cybersecurity
No ratings yet
Cybersecurity
10 pages
CS Chapter 2 UP
No ratings yet
CS Chapter 2 UP
16 pages
Professional Ethics and Environmental Protection Sonargaon University HUM2201 Lec-03
No ratings yet
Professional Ethics and Environmental Protection Sonargaon University HUM2201 Lec-03
46 pages
EC-105 - Week 12
No ratings yet
EC-105 - Week 12
25 pages
Cyber Security Seminar Report PDF Free
100% (2)
Cyber Security Seminar Report PDF Free
19 pages
Introduction To Cybersecurity
No ratings yet
Introduction To Cybersecurity
11 pages
Introduction To Cybersecurity
No ratings yet
Introduction To Cybersecurity
11 pages
Basic Security Concepts ICT Presentation
No ratings yet
Basic Security Concepts ICT Presentation
25 pages
3 PPT - Copy
No ratings yet
3 PPT - Copy
26 pages
UST - IT 2 - Advanced IT - Lecture 7 (26-02-2024) Dr. Mahmood Bazel
No ratings yet
UST - IT 2 - Advanced IT - Lecture 7 (26-02-2024) Dr. Mahmood Bazel
36 pages
Module 6
No ratings yet
Module 6
21 pages
Cyber Security Seminar Report
No ratings yet
Cyber Security Seminar Report
19 pages
Digital Fluency Test-02
100% (1)
Digital Fluency Test-02
4 pages
INTRODUCTION
No ratings yet
INTRODUCTION
6 pages
Seminar Report
No ratings yet
Seminar Report
14 pages
Cile Set 1
No ratings yet
Cile Set 1
36 pages
Securing An Information System - Part A
No ratings yet
Securing An Information System - Part A
8 pages
Handout - Nitcs501 - Cyber Securitye
No ratings yet
Handout - Nitcs501 - Cyber Securitye
19 pages
DDoS Attacks Evolution, Detection, Prevention, Reaction, and Tolerance
No ratings yet
DDoS Attacks Evolution, Detection, Prevention, Reaction, and Tolerance
311 pages
Information Security
No ratings yet
Information Security
28 pages
Unlock Your Carrier in Cybersecurity en B61b135a27
No ratings yet
Unlock Your Carrier in Cybersecurity en B61b135a27
13 pages
Unit 9 Is Security
No ratings yet
Unit 9 Is Security
60 pages
Module 7
No ratings yet
Module 7
60 pages
Adv105 - Lesson
No ratings yet
Adv105 - Lesson
10 pages
Most Common Attack Vectors
No ratings yet
Most Common Attack Vectors
15 pages
Sic QB Ans
No ratings yet
Sic QB Ans
38 pages
Information Security: Barbarians at The Gateway (And Just About Everywhere Else)
No ratings yet
Information Security: Barbarians at The Gateway (And Just About Everywhere Else)
32 pages
MIS-Unit 5
No ratings yet
MIS-Unit 5
48 pages
Cyber Security Seminar Report
No ratings yet
Cyber Security Seminar Report
19 pages
Cybersecurity 180303131014
No ratings yet
Cybersecurity 180303131014
48 pages
Hashcash - A Denial of Service Counter-Measure
No ratings yet
Hashcash - A Denial of Service Counter-Measure
10 pages
A Survey On Advanced Persistent Threats: Techniques, Solutions, Challenges, and Research Opportunities
No ratings yet
A Survey On Advanced Persistent Threats: Techniques, Solutions, Challenges, and Research Opportunities
25 pages
Emerging Technologies: Rohan Raj Poudel
No ratings yet
Emerging Technologies: Rohan Raj Poudel
29 pages
Booter Takedown - Affidavit For Seizure Warrant
No ratings yet
Booter Takedown - Affidavit For Seizure Warrant
22 pages
Cyberseciruty Seminar Report 2820243
No ratings yet
Cyberseciruty Seminar Report 2820243
16 pages
Cyber Security
No ratings yet
Cyber Security
11 pages
Network Security A Simple Guide To Firewalls
No ratings yet
Network Security A Simple Guide To Firewalls
3 pages
AED AEM Netscout
No ratings yet
AED AEM Netscout
9 pages
Speaker Notes
No ratings yet
Speaker Notes
12 pages
BCC 301 Cyber Security Notes Unit 2
No ratings yet
BCC 301 Cyber Security Notes Unit 2
12 pages
Cyber Security
No ratings yet
Cyber Security
11 pages
Copie de Présentation D'entreprise Plan D'action Commercial Géométrique en Vert Noir Et Blanc
No ratings yet
Copie de Présentation D'entreprise Plan D'action Commercial Géométrique en Vert Noir Et Blanc
15 pages
IT Security-Ch1-Modern Network Security Threats
No ratings yet
IT Security-Ch1-Modern Network Security Threats
62 pages
Ironport C360 For Medium-Sized Enterprises and Satellite Offices
No ratings yet
Ironport C360 For Medium-Sized Enterprises and Satellite Offices
5 pages
Accounting Information System: Prepared By: ARNEL C. MAGHINAY, RN, PH.D
No ratings yet
Accounting Information System: Prepared By: ARNEL C. MAGHINAY, RN, PH.D
43 pages
Notes - Nis Polytechnic
No ratings yet
Notes - Nis Polytechnic
60 pages
Dbms Module 5
No ratings yet
Dbms Module 5
19 pages
How To Fix 504 Gateway Timeout Error On Your WordPress Website?
100% (1)
How To Fix 504 Gateway Timeout Error On Your WordPress Website?
13 pages
Polcom Services
No ratings yet
Polcom Services
29 pages
DOOit Wallet Whitepaper
No ratings yet
DOOit Wallet Whitepaper
21 pages
Easttom PPT 01 Final
No ratings yet
Easttom PPT 01 Final
27 pages
A Novel Framework For Detection and Prevention of Denial of 2024 Vehicular C
No ratings yet
A Novel Framework For Detection and Prevention of Denial of 2024 Vehicular C
13 pages
YaneCode PFE BOOK 2025
No ratings yet
YaneCode PFE BOOK 2025
23 pages
Computer Security Concepts
No ratings yet
Computer Security Concepts
9 pages
Sravan Resume
No ratings yet
Sravan Resume
2 pages
A Survey On Cyber Security For Smart Grid Communications
No ratings yet
A Survey On Cyber Security For Smart Grid Communications
13 pages
Fortinet
No ratings yet
Fortinet
3 pages
Cybersecurity:
From Everand
Cybersecurity:
Henrique Xavier Oliveira
No ratings yet
Cybersecurity Threats and Digital Safety: Protecting Yourself in a Connected World
From Everand
Cybersecurity Threats and Digital Safety: Protecting Yourself in a Connected World
William Ubagan
No ratings yet