Introduction to Cybersecurity SIMP TIE with Answers

Module 1
1.​ Define Cybercrime and Cybersecurity. List and explain categories of cybercriminals.
2.​ List and explain the hacking and the Indian law under the Indian ITA 2000 Cybercrimes.
3.​ What is Cyberstalking? Name the two types of stalkers and explain how stalking works.
4.​ Define the following terms:
○​ Cyberspace
○​ Cyberstalking
○​ Cyberterrorism
5.​ Discuss the various classifications of cybercrimes.
6.​ Who are cybercriminals? Discuss in detail the various types of cybercriminals.
7.​ Explain the phases involved in planning cybercrime.
8.​ Differentiate between active attacks and passive attacks.

Module 2
1.​ Explain the difference between passive and active attacks. Provide tools as examples.
2.​ What is Social Engineering? Explain Human-based and Computer-based Social Engineering.
3.​ What is a Zombie network? What are the different attacks launched with it?
4.​ What are Botnets? Explain how Botnets can be used for gainful purposes.
5.​ Explain the various stages of a Network attack.
6.​ Define the following terms:
○​ Proxy servers and Anonymizers
○​ Keyloggers and spyware
○​ Trojans and backdoor virus
7.​ Explain the types of computer viruses.
8.​ Explain the types of DOS attacks.

Module 3
1.​ What are the different stages during the attack on the network?
2.​ What is the difference between a proxy server and an anonymizer?
3.​ What are the different ways of password cracking?
4.​ What is the difference between a virus and a worm? List the types of viruses and explain.
5.​ What are Trojan Horses and Backdoors? How to protect from them?
6.​ Define Password cracking. List the guidelines to be followed by end users to avoid password
cracking.
7.​ List the steps to be taken by individuals to avoid being a victim of DOS/DDOS attacks.
8.​ Define Keylogger. Describe the classification of Keyloggers with an example for each.

Module 4
1.​ What is Phishing? What are the different methods of a phishing attack?
2.​ What is Spear phishing? Explain with an example.
3.​ List and explain any 6 types of phishing scams.
4.​ What is Identity theft? Give an example.
5.​ What are the different types of identity theft? Explain.
6.​ What are the different techniques of ID theft?
7.​ List and describe any five phishing techniques.
8.​ List and describe the different types of phishing scams.

Module 5
1.​ Explain the following terms:
○​ Confidentiality
○​ Integrity
○​ Availability
2.​ Define computer forensic and digital forensic. List the roles of Digital Forensics.
3.​ Explain the guidelines to be followed during the digital evidence collection phase.
4.​ Draw a block diagram for the process to capture and handle forensic evidence.
5.​ Explain the activities involved in the process of forensics.
6.​ Elaborate on the chain of custody.
7.​ List the guidelines to be followed for the Digital Evidence collection phase.
8.​ With a neat diagram, explain the legal framework for Digital Evidence documentation.
Module 1
1.​ Define Cybercrime and Cybersecurity. List and explain categories of cybercriminals.
○​ Cybercrime is any illegal activity that involves a computer, networked device, or
network.
○​ Cybersecurity refers to the practice of protecting computer systems, networks, and data
from unauthorized access, use, disclosure, disruption, modification, or destruction.1
Categories of Cybercriminals:
○​ Script Kiddies: Inexperienced individuals using existing tools to launch attacks.
○​ Hacktivists: Motivated by political or social causes.
○​ Organized Criminals: Seeking financial gain through activities like phishing and
identity theft.
○​ Nation-States: Engaging in cyber espionage or sabotage for strategic advantages.
○​ Insiders: Employees or individuals with legitimate access who misuse it for malicious
purposes.
2.​ List and explain the hacking and the Indian law under the Indian ITA 2000
Cybercrimes.
○​ Hacking is unauthorized access to a computer or network.
○​ Indian IT Act 2000 addresses cybercrimes with provisions for offenses like hacking,
data theft, identity theft, and cyberstalking.
○​ Section 66 deals with hacking, with punishments including imprisonment and fines.
3.​ What is Cyberstalking? Name the two types of stalkers and explain how stalking works.
○​ Cyberstalking is the use of electronic communication to harass or threaten an individual.
○​ Types of Stalkers:
■​ Simple Obsessional: Often knows the victim and fixates on them.
■​ Love Obsessional: Develops a delusional belief of a relationship with the victim.
 ○​ Stalking works through various online methods like email, social media, instant
messaging, and tracking software.
4.​ Define the following terms:
○​ Cyberspace: The virtual environment created by interconnected computer networks.
○​ Cyberstalking: The use of electronic communication to harass or threaten an individual.
○​ Cyberterrorism: The use of digital technology to cause widespread fear or disruption.
5.​ Discuss the various classifications of cybercrimes.
○​ Crimes against individuals: Cyberstalking, harassment, identity theft.
○​ Crimes against property: Hacking, data theft, intellectual property infringement.
○​ Crimes against government: Cyberterrorism, espionage, sabotage.
○​ Crimes against society: Child pornography, online hate speech.
6.​ Who are cybercriminals? Discuss in detail the various types of cybercriminals.
○​ Cybercriminals are individuals who engage in illegal activities using computers and
networks.
○​ Types of Cybercriminals:
■​ Script Kiddies: Inexperienced individuals using existing tools to launch attacks.
■​ Hacktivists: Motivated by political or social causes.
■​ Organized Criminals: Seeking financial gain through activities like phishing and
identity theft.
■​ Nation-States: Engaging in cyber espionage or sabotage for strategic advantages.
■​ Insiders: Employees or individuals with legitimate access who misuse it for
malicious purposes.
7.​ Explain the phases involved in planning cybercrime.
○​ Reconnaissance: Gathering information about the target.
○​ Scanning: Identifying vulnerabilities in the target system.
○​ Exploitation: Using the vulnerabilities to gain access.
○​ Maintaining Access: Installing backdoors or other tools to retain control.
○​ Covering Tracks: Removing evidence of the attack.
8.​ Differentiate between active attacks and passive attacks.
○​ Active Attacks: Attempt to modify or disrupt systems or data, e.g., denial-of-service
attacks, malware.
○​ Passive Attacks: Involve eavesdropping or monitoring without altering systems, e.g.,
network sniffing.

Module 2
1.​ Explain the difference between passive and active attacks. Provide tools as examples.
○​ Passive Attacks: Aim to gather information without being detected.
■​ Tools: Network sniffers (Wireshark), port scanners (Nmap).
○​ Active Attacks: Involve modifying or disrupting systems or data.
■​ Tools: Malware (viruses, worms), denial-of-service attack tools (LOIC).
2.​ What is Social Engineering? Explain Human-based and Computer-based Social
Engineering.
○​ Social Engineering: Manipulating individuals to gain access to confidential information
or systems.
○​ Human-based:
 ■​ Pretexting: Creating a false scenario to gain trust.
■​ Baiting: Offering something enticing to lure victims.
■​ Tailgating: Following someone into a restricted area.
○​ Computer-based:
■​ Phishing: Deceptive emails or websites to steal credentials.
■​ Watering Hole Attacks: Compromising websites frequently visited by the target
group.
3.​ What is a Zombie network? What are the different attacks launched with it?
○​ Zombie Network: A network of compromised computers (bots) controlled by an
attacker (bot herder).
○​ Attacks:
■​ Distributed Denial-of-Service (DDoS) attacks: Overwhelming a target with traffic.
■​ Spamming: Sending massive amounts of unsolicited emails.
■​ Data theft: Stealing sensitive information from infected machines.
■​ Click fraud: Generating fraudulent clicks on online ads.
4.​ What are Botnets? Explain how Botnets can be used for gainful purposes.
○​ Botnets: Networks of compromised computers controlled by an attacker.
○​ Gainful purposes:
■​ DDoS-as-a-Service: Attackers rent out botnets for DDoS attacks.
■​ Spamming: Sending massive amounts of unsolicited emails for advertising or
phishing.
■​ Cryptojacking: Using infected machines to mine cryptocurrencies.
5.​ Explain the various stages of a Network attack.
○​ Reconnaissance: Gathering information about the target.
○​ Scanning: Identifying vulnerabilities in the target system.
○​ Gaining Access: Exploiting vulnerabilities to gain unauthorized access.
○​ Maintaining Access: Installing backdoors or other tools to retain control.
○​ Covering Tracks: Removing evidence of the attack.
6.​ Define the following terms:
○​ Proxy servers: Intermediaries between a client and a server, used for anonymity or
security.
○​ Anonymizers: Tools or services that hide a user's IP address and browsing activity.
○​ Keyloggers: Software or hardware that records keystrokes.
○​ Spyware: Software that secretly monitors user activity and gathers information.
○​ Trojans: Malware disguised as legitimate software.
○​ Backdoor virus: Malware that allows unauthorized access to a system.
7.​ Explain the types of computer viruses.
○​ Boot Sector Viruses: Infect the boot sector of a storage device.
○​ File Infector Viruses: Attach to executable files.
○​ Macro Viruses: Embed in documents and spreadsheets.
○​ Multipartite Viruses: Spread through multiple methods.
○​ Polymorphic Viruses: Change their code to avoid detection.
8.​ Explain the types of DOS attacks.
○​ SYN Flood: Overwhelms a server with SYN requests.
○​ UDP Flood: Sends a large number of UDP packets to a target.
 ○​ ICMP Flood: Floods a target with ICMP echo requests (ping).
○​ HTTP Flood: Sends a massive number of HTTP requests to a web server.

Module 3
1.​ What are the different stages during the attack on the network?
○​ Reconnaissance: Gathering information about the target network.
○​ Scanning: Identifying active hosts and open ports on the network.
○​ Gaining Access: Exploiting vulnerabilities to gain unauthorized access to the network.
○​ Maintaining Access: Installing backdoors or other tools to retain control of the network.
○​ Covering Tracks: Removing evidence of the attack on the network.
2.​ What is the difference between a proxy server and an anonymizer?
○​ Proxy Server: Acts as an intermediary between a client and a server, forwarding requests
and responses. It can be used for various purposes, including caching, filtering, and
security.
○​ Anonymizer: A specific type of proxy server that focuses on hiding the user's IP address
and browsing activity for increased privacy.
3.​ What are the different ways of password cracking?
○​ Brute-force attack: Trying all possible combinations of characters.
○​ Dictionary attack: Using a list of common passwords.
○​ Rainbow table attack: Precomputed tables for faster cracking.
○​ Social engineering: Tricking users into revealing their passwords.
○​ Malware: Using keyloggers or other malware to steal passwords.
4.​ What is the difference between a virus and a worm? List the types of viruses and
explain.
○​ Virus: A self-replicating program that attaches to another program or file to spread.
○​ Worm: A standalone program that can spread across networks without human
interaction.
Types of Viruses:
○​ Boot Sector Viruses: Infect the boot sector of a storage device.
○​ File Infector Viruses: Attach to executable files.
○​ Macro Viruses: Embed in documents and spreadsheets.
○​ Multipartite Viruses: Spread through multiple methods.
○​ Polymorphic Viruses: Change their code to avoid detection.
5.​ What are Trojan Horses and Backdoors? How to protect from them?
○​ Trojan Horse: Malware disguised as legitimate software.
○​ Backdoor: A hidden entry point in a system that allows unauthorized access.
Protection:
○​ Use strong passwords and keep them confidential.
○​ Be cautious when opening email attachments or clicking links.
○​ Keep software updated with the latest security patches.
○​ Use a reputable antivirus and anti-malware program.
6.​ Define Password cracking. List the guidelines to be followed by end users to avoid
password cracking.
○​ Password cracking: The process of attempting to gain unauthorized access to a system
 by guessing or recovering passwords.
Guidelines:
○​ Use strong passwords: A combination of uppercase and lowercase letters, numbers, and
symbols.
○​ Change passwords regularly: At least every 90 days.
○​ Don't reuse passwords: Use different passwords for different accounts.
○​ Enable two-factor authentication: Adds an extra layer of security.
○​ Be aware of phishing scams: Don't click on links or open attachments from unknown
senders.
7.​ List the steps to be taken by individuals to avoid being a victim of DOS/DDOS attacks.
○​ Keep software updated: Install the latest security patches for operating systems,
applications, and firewalls.
○​ Use a firewall: A firewall can help to block malicious traffic.
○​ Secure your network: Use strong passwords and encryption for Wi-Fi networks.
○​ Monitor network traffic: Look for unusual activity that could indicate an attack.
○​ Have a plan: Know what to do if you are attacked.
8.​ Define Keylogger. Describe the classification of Keyloggers with an example for each.
○​ Keylogger: Software or hardware that records keystrokes.
Classification:
○​ Software keyloggers: Installed on a computer without the user's knowledge.
■​ Example: Refog Keylogger
○​ Hardware keyloggers: Physical devices that connect to a computer.
■​ Example: KeyGrabber USB

Module 4
1.​ What is Phishing? What are the different methods of a phishing attack?
○​ Phishing: A type of social engineering attack where attackers attempt to trick users into
giving up sensitive information such as passwords, credit card numbers, or bank account
details.
Methods:
○​ Email phishing: Sending deceptive emails that appear to be from a legitimate
organization.
○​ Spear phishing: Targeted phishing attacks directed at specific individuals or
organizations.
○​ Whaling: Targeting high-profile individuals such as executives or celebrities.
○​ Smishing: Phishing attacks that use SMS messages.
○​ Vishing: Phishing attacks that use phone calls.
2.​ What is Spear phishing? Explain with an example.
○​ Spear phishing: A targeted phishing attack directed at specific individuals or
organizations.
○​ Example: An attacker might send an email to an employee of a company, pretending to
be from the IT department and asking for their password.
3.​ List and explain any 6 types of phishing scams.
 ○​ Email Phishing: Deceptive emails pretending to be from legitimate organizations.
○​ Spear Phishing: Targeted emails directed at specific individuals.
○​ Whaling: Targeting high-profile individuals like executives.
○​ Smishing: Phishing attacks through SMS messages.
○​ Vishing: Phishing attacks through phone calls.
○​ Angler Phishing: Using fake social media accounts to lure victims.
4.​ What is Identity theft? Give an example.
○​ Identity theft: The fraudulent acquisition and use of someone else's personal
information, typically for financial gain.
○​ Example: An attacker might steal someone's credit card number and use it to make
unauthorized purchases.
5.​ What are the different types of identity theft? Explain.
○​ Financial identity theft: Using someone else's information to open credit accounts,
apply for loans, or file taxes.
○​ Medical identity theft: Using someone else's information to receive medical care or file
insurance claims.
○​ Criminal identity theft: Using someone else's information to commit crimes.
○​ Child identity theft: Using a child's information to open accounts or apply for credit.
○​ Synthetic identity theft: Creating a new identity using a combination of real and fake
information.
6.​ What are the different techniques of ID theft?
○​ Phishing: Tricking individuals into providing personal information through deceptive
emails or websites.
○​ Malware: Using keyloggers or other malware to steal information from infected
computers.
○​ Data breaches: Stealing information from organizations that store personal data.
○​ Dumpster diving: Sifting through trash to find discarded documents with personal
information.
○​ Skimming: Using devices to steal credit card information from the magnetic stripe.
7.​ List and describe any five phishing techniques.
○​ Email Phishing: Deceptive emails pretending to be from legitimate organizations.
○​ Spear Phishing: Targeted emails directed at specific individuals.
○​ Whaling: Targeting high-profile individuals like executives.
Smishing:Phishing attacks through SMS messages.
●​ Vishing: Phishing attacks through phone calls.
●​ Angler Phishing: Using fake social media accounts for phishing.
8.​ List and describe the different types of phishing scams.
○​ Deceptive Phishing: Emails or websites mimicking legitimate organizations to steal
information.
○​ Spear Phishing: Targeted phishing attacks directed at specific individuals or
organizations.
○​ Whaling: Targeting high-profile individuals like executives.
○​ Pharming: Redirecting users to fake websites that resemble legitimate ones.
○​ Content Injection Phishing: Inserting malicious code into legitimate websites.
 Module 5
1.​ Explain the following terms:
○​ Confidentiality: Ensuring that information is accessible only to authorized individuals.
○​ Integrity: Maintaining the accuracy and consistency of data.
○​ Availability: Ensuring that systems and data are accessible to authorized users when
needed.
2.​ Define computer forensic and digital forensic. List the roles of Digital Forensics.
○​ Computer Forensics: The application of investigation and analysis techniques to gather
and preserve evidence from a particular computing device.1
○​ Digital Forensics: A broader term encompassing the recovery and investigation of
material found in digital devices.
Roles of Digital Forensics:
○​ Data Recovery: Retrieving lost or deleted data.
○​ Evidence Collection: Gathering and preserving digital evidence for legal proceedings.
○​ Intrusion Analysis: Investigating cyberattacks and security breaches.
○​ Malware Analysis: Examining malicious software to understand its behavior and
impact.
3.​ Explain the guidelines to be followed during the digital evidence collection phase.
○​ Secure the scene: Isolate the device to prevent tampering.
○​ Document everything: Record all actions taken during the collection process.
○​ Maintain chain of custody: Track the handling of evidence to ensure its integrity.
○​ Use appropriate tools and techniques: Prevent damage to the evidence.
○​ Follow legal procedures: Ensure that evidence is admissible in court.
4.​ Explain the activities involved in the process of forensics.
○​ Identification: Recognizing potential sources of digital evidence.
○​ Preservation: Securing and isolating digital evidence to prevent tampering.
○​ Collection: Gathering digital evidence using appropriate methods.
○​ Examination: Analyzing digital evidence to extract meaningful information.
○​ Analysis: Interpreting the findings from the examination.
○​ Presentation: Reporting the results of the analysis in a clear and concise manner.
5.​ Elaborate on the chain of custody.
○​ Chain of Custody: A chronological documentation of the handling of evidence, from
collection to presentation in court.
○​ Purpose: Ensures the integrity and admissibility of evidence by tracking who had access
to it and what actions were taken.
○​ Components:
■​ Documentation: Detailed records of every person who handled the evidence,
including dates, times, and reasons for access.
■​ Secure storage: Protecting the evidence from tampering or alteration.
■​ Proper labeling: Clearly identifying and marking the evidence.
6.​ List the guidelines to be followed for the Digital Evidence collection phase.
○​ Secure the scene: Isolate the device to prevent tampering.
○​ Document everything: Record all actions taken during the collection process.
○​ Maintain chain of custody: Track the handling of evidence to ensure its integrity.
○​ Use appropriate tools and techniques: Prevent damage to the evidence.
○​ Follow legal procedures: Ensure that evidence is admissible in court.