IIS CT that the authenticated entity has the proper rights

2 Marks to use certain data, applications, or service.

1. Differentiate between Virus & Worm (any two). Authentication:Authentication is the process of
Virus Worm verifying the identity of a user or information.
A virus is a malicious A worm is a self- User authentication is the process of verifying the
program that attaches replicating malware that identity of a user when that user logs in to a
itself to a host file and spreads automatically computer system.
spreads when the over a network without
infected file is executed. needing a host file. 4. What is access control? List principles of access
Requires human action Spreads automatically control?
(e.g., opening an without human
Access Control is a method of limiting access to a
infected file). intervention.
system or resources. Access control refers to the
Can corrupt or modify Consumes network
process of determining who has access to what
files and slow down the bandwidth and system
system. resources, leading to slow resources within a network and under what
performance. conditions.
Needs a host file or Independent and spreads Principles of access control:
program to spread. on its own.  Principle of Least Privilege
 Separation of Duties
2. Enlist two Active & Passive attack each.  Need to know
Active Attacks:
Man-in-the-Middle (MITM) Attack – The attacker 5. Define following terms
intercepts and alters communication between two (i) Cryptography (ii) Cryptology.
parties. (i) Cryptography: Cryptography is the art and
Denial of Service (DoS) Attack – The attacker floods a science of achieving security by encoding messages
system with traffic to make it unavailable. to make them unreadable. Cryptography is the
practice of securing information by converting it
Passive Attacks: into an unreadable format (encryption) and
Shoulder Surfing – Observing someone's screen or converting it back to its original form (decryption).
keyboard to steal sensitive information like passwords (ii) Cryptology: Cryptology is the combination of
or PINs. cryptography and cryptanalysis. It includes making
Sniffing – The attacker silently listens to network traffic codes to protect information (cryptography) and
without modifying or interrupting data transmission. breaking codes to find hidden messages
(cryptanalysis).
3. Define the terms: Identification, Authorization and
authentication. 6. Define following terms
Identification: Identification is the process used to i) Vulnerability ii) Threat.
recognize individual user.It can be done with the help of i) Vulnerability: A vulnerability is an organizational
username, smart card, ID etc. Security systems use this flaw that can be exploited by a threat to destroy,
identity to grant the access to the user for information. damage or compromise an asset.Vulnerabilities
Authorization: Authorization is the method of figuring include inherent human weaknesses.
out and granting permissions to a demonstrated ii) Threat: A threat is any incident that could
user or system, specifying what assets they can negatively affect an asset – for example, if it’s
access and what actions they’re allowed to carry lost, knocked offline or accessed by an
out.It comes after authentication and guarantees unauthorized party. Threats can be categorized
 as circumstances that compromise the E.g.A person enters their ATM PIN at a cash
confidentiality, integrity or availability of an machine, and someone behind them memorizes it
asset, and can either be intentional or to use later.
accidental.

7. Write any four advantages of Biometrics.

High Security – Biometrics like fingerprints and facial
recognition are unique, making unauthorized access
difficult.
Convenience – No need to remember passwords; users
can log in with fingerprints, iris scans, or facial recognition.
Fast Authentication – Biometrics provide quick and
automatic identity verification, reducing login time.
Difficult to Forge – Unlike passwords or ID cards, biometric
traits (fingerprints, iris, voice) cannot be easily copied or
stolen.
Improves Accuracy – Provides more reliable identification
than passwords or PINs.
Reduces Fraud – Prevents identity theft since biometric
traits are unique.
4 Marks
1. Explain DOS with neat diagram.
Denial of Service (DoS) is a form of cybersecurity
attack that involves denying the intended users of
the system or network access by flooding traffic or
requests.
In this DoS attack, the attacker floods a target
system or network with traffic or requests in order
to consume the available resources such as
bandwidth, CPU cycles, or memory and prevent
legitimate users from accessing them.

8. Explain the term assets.

An asset is any data, device or other component of an
organisation’s systems that is valuable – often because it
contains sensitive data or can be used to access such
information. For example, if a bank website can handle 10
For example, an employee’s desktop computer, laptop or people a second by clicking the Login button, an
company phone would be considered an asset, as would attacker only has to send 10 fake requests per
applications on those devices. second to make it so no legitimate users can log in.
Types of Asset:
i.Tangible Assets
ii.Intangible Assets
iii.Human Assets

9. Explain shoulder surfing attack.

During a shoulder surfing attack, an attacker physically
views someone’s entry of sensitive information, be it
passwords, personal identification numbers, or any other
2. Explain Following terms
such data, over the target’s shoulder.
i) Sniffing ii) Spoofing
Most often, this attack takes place in public or semi-public
i) Sniffing:
environments where an attacker can have a glimpse of
Sniffing is the process of monitoring and capturing
what is on screen or being typed at the keyboard without
all the packets passing through a given network
raising much suspicion.
using sniffing tools. It is a form of “tapping phone
wires” and get to know about the conversation.
 There is so much possibility that if a set of
enterprise switch ports is open, then one of their
employees can sniff the whole traffic of the
network. Anyone in the same physical location can
plug into the network using Ethernet cable or
connect wirelessly to that network and sniff the
total traffic.
To prevent sniffing attacks we can do following:
 Use Encrypted Connections
 Use Secure Networks
 Keep Devices and Software Updated
 Use Firewall Protection
 Monitor Your Network
 Beware of Malicious Emails and Attachments
 Use Strong, Unique Passwords
ii) Spoofing:
Spoofing is a sort of fraud in which someone or
something forges the sender’s identity and poses
as a reputable source, business, colleague, or
other trusted contact in order to obtain personal
information, acquire money, spread malware, or
steal data.
Types of Spoofing:
 IP Spoofing
 ARP Spoofing
 Email Spoofing
 Website Spoofing Attack
 DNS Spoofing
3.Explain criteria for information classification.
i. Value
 This is the most common factor for classifying
data, especially in private organizations.
 If data is critical to business operations, financial
stability, or competitive advantage, it must be
classified and secured.
 Higher-value information requires stricter security
controls to prevent unauthorized access, leaks, or
cyber threats.
ii. Age
 The sensitivity of information may decrease over
time, allowing reclassification to a lower security
level.
 Data that is highly classified today may not require
the same level of protection in the future as its
relevance diminishes.
 Organizations regularly review aging information
to determine whether it still needs strict security
measures.
iii.Useful Life
 The relevance and usability of information
impact its classification level.
 Data that is actively used and updated
requires proper security to maintain
integrity and confidentiality.
 Once the information is no longer useful
or necessary, its classification may be
downgraded or it may be archived or
deleted.
iv.Personal Association
 Information linked to a specific
individual, such as personal, financial, or
health data, requires strict classification.
 Privacy laws securely stored and
processed data to protect individuals'
privacy.
 Organizations must ensure that
personally identifiable information (PII) is
classified and handled according to legal
standards.
4. Describe RBAC and ABAC with diagram.
i.RBAC:
Role-based access control (RBAC) uses roles
and user groups to categorize access controls.
With RBAC, system administrators assign roles
to subjects and configure access permissions to
apply at the role level.
Based on a subject’s role, permission to access
a resource will automatically be granted or
denied.
In a static environment that doesn’t have
frequent shift changes, RBAC can create an
effective access management policy.
Example Security analyst: Can configure a
firewall, but can't view customer data
Sales representative: Can view customer accounts, but can't
change firewall settings.
ii.ABAC:
This sets and enforces policies based on characteristics, such
as department, location, manager, and time of day.
Using Boolean logic, ABAC creates access rules with if-then
statements that define the user, request, resource, and action.
For example, if the requester is a salesperson, they are
granted read-write access to the customer relationship
management (CRM) solution, as opposed to an administrator
who is only granted view privileges to create a report.
5.Describe piggy backing and shoulder surfing.
i.Piggybacking:
Piggybacking is the process of using a wireless connection to
access an internet connection without authorization.
Its objective is to gain free network access which is often
exploited to attempt malicious activities like data breaching
and dissemination of malware. It can also lead to slower
internet speed for all the systems connected to the network.
Even if piggybacking isn’t attempted with malicious
intent, it’s still illegal because the user is taking undue
advantage of a service they haven’t paid for.
Piggybacking Types:
1. Password Sharing
2. Physical Access
3. Remote Access
4. Wi-Fi Piggybacking
5. Social Engineering
Prevention:
 Use access control systems like biometric
authentication, keycards, or PIN-based entry.
 Implement automatic session logout after inactivity.
 Enable two-factor authentication (2FA) for added
security.
 Use encrypted connections to prevent unauthorized
data access.
ii.Shoulder Surfing:
During a shoulder surfing attack, an attacker physically
views someone’s entry of sensitive information, be it
passwords, personal identification numbers, or any
other such data, over the target’s shoulder.
Most often, this attack takes place in public or semi-
public environments where an attacker can have a
glimpse of what is on screen or being typed at the
keyboard without raising much suspicion.
Privacy screens, which only allow a small angle of view
to their displays, can also be used by users to defend
against shoulder surfing.
Besides, they need to be aware of the surroundings
while inputting sensitive data and place themselves in
such a way as to block the possible viewers.
On-screen keyboards would also introduce some extra
difficulty for people attempting to capture keystrokes,
hence offering extra protection from this kind of
attack.
Prevention:
 Looking for an area of space free where your back
is against a wall.
 Never give or share your password or any vital
information to anyone.
 Never share such open personal accounts in
public local places.
  Locating a quiet spot away from the crowd.
6.Explain working of fingerprint mechanism and its limitations.
Fingerprint biometrics is a commonly used form of biometric
security that is easy to use, hard to fool, and often a cost-
effective strategy, relying on something a person has.
Fingerprints cannot be forgotten or lost like a password or ID
card, and no two people share fingerprints, guaranteeing that
they are unique to each individual.
Fingerprint biometrics use a scanner that can be small and
freestanding or contained within a device directly, such as a
smartphone, security system, or computer. Fingerprint
scanners take a digital rendering of the fingerprint and convert i. Encryption:
it to a digital algorithm for storage.
In this way, fingerprint data is safe from reverse engineering.
Even if a bad actor obtains the fingerprint data through a
breach or theft, it cannot be turned back into the fingerprint
image and used.
A security feature that is convenient, easy to use, and user-
friendly, fingerprint biometrics is used across a wide range of
applications to both verify and authenticate identities.
Fingerprint biometrics continue to advance with evolving
technology. More companies and industries are adopting this
form of biometric authentication. When coupled with other
security protocols, such as strong passwords or tokens,
fingerprint biometrics are even more secure.
Limitations:
 False acceptance and rejection can occur, leading to
security and usability issues.
 Dirt, moisture, or sensor damage can affect fingerprint
scanning accuracy.
 Skin conditions like cuts, burns, or worn-out fingerprints
may cause recognition failures.
 Spoofing attacks using fake fingerprints can bypass weak
biometric systems.
 Fingerprint data, once compromised, cannot be
changed like passwords, posing privacy risks.
7. Convert the given plain text, encrypt it with the help of Caesar
cipher technique. “Information Security”.
Choose a shift value. In this case, we will use a shift of 3.
Replace each letter in the plaintext message with
the letter that is three positions to the right in the
alphabet.
 H becomes K (shift 3 from H)
 E becomes H (shift 3 from E)
 L becomes O (shift 3 from L)
 L becomes O (shift 3 from L)
 O becomes R (shift 3 from O)
The encrypted message is now “KHOOR”.
8. Describe encryption and decryption with diagram.
Encryption is a form of data security in which
information is converted to ciphertext. Only
authorized people who have the key can decipher
the code and access the original plaintext
information.
It uses encryption algorithms and a secret key to
scramble data into an unreadable format.
Encryption is used in secure communication, online
transactions, and data storage.
ii.Decryption:
Decryption is the process of converting an
encrypted message back to its original (readable)
format. The original message is called the plaintext
message
It allows authorized users to access the original data
securely.
Decryption ensures that only intended recipients
can read the encrypted message.
9. Explain Man in the middle Attack with example.
A man-in-the-middle (MITM) attack is a cyberattack in
which a hacker steals sensitive information by
 eavesdropping on communications between two online
targets such as a user and a web application.If an
attacker puts himself between a client and a webpage, a
Man-in-the-Middle (MITM) attack occurs. This form of
assault comes in many different ways.
Phishing attacks are one common means of entry for
MITM attackers. By clicking on a malicious link in an
email, a user can unknowingly launch a man-in-the
browser attack.
MITM attacker might also eavesdrop on private
communications between two people. In this scenario,
the attacker diverts and relays messages between the
two people, sometimes altering or replacing messages to
control the conversation.
For example, In order to intercept financial login
credentials, a fraudulent banking website can be used.
Between the user and the real bank webpage, the fake
site lies "in the middle."
10. Describe the dumpster diving with its prevention
mechanism.
Dumpster diving is the process of searching trash to
obtain useful information about a person/business that
can later be used for the hacking purpose. This attack
mostly targets large organizations or business to carry
out phishing (mostly) by sending fake emails to the
victims that appear to have come from a legitimate
source. The information obtained by compromising the
confidentiality of the victim is used for Identity frauds.
What does a hacker look for?
 Email address/address
 Phone numbers to carry out Phishing
 Passwords and other social security numbers that we
might have written on sticky notes for our convenience
 Bank statements/financial statements
 Medical records
 Important documents
 Account login credentials
 Business secrets
 Marketing secrets
 Information of the employee base
 Information about the
software/tools/technologies that is being
used at the company
Preventive Measures:
 Destroy any CDs/DVDs containing
personal data.
 In case you no longer need your PC,
make sure you have deleted all the data
so that it can’t be recovered.
 Use of firewalls can prevent suspicious
Internet users from accessing the
discarded data.
 Paper documents should be
permanently destroyed/shredded.
 Companies should lock waste bins and
should have a safe disposal policy.
11. Enlist substitution techniques & explain any
one.
The symmetric key cryptography method
employs one secret key for the operations of
encryption and decryption.
Substitution techniques provide two significant
approaches, wherein elements (letters,
characters) from the plaintext message are
replaced with new elements according to the
rules based on the secret key.
Substitution Techniques
1. Caesar Cipher
2. Playfair cipher
3. Vigenere cipher
4. Vernam cipher (One-time pad)
Caesar Cipher:
This was first proposed by Julius Caesar and is
termed as Caesar Cipher.
Caesar Cipher is a special case of substitution
techniques wherein each alphabet in a message
is replaced by an alphabet three places down
the line.
For example, with a shift of three, the letter ‘A’
becomes ‘D’, ‘B’ becomes ‘E’, and so on.
 Example:
Choose a shift value. In this case, we will use a shift of 3.
Replace each letter in the plaintext message with the letter that
is three positions to the right in the alphabet.
 H becomes K (shift 3 from H)
 E becomes H (shift 3 from E)
 L becomes O (shift 3 from L)
 L becomes O (shift 3 from L)
 O becomes R (shift 3 from O)

The encrypted message is now “KHOOR”.

12. Consider plain text “CERTIFICATE” and convert it into cipher

text using Caesar Cipher with a shift of position 4. Write steps
for encryption.