a) With a neat diagram show how a zombie works.

Answer:

 A zombie is a computer that has been compromised by a hacker or malware and is used to
perform malicious tasks under remote direction, such as participating in Distributed Denial of
Service (DDoS) attacks.
 Diagram: Typically involves a flowchart showing a hacker, Command-and-Control (C&C)
server, the compromised zombie computer, and the victim receiving the attack.

(b) What is cyber squatting and cyber space?

Answer:

 Cyber Squatting: The practice of registering domain names similar to popular brands or
trademarks with the intent to sell them for profit or exploit them.
 Cyber Space: The virtual environment in which communication over computer networks
occurs, including the internet, social media, and online platforms.

(c) What are Botnets?

Answer:

 A botnet is a network of infected devices, often referred to as “bots” or “zombies,” controlled

by a hacker (bot herder) to perform malicious activities like spamming, data theft, or DDoS
attacks.

(d) List the categories of cybercrime.

Answer:

1. Financial Crimes (e.g., online fraud, phishing)

2. Hacking (e.g., unauthorized access to systems)
3. Cyber Terrorism (e.g., disrupting critical infrastructure)
4. Cyberbullying and Harassment
5. Intellectual Property Theft (e.g., software piracy)
6. Identity Theft and Fraud

(e) What are the measures to protect laptops?

Answer:

1. Use strong passwords and enable two-factor authentication.

2. Keep antivirus and firewalls updated.
3. Avoid using public Wi-Fi without VPN.
4. Encrypt sensitive files and data.
5. Regularly back up data to a secure location.
(f) What are the challenges posed by mobile devices?

Answer:

1. Security threats like malware and phishing.

2. Risk of data loss due to device theft.
3. Unauthorized app installations leading to data breaches.
4. Difficulty in managing and monitoring devices in an organization.
5. Vulnerabilities in Bluetooth and Wi-Fi connectivity.

(g) What are the types of Buffer Overflow?

Answer:

1. Stack-based Buffer Overflow: Overwriting the stack with excessive data.

2. Heap-based Buffer Overflow: Exploiting the heap memory by corrupting the dynamically
allocated memory.
3. Integer Overflow: Exploiting arithmetic operations to overflow memory buffers.
4. Format String Vulnerabilities: Misusing format strings to overwrite memory.

(h) Specify the tools used to launch Denial of Service attacks.

Answer:

1. LOIC (Low Orbit Ion Cannon)

2. HOIC (High Orbit Ion Cannon)
3. Botnets (e.g., Mirai Botnet)
4. Hping
5. Slowloris

(i) Mention the components of contingency planning.

Answer:

1. Business Impact Analysis: Assessing the critical functions and resources.

2. Incident Response Plan: Steps to detect and respond to incidents.
3. Disaster Recovery Plan: Strategies to restore operations after a disaster.
4. Backup Procedures: Regular data backups for recovery.

(j) Mention the consequences of not addressing the weakness in the information
technology act.

Answer:

1. Increased vulnerability to cybercrimes like hacking and fraud.

2. Loss of user trust due to privacy violations.
3. Financial losses due to data breaches and ransomware.
4. Legal repercussions and penalties for non-compliance.
5. Threats to national security from cyberterrorism.
(a) What is cybercrime? How do you define it?

Answer:
Cybercrime refers to illegal activities conducted using computers, networks, or the internet. It
includes crimes such as hacking, identity theft, phishing, and spreading malware, all aimed at
exploiting individuals or organizations.

(b) Why cybersecurity is important?

Answer:
Cybersecurity is essential to protect sensitive data, prevent unauthorized access, and ensure the
integrity, confidentiality, and availability of information systems. It safeguards individuals and
organizations from financial losses, reputational damage, and legal consequences.

(c) Distinguish between active attacks and passive attacks.

Answer:

 Active Attacks: Modify or disrupt data or systems, such as hacking or injecting malware.
 Passive Attacks: Monitor or intercept data without affecting the system, such as
eavesdropping or traffic analysis.

(d) What is social engineering?

Answer:
Social engineering is a technique used by cybercriminals to manipulate individuals into revealing
confidential information, such as passwords or financial details, often by exploiting trust or fear.

(e) Why should mobile devices be protected?

Answer:
Mobile devices store sensitive data and are vulnerable to threats like malware, phishing, and theft.
Protecting them ensures data security, prevents unauthorized access, and safeguards personal and
organizational information.

(f) What are the mobility types?

Answer:
Mobility types refer to ways devices and users can access resources:

1. Personal Mobility: Access via individual devices like smartphones or laptops.

2. Device Mobility: Devices moving across networks (e.g., Wi-Fi, cellular).
3. Service Mobility: Continuity of services across devices and networks.
(g) How can keyloggers be used to commit cybercrime?

Answer:
Keyloggers record keystrokes entered on a device, allowing attackers to steal passwords, PINs, and
other sensitive information, leading to identity theft, unauthorized access, or financial fraud.

(h) What is the difference between steganography and cryptography?

Answer:

 Steganography: Hides information within other files (e.g., images) without encryption.
 Cryptography: Encrypts information so that it can only be accessed with a decryption key.

(i) What do you mean by data privacy in cybersecurity?

Answer:
Data privacy involves ensuring that personal and sensitive information is collected, stored, and used
securely, with access limited to authorized individuals, preventing unauthorized exposure or
breaches.

(j) List the benefits of an Incident Response System.

Answer:

1. Quick Detection: Identifies threats early.

2. Efficient Mitigation: Limits damage from attacks.
3. Business Continuity: Minimizes downtime during incidents.
4. Regulatory Compliance: Ensures adherence to legal and industry standards.
5. Improved Security: Enhances organizational resilience to future attacks.