Q1. Briefly Explain proxy servers.

A proxy server acts as an intermediary between a user's device (like a computer or smartphone)
and the internet. When you request a webpage or any other resource online, your request first
goes to the proxy server. The proxy server then fetches the requested resource from the
internet and forwards it to your device.

Here are some key functions of a proxy server:

●​ Caching: Proxy servers cache frequently accessed web pages and other content, which
speeds up loading times for subsequent requests.
●​ Filtering: They can be used to filter web content, blocking access to malicious websites or
inappropriate content.
●​ Anonymity: Proxy servers can mask your IP address, providing a degree of anonymity
online.
●​ Security: They can help protect your device from malicious attacks by acting as a buffer
between your network and the internet.

Q2. What is phishing? How phishing works.

Phishing is a type of cybercrime where attackers attempt to deceive individuals into revealing
sensitive information, such as usernames, passwords, and credit card details.

How phishing works:

1.​ Crafting the Phishing Message: Attackers create emails, messages, or websites that
appear to be legitimate, often mimicking trusted entities like banks, social media platforms,
or e-commerce sites.
2.​ Delivery: These phishing messages are sent to a large number of potential victims via
email, social media, or other channels.
3.​ Tricking the Victim: The messages typically contain a link or attachment that appears
legitimate but actually leads to a malicious website or downloads malware.
4.​ Data Collection: Once the victim clicks on the link or opens the attachment, they are
typically directed to a fake website designed to steal their credentials or download malware
onto their device.

Q3. What do you mean by keylogging (Keystroke logging)? Discuss key logger and give
its classifications.

Keylogging, also known as keystroke logging, is the process of recording keystrokes made on a
keyboard.

Keyloggers are software or hardware devices that capture and record every key pressed on a
keyboard.

Classifications of Keyloggers:
●​ Software Keyloggers: These are programs installed on the target computer. They can be
 installed by malicious software, downloaded unknowingly by the user, or even pre-installed on
the device.
●​ Hardware Keyloggers: These are physical devices that are inserted between the keyboard
and the computer. They capture keystrokes directly from the keyboard.

Q4. What is a computer virus? List various types of virus.

A computer virus is a malicious program that can replicate itself and spread from one computer
to another.

Types of Computer Viruses:

●​ File Viruses: These viruses attach themselves to executable files, corrupting them.
●​ Boot Sector Viruses: These infect the boot sector of a hard drive or floppy disk, interfering
with the system's startup process.
●​ Macro Viruses: These viruses are embedded in macros within Microsoft Office documents.
●​ Worm Viruses: These viruses spread independently through networks, exploiting
vulnerabilities.
●​ Trojan Horses: These are malicious programs disguised as legitimate software.
●​ Ransomware: This type of malware encrypts a victim's files and demands a ransom payment
for decryption.

Q5. Differentiate between computer virus and worm.

Feature Computer Virus Computer Worm

Definition A malicious program that A self-replicating

replicates itself by standalone malicious
attaching to another program that spreads
executable file. through networks.

Spreading Mechanism Requires a host file to Spreads independently

spread. through networks,
exploiting vulnerabilities.

Impact Primarily targets data and Primarily targets network

files, corrupting or deleting resources, consuming
them. bandwidth and overloading
systems.
 Feature Computer Virus Computer Worm

Detection Often detected by antivirus Detected by network

software. security tools and antivirus
software.

Q6. What do you understand by backdoor? Give its function.

A backdoor is a hidden entry point into a computer system or network that allows unauthorized
access.

Function of a Backdoor:
●​ Remote Access: Attackers can use backdoors to gain remote access to the system, allowing
them to control it remotely.
●​ Data Exfiltration: Backdoors can be used to steal sensitive data from the system.
●​ Persistence: Attackers can use backdoors to maintain persistent access to the system, even
after security measures are implemented.
●​ Command and Control: Backdoors can be used to establish a command-and-control
channel for attackers to communicate with the compromised system.

Q7. Write short notes on steganography and steganalysis.

●​ Steganography: This is the art and science of concealing a message within another
message or medium. It aims to hide the very existence of the message, making it
undetectable. Common techniques include hiding data within images, audio files, and text.
●​ Steganalysis: Steganalysis is the art and science of detecting hidden messages within
multimedia files. It involves analyzing various features of the media to identify anomalies that
may indicate the presence of hidden data.

Q8. What is denial-of-service (DoS) attack? Give its classification.

A Denial-of-Service (DoS) attack is a cyberattack that aims to disrupt the availability of a

computer or network resource, making it inaccessible to legitimate users.

Classification of DoS Attacks:

●​ Volume-based attacks: These attacks overwhelm the target system with a flood of traffic,
such as SYN floods and ICMP floods.
●​ Protocol-based attacks: These attacks exploit vulnerabilities in network protocols, such as
TCP and UDP.
●​ Application-layer attacks: These attacks target specific applications or services running on
the target system.

Q9. What is SQL injection and what are different counter measures to prevent the attack.

SQL injection is a type of cyberattack where malicious SQL code is injected into a web
 application's input fields, allowing attackers to manipulate the application's database.

Countermeasures to Prevent SQL Injection:

●​ Input Validation: Validate and sanitize all user inputs to prevent the injection of malicious
SQL code.
●​ Prepared Statements: Use parameterized queries or prepared statements to prevent
attackers from injecting malicious SQL code.
●​ Least Privilege Principle: Grant database users only the necessary permissions to perform
their tasks.
●​ Regular Security Audits: Conduct regular security audits and penetration tests to identify
and address potential vulnerabilities.
●​ Use of an Application Firewall: Deploy an application firewall to filter and block malicious
traffic.

Q10. What is buffer overflow? What are different buffer overflow attacks?

A buffer overflow occurs when a program attempts to write more data to a memory buffer than it
can hold. This can overwrite adjacent memory locations, potentially causing the program to
crash or allowing attackers to execute malicious code.

Types of Buffer Overflow Attacks:

●​ Stack-based buffer overflows: These attacks exploit vulnerabilities in the stack memory
area of a program.
●​ Heap-based buffer overflows: These attacks exploit vulnerabilities in the heap memory
area.
●​ Format string vulnerabilities: These attacks exploit vulnerabilities in the way that programs
handle format strings.