CO1

1) Give and explain in detail a global perspective on cybercrimes.

Cybercrimes involve illegal activities using computers and the internet, such as fraud,
hacking, ransomware, cyberterrorism, and online abuse.

1. Worldwide Impact
o Cybercrimes cause huge financial losses—estimated in hundreds of billions
of dollars annually.
o They affect individuals, businesses, and governments everywhere.
o Cyber attacks can disrupt critical infrastructure like power grids and
healthcare.
2. Challenges
o Cybercrimes cross international borders, complicating legal jurisdiction
and enforcement.
o Different countries have different cyber laws and enforcement capabilities.
o Criminals use advanced technology to hide their identity and location.
o Rapid tech changes make it difficult for law enforcement to keep up.
3. International Cooperation
o Organizations like Interpol and Europol help coordinate global responses.
o Treaties such as the Budapest Convention harmonize cybercrime laws
among countries.
o Countries share intelligence, conduct joint investigations, and assist each
other.
4. Emerging Trends
o Ransomware attacks are increasing, often targeting organizations
worldwide.
o Use of AI by cybercriminals and defenders is growing.
o Attacks on supply chains and critical infrastructure pose new risks.
o Data protection laws (like GDPR) influence global standards.
5. The Way Forward
o Stronger international laws and better enforcement cooperation are
needed.
o Public-private partnerships improve detection and response.
o Increasing cybersecurity awareness globally helps reduce victimization.
2) Give and explain different types of cybercriminals? Also give and
explain in detail classification of cybercrimes.
Cybercrime refers to any criminal activity that involves computers, networks, or the
internet as a tool, target, or medium of committing an offense. It includes activities
such as identity theft, fraud, hacking, and denial-of-service (DoS) attacks.

Examples:

• Hacking: Unauthorized system access (e.g., government website breach).

• Phishing: Fake emails tricking users into sharing sensitive data.

• DoS Attack: Flooding a website to make it crash.

• Malware: Viruses or spyware disrupting systems.

• Cyberstalking: Online harassment or threats.

• Identity Theft: Stealing personal data for fraud.

• Ransomware Attack: Locking user files and demanding payment for release.

Cybercriminals are individuals or groups who engage in illegal activities using

computers, networks, or the internet to harm individuals, organizations, or
governments.

Types & Examples:

1. Hackers – Gain unauthorized access to computer systems or networks.

Example: A hacker breaches a bank’s database to steal customer information..

2. Cyber Terrorists – Use cyberattacks to promote political, religious, or ideological

goals.
Example: A group carries out a DDoS attack on government websites.

3. Fraudsters – Use deception to commit financial crimes online. They often use
fake websites or apps that mimic real ones.
Example: A scammer sends phishing emails to trick users into revealing credit
card details.

4. Insiders – Employees or trusted individuals who misuse their access rights.

Example: A disgruntled employee leaks sensitive business data to a rival
company. Insiders can also install malware or delete important files.

5. Cyberstalkers – Use the internet to harass, intimidate, or threaten others.

Example: Repeatedly sending abusive or threatening messages to someone on
social media.
 3) Explain in detail how criminal plan the attacks.
Cybercriminals follow a structured approach in five key stages:

1. Reconnaissance
Attackers gather information about the target using social media, company
websites, and leaked databases. This helps them identify potential weak spots
such as exposed systems or employee credentials.

2. Scanning
They use tools like port scanners and vulnerability scanners to analyze the
target's network, looking for open ports, outdated software, or misconfigurations
that can be exploited.

3. Gaining Access
Once vulnerabilities are found, attackers use phishing, malware, brute-force
methods, or exploit software bugs to gain unauthorized entry into the system.

4. Maintaining Access
After breaching the system, they install backdoors or remote access tools to stay
connected. They may escalate privileges and use persistence techniques to avoid
being removed or detected.

5. Covering Tracks
Finally, they erase logs, hide malware, and use encryption or steganography to
avoid detection and ensure they leave no trace of their presence.

4) Define and explain the following terms in brief a) Cyber space b)

Cyber-squatting c) Cyberterrorism d) Cyberpunk e)
Cyberdefamation f) Cyberwarfare g) Usenet newsgroup h)
Salami attack. i) Brute force hacking.

a) Cyberspace

A virtual space where computers, networks, and online interactions take place.
It includes the internet, cloud platforms, social media, and communication networks.
Example: Browsing websites or chatting on WhatsApp happens in cyberspac

b) Cyber-squatting

Registering domain names resembling well-known brands to sell for profit.

It’s often done in bad faith to exploit brand recognition or trademark value.
Example: Buying “amazonn.in” and trying to sell it to Amazon.

c) Cyberterrorism
Using digital means to cause fear, panic, or disruption for ideological purposes.
Targets often include critical infrastructure, government systems, or public safety.
Example: Hacking a government website to spread propaganda or disable services

d) Cyberpunk

A genre combining advanced technology with dystopian, broken societies.

It often explores cybercrime, AI, surveillance, and social inequality.
Example: The video game Cyberpunk 2077 shows hackers in a futuristic, corrupt society.

e) Cyberdefamation

Spreading false or damaging statements online to harm someone's reputation.

Victims may face social, personal, or professional consequences.
Example: Posting fake claims about a business on social media to harm its image.

f) Cyberwarfare

Digital attacks between nations aiming to steal data or disrupt services.

It’s considered a modern weapon targeting economy, defense, and communication.
Example: A country launches malware to paralyze another's defense servers.

g) Usenet Newsgroup

An early online forum system where users shared messages by topic.

It was widely used before web-based forums and social media existed.
Example: Tech users sharing coding tips in the “comp.lang.python” newsgroup.

h) Salami Attack

A cybercrime that involves stealing tiny amounts from many transactions.

Though small individually, they result in large cumulative thefts.
Example: A bank employee programs transfers of ₹0.01 from all accounts to his own.

i) Brute Force Hacking

Cracking passwords by trying all possible character combinations.

It’s time-consuming but effective against weak or short passwords.
Example: A hacker uses a tool to guess a user’s password by testing thousands of options.
 CO2
1) Explain different precautions need to take to reduce chances of
becoming part of Bot.

1. Keep Software Updated:

Regular updates fix security vulnerabilities that bots exploit to infect devices. Always
install patches for your OS, apps, and antivirus promptly.
2. Use Strong Authentication:
Strong, unique passwords reduce the risk of brute force attacks. Multi-factor
authentication adds an extra layer of protection to your accounts.
3. Enable Firewalls:
Firewalls help block unauthorized access and suspicious traffic from reaching your
system, preventing bots from communicating with control servers.
4. Be Cautious Online:
Avoid clicking unknown links or downloading files from untrusted sources as they
may contain malware designed to enlist your device in a botnet.
5. Manage Browser Extensions:
Only install extensions from trusted developers. Malicious or outdated extensions can
act as entry points for malware infections.
6. Monitor Device Behavior:
Look out for unusual slowdowns, unexpected data usage, or unknown background
processes, which may indicate your device is compromised.

2) Give classification of cybercrimes and explain in short the terms a) E-

mail spoofing b) Spamming c) Data diddling d) E-mail bombing e)
Password sniffing f) computer sabotage g) Web jacking.

Classification of Cybercrimes

1. Cybercrimes Against Individuals:

Crimes targeting individuals, such as identity theft, cyberstalking, and online
harassment.
2. Cybercrimes Against Property:
Crimes involving damage or theft of digital assets, including hacking, phishing, and
malware attacks.
3. Cybercrimes Against Government:
Attacks on government systems like cyberterrorism, cyberwarfare, and unauthorized
access to sensitive data.
4. Cybercrimes Against Organizations:
Corporate espionage, data breaches, ransomware, and insider threats targeting
businesses.

Brief Explanation of Terms

a) E-mail Spoofing:
Sending emails with a forged sender address to trick recipients into believing the message is
from a trusted source.
b) Spamming:
Sending unsolicited bulk emails, often for advertising or phishing purposes, clogging inboxes
and wasting resources.

c) Data Diddling:
Illegally altering data before or during input into a computer system to manipulate
information or outcomes.

d) E-mail Bombing:
Overwhelming a victim’s email inbox with a massive number of messages to disrupt
communication.

e) Password Sniffing:
Capturing passwords by monitoring network traffic using specialized software tools.

f) Computer Sabotage:
Deliberate damage or disruption of computer systems or networks, often to cause operational
failures.

g) Web Jacking:
Hijacking control of a website by exploiting vulnerabilities, often to deface it or steal data.

3) Explain attacks on Mobile/Cellphone.

Mobile devices face various security threats due to their widespread use and connectivity.
Common attacks include:

1. Malware:
Malicious apps or software designed to steal data, spy on users, or damage the device.
Examples include viruses, trojans, and ransomware targeting mobile OS.
2. Phishing:
Attackers send fake messages or emails to trick users into revealing sensitive
information like passwords or banking details.
3. SIM Swapping:
Fraudsters take control of a victim’s phone number by tricking the telecom provider,
enabling them to intercept calls and messages or bypass two-factor authentication.
4. Man-in-the-Middle (MitM) Attacks:
Hackers intercept data exchanged over unsecured Wi-Fi networks to steal passwords,
messages, or financial information.
5. App Vulnerabilities:
Poorly designed apps can have security flaws that allow attackers to access private
data or take control of the device.
6. Physical Theft:
If a phone is stolen and not properly secured (e.g., with a strong lock or encryption),
attackers can access personal data directly.
4) Explain in detail types and different techniques of credit card frauds.

Types of Credit Card Frauds

1. Card-Not-Present (CNP) Fraud:

Occurs when the fraudster uses stolen credit card information for online or
phone transactions where the physical card is not required.
Example: Buying goods online using stolen card details.

2. Card-Present Fraud:
Involves the physical use of a stolen or cloned credit card to make unauthorized
purchases at stores or ATMs.
Example: Using a cloned card at a retail outlet.

3. Account Takeover Fraud:

The fraudster gains access to a cardholder’s account by stealing personal
information, then changes account details or makes unauthorized transactions.
Example: Changing the billing address to intercept new cards.

4. Application Fraud:
Using fake or stolen identities to apply for credit cards, which are then used
fraudulently.
Example: Submitting forged documents to get a new credit card.

5. Lost or Stolen Card Fraud:

Using a lost or stolen physical credit card to make purchases without the owner’s
consent.

Techniques of Credit Card Fraud

1. Skimming:
Illegal copying of credit card data using a small device (skimmer) attached to
ATMs or point-of-sale terminals. The stolen data is then used to create cloned
cards.

2. Phishing:
Fraudsters send fake emails or messages pretending to be banks or companies to
trick users into revealing their credit card details.

3. Carding:
Testing stolen credit card numbers by making small online purchases to check if
the card is active.

4. Data Breaches:
Hackers infiltrate company databases to steal large amounts of credit card data
at once.
 5. Social Engineering:
Manipulating individuals into revealing credit card information through calls,
emails, or in-person deception.

6. Mail Theft:
Intercepting physical credit cards or bank statements from mailboxes to gain
card details.

5) Give types of stalkers and explain how stalking works.

Types of Stalkers

1. Simple Obsessional Stalker:

Usually someone known to the victim, like an ex-partner, friend, or acquaintance.
They often stalk after a relationship ends or due to a grievance.

2. Love Obsessional Stalker:

A stranger who becomes fixated on the victim, often believing there is a special
relationship even when none exists.

3. Erotomanic Stalker:
Believes the victim is secretly in love with them, often a delusional person who
may target celebrities or public figures.

4. False Victim Stalker:

Claims to be a victim themselves and may stalk others to divert attention or gain
sympathy.

How Stalking Works

Stalking involves repeated, unwanted attention and harassment that causes fear or
distress to the victim. The stalker gathers information through social media,
surveillance, or direct contact. They may send threatening messages, show up uninvited,
make calls, or use technology to track the victim’s location. The goal is often to
intimidate, control, or instill fear, and the behavior can escalate over time if unchecked.
6) Define attack vector and explain different attack vector in
detail.
An attack vector is the method or pathway used by a cyber attacker to gain
unauthorized access to a computer system, network, or device. It’s essentially how
attackers deliver their malicious payload or exploit vulnerabilities to cause harm.

Different Types of Attack Vectors

1. Phishing:
Attackers send fraudulent emails or messages pretending to be trusted entities to
trick victims into revealing sensitive information like passwords or clicking
malicious links.

2. Malware:
Malicious software such as viruses, worms, ransomware, or spyware is used to
infect systems. These can enter through downloads, email attachments, or
compromised websites.

3. Social Engineering:
Manipulating people into divulging confidential information by exploiting human
psychology rather than technical hacking.

4. Exploiting Software Vulnerabilities:

Attackers take advantage of bugs or security flaws in software, operating
systems, or applications to gain control or access.

5. Man-in-the-Middle (MitM) Attacks:

Intercepting communication between two parties to steal or alter data, often
done over unsecured Wi-Fi networks.

6. Denial of Service (DoS) Attacks:

Flooding a target system or network with excessive traffic to overwhelm
resources and cause downtime.

7. Physical Access:
Gaining direct access to hardware or devices, such as stealing laptops or using
USB drives infected with malware.

8. Insider Threats:
Employees or trusted individuals misuse their access privileges to leak
information or sabotage systems.
7) Give & explain classification of social engineering in detail.
Classification of Social Engineering

Social engineering is the manipulation of people into performing actions or divulging

confidential information. It exploits human psychology rather than technical
vulnerabilities. The main types include:

1. Phishing:
Attackers send deceptive emails or messages pretending to be trustworthy
sources to trick victims into revealing sensitive information like passwords or
credit card numbers.
Example: An email claiming to be from a bank asking to verify account details.

2. Spear Phishing:
A targeted form of phishing where attackers customize messages for a specific
individual or organization, increasing the chance of success.
Example: An email tailored to a company executive referencing their recent
projects to appear legitimate.

3. Vishing (Voice Phishing):

Using phone calls to impersonate legitimate entities and convince victims to
share confidential data.
Example: A caller pretending to be from tech support requesting login
credentials.

4. Smishing (SMS Phishing):

Similar to phishing but carried out via SMS texts containing malicious links or
requests for personal info.
Example: A text message claiming to be from a delivery company asking to
confirm a package by clicking a link.

5. Pretexting:
Creating a fabricated scenario to obtain private information by gaining the
victim’s trust.
Example: Pretending to be an IT employee to get a password reset.

6. Baiting:
Offering something enticing to lure victims into a trap, like free software
downloads or USB drives infected with malware.
Example: Leaving infected USB drives in public places hoping someone will plug
them into their computer.

7. Tailgating (Piggybacking):
Gaining physical access to restricted areas by following authorized personnel
without proper credentials.
 Example: An attacker entering a secure office by closely following an employee
through a door.

8. Quizzes and Surveys:

Using fake surveys or quizzes to extract personal or sensitive information under
the guise of harmless interaction.
Example: A fake online quiz asking for date of birth, mother’s maiden name, or
other security question answers.

8) How do viruses get disseminated? Explain with diagram.

Viruses spread by attaching themselves to files, programs, or systems and then
moving from one device to another through various channels:

1. Email Attachments:
Users open infected attachments, which execute the virus on their system.

2. Removable Media:
USB drives or external hard disks carry viruses from one computer to another.

3. Internet Downloads:
Downloading infected software, games, or files can introduce viruses.

4. Network Connections:
Viruses spread through shared networks, infecting connected devices.

5. Social Engineering:
Tricking users into clicking malicious links or downloading infected files.
9) Explain in brief or detail a) Mishing b) Vishing c) Smishing.
a) Mishing

Mishing (SMS phishing) is a type of cyberattack where attackers send fraudulent

text messages (SMS) to trick users into revealing personal information or clicking
malicious links. These messages often appear to come from trusted sources like
banks or service providers.
Example: A message claiming your bank account is locked and asking you to verify
your details via a provided link.

b) Vishing

Vishing (voice phishing) involves using phone calls to deceive victims into giving
away sensitive data such as passwords, credit card numbers, or bank details.
Attackers often impersonate officials or company representatives to gain trust.
Example: A caller pretending to be from the bank’s fraud department asking you to
confirm your account number.

c) Smishing

Smishing is another form of phishing conducted via SMS, where attackers send text
messages with malicious links or requests for personal information. It overlaps with
mishing but often focuses more on directing victims to phishing websites.
Example: A text urging you to click a link to claim a prize, which leads to a fake
website stealing your login credentials.

10) What is Vishing?

Vishing (voice phishing) is a type of cyberattack where fraudsters use phone calls to
impersonate legitimate organizations or officials. They trick victims into revealing
sensitive personal information such as passwords, credit card numbers, or social
security numbers.

How Vishing Works

1. Caller Pretends to be Trusted Entity: The attacker poses as a bank officer,

government agent, or tech support.

2. Creates a Sense of Urgency: They often claim there is a problem with your
account or a legal issue that needs immediate attention.
3. Requests Sensitive Information: The victim is asked to provide confidential
data like PINs, passwords, or credit card details.

4. Uses Spoofed Numbers: Attackers often fake caller ID numbers to appear

legitimate and trustworthy.

5. Exploits Fear or Trust: By intimidating or gaining the victim’s trust, they

increase the chances of getting the information.

How to Protect from Vishing Attacks

• Do Not Share Personal Info on Calls: Never give sensitive information over the
phone unless you initiated the call to a verified number.

• Verify Caller Identity: Hang up and call back using official numbers from
trusted sources.

• Be Skeptical of Urgent Requests: Legitimate organizations rarely demand

immediate sensitive info over the phone.

• Use Call-Blocking Tools: Use apps or phone features to block suspicious or

unknown callers.

• Educate Yourself and Others: Awareness about vishing tactics helps reduce
victimization.
 CO3
1) Explain in detail keyloggers and spywares.
Keyloggers and spyware are types of malicious software (malware) designed to
secretly monitor user activity and steal sensitive information. These threats pose
serious risks to both individuals and organizations by compromising personal, financial,
and corporate data, often leading to security breaches and identity theft.

How Keyloggers Work

Keyloggers record every keystroke made on a computer or mobile device. This means
that when users type passwords, credit card numbers, or other confidential information,
the keylogger captures and sends it to the attacker without the user’s knowledge.
Common ways keyloggers are installed include:

• Phishing Emails: Users unintentionally download keyloggers by clicking on

malicious links or attachments in fraudulent emails.

• Malicious Software (Trojan Horse): Some programs disguise themselves as

legitimate software but secretly install keyloggers in the background.

• Infected USB Devices: Attackers use infected USB drives to deploy keyloggers
when plugged into a target device.

How Spyware Works

Spyware is a broader type of malware that silently monitors user behavior, collects data,
and transmits it to cybercriminals. Spyware can:

• Record Browsing Habits: Track visited websites, search history, and online
transactions.

• Capture Screenshots: Periodically take screenshots to expose sensitive

information and login credentials.

• Steal Credentials and Personal Data: Extract usernames, passwords, and

confidential business documents.

• Enable Remote Access: Some spyware variants allow attackers to remotely

control the infected device.

Impact on Cybersecurity

• Leads to identity theft and financial fraud.

• Grants attackers unauthorized access to personal and corporate accounts.

• Compromises sensitive business data and intellectual property.

• Degrades system performance and weakens overall network security.

2) Explain in brief DoS and DDoS attacks.
Denial of Service (DoS) attacks are malicious attempts to make a website, server, or
network resource unavailable by overwhelming it with excessive traffic. The attacker
floods the target with requests, exhausting system resources and preventing legitimate
users from accessing the service.

A Distributed Denial of Service (DDoS) attack is a more sophisticated version where

multiple compromised devices, collectively known as a botnet, simultaneously flood the
target. This coordinated attack generates massive traffic, making it much harder to
defend against—even for well-protected services.

Types of DoS and DDoS Attacks

1. Volume-Based Attacks: Overwhelm the target with huge amounts of traffic,

such as UDP floods and ICMP floods.

2. Protocol-Based Attacks: Exploit weaknesses in network protocols to exhaust

server resources, including SYN floods and Ping of Death attacks.

3. Application Layer Attacks: Target web applications by sending large volumes of

seemingly legitimate requests, such as HTTP floods and Slowloris attacks.

Impact of DoS and DDoS Attacks

• Reputation Damage: Prolonged downtime erodes customer trust and harms

brand reputation.

• Business Disruptions and financial loses : Services become inaccessible,

leading to loss of revenue and productivity. Organizations incur costs for
mitigation, lost sales, and sometimes ransom payments.

• Security Risks: DDoS attacks can act as a smokescreen for other cyberattacks
like data breaches or malware injections.

Common Mitigation Strategies Against DDoS Attacks

• Traffic Filtering: Identifies and blocks malicious traffic while allowing legitimate
users through.

• Rate Limiting: Controls the number of requests a system accepts per second to
prevent overload.

• DDoS Protection Services: Cloud-based solutions such as Cloudflare and

Akamai provide automated defense and traffic scrubbing.

• Firewalls and Intrusion Prevention Systems (IPS): Monitor and block

suspicious activity before it reaches critical infrastructure.
3) SQL injection attacks.
How Does an SQL Injection Attack Work?

SQL Injection (SQLi) is a cyberattack where attackers insert malicious SQL code into
input fields of web applications—such as login forms, search boxes, or URL
parameters—to manipulate backend databases. This happens when the application
does not properly validate or sanitize user inputs, allowing attackers to alter database
queries.

For example, a vulnerable login query might look like this:

SELECT * FROM users WHERE username = 'admin' AND password = 'password';

If an attacker inputs the following in the username field:

' OR '1'='1'; --

The query changes to:

SELECT * FROM users WHERE username = '' OR '1'='1'; --' AND password = '';

Because '1'='1' is always true, the attacker bypasses authentication and gains
unauthorized access.

Potential Consequences of SQL Injection Attacks

1. Bypassing Authentication: Attackers can log in as any user, including admins,

without valid credentials.

2. Data Theft and Modification: Sensitive information like passwords, credit card
details, and personal data can be stolen, altered, or deleted.

3. Database Corruption and Data Loss: Attackers may delete tables or entire
databases using destructive commands such as DROP TABLE.

4. Gaining Administrative Control: With privilege escalation, attackers can

execute system-level commands, compromise servers, or install malware.

5. Reputation and Financial Damage: Data breaches can lead to heavy regulatory
fines (e.g., GDPR), legal consequences, and loss of customer trust.

How to Prevent SQL Injection Attacks

1. Use Prepared Statements (Parameterized Queries): This technique separates

SQL code from user inputs, preventing attackers from altering the query
structure.

2. Input Validation and Sanitization: Always validate and sanitize user inputs to
reject or clean malicious data before processing.
 3. Use Stored Procedures: These are precompiled SQL statements stored in the
database that limit direct user input manipulation.

4. Employ Least Privilege Principle: Restrict database user permissions so that

web applications only have the access they absolutely need.

5. Regularly Update and Patch Systems: Keep your software, database, and web
applications updated to fix known vulnerabilities.

6. Use Web Application Firewalls (WAF): Deploy WAFs to detect and block
common SQLi attempts before they reach your database.

7. Error Handling: Avoid revealing detailed database errors to users, as these can
give attackers clues about vulnerabilities.

4) Write short notes on computer virus and worms.

Computer Virus:

• A virus is a malicious code that attaches itself to executable files or programs.

• It requires user action (like opening a file or running a program) to activate and
spread.

• Viruses can corrupt or delete data, slow down systems, and cause crashes.

• Viruses often spread through infected email attachments, software downloads, or

USB drives.

• Example: The ILOVEYOU virus spread via email attachments and caused massive
damage worldwide in 2000.

Computer Worm:

• A worm is a self-replicating malware that spreads automatically over networks

without user intervention.

• It exploits security flaws to infect other computers and can rapidly multiply.

• Worms often consume network bandwidth and can deliver payloads that damage
systems.

• Worms can create backdoors to allow other malware or hackers access to

infected machines.

• Example: The Blaster Worm (2003) spread across Windows computers exploiting
a vulnerability, causing system crashes and network slowdowns.
5) Explain different methods for phishing and password cracking.
Methods of Phishing:

1. Email Phishing:
Attackers send fake emails that appear from trusted sources, tricking victims into
clicking malicious links or sharing sensitive info like passwords or credit card
numbers.

2. Spear Phishing:
A targeted phishing attack aimed at specific individuals or organizations, often
personalized using gathered information to increase trust.

3. Whaling:
A form of spear phishing that targets high-profile individuals like CEOs or
executives to steal confidential data or authorize fraudulent transactions.

4. Smishing (SMS Phishing):

Phishing attempts sent via SMS texts, asking users to visit malicious links or
provide personal details.

5. Vishing (Voice Phishing):

Attackers use phone calls pretending to be from legitimate organizations to trick
victims into revealing confidential information.

Methods of Password Cracking:

1. Brute Force Attack:

Trying every possible combination of characters until the correct password is
found. This method is time-consuming but guaranteed if enough time is allowed.

2. Dictionary Attack:
Using a precompiled list of common passwords or words (dictionary) to guess
the password quickly.

3. Rainbow Table Attack:

Using precomputed tables of hashed passwords to reverse-engineer the original
password faster than brute force.

4. Social Engineering:
Manipulating or tricking users into revealing their passwords, often through
phishing or impersonation.

5. Keylogging:
Installing malware that records every keystroke to capture passwords as they are
typed.
6) Give and explain any one incidence of hacking website.
Incidence of Website Hacking: The 2017 Equifax Data Breach

In 2017, Equifax, one of the largest credit reporting agencies in the U.S., experienced a
massive hacking incident. Attackers exploited a vulnerability in a web application
framework called Apache Struts used on Equifax’s website. This flaw allowed hackers to
gain unauthorized access to sensitive consumer data.

How it happened:
Hackers exploited the unpatched vulnerability to enter Equifax’s system undetected for
several months. They accessed personal information of approximately 147 million
people, including names, Social Security numbers, birthdates, addresses, and some
driver’s license numbers.

Impact:

• Massive exposure of sensitive data affecting nearly half of the U.S. population.

• Financial loss for individuals due to identity theft and fraud.

• Severe damage to Equifax’s reputation and trust.

• Legal and regulatory consequences including hefty fines and lawsuits.

This incident highlighted the critical importance of timely software updates, patch
management, and robust cybersecurity defenses for websites handling sensitive data.

7) Explain difference between passive and active attack

8) What is Bluetooth? Explain any four common attacks on Bluetooth.
Bluetooth is a short-range wireless communication technology that allows devices like
smartphones, laptops, headphones, and smartwatches to connect and exchange data
over short distances (usually up to 10 meters). It is commonly used for wireless audio
streaming, file sharing, and device pairing.

Four Common Attacks on Bluetooth

1. Bluejacking
Sending unsolicited messages or contacts to nearby Bluetooth-enabled devices
without permission. Though mostly harmless and used as a prank, it can cause
annoyance and distraction.

2. Bluesnarfing
Unauthorized access and theft of information from a Bluetooth device, such as
contacts, messages, or calendars, by exploiting security flaws in Bluetooth
connections.

3. Bluebugging
Allows an attacker to take control of a Bluetooth-enabled device, enabling them
to make calls, send messages, or access sensitive data without the user’s
knowledge.

4. Denial of Service (DoS) Attack

An attacker floods a Bluetooth device with excessive connection requests or data,
causing the device to crash, freeze, or become unusable temporarily.
9) What is buffer overflow? Explain in detail how to minimize it?
Buffer overflow happens when a program writes more data into a fixed-size memory
buffer than it can hold, causing crashes or enabling attackers to run malicious code.

How to Minimize Buffer Overflow

1. Input Validation:
Always check the size and format of inputs before processing to ensure they do
not exceed buffer limits.

2. Use Safe Functions:

Use secure functions like strncpy instead of strcpy or snprintf instead of sprintf
that limit the amount of data copied to buffers.

3. Bounds Checking:
Implement strict boundary checks in your code to prevent writing beyond the
allocated memory.

4. Employ Modern Languages and Tools:

Use programming languages with built-in memory safety or tools like
AddressSanitizer to detect buffer overflows during development.

5. Security Features:
Enable protections such as stack canaries, which detect buffer overflow attempts,
and Data Execution Prevention (DEP), which blocks execution of code in non-
executable memory regions.

6. Regular Code Audits:

Perform thorough code reviews and security testing to identify and fix buffer
overflow vulnerabilities early.
 CO4
1) Give and explain need for Indian cyber law.
Need for Indian Cyber Law

1. Protects Against Cybercrimes: Provides legal framework to address crimes like

hacking, phishing, identity theft, and cyberstalking.

2. Ensures Data Privacy: Safeguards personal and sensitive information of

individuals and organizations from misuse.

3. Regulates Digital Transactions: Validates electronic contracts, digital

signatures, and online business activities to promote trust.

4. Facilitates Investigation & Prosecution: Enables law enforcement to

investigate, detect, and punish cyber offenders effectively.

5. Promotes Secure Cyberspace: Encourages safe internet usage by setting rules

and penalties for misuse.

6. Supports Economic Growth: Builds confidence among users and businesses in

e-commerce and online services, boosting the digital economy.

2) Explain in brief positive and negative aspects of whistleblowing.

Positive Aspects of Whistleblowing:

• Promotes Accountability: Helps expose unethical or illegal activities within

organizations.

• Protects Public Interest: Prevents harm by alerting authorities about

wrongdoing.

• Encourages Ethical Culture: Motivates organizations to maintain transparency

and integrity.

• Supports Justice: Leads to corrective actions and policy changes.

Negative Aspects of Whistleblowing:

• Risk of Retaliation: Whistleblowers may face harassment, job loss, or social

isolation.

• Damage to Relationships: Can create mistrust and conflict within the

organization.
 • False Accusations: Potential misuse if allegations are unfounded, harming
innocent parties.

• Emotional Stress: Whistleblowers often experience stress, anxiety, and career

setbacks.

3) Explain in brief all eight types of whistleblowing

• Internal Whistleblowing
Reporting unethical or illegal activities to someone within the organization, like a manager or
compliance officer.

• External Whistleblowing
Reporting wrongdoings to outside authorities such as regulators, media, or law enforcement
agencies.

• Anonymous Whistleblowing
Whistleblowing without revealing one’s identity to protect against retaliation.

• Open Whistleblowing
Whistleblower openly identifies themselves when reporting the misconduct.

• Retaliatory Whistleblowing
When someone blows the whistle after facing retaliation or unfair treatment, using
whistleblowing as a defense.

• Third-party Whistleblowing
Reporting misconduct on behalf of others who may be unable or unwilling to report it
themselves.

• Personal Whistleblowing
Reporting wrongdoing that directly affects the whistleblower personally.

• Public Interest Whistleblowing

Reporting actions that harm society or the public good, aiming to protect wider community
interests.
4) Explain in code of ethics.
A Code of Ethics is a formal set of guidelines and principles designed to help
professionals conduct their work with integrity, honesty, and responsibility. It outlines
the moral standards expected in a particular profession or organization, guiding
decision-making and behavior to ensure fairness, respect, and accountability.

Key aspects of a Code of Ethics include:

• Promoting honesty and transparency in all actions.

• Respecting confidentiality and privacy of information.

• Avoiding conflicts of interest and maintaining impartiality.

• Complying with laws, regulations, and organizational policies.

• Encouraging responsibility towards society and the environment.

 CO5
1) Explain how to secure wireless network?
1. Use WPA3 or WPA2 encryption – Ensures secure communication between
devices and the router.

2. Set a strong, unique Wi-Fi password – Prevents unauthorized access to your

network.

3. Change default router admin credentials and SSID – Makes it harder for attackers
to guess login details.

4. Enable the router’s firewall – Provides an extra layer of defense against external
threats.

5. Disable WPS (Wi-Fi Protected Setup) – Prevents vulnerabilities related to easy

connection setup.

6. Regularly update router firmware – Patches security flaws and improves

performance.

7. Enable MAC address filtering – Only allows approved devices to connect to the
network.

8. Hide the SSID (optional) – Reduces visibility of your network to unknown users.

2) Explain in detail penalties, adjudication and appeal under IT Acts

2000.
1. Penalties under IT Act, 2000:

• For Damage to Computer Systems (Sec 43):

Compensation up to ₹1 crore for unauthorized access, downloading, introducing
viruses, damaging data, etc.

• Failure to Protect Data (Sec 72A):

Imprisonment up to 3 years or fine up to ₹5 lakhs for disclosing personal data
without consent.

• Sending Offensive Messages (Sec 66A, now struck down):

Originally penalized offensive messages via communication services (struck
down in 2015).
 • Cyber Terrorism (Sec 66F):
Imprisonment for life for causing threat to the sovereignty, integrity or security
of India using computers.

2. Adjudication (Sec 46):

• An Adjudicating Officer (usually a Joint Secretary level officer) is appointed to

handle cybercrime cases involving claims up to ₹5 crores.

• The officer has powers of a civil court and can summon, examine witnesses, and
direct evidence.

• Jurisdiction lies where the cause of action arises.

3. Appeal (Sec 48 - 57):

• Cyber Appellate Tribunal (now merged with TDSAT):

Handles appeals against decisions of the Adjudicating Officer.

• Appeal to High Court:

Any person not satisfied with the Tribunal's decision can appeal to the High
Court within 60 days.

• The Information Technology Act, 2000 is India’s first law to provide legal
recognition to electronic documents and digital signatures.

• It aims to facilitate e-commerce, e-governance, and cybercrime prevention.

• It covers offences like hacking, data theft, obscenity, identity theft, and
unauthorized access.

3) Write detail note on IT Acts 2000 and its Amendments.

IT Act 2000

• The Information Technology Act, 2000 is India’s first law to provide legal
recognition to electronic documents and digital signatures.

• It aims to facilitate e-commerce, e-governance, and cybercrime prevention.

• It covers offences like hacking, data theft, obscenity, identity theft, and
unauthorized access.

Key Amendments – IT (Amendment) Act, 2008

• Introduced new offences: cyber terrorism, phishing, identity theft, data breach.

• Recognized electronic signatures alongside digital signatures.

 • Introduced Section 66A to 66F for different types of cybercrimes.

• Section 69 empowers the government to intercept, monitor, or decrypt digital

information for national security.

• Provided safe harbor (Section 79) to intermediaries like ISPs and social media
platforms.

• Introduced data protection clauses (Section 72A) for service providers.

4) Explain in detail positive and negative (weak) aspects of the ITA

2000.
Positive Aspects of ITA 2000:

1. Legal Recognition to E-Transactions

ITA 2000 granted legal validity to digital signatures and electronic records,
enabling paperless transactions.

2. Facilitates E-Governance
It promotes digital interaction between citizens and the government (e.g., online
filing of documents, e-forms).

3. Addresses Cybercrimes
The Act defines and penalizes offenses like hacking, identity theft, cyberstalking,
data theft, etc.

4. Data Protection Measures

It includes provisions for securing sensitive personal data and mandates
reasonable security practices.

5. Digital Signature & Certifying Authorities

It introduced a legal framework for the use of digital signatures and licensed
Certifying Authorities (CAs).

6. Amendments for Modern Threats

Later amendments addressed issues like cyber terrorism, child pornography, and
phishing more effectively.

Negative (Weak) Aspects of ITA 2000:

1. Lack of Clarity in Certain Provisions

Some definitions and terms (e.g., "reasonable security practices") are vague and
open to interpretation.
 2. Poor Enforcement Mechanism
Law enforcement often lacks the training and technical expertise to effectively
handle cybercrimes.

3. Privacy Concerns
Section 69 gives the government power to intercept or monitor information,
raising privacy issues.

4. Outdated with Rapid Tech Changes

The original Act has not fully kept pace with emerging tech such as AI, deepfakes,
and blockchain.

5. Section 66A Misuse (Now Struck Down)

It was used to arrest people for social media posts, curbing freedom of speech
(struck down by Supreme Court in 2015).

6. Limited Global Jurisdiction

Difficulty in handling cross-border cybercrimes due to jurisdictional and
cooperation challenges.

5) Explain in brief or detail section 65 to section 74 of the Indian ITA

2000
Section 65: Tampering with Computer Source Documents

• Offense: Dishonestly or fraudulently altering, destroying, or concealing any

computer source code used for a computer, computer program, or computer
system.

• Penalty: Imprisonment up to 3 years, or fine up to ₹2 lakhs, or both.

Section 66: Computer-Related Offenses

• Offense: Hacking or unauthorized access to computer systems or networks with

intent to cause damage, steal data, or disrupt services.

• Penalty: Imprisonment up to 3 years or fine up to ₹5 lakhs, or both.

Section 66A: Sending Offensive Messages by Communication Service (Struck

Down)

• Previously penalized sending offensive or false messages through

communication devices.

• Note: Declared unconstitutional by Supreme Court in 2015 for violating free

speech rights.
Section 66B: Receiving Stolen Computer Resource or Communication Device

• Offense: Dishonestly receiving or retaining stolen computer devices or data.

• Penalty: Imprisonment up to 3 years or fine up to ₹1 lakh, or both.

Section 66C: Identity Theft

• Offense: Fraudulently using someone else’s electronic signature, password, or

any unique identification feature.

• Penalty: Imprisonment up to 3 years and/or fine up to ₹1 lakh.

Section 66D: Cheating by Personation by Using Computer Resource

• Offense: Using a computer or network to cheat by pretending to be someone else.

• Penalty: Imprisonment up to 3 years and/or fine up to ₹1 lakh.

Section 66E: Violation of Privacy

• Offense: Capturing, publishing, or transmitting images of private areas of a

person without consent.

• Penalty: Imprisonment up to 3 years or fine up to ₹2 lakhs, or both.

Section 67: Publishing or Transmitting Obscene Material in Electronic Form

• Offense: Publishing or transmitting obscene material electronically.

• Penalty: Imprisonment up to 3 years and fine up to ₹5 lakhs. For repeat offenses,

imprisonment up to 5 years and fine up to ₹10 lakhs.

Section 67A: Publishing or Transmitting of Material Containing Child Pornography

• Offense: Publishing or transmitting child pornography electronically.

• Penalty: Imprisonment up to 5 years and fine up to ₹10 lakhs. Repeat offense can
lead to imprisonment up to 7 years.

Section 67B: Publishing or Transmitting Material Depicting Children in Sexually

Explicit Act

• Offense: Publishing or transmitting material depicting children in sexually

explicit acts.

• Penalty: Imprisonment up to 5 years and fine up to ₹10 lakhs.

Section 68: Power of Controller to Give Directions

• Empowers the Controller of Certifying Authorities to give directions for secure

electronic records or digital signatures.

Section 69: Powers to Intercept, Monitor or Decrypt Information

 • Government can intercept, monitor, or decrypt information for security reasons
with proper authorization.

Section 70: Protected System

• Defines “Protected System” (critical government or infrastructure systems) and

penalties for unauthorized access.

Section 71: Penalty for Misleading for Cheating by Personation by Using Computer
Resource

• Same as section 66D, applies specifically to misrepresentation for cheating.

Section 72: Breach of Confidentiality and Privacy

• Offense: Disclosing information obtained in confidence without permission.

• Penalty: Imprisonment up to 2 years and/or fine.

Section 73: Penalty for Publishing False Digital Signature Certificate

• Offense: Publishing false digital certificates causing harm.

• Penalty: Imprisonment up to 2 years and/or fine.

Section 74: Publication for Fraud

• Offense: Publishing information knowingly for fraud or causing harm.

• Penalty: Imprisonment up to 2 years and/or fine.

6) Explain in detail any one case studies on offences and appeals

under IT ACT 2000.
Case Study: Shreya Singhal vs. Union of India (2015)

Background:

• The case challenged the constitutional validity of Section 66A of the IT Act,
2000, which criminalized sending offensive messages through communication
services.

• Many activists and citizens argued that Section 66A was vague and violated the
fundamental right to freedom of speech and expression under Article 19(1)(a) of
the Indian Constitution.
Offence Under IT Act:

• Section 66A was used to arrest people for posting comments or messages on
social media that were deemed “offensive” or “annoying” by authorities, often
leading to misuse and suppression of free speech.

Legal Proceedings:

• The Supreme Court of India heard petitions challenging Section 66A.

• The Court examined whether this section curtailed free speech beyond
reasonable restrictions allowed by the Constitution.

Judgment:

• In March 2015, the Supreme Court struck down Section 66A as unconstitutional,
stating it was vague, overbroad, and prone to misuse.

• The Court emphasized the importance of protecting freedom of speech in a

democratic society.

Appeal and Impact:

• The ruling was a landmark decision reinforcing digital freedom and limiting
arbitrary arrests based on vague provisions.

• It set a precedent for how IT laws must balance regulation with fundamental
rights.

• Subsequent cases and appeals rely on this judgment for protecting online
expression.
 CO6
1) Write short or detail note on information security system GLBA.
The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services
Modernization Act of 1999, is a U.S. federal law that requires financial institutions to
protect the privacy and security of consumers' personal financial information.

Key Rules

1. Financial Privacy Rule:

Customers must be informed about data sharing and can opt-out of some
disclosures.

2. Safeguards Rule:
Institutions must have a written security program to protect sensitive
information.

3. Pretexting Protection:
Prevents obtaining information through deception or impersonation.

Importance of GLBA Information Security System

• Protects customers' sensitive financial information from unauthorized access,

use, or disclosure.

• Builds customer trust by ensuring data privacy and security.

• Helps prevent financial fraud, identity theft, and cyberattacks targeting financial
data.

• Compliance with GLBA reduces legal and regulatory penalties.

Example of GLBA Implementation

A bank implementing GLBA safeguards may use encryption to protect data, multi-factor
authentication for system access, regular vulnerability assessments, and enforce strict
access controls and employee confidentiality agreements.
2) Explain in short or detail information security standard FISMA.
The Federal Information Security Management Act (FISMA) is a U.S. law that
requires federal agencies to develop, document, and implement information security
programs to protect government data and IT systems.

FISMA, passed in 2002, mandates federal agencies and their contractors to ensure the
confidentiality, integrity, and availability of sensitive government information. It sets a
framework for securing federal information systems against threats.

Key Requirements:

• Agencies must conduct regular risk assessments.

• Develop security policies and procedures.

• Implement security controls to protect data.

• Continuously monitor and test systems for vulnerabilities.

• Report compliance status annually to the Office of Management and Budget

(OMB).

• Involve third-party contractors in security compliance.

3) Explain in detail information security standard compliances HIPAA

in detail.
HIPAA (Health Insurance Portability and Accountability Act) – Information
Security Compliance) is a U.S. federal law enacted in 1996 designed to protect sensitive
patient health information from being disclosed without the patient’s consent or
knowledge. It sets national standards for safeguarding Protected Health Information
(PHI) in healthcare organizations.

Key Components of HIPAA Security Rule:

1. Administrative Safeguards:

o Policies and procedures to manage the selection, development,

implementation, and maintenance of security measures.

o Includes risk analysis, workforce training, and incident response planning.

2. Physical Safeguards:

o Control physical access to facilities and devices to protect against

unauthorized access, theft, or damage.
 o Includes secure workstation use and disposal of hardware containing
ePHI.

3. Technical Safeguards:

o Implement technology and related policies to protect ePHI and control

access.

o Includes access controls, audit controls, integrity controls, and

transmission security (e.g., encryption).

Compliance Requirements:

• Risk Assessment: Identify vulnerabilities that could affect ePHI and implement
mitigation strategies.

• Access Control: Ensure only authorized personnel can access sensitive data.

• Audit Controls: Keep logs to monitor access and detect unauthorized activities.

• Data Integrity: Protect data from improper alteration or destruction.

• Transmission Security: Secure data during electronic transmission using

encryption or secure communication protocols.

4) Explain information security standard compliances for NERC in

detail.
NERC is a regulatory authority responsible for ensuring the reliability and security of
the North American bulk power system. It develops and enforces standards to protect
the electrical grid from cyber threats and ensure operational reliability.

Key Compliance Requirements:

• Risk Management: Conduct risk assessments and manage vulnerabilities to

critical systems.

• Access Controls: Restrict and monitor user access to critical systems and
networks.

• Security Awareness: Regular training and awareness programs for personnel

handling critical infrastructure.

• Incident Handling: Timely detection, response, and reporting of cybersecurity

incidents.

• Physical Security: Protection of facilities and equipment from unauthorized

physical access.
5) What is PCI compliance? Give all twelve requirements of PCI-DSS
security standard compliance.
PCI Compliance refers to adherence to the Payment Card Industry Data Security
Standard (PCI-DSS), a set of security requirements designed to protect cardholder data
and reduce credit card fraud. Organizations that handle credit card payments must
comply with these standards to ensure secure processing, storage, and transmission of
payment information.

Twelve Requirements of PCI-DSS:

1. Install and maintain a firewall configuration to protect cardholder data.

2. Do not use vendor-supplied defaults for system passwords and other security
parameters.

3. Protect stored cardholder data through encryption or other strong methods.

4. Encrypt transmission of cardholder data across open, public networks.

5. Use and regularly update anti-virus software on all systems commonly

affected by malware.

6. Develop and maintain secure systems and applications by applying security

patches promptly.

7. Restrict access to cardholder data by business need-to-know.

8. Assign a unique ID to each person with computer access to track activity.

9. Restrict physical access to cardholder data.

10. Track and monitor all access to network resources and cardholder data.

11. Regularly test security systems and processes to identify vulnerabilities.

12. Maintain a policy that addresses information security for all personnel.