Module - 1

1. Differentiate between cybercrime and cyber fraud . Dec 2022

Ans :-
Point Cybercrime Cyber Fraud

Definition Any illegal activity carried out using A type of cybercrime where cheating or
computers, networks, or the internet. deception is done mainly for financial
gain.

Scope Broad – includes hacking, cyberstalking, Narrow – limited to scams and

phishing, malware attacks, etc. financial frauds online.

Objective Can be stealing data, damaging systems, Always focused on money, property, or
harassment, spreading fear, or harming personal financial data.
national security.

Examples Hacking government websites, spreading Online banking fraud, credit card fraud,
viruses, cyber terrorism, identity theft. fake shopping websites, phishing
scams.

Relation Cybercrime is the broader category. Cyber fraud is a subcategory of

cybercrime.

2. Explain the classification of Cybercrimes with examples . / Explain the classification of

cybercrimes with examples . Term Test , Dec 2022, Jan 2024
Ans :- Cybercrime means illegal activities done using computers, networks, or the internet. It can
be classified into the following categories:
1. Crimes against Individuals -
● These crimes target a single person.
● Aim is to harm privacy, reputation, or safety.
● Examples:
○ Cyberstalking (sending repeated threatening messages).
○ Phishing (fake emails to steal login details).
○ Identity theft (using Aadhaar/PAN details illegally).

2. Crimes against Property -

● Attack on digital property, data, or systems.
● Done to damage or steal computer-based assets.
● Examples:
○ Hacking company servers.
○ Spreading viruses/worms to damage files.
○ Software piracy (illegal copying of software, movies, games).
 3. Crimes against Government / Society -
● Large-scale attacks that affect the nation or society.
● Can create panic, disturb law and order, or threaten security.
● Examples:
○ Cyber terrorism (hacking defense websites).
○ Spreading fake news/rumors to create violence.
○ Espionage (spying on confidential government data).

4. Financial Crimes / Fraud -

● Crimes done mainly for cheating and money gain.
● Examples:
a. Online banking fraud (unauthorized fund transfers).
b. Credit/debit card fraud.
c. Fake e-commerce websites or lottery scams.

3. Explain the objectives and features of IT Act 2000 . Dec 2022, Jan 2024, June 2025
Ans : - The Information Technology (IT) Act 2000 is the first law in India to deal with
cybercrimes and electronic commerce. It gives legal recognition to online activities and also
defines punishments for cyber offences.

● Objectives of IT Act 2000

1. Legal recognition of e-transactions – To make electronic records and digital signatures
legally valid like paper documents.
2. Promote e-commerce and e-governance – To encourage safe online business and
government services.
3. Prevent cybercrimes – To define rules and punishments for hacking, data theft, fraud,
etc.
4. Protect privacy and security – To safeguard personal information of users.
5. Regulate digital signatures – To ensure authenticity and trust in online communication.
6. Facilitate international trade – To make Indian e-commerce activities legally
acceptable globally.

● Key Features of IT Act 2000

1. Legal recognition of electronic documents – Contracts and records in electronic form
are valid in courts.
2. Digital signatures – Treated as equivalent to handwritten signatures.
3. Cybercrimes covered – Hacking, identity theft, publishing obscene content, fraud, etc.
4. Certification Authorities – Appointed to issue digital signature certificates.
5. Regulation of Cybercafés – Cybercafés must maintain records of users.
 6. Appellate Tribunal – Set up for handling disputes related to cyber offences.
7. Amendments in IPC and Evidence Act – Made changes to include electronic records as
legal evidence.
8. Jurisdiction – Applicable to offences committed inside India and also outside India if the
computer system is located in India.

4. How cybercrimes differs from most terrestrial crimes ? June 2023,June 2025 , Nov 2024
Ans : - Cybercrimes are crimes done using computers, the internet, or mobile networks, while
terrestrial crimes are traditional crimes like theft, robbery, or murder that happen in the real
world. The main difference is that cybercrimes do not need the criminal to be physically present.
A person sitting in one country can attack computer systems in another country, but terrestrial
crimes usually happen in one local place.

In terrestrial crimes, the proof is mostly physical such as fingerprints, weapons, or CCTV videos.
In cybercrimes, the proof is digital like emails, IP addresses, log files, or online payment records.
Cybercrimes can harm thousands or even millions of people at the same time, for example by
sending a virus or doing phishing scams, but terrestrial crimes normally affect only a few people
at one place.

Cybercrimes also happen very quickly, like transferring money illegally within seconds, while
terrestrial crimes usually take more time to plan and commit. Cybercriminals are also harder to
catch because they hide their identity using fake accounts, VPNs, and anonymous tools, while
terrestrial criminals can be identified more easily with witnesses and physical evidence.

Thus, cybercrimes are different from terrestrial crimes because they are global, very fast,
difficult to trace, and can affect many people at once, which makes them more difficult to
control.

5. What is Cybercrime ? Who are Cybercriminals ? Explain . June 2023 ,June 2025 , Nov
2024
Ans : - What is Cybercrime?

1. Cybercrime is any illegal activity carried out using computers, mobile devices, the
internet, or digital networks.
2. It can involve stealing data, damaging systems, cheating people, or disturbing society.
3. Common examples are hacking, phishing, spreading viruses, online banking fraud,
identity theft, and cyberbullying.
4. Cybercrime may target individuals, organizations, or even governments.
5. The main goals are money gain, data theft, revenge, harassment, or terrorism.

Who are Cybercriminals?

 1. Cybercriminals are people who commit cybercrimes using technical knowledge of
computers and networks.
2. They misuse technology for personal gain, financial fraud, or to cause harm.
3. Types of Cybercriminals:
a. Hackers – break into systems without permission.
b. Fraudsters/Scammers – trick people for money (e.g., phishing, fake websites).
c. Cyber Terrorists – attack government or defense systems to create fear.
d. Insiders – employees who leak or misuse company data.

4. Cybercriminals often hide their identity using fake names, VPNs, or anonymous accounts.
5. They may work alone, in small groups, or in large organized gangs.

6. What are different security risks for organizations? Dec 2024 , Dec 2025
Ans :- Organizations today face many security risks due to heavy use of computers, networks,
and the internet. The main security risks are:

1. Malware Attacks
● Malicious software like viruses, worms, trojans, and ransomware.
● Can damage files, steal data, or lock systems until ransom is paid.

2. Phishing and Social Engineering

● Fake emails, messages, or websites used to trick employees.
● Goal is to steal usernames, passwords, or bank details.

3. Insider Threats
● Risks caused by employees or ex-employees.
● They may misuse access rights, leak sensitive data, or cause harm intentionally.

4. Data Breaches
● Unauthorized access to confidential data like customer records, financial info, or
intellectual property.
● Can damage reputation and lead to legal issues.

5. Denial of Service (DoS) Attacks

● Attackers overload servers or networks, making services unavailable.
● Leads to downtime and financial loss.
 6. Weak Passwords and Poor Authentication
● Use of simple or repeated passwords makes systems easy to hack.
● Lack of two-factor authentication increases risk.

7. Cloud Security Risks

● Storing data on cloud platforms without proper security.
● Data may be stolen or misused by attackers.

8. Mobile Device and Remote Work Risks

● Employees using personal devices or unsecured Wi-Fi.
● May expose the organization’s network to attacks.

9. Physical Security Risks

● Theft of laptops, storage devices, or unauthorized entry to server rooms.

7. Outline the challenges for securing data from a business perspective . Dec 2024
Ans : - In today’s digital world, businesses depend heavily on data. Protecting this data is very
challenging due to the following reasons:

1. Increasing Cyber Attacks

● Hackers use advanced tools to steal or damage business data.
● Threats like phishing, ransomware, and DDoS are growing every day.

2. Insider Threats
● Employees or ex-employees may misuse their access rights.
● Data leaks or intentional misuse from inside the company are hard to detect.

3. Data Breaches
● Unauthorized access to customer or company information.
● Can damage reputation, cause financial loss, and legal problems.

4. Remote Work and BYOD (Bring Your Own Device)

● Employees use personal devices and unsecured Wi-Fi.
● This increases the risk of data theft.

5. Cloud Security Issues

● Businesses store data in cloud services.
● If not properly secured, attackers can hack into cloud accounts.

6. Compliance and Legal Requirements

● Businesses must follow laws like GDPR or IT Act.
● Meeting all data protection rules is complex and costly

7. Cost of Security
● Strong security systems need high investment.
● Small businesses may not afford advanced protection.

8. Rapid Technology Changes

● New apps and services are adopted quickly.
● Businesses struggle to keep security updated with changing technology.

8. Explain how an Appeal can be made under the IT Act 2000. Term Test
Ans :- The IT Act 2000 provides a system to resolve disputes and punish cyber offences.
If a person is not satisfied with the decision of the Adjudicating Officer, they can file an
appeal. The process is as follows:

1. Appeal to Cyber Appellate Tribunal (CAT)

● If someone is unhappy with the order of the Adjudicating Officer (for example, in a case
of hacking, data theft, or fraud), they can file an appeal to the Cyber Appellate Tribunal.
● The appeal must be made within 45 days from the date of the order.

2. Time Extension

● If the person is unable to appeal within 45 days due to valid reasons, the Tribunal may
allow extra time.

3. Tribunal’s Role
 ● The Cyber Appellate Tribunal reviews the case, hears both parties, and then gives a final
decision.
● The Tribunal has the same powers as a civil court.

4. Further Appeal to High Court

● If still not satisfied with the Tribunal’s decision, the person can appeal to the High Court
within 60 days from the Tribunal’s order.

5. Final Authority

● The decision of the High Court is final and binding, unless taken further to the
Supreme Court in rare cases.

9. Explain key features of Indian Information Technology Act 2000. Term Test
Ans : - The Information Technology (IT) Act 2000 is India’s first cyber law, created to handle
electronic transactions, cybercrimes, and online security. Its key features are:

Key Features:

1. Legal Recognition to Electronic Records

● Digital documents and electronic records are treated as valid like paper documents.

2. Legal Recognition to Digital Signatures

● Digital signatures are accepted as equal to handwritten signatures for authentication.

3. Electronic Governance (E-Governance)

● Encourages use of electronic records and communication in government services and
offices.

4. Cybercrimes Defined
● Clearly defines crimes like hacking, identity theft, cyberstalking, publishing obscene
content, and fraud.

5. Establishment of Certifying Authorities

● Authorities are appointed to issue Digital Signature Certificates.

6. Penalties and Offences

● Provides penalties for data theft, damage to computer systems, and misuse of digital
information.

7. Appellate Tribunal
● A Cyber Appellate Tribunal is set up for resolving disputes and appeals under the Act.

8. Amendments in IPC, Evidence Act, etc.

 ● Modified traditional laws to accept electronic records and digital evidence in courts.

9. Jurisdiction

● The Act applies to offences committed in India as well as abroad if the system affected is
in India.

10. Promotes E-Commerce

● Builds trust for online transactions, banking, and trade by giving them legal validity.

Module - 2
1. Explain various threats associated with cloud computing . Dec 2022
Ans :- Cloud computing is storing and accessing data or applications over the internet instead of
a personal computer. Though it is useful, it has some threats:

1. Data Breach
● Sensitive data (bank details, personal info) can be stolen by hackers.
● Example: A hacker breaking into cloud storage to steal customer records.
2. Data Loss
● Data may get deleted due to accidental deletion, cyberattacks, or server crashes.
● Example: Losing important company files stored on the cloud.
3. Account Hijacking
● Cybercriminals can steal usernames and passwords to access cloud accounts.
● Example: Using phishing emails to hack into a user’s Gmail or cloud account.
4. Insecure Interfaces & APIs
● Cloud services use APIs for communication. If they are weak, hackers can misuse them.
● Example: Exploiting weak APIs to gain unauthorized access.
5. Insider Threats
● Employees or service providers may misuse access to steal or leak data.
● Example: A staff member downloading confidential company data.
6. Denial of Service (DoS) Attacks
● Hackers overload the cloud servers with traffic, making services slow or unavailable.
● Example: An e-commerce site becoming inaccessible during a DoS attack.
7. Lack of Control
● Users depend on the cloud provider. If the provider fails, users lose services.
● Example: Outage in cloud service affecting business operations.

2. Explain different attack vectors in cyber security. Dec 2022

Ans :- Attack vectors are the different ways or paths through which hackers attack a
computer, network, or system. They are like “entry points” for cybercriminals.
1. Phishing Attacks
● Fake emails, messages, or websites are used to trick users into sharing passwords or bank
details.
● Example: A fake bank email asking to update ATM PIN.

2. Malware (Viruses, Worms, Trojans, Ransomware)

● Malicious software installed on a system to steal or damage data.
● Example: Ransomware locking files and demanding money to unlock.

3. Social Engineering
● Manipulating people to share confidential information.
● Example: A caller pretending to be from IT support and asking for login details.

4. Man-in-the-Middle (MITM) Attack

● Hacker secretly intercepts communication between two people/systems.
● Example: Attacking Wi-Fi connections to steal login details.

5. Denial of Service (DoS/DDoS) Attack

● Overloading servers with fake traffic so that real users cannot access the service.
● Example: An e-commerce site crashing due to massive fake requests.

6. Password Attacks
● Hackers try to crack or steal weak passwords using brute force, guessing, or stealing.
● Example: Trying thousands of combinations until the correct password is found.

7. Insider Threats
● Employees or trusted users misuse access for personal gain or revenge.
● Example: A staff member leaking company data.

8. SQL Injection
● Inserting malicious code into a website’s database through input fields.
● Example: Stealing usernames and passwords from a database.

3. Explain various types of credit card frauds. Dec 2022

Ans :- Credit card fraud means using someone’s credit card details illegally to steal money or
make purchases without permission. There are many types of credit card frauds:

1. Lost or Stolen Card Fraud

● When a thief steals or finds someone’s credit card and uses it for shopping or
withdrawing money.
 ● Example: A stolen wallet with credit cards being misused.

2. Card Not Present (CNP) Fraud

● When fraud happens without the physical card, usually in online shopping or phone
orders.
● Example: Hacker uses stolen card details to buy products online.

3. Skimming Fraud
● Criminals use a skimming device at ATMs or shops to copy credit card information from
the magnetic strip.
● Example: Fake card readers at fuel stations.

4. Phishing Fraud
● Fake emails, SMS, or websites trick people into sharing credit card details.
● Example: A fake bank email asking to “verify card details.”

5. Application Fraud
● Criminals use stolen personal documents to apply for a new credit card in someone
else’s name.
● Example: Using fake ID proofs to get a card.

6. Account Takeover Fraud

● Hacker gains access to a person’s online credit card account by stealing username and
password.
● Example: Changing address and ordering new cards to their location.

7. Counterfeit Card Fraud

● Fraudsters create fake credit cards using stolen details (from skimming or hacking).
● Example: A cloned card used in shops.

4. What are botnets ? How it is exploit by attacker to cause cyber attack ? / Short note on
Botnets . Dec 2022, Jan 2024 / Nov 2024
Ans :- A Botnet is a network of computers, laptops, or devices that are infected with malware
and controlled by a hacker without the owner’s knowledge.

● Each infected device is called a bot or zombie because it follows the hacker’s
instructions secretly.
● Hackers control all these bots together using a Command-and-Control (C&C) server.
● Botnets can include thousands or even millions of devices worldwide.

How are Botnets exploited by attackers?

Attackers use botnets to perform many cyberattacks, such as:

 1. Distributed Denial of Service (DDoS) Attacks :-
○ All infected computers send huge traffic to a website or server at the same time.
○ This overloads the system and makes it crash or unavailable.

2. Sending Spam and Phishing Emails

○ Botnets are used to send millions of fake emails to trick people into sharing
passwords, banking details, or installing malware.

3. Data Theft
○ Hackers use botnets to steal sensitive information like credit card details, login
IDs, and passwords from infected systems.

4. Click Fraud
○ Botnets generate fake clicks on online advertisements to make illegal money for
attackers.

5. Spreading Malware
○ Botnets are used to spread viruses, ransomware, or spyware to more computers.

Why are Botnets dangerous?

● Victims usually do not know their devices are being misused.

● Botnets can be very large and cause global cyberattacks.
● They are difficult to trace and stop because the attacker can hide behind
thousands of infected devices.

5. Explain how criminals plan the attack / Discuss steps involved in planning of
cyberattacks by criminal . Jan 2024, June 2023 , June 2025
Ans :- Steps Involved in Planning of Cyberattacks by Criminals

Cybercriminals do not attack directly. They usually plan their attacks step by step to make sure
they are successful and remain hidden. The main steps are:

1. Reconnaissance (Information Gathering):

○ The attacker collects details about the target (like websites, emails, IP addresses,
security loopholes).
○ Example: Scanning a company’s website for weak points.

2. Scanning and Identifying Weaknesses:

○ Criminals use special tools to scan networks, systems, or software to find security
holes.
○ Example: Finding an outdated server that can be hacked.
 3. Gaining Access:
○ The attacker tries to enter the system using methods like phishing, malware, or
password cracking.
○ Example: Sending a fake email to steal login details.

4. Maintaining Access:
○ Once inside, attackers install backdoors or hidden programs so they can return
anytime.
○ Example: Installing a Trojan to control the computer remotely.

5. Covering Tracks (Hiding Activity):

○ Criminals delete logs, hide their identity, or use fake IP addresses so they cannot
be traced.

6. Execution of Attack:
○ Finally, they perform the main attack, such as stealing data, transferring money,
or crashing the system.

6. Explain various security challenges posed by mobile devices . Jan 2024

Ans :- Security Challenges Posed by Mobile Devices

Mobile devices like smartphones and tablets are widely used for banking, shopping, social
media, and business. But they face many security challenges:

1. Loss or Theft of Device

○ Mobile phones are small and portable, so they can be easily lost or stolen.
○ If not protected by password/biometric lock, personal data can be misused.

2. Insecure Applications
○ Many apps ask for unnecessary permissions (like access to contacts, camera, or
location).
○ Malicious apps can steal sensitive information.

3. Unsecured Wi-Fi and Bluetooth

○ Public Wi-Fi and open Bluetooth connections can be exploited by hackers to
access data.

4. Phishing and Smishing

○ Attackers send fake emails, SMS, or WhatsApp messages to trick users into
giving personal details.

5. Malware Attacks
○ Mobile malware such as spyware, Trojans, and adware can be installed through
fake apps or links.
 ○ These can steal passwords, banking info, or track user activity.

6. Data Leakage
○ Many apps collect and share user’s personal data without consent.
○ Example: Location tracking by apps.

7. Weak Security Updates

○ Many devices do not get regular software updates.
○ Outdated systems are easy targets for hackers.

7. List general guidelines for password policies . June 2023

Ans :- A password policy is a set of rules created by organizations to improve computer and
network security. It ensures that users create and use strong passwords.

Guidelines:

1. Minimum Length
○ Passwords should be at least 8–12 characters long.
○ Longer passwords are harder to guess.

2. Use of Complex Characters

○ Must include uppercase, lowercase, numbers, and special symbols (like @, #,
$).
○ Example: Pa$$word123 is stronger than password123.

3. Avoid Common Words

○ Do not use names, birthdays, phone numbers, or simple words like admin or
12345.

4. Password Expiry / Change

○ Users should change their password every 60–90 days.
○ Prevents misuse in case the old password is leaked.

5. No Reuse of Old Passwords

○ Users should not reuse previous passwords.

○ Helps reduce risk if older passwords were compromised.

6. Multi-Factor Authentication (MFA)

○ Along with password, use OTP, fingerprint, or authentication apps.
○ Adds an extra layer of security.

7. Account Lockout Policy

○ After multiple failed login attempts (e.g., 3–5), the account should be locked
temporarily.
 ○ Protects against brute-force attacks.

8. Do Not Share Passwords

○ Users should never share passwords with anyone.
○ Each person must have their own login.

9. Secure Storage of Passwords

○ Do not write passwords on paper or save in plain text.
○ Use password managers if needed.

8. What are mobile vulnerabilities? June 2023, June 2025

Ans :- Mobile Vulnerabilities

Meaning:

Mobile vulnerabilities are weak points or security flaws in smartphones and tablets that
attackers can use to steal data, spy on users, or damage the device. Since mobiles store personal,
financial, and business information, these vulnerabilities are very risky.

Types of Mobile Vulnerabilities:

1. Insecure Apps
○ Some apps are poorly designed and have weak security.
○ Hackers can use these apps to steal data like contacts, photos, or banking details.

2. Untrusted App Stores

○ Downloading apps from unofficial stores may install malware or hidden viruses
on the phone.

3. Operating System Flaws

○ If the mobile OS (like Android or iOS) is not updated, old bugs can be exploited
by hackers.

4. Weak or No Passwords
○ Many users don’t set strong passwords or use no lock at all, making it easy for
attackers to access data.

5. Public Wi-Fi Risks

○ Connecting to free Wi-Fi in cafes or airports allows hackers to intercept personal
information like banking logins.

6. Phishing Attacks
○ Fake SMS, emails, or links trick users into giving personal details or downloading
harmful files.

7. Bluetooth and NFC Vulnerabilities

 ○ If Bluetooth/NFC is kept on, attackers nearby can send malicious files or steal
information.

8. Data Leakage
○ Some apps secretly send user data (like location, messages, or photos) to third
parties without permission.

9. What is vishing attack ? how it works ? how to protect from vishing attack ? June 2023 ,
June 2025 , Nov 2024
Ans :- Vishing stands for Voice Phishing.
It is a type of cyber attack where criminals use phone calls or voice messages to trick people
into sharing personal details like bank account numbers, OTP, credit card PIN, or
passwords.
Example: A fraudster pretending to be from a bank calls and asks for your OTP saying, “Your
account will be blocked if you don’t give it now.”
The stolen information is then misused for fraud, money theft, or identity theft.
How Vishing Attack Works?

1. Fake Caller – The attacker pretends to be a bank officer, government officer, or

company employee.
2. Trust Building – They speak politely and create urgency like “your card will be
blocked” or “you won a lottery.”
3. Information Theft – They ask for sensitive details like PIN, OTP, account
number, or passwords.
4. Fraud Use – Once the attacker gets the details, they misuse it for stealing money
or committing other frauds.

How to Protect from Vishing Attacks?

1. Never share personal info like PIN, OTP, CVV, or passwords on phone calls.
2. Banks never ask OTP/PIN on calls – always remember this.
3. Verify caller identity by calling the official customer care number.
4. Don’t trust unknown calls claiming rewards, loans, or job offers.
5. Report suspicious calls to the bank or cybercrime helpline.

10. What are basic security precautions to be taken to safeguard Laptops and Wireless
devices ? Explain ? June 2023 ,June 2025 , Nov 2024
Ans :- Basic Security Precautions to Safeguard Laptops and Wireless Devices

1. Use Strong Passwords – Always set a strong password or PIN for login. Avoid
easy passwords like 1234 or your name.
 2. Enable Antivirus and Firewall – Install trusted antivirus software and keep the
firewall turned ON to block attacks.
3. Keep Software Updated – Regularly update operating system, antivirus, and
applications to fix security holes.
4. Encrypt Data – Use encryption tools so that even if the laptop is stolen, data
cannot be easily read.
5. Secure Wi-Fi Connection – Use WPA2/WPA3 security for Wi-Fi and avoid
using open public Wi-Fi for sensitive work.
6. Disable Bluetooth/Wi-Fi when not in use – Attackers can misuse open
connections, so turn them off when not needed.
7. Avoid Public Charging Stations – Use your own charger to prevent juice
jacking (data theft through USB charging).
8. Backup Important Data – Store data in cloud or external drive, so even if device
is lost, data is safe.
9. Physical Safety – Do not leave laptop or device unattended in public places. Use
locks if possible.

10. Be Alert to Phishing – Do not click on unknown links or download files from
suspicious sources.

11. What are illegal activities observed in Cyber Cafe ? What are safety and security
measures while using the computer in Cyber Cafe ? June 2023 ,June 2025
Ans :- Illegal Activities Observed in Cyber Café

Cyber cafés are public places where many people use computers and the internet. Some people
misuse them for illegal purposes such as:

1. Hacking – Using café computers to break into websites or networks.

2. Spreading Malware – Uploading, downloading, or sending viruses and worms.
3. Viewing or Sharing Illegal Content – Accessing banned sites, pornography,
pirated movies/software.
4. Cyber Fraud – Online banking fraud, phishing, and credit card misuse.
5. Cyber Stalking/Harassment – Sending abusive messages or harassing others
through social media.
6. Identity Theft – Stealing usernames, passwords, or personal details of other
users.
7. Terrorist Activities – Sending threatening emails or planning crimes through
internet communication.

Safety and Security Measures while Using Cyber Café

To avoid risks, both users and café owners must follow safety rules:

1. Do not save personal information – Avoid saving passwords or card details on

public computers.
 2. Always log out – Properly log out from email, banking, or social media accounts.
3. Clear browsing history – Delete history, cookies, and temporary files after use.
4. Avoid online banking/shopping – Never perform sensitive transactions in a café.
5. Do not download unknown files – They may contain spyware or viruses.
6. Check for security software – Café systems should have updated antivirus and
firewalls.
7. Awareness by owners – Owners must keep user ID proof, maintain login records,
and monitor activities.
8. Use strong passwords – Never use simple passwords and never click on
suspicious links.

12. Explain about the impact of Cybercrimes in Social Engineering ? June 2025
Ans :- Impact of Cybercrimes in Social Engineering

1. Meaning of Social Engineering:

Social engineering is a trick where cybercriminals fool people into sharing personal or
confidential information, like passwords, PINs, or bank details. Instead of hacking computers
directly, they target human trust.

Impacts of Cybercrimes through Social Engineering:

1. Loss of Money – Victims may share banking details or OTPs and lose money
through fraud transactions.
2. Identity Theft – Hackers steal personal information like name, phone number, or
Aadhar details to misuse the victim’s identity.
3. Emotional Damage – Victims feel cheated, embarrassed, and lose confidence
after being tricked.
4. Data Breach – Criminals may trick employees to reveal company login details,
causing leakage of sensitive business data.
5. Spread of Malware – Victims may be convinced to click on links or download
files, which install viruses or ransomware.
6. Damage to Reputation – If an employee shares secret data, the organization’s
image and trust may be harmed.
7. Large-Scale Attacks – Using social engineering, criminals can attack many
people at once (like phishing emails), affecting society widely.

13. Explain different types of Cybercrime ? Nov 2024

Ans :- Types of Cybercrimes

Cybercrime means crimes done using computers, mobile phones, or the internet. These crimes
target individuals, organizations, or even governments.

Different Types:
 1. Hacking
○ Unauthorized access to someone’s computer or system.
○ Example: Breaking into an email account.

2. Phishing
○ Sending fake emails/messages to trick people into sharing personal info like bank
details or passwords.
○ Example: Fake bank SMS asking for OTP.

3. Identity Theft
○ Stealing someone’s personal details (Aadhar, PAN, Credit Card info) and
misusing them.
○ Example: Opening a bank account using stolen identity.

4. Financial Frauds
○ Using online methods to cheat people for money.
○ Example: Credit card fraud, online shopping scams.

5. Cyberstalking
○ Continuous harassment or threatening someone online using emails, social media,
or chats.

6. Spreading Malware/Viruses
○ Releasing harmful software that damages files, steals data, or blocks access.
○ Example: Ransomware attacks.

7. Denial of Service (DoS/DDoS) Attacks

○ Overloading a server or website with traffic to make it unavailable.

8. Cyber Terrorism
○ Using the internet to attack critical infrastructure like banking, power grids, or
defense systems.

9. Child Exploitation
○ Misusing the internet to target children for illegal or harmful activities.

10. Software Piracy

○ Copying or distributing copyrighted software, movies, or games illegally.

14. Short note on Cyber Stalking and harassment . Nov 2024

Ans :- Cyber Stalking

○ Cyberstalking means using the internet, social media, emails, or other digital
platforms to continuously follow, threaten, or harass someone online.
○ It is similar to physical stalking but happens in the virtual world.
 1. Methods Used
○ Sending repeated unwanted or threatening emails/messages.
○ Tracking someone’s online activities without permission.
○ Misusing personal information, photos, or videos.
○ Creating fake accounts to spread rumors or damage reputation.

2. Impact on Victims
○ Causes fear, stress, mental trauma, and loss of privacy.
○ May lead to depression or harm to personal/professional life.

3. Example
○ A person repeatedly sending threatening messages on Instagram or WhatsApp
even after being blocked.

4. Legal Aspect
○ In India, Section 354D IPC and the IT Act 2000 deal with cyberstalking and
provide punishment.

Cyber Harassment

○ Cyber harassment means using the internet or digital devices to repeatedly

trouble, insult, threaten, or abuse someone online.
○ It can be done through emails, messages, social media posts, or online forums.

1. Forms of Cyber Harassment

○ Sending abusive or threatening messages.
○ Posting insulting or offensive comments on social media.
○ Spreading false rumors or personal information.
○ Online bullying or trolling.

2. Impact on Victims
○ Causes emotional stress, fear, loss of confidence, and damage to reputation.
○ May disturb personal and professional life.

3. Example
○ A student constantly receiving insulting comments on their social media posts.

4. Legal Aspect
○ In India, IT Act 2000 and IPC Sections (like 499, 500, 509) provide protection
against online harassment.

15. Short note on Mobile/ Cell Phone Attacks . Nov 2024

Ans :- Mobile / Cell Phone Attacks
 ○Mobile or cell phone attacks are cyberattacks that target smartphones and
tablets to steal data, misuse services, or harm the user.
1. Types of Mobile Attacks
○ Malware Attack – Malicious apps or files steal contacts, SMS, photos, or
banking details.
○ Phishing / Smishing – Fake SMS or emails trick users into clicking links or
sharing passwords.
○ SIM Card Cloning – Criminals copy SIM details to misuse the victim’s phone
number.
○ Bluetooth / Wi-Fi Attack – Hackers use open Bluetooth or unsecured Wi-Fi to
access the device.
○ App-based Attack – Fake apps ask for unnecessary permissions and steal
information.
2. Impact of Mobile Attacks
○ Loss of personal data like photos, videos, or contacts.
○ Financial fraud through mobile banking and UPI apps.
○ Privacy invasion and misuse of personal identity.
3. Preventive Measures
○ Install apps only from trusted sources (Google Play Store / App Store).
○ Keep the phone updated with the latest security patches.
○ Avoid clicking unknown links in SMS or emails.
○ Use strong screen lock, passwords, and enable two-factor authentication.

16. What is digital Evidence ? Where can one find it? / Short note on Digital Evidence ?
June 2025/ June 2023 , Nov 2024
Ans :-
Digital Evidence means any information or data stored, transmitted, or received in
electronic form that can be used in a court of law during investigation.
It is not physical evidence like fingerprints or weapons, but electronic records that help in
proving a crime.
Examples include emails, text messages, call records, photos, videos, online transaction
logs, IP addresses, and browsing history.
It is very important in solving cybercrimes because it helps to identify criminals, trace
activities, and confirm facts.

Where Can Digital Evidence Be Found?

Digital evidence can be found in any device or platform that stores or transmits data
electronically, such as:

1. Computers and Laptops – documents, system logs, browsing history.

2. Mobile Phones – call records, SMS, WhatsApp chats, GPS location.
3. Emails – sender/receiver information, message content, attachments.
4. Servers and Networks – IP addresses, access logs, connection history.
 5. Social Media Platforms – posts, messages, shared photos/videos.
6. Cloud Storage – backups, online files, digital transactions.
7. CCTV Systems – digital video or audio recordings.
8. Banking and E-commerce Systems – online payment details and transaction
logs.

17. Define Botnet . Is It Crucial in Cybersecurity ? Term Test

Ans :- A Botnet is a network of infected computers or devices (called bots) that are controlled
remotely by a cybercriminal, often without the owner’s knowledge.

● These bots can perform tasks like sending spam emails, launching cyberattacks, or
stealing data.

Is it Crucial in Cybersecurity?

● Yes, Botnets are very crucial in cybersecurity, but in a dangerous way:

1. Cyber Threat – Botnets are used in DDoS attacks to overload websites and make them
unavailable.
2. Spam and Phishing – They send millions of fake emails to trick users into sharing
sensitive information.
3. Malware Distribution – Botnets can spread viruses or ransomware to many computers at
once.
4. Stealing Information – Hackers use botnets to collect passwords, banking details, or
personal data.
5. Hard to Detect – Botnets operate silently, making it difficult for cybersecurity teams to
identify and stop them.

Module - 3
1. Explain methods of Password cracking . Dec 2022
Ans :- Methods of Password Cracking

Password cracking is the process used by attackers to guess or steal passwords to gain
unauthorized access to systems, accounts, or data.

Common Methods:

1. Brute Force Attack

 a. Trying all possible combinations of letters, numbers, and symbols until the
correct password is found.
b. Works for short passwords but takes longer for long or complex ones.

2. Dictionary Attack
a. Using a predefined list of common words, passwords, or phrases to guess the
password.
b. Faster than brute force if the password is a common word.

3. Phishing
a. Tricking users into revealing their passwords via fake emails, websites, or
messages.

4. Keylogging
a. Installing software or hardware that records the keystrokes typed by a user to
capture passwords.

5. Social Engineering
a. Manipulating or tricking people to reveal passwords by exploiting trust or human
behavior.
b. Example: Pretending to be IT support and asking for login credentials.

6. Rainbow Table Attack

a. Using precomputed tables of hashed passwords to reverse-engineer encrypted
passwords quickly.

7. Credential Stuffing
a. Using leaked usernames and passwords from other breaches to try logging
into multiple accounts.

8. What do you understand by DOS and DDOS attack ? Explain in detail. Dec 2022, Jan
2024
Ans :- DoS and DDoS Attacks

1. DoS Attack (Denial of Service)

● Meaning: A DoS attack occurs when a hacker floods a server, website, or network
with excessive requests to make it unavailable to legitimate users.
● Goal: To disrupt normal functioning and prevent access to services.
● Example: Sending too many requests to a website so it crashes or becomes very slow.
● Characteristics:
○ Usually launched from a single computer or network.
○ Targets availability of services rather than stealing data.

2. DDoS Attack (Distributed Denial of Service)

 ● Meaning: A DDoS attack is similar to DoS but launched from multiple compromised
computers or devices (botnets) at the same time.
● Goal: To overwhelm the target system from many sources, making it much harder to
defend against.
● Example: Using hundreds or thousands of infected computers to flood a website with
traffic until it crashes.
● Characteristics:
○ Multiple sources make it difficult to block.
○ Often uses botnets to generate massive traffic.
○ Can cause serious financial loss and downtime for organizations.

Impact of DoS and DDoS Attacks:

1. Websites or services become unavailable to users.

2. Financial loss for businesses due to downtime.
3. Reputation damage for companies.
4. Resource exhaustion on servers, slowing down or crashing systems.
5. Can be used as a smokescreen for other cybercrimes like data theft.

Preventive Measures:

1. Use firewalls and intrusion detection systems.

2. Limit traffic from suspicious IPs.
3. Use load balancers to distribute traffic.

4. Regularly update and patch systems.

5. Employ anti-DDoS solutions or cloud-based protection.

9. Explain SQL Injection attack . State different counter measure to prevent the attack . Dec
2022, Jan 2024
Ans :-

● SQL Injection is a cyberattack where attackers insert malicious SQL code into input
fields (like login forms, search boxes, or URLs) to manipulate the database.
● It allows attackers to access, steal, modify, or delete sensitive data without
authorization.

How it Works:

1. The attacker enters malicious SQL commands into input fields.

2. If the website or application does not validate inputs properly, the commands
are executed on the database.
3. The attacker can then:
○ View sensitive information (usernames, passwords, credit card numbers).
○ Modify or delete data.
 ○ Bypass authentication and log in as admin.

Countermeasures to Prevent SQL Injection

1. Input Validation – Check user inputs to allow only expected characters.
2. Parameterized Queries / Prepared Statements – Avoid embedding user input
directly into SQL queries.
3. Stored Procedures – Use database-stored procedures instead of dynamic SQL.
4. Escaping Special Characters – Escape symbols like ', ;, -- used in SQL
commands.
5. Least Privilege Principle – Give minimal database access; avoid admin rights for
daily operations.
6. Regular Patching and Updates – Keep databases and applications updated.
7. Web Application Firewall (WAF) – Filter malicious requests before they reach
the database.
8. Error Handling – Avoid displaying detailed database error messages to users.

10. Explain Phishing and Identity Theft in detail . Jan 2024

Ans :-

● Phishing is a type of cyberattack where attackers trick people into revealing sensitive
information like usernames, passwords, bank account details, or credit card numbers.
● Attackers usually use fake emails, messages, websites, or phone calls that look genuine.

How Phishing Works:

1. The attacker sends a fake email, message, or link appearing as if it’s from a legitimate
organization.
2. The victim clicks the link or provides personal information.
3. The attacker captures the information and uses it for fraud, identity theft, or
unauthorized access.

Types of Phishing:

● Email Phishing – Fake emails pretending to be from banks or companies.

● Spear Phishing – Targeted phishing aimed at specific individuals or organizations.
● Smishing – Phishing through SMS messages.
● Vishing – Phishing via phone calls.
● Clone Phishing – Copying a legitimate email with malicious links.

Identity Theft

● Identity theft is when someone steals another person’s personal information and
misuses it for illegal purposes like opening bank accounts, taking loans, or committing
fraud.
How Identity Theft Happens:

1. Attackers collect personal data like name, date of birth, PAN, Aadhar, or credit
card numbers.
2. They use this information to commit fraud, create fake accounts, or access
sensitive services.

11. Explain different buffer overflow attacks and also explain how to mitigate buffer
overflow attack . Dec 2022 / Short note on Buffer Overflow attack . June 2023 , June
2025 , Nov 2024
Ans :-

● A buffer overflow attack happens when a program tries to store more data in a memory
buffer than it can hold.
● This can overwrite adjacent memory, leading to unexpected behavior, crashes, or
allowing attackers to execute malicious code.

Types of Buffer Overflow Attacks:

1. Stack-based Buffer Overflow

○ Happens in the stack memory (temporary memory used by programs).
○ Attackers overwrite the stack with malicious code to take control of the program
flow.
○ Example: Exploiting a vulnerable login function to execute a shell command.

2. Heap-based Buffer Overflow

○ Happens in the heap memory (used for dynamic memory allocation).
○ Attackers overwrite heap memory to corrupt data or redirect program execution.
○ Often used to bypass security protections like ASLR (Address Space Layout
Randomization).

3. Integer Overflow Leading to Buffer Overflow

○ Occurs when arithmetic operations exceed the storage size, causing buffer
allocation errors.
○ Can lead to memory corruption and potential exploitation.

4. Format String Attack

○ Exploits format string vulnerabilities in functions like printf() in C/C++.
○ Attackers can read or write arbitrary memory locations.

Mitigation / Preventive Measures:

1. Input Validation
a. Always check the size of user input before storing it in a buffer.
 2. Use Safe Functions

b. Prefer secure functions like strncpy() instead of unsafe ones like

strcpy().

3. Stack Canaries

c. Special security values placed on the stack to detect buffer overflows before
execution.

4. Address Space Layout Randomization (ASLR)

d. Randomizes memory locations of program components to make it harder for

attackers to predict addresses.

5. Non-executable Stack / Data Execution Prevention (DEP)

e. Prevents execution of malicious code stored in stack or heap memory.

6. Regular Patching and Updates

f. Keep software updated to fix known vulnerabilities.

12. Difference between virus and worm . June 2023 ,June 2025
Ans :-
Feature Virus Worm

Definition A virus is a malicious program that A worm is a self-replicating program

attaches itself to files or programs that spreads automatically across
and spreads when the infected file is networks without needing to attach to
executed. files.

Replication Needs a host file or program to Can replicate itself independently

replicate. over networks.

Spread Spreads through files, emails, or Spreads through networks, internet,

Method software. or connected devices automatically.

Activation Activated when the infected file or Can act automatically without user
program is run. intervention.

Damage Can corrupt files, delete data, or Can consume bandwidth, slow down
 slow down systems. networks, and sometimes carry
payloads to damage systems.

Examples CIH (Chernobyl), Melissa virus ILOVEYOU, Code Red Worm

13. Short note on :- June 2023 , June 2025

● Steganography
Ans :- Steganography is the art and science of hiding secret information inside
another file or message so that it is not visible or obvious to others.

● Unlike cryptography, which scrambles the content, steganography hides the existence
of the content itself.

How it Works:

● Secret data can be hidden in images, audio files, video files, or text files.
● Example: Changing the least significant bits (LSB) of an image to store hidden text or
message.
● The receiver uses a specific method to extract the hidden information.

Types of Steganography:

1. Image Steganography – Hiding data inside images.

2. Audio Steganography – Hiding messages in audio files.
3. Video Steganography – Hiding information in video files.
4. Text Steganography – Hiding data inside text using invisible characters or spacing.

Uses / Applications:

● Secure Communication – Sending confidential messages without detection.

● Digital Watermarking – Protecting copyright of digital media.
● Military or Intelligence Communication – Covert messaging.

● DDOS attack
Ans :-

● A DDoS attack occurs when an attacker overloads a website, server, or network by

sending massive traffic from multiple compromised devices (called a botnet), making
the service unavailable to legitimate users.

How it Works:

1. The attacker infects multiple computers or devices with malware to form a botnet.
 2. These devices send a huge number of requests to the target system simultaneously.
3. The target system gets overloaded and may crash or become very slow.

Impact:

● Websites or services become unavailable.

● Causes financial loss for businesses.
● Leads to reputation damage.

Prevention / Mitigation:

● Use firewalls and intrusion detection systems.

● Employ anti-DDoS solutions or cloud-based protection.
● Limit traffic from suspicious IP addresses.
● Use load balancers to distribute traffic.

Trojan horse and backdoor .

Ans :-

● A Trojan Horse is a malicious program that appears legitimate but contains harmful
code.
● It tricks users into downloading or running it, thinking it is safe software.

Characteristics:

● Does not self-replicate like a virus or worm.

● Can steal data, damage files, or give unauthorized access.
● Often disguised as games, software, or email attachments.

Example:

● A fake antivirus program that, when installed, steals passwords or personal data.

Backdoor
● A Backdoor is a hidden method or entry point in a program or system that allows
unauthorized access without normal authentication.

Characteristics:

● Can be installed by malware, hackers, or even developers intentionally.

● Allows attackers to bypass security controls and control the system remotely.
● Often used to install other malware, steal data, or manipulate systems.

Example:
 ● A hacker installs a backdoor in a web server to access sensitive files anytime.

14. Explain steps for SQL Injection attack . How to prevent SQL Injection attacks ? June
2025, Nov 2024 / What is SQL Injection and how can it be prevented? Term test
Ans :- SQL Injection Attack:

● SQL Injection is a cyberattack where an attacker inserts malicious SQL code into input
fields of a website or application to access, steal, or manipulate database information.

Steps for SQL Injection Attack:

1. Identify Vulnerable Input Fields

○ The attacker finds input boxes, forms, or URLs that interact with a database.

2. Inject Malicious SQL Code

○ Enter SQL commands in the input fields to manipulate the database query.
○ Example: Username: ' OR '1'='1 to bypass login.

3. Execute the Malicious Query

○ If the application does not validate inputs, the malicious SQL is executed.

4. Retrieve or Modify Data

○ The attacker can view sensitive data, delete records, or modify database
content.

5. Maintain Access (Optional)

○ Advanced attackers may create admin accounts or insert backdoors to regain
access later.

How to Prevent SQL Injection Attacks:

1. Input Validation
a. Ensure only valid data (letters, numbers) is accepted in input fields.

2. Parameterized Queries / Prepared Statements

b. Use queries that separate code from data, preventing execution of malicious
commands.

3. Stored Procedures

c. Execute predefined SQL procedures rather than dynamic queries.

 4. Escaping Special Characters

d. Escape symbols like ', ;, -- to prevent injection.

5. Least Privilege Principle

e. Give minimal database permissions to applications and users.

6. Regular Updates and Patching

f. Keep database software and web applications up-to-date.

7. Web Application Firewalls (WAF)

g. Filter out malicious requests before they reach the database.

15. Short note on DOS Attack . Nov 2024

Ans :- A DoS attack is a cyberattack that aims to make a computer, website, or network
unavailable to legitimate users.
The attacker floods the target with excessive requests, overwhelming the system.
It usually comes from a single computer or network.
Impact: Crashes systems, slows down services, causes financial loss, and disrupts operations.
Prevention: Use firewalls, intrusion detection systems, and regular system updates to reduce
risk.

16. Define VA ( Vulnerability Assessment ). Term Test

Ans :- Vulnerability Assessment (VA) is the process of identifying, evaluating, and
prioritizing security weaknesses or vulnerabilities in a computer system, network, or
application.
Its main goal is to find potential security gaps before attackers can exploit them.

Key Points:

1. Identification of Weaknesses – Scans systems for known security flaws.

2. Evaluation – Assesses the severity and risk of each vulnerability.
3. Prioritization – Helps decide which vulnerabilities need immediate attention.
4. Reporting – Provides a detailed report to improve security measures.

17. Explain XSS attack and how to prevent it ? Term Test

Ans :-
 ● XSS attack is a type of cyberattack where attackers inject malicious scripts (usually
JavaScript) into web pages viewed by other users.

● The attacker exploits vulnerabilities in a website to execute scripts on the victim’s

browser.

How XSS Attack Works:

1. The attacker identifies a vulnerable input field in a website, like a comment box or search
bar.

2. They inject malicious script/code into the input field.

3. When other users view the page, the malicious script runs on their browser.

4. The attacker can steal cookies, session tokens, or personal information, or redirect users
to malicious sites.

Types of XSS Attacks:

1. Stored XSS – Malicious script is stored on the server and executed whenever users
access the page.
2. Reflected XSS – Script is reflected from the server via URL or input field and executed
immediately.
3. DOM-based XSS – Script manipulates the web page DOM on the client side without
involving the server.

Impact:

● Theft of cookies and credentials.

● Session hijacking and unauthorized access.
● Website defacement or redirection to malicious sites.

Prevention Measures:

1. Input Validation – Validate and sanitize all user inputs to remove malicious
code.
2. Output Encoding – Encode output before displaying it on the web page.
3. Use Secure Libraries/Frameworks – Use frameworks that automatically
prevent XSS.
4. Content Security Policy (CSP) – Restrict which scripts can run on a webpage.
5. Regular Security Testing – Scan web applications for XSS vulnerabilities.

18. Explain Bluetooth Hacking with various tools . Term Test

Ans :-
 ● Bluetooth hacking is a type of cyberattack where attackers exploit vulnerabilities in
Bluetooth-enabled devices (like smartphones, laptops, or headphones) to gain
unauthorized access or steal data.
● It usually targets file transfers, device pairing, or communication channels.

How Bluetooth Hacking Works:

1. The attacker searches for Bluetooth-enabled devices within range (usually 10 meters
for standard Bluetooth).
2. They exploit weak security settings or vulnerabilities to connect without permission.
3. Once connected, the attacker can:
○ Access contacts, messages, or files.
○ Intercept data transmissions.
○ Install malware or spy on device activity.

Common Bluetooth Hacking Attacks:

1. Bluejacking – Sending unsolicited messages to nearby devices.

2. Bluesnarfing – Stealing sensitive information like contacts, messages, or files from a
device.
3. Bluebugging – Taking full control of the victim’s device without permission.
4. Blueborne – Exploiting Bluetooth protocol vulnerabilities to infect devices with malware.

Tools Used for Bluetooth Hacking:

1. Bluesnarfer – Steals data such as contacts and messages from Bluetooth devices.
2. Bluebugger – Takes control of mobile phones to make calls, send messages, or access
data.
3. BlueSmack – Performs Denial of Service (DoS) attacks on Bluetooth-enabled devices.
4. BTScanner – Scans for discoverable Bluetooth devices to find vulnerable targets.
5. BlueBorne Exploit Toolkit – Exploits Bluetooth protocol vulnerabilities to gain full
device control.

19. What is a Firewall? Term Test

Ans :-

● A firewall is a network security device or software that monitors and controls incoming
and outgoing network traffic based on predetermined security rules.
● It acts as a barrier between a trusted internal network and untrusted external networks,
such as the internet.

Functions of a Firewall:

1. Traffic Filtering – Blocks unauthorized or suspicious traffic.

2. Access Control – Allows only legitimate users or services to access the network.
 3. Monitoring – Keeps track of network activity for security threats.
4. Preventing Attacks – Protects against malware, hackers, and other cyber threats.

Types of Firewalls:

1. Hardware Firewall – Physical device installed between a network and the internet.
2. Software Firewall – Installed on a computer to monitor traffic on that device.
3. Next-Generation Firewall (NGFW) – Advanced firewall with intrusion detection, deep
packet inspection, and application control.

Module - 4
1. Write a note on Intellectual Property Aspects in cyber law . Term Test
Module -5
Module - 6