Cyber Security & Cyber Law (2 Marks) Questions with Answers

Cyber Security & Cyber Law

5 & 10 Marks (Important) Questions & Answers

2 Marks (IMP)

1. Define Cyber Crime?

Cybercrime is any illegal behavior, directed by means of electronic operations that targets the security of computers and data processed by them.
A crime committed using the computer and the internet to steal a person’s identity or sell contraband or stalk victims or disrupt operations with malicious programs.
Cybercrime is any criminal activity which uses network access to commit a criminal act.

2. Define Cyber Space?

In terms of computer science, “Cyberspace” is worldwide network of computer networks that uses TCP/IP for communication to facilitate transmission and exchange of data.

Cyberspace includes websites, online applications, communication platforms, and various digital resources.

3. Define cyber security?

Cybersecurity refers to the practice of protecting computer systems, networks, and digital data from various forms of cyber threats, such as unauthorized access, cyberattacks, data breaches, and other vulnerabilities.

4. Who are the cyber criminals?

A cybercriminal is an individual who commits cybercrimes, where he/she makes makes use of the computer either as a tool or as a target or as both. as both.

A cybercriminal is a person who uses his skills in technology to do malicious acts acts and illegal activities known as cybercrimes. They can be individuals or teams.

5. What is spamming?

Spamming is the use of electronic messaging systems like e-mails and other digital delivery systems and broadcast media to send unwanted bulk messages indiscriminately. The term spamming is also applied to other media like in internet forums, instant messaging, and mobile text messaging, social networking spam, junk fax transmissions, television advertising and sharing network spam.

6. Define E-Mail Spoofing?

E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source.
To send spoofed e-mail, senders insert commands in headers that will alter message, information.

7. What do you mean by salami attack?

(Salami is cured sausage, fermented and air-dried meat, originating from one of a variety of animals.)The name ‘salami attack’ comes from the fact that salami is cut into very thin slices. It is also known as salami shaving.

A salami attack is a series of minor attacks that together results in a larger attack. These attacks are used for committing financial crime.
The idea here is to make an alteration so insignificant that in a single case it would go completely unnoticed.

8. Define web Jacking?

Web Jacking is a phishing attack intended to extract confidential data from users. It follows a basic skeleton, from creating a fake website to freezing it to steal the users’ login information.

This term is derived from the term hi jacking.

9. What do you mean by password sniffing?

Password sniffing is a form of cyberattack where an attacker uses various techniques to intercept and capture passwords as they are transmitted over a network. This can occur when a user enters their password on a website or other online service, and the information is transmitted over the network in an unencrypted or weakly encrypted form, making it vulnerable to interception.

Password sniffers are programs that monitor and record the name and password of network users as they login, jeopardizing security at a site.
Whoever installs the sniffer can then impersonate an authorized user and login to access restricted documents.

10. What is Identity theft?

Identity theft refers to the unauthorized use of someone else’s personal information, typically for financial gain or to commit fraud. This stolen information can include the person’s name, social security number, credit card number, or other sensitive data.

11. What is cyber stalking?

Cyberstalking is a form of harassment or intimidation that occurs online. It involves the persistent and unwanted pursuit of an individual using electronic communication, social media, or other online platforms. Perpetrators of cyberstalking may engage in a range of behaviors, including sending threatening or harassing emails, text messages, or social media posts, monitoring someone’s online activity, or using technology to track an individual’s movements and interactions.

Stalking is an “act or process of following victim silently – trying to approach somebody or something”.
Cyberstalking has been defined as the use of information and communications technology of individuals to harass another individual, group of individuals or
organizations.

12. What do you mean by cyber defamation?

Cyber Defamation is the act of publishing false or defamatory statements about an individual or organization on the internet. It can include statements made on social media, forums, blogs, or any other online platform. Cyber defamation can cause significant harm to the reputation of the person or organization and can lead to loss of business, financial damages, and emotional distress.

13. Define Phishing?

Phishing is stealing personal and financial data, can infect systems with viruses and method of online ID theft. It is fraudulent activity attempt to obtain sensitive information or data, such as username, passwords, credit card details by pretending oneself as trust worthy person or entity in an electronic communication.

14. What is DoS(Denial of service attack) ?

The cybercriminal aims to attack these kinds of attacks to make system unavailable to its users by intercepting/ interrupting the device’s normal functionality. These kinds of attacks, attacker floods the network of targeted machine.
The attackers typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, mobile phone networks. Here Spoofing is used which is buffer overflow technique.

15. Define Cyber terrorism?

Cyber terrorism (also known as digital terrorism) is defined as disruptive attacks by recognized terrorist organizations against computer systems with the intent of generating alarm, panic, or the physical disruption of the information system.

Basically, crime is “personal” while terrorism is “political.” Crimes are committed for individual, personal reasons, the most important of which are personal gain and the desire (need) to harm others psychologically and/or physically.

16. Who are Crackers, hackers?

Crackers:

These individuals are typically known for breaking into computer systems, networks, or software, often for malicious purposes such as breaching security defenses, stealing sensitive information, or causing damage to data or systems. The term “cracker” is often used to describe those who use their technical skills to exploit vulnerabilities and gain unauthorized access to digital assets.

Hackers:

Hackers are individuals who use their hacking skills for ethical purposes. They often hack systems to fulfill a specific objective or to enhance their knowledge. Hackers identify and rectify vulnerabilities in a system to enhance its security. They are essentially programmers with a deep understanding of programming languages and operating systems. Their goal is never to cause harm or compromise system data.

17. Who are Phreakers?

Phreakers are hackers who specialize in attacks on the telephone system. Phreakers originally referred to groups who reverse-engineered the system of tones used to route long-distance calls. Phreakers re-created these tones, enabling them to switch calls from their phone handset and make free calls to anywhere in the world.

18. Define Brute force hacking?

Brute force hacking is a trial-and-error method used to obtain information such as a user password or personal identification number (PIN). It involves systematically checking all possible keys or passwords until the correct one is found. This is often done using automated software that can rapidly generate and test many combinations of passwords until the correct one is identified. Brute force attacks can be time-consuming but, in some cases, can be effective if the target password is weak or the attacker has sufficient computational resources. However, brute force attacks are considered unethical and illegal when used without proper authorization.

19. What is inside and outside attack?

Insider Attack:

An insider attack, also known as an internal threat, refers to a security breach or unauthorized activity that originates from within an organization’s internal network by an individual who already has access to the system or sensitive information. This type of attack is carried out by employees, contractors, or partners who misuse their authorized access to compromise the organization’s data, systems, or network security.

Insider attacks can take various forms, including theft of sensitive data, sabotage, fraud, espionage, or accidental security breaches. The individuals involved in insider attacks may have a deep understanding of the organization’s infrastructure and security protocols, making it potentially easier for them to carry out the attack without being detected.

Outsider Attack:

The percentage of external threats to an organization is very high. It includes well-funded hackers, organized crime groups, and government entities. Attacks can be either active or passive. An active attack generates packets or participates in the network while a passive attack is eavesdropping the network or tracking users. Main motive behind these kind of cyber-attacks include Cyber Espionage, Cyber Warfare, and Hacktivism. These attackers are persistent, and it is important to be aware of the methods used by hackers. This is an important step towards defending sensitive company data. The cost to a company could potentially be millions of dollars, when a hacker exposes sensitive data to the public.

20. What is active attack & Passive attack?

Active Attack:

An active attack is a security attack in which the attacker directly communicates with the target system or network. In this attack, an attacker attempts to modify or disrupt the system or network’s functioning by injecting malicious traffic or executing unauthorized commands. It can be dangerous to the integrity and availability of a system or network. It can compromise the data integrity and reduce the availability of system resources, leading to significant damage and financial loss for the targeted organization.

Passive Attack:

A passive attack is also a type of security attack in which an attacker is in indirect contact with the target system or network and monitors the communication between the target system. In this attack, an attacker monitors, intercepts, or eavesdrops on data transmissions without altering or affecting them. The main objective of a passive attack is to gain unauthorized access to sensitive or confidential data or information without being detected. They are often difficult to discover as they do not disrupt system operations or modify data.

21. Define Social Engineering?

Social engineering is a deceptive technique used by malicious actors to manipulate individuals into divulging confidential information, providing unauthorized access, or performing actions that compromise security. This manipulative approach relies on psychological manipulation rather than technical exploitation to gain access to sensitive data or systems.

Social engineers often use tactics such as impersonation, pretexting, phishing, and baiting to exploit human psychology and trust. This can involve posing as a trusted individual or authority figure, creating a sense of urgency or fear, or luring targets with false promises or incentives. By exploiting human tendencies to trust, help, or respond to authority, social engineers aim to elicit sensitive information or actions from their targets.

22. Define plaintext and ciphertext.

Plaintext refers to the original, unencrypted data or information that is in a human-readable and understandable format. It represents the data in its normal, unaltered state before any encryption or cryptographic transformations are applied.

Ciphertext refers to the encrypted form of data that has undergone transformation through the use of cryptographic algorithms and keys. This transformed data is no longer readable or understandable in its original form and instead appears as a series of random characters that are intended to be unintelligible to unauthorized individuals.

23. Define Botnet?

A botnet is a network of internet-connected devices that have been infected with malicious software, also known as malware, and are controlled by a single entity, known as the bot herder or botmaster. These compromised devices, often referred to as bots or zombies, can include computers, servers, smartphones, and other internet-connected devices.

24. What is attack vector?

An attack vector refers to the pathway or means by which a hacker or malicious actor gains unauthorized access to a computer, network, or system to carry out an attack.

25. Define Mishing?

It seems that “Mishing” may be a typographical error or a term that is not widely recognized in the context of cybersecurity or technology. If you intended to inquire about a specific concept or term related to these fields, please provide additional information or clarify your request, and I’ll be glad to assist you further.

26. Define smishing?

Smishing refers to a form of phishing that takes place through SMS (Short Message Service) or text messages on mobile devices. In smishing attacks, malicious actors use deceptive text messages to trick recipients into divulging sensitive information, clicking on malicious links, or downloading malware onto their mobile devices. This social engineering technique often exploits urgency or fear, such as fake alerts about compromised accounts, the need to verify personal information, or offers that seem too good to be true.

27. Define Vishing?

Vishing, short for “voice phishing,” is a form of social engineering attack that involves the use of phone calls (voice communication) to deceive individuals into providing sensitive information, such as personal identification numbers (PINs), passwords, credit card details, or other confidential data. Vishing attackers often impersonate legitimate entities, such as financial institutions, government agencies, or trusted organizations, aiming to create a sense of urgency or fear in the targeted individual.

28. What is port scanning?

Port scanning is a technique used to identify the available services and potential vulnerabilities of a networked computer system. It involves sending specially crafted packets to specific ports on a target system and analyzing the responses to determine whether the port is open, closed, or filtered.

29. Define Cryptography?

Cryptography is the science of securing communication and information by converting plain text into a coded format, known as ciphertext, to make it unintelligible to unauthorized parties. It encompasses various methods for encrypting and decrypting data to ensure confidentiality, integrity, authentication, and non-repudiation in the transmission and storage of sensitive information.

Cryptography techniques involve the use of cryptographic algorithms and keys to transform data into an encrypted form that can only be deciphered by authorized parties possessing the appropriate decryption keys. It is applied in a wide range of applications, including secure communication over the internet, protecting sensitive data, securing financial transactions, and ensuring the privacy and authenticity of information.

30. What is proxy server? Define Anonymizers?

A proxy server acts as an intermediary between a client (such as a user’s computer) and the internet. When a user requests data from the internet, the request is first sent to the proxy server, which then forwards the request to the internet and returns the response to the user. Proxy servers can help in various ways, including improving performance by caching frequently accessed resources, enhancing privacy and security, and bypassing content restrictions.

An anonymizer, also known as an anonymous proxy, is a type of proxy server that serves to make a user’s internet activity untraceable by hiding their IP address and other identifying information. Anonymizers can help users browse the internet anonymously, bypass geo-restrictions, and access content that may not be available in their region. However, it’s important to note that while anonymizers can enhance privacy, they are not foolproof and may still have limitations in terms of full anonymity and security.

31. Define password cracking?

Password cracking refers to the process of attempting to discover a password or passphrase by systematically guessing or using automated tools to uncover the correct combination of characters. This method is employed to gain unauthorized access to secured systems, networks, or accounts.

There are several techniques used in password cracking, including dictionary attacks, which involve trying common words and phrases, and brute force attacks, which systematically generate all possible password combinations until the correct one is found.

32. Define key loggers and Anti key logger?

Keyloggers are malicious software programs or hardware devices designed to covertly record and monitor the keystrokes entered by a user on a computer or mobile device. The captured keystrokes may include sensitive information such as usernames, passwords, credit card details, and other confidential data. Keyloggers can compromise the privacy and security of individuals and organizations by surreptitiously gathering this sensitive information.

Anti-keylogger software, also known as anti-spyware or anti-keylogging software, is designed to detect and prevent unauthorized keylogging activities on a computer or device. These security applications work by monitoring and analyzing system behavior and intercepting attempts to capture keystrokes or other sensitive data. Anti-keylogger tools help protect against the unauthorized collection of sensitive information and provide an additional layer of defense against malicious keylogging activities.

33. What is spyware?

Spyware is a type of malicious software designed to covertly gather information about a user’s computer activities, often without their knowledge or consent. This information can include browsing habits, keystrokes, personal information, and other sensitive data. Spyware can be used for various nefarious purposes, such as stealing sensitive information, monitoring user behavior, and displaying targeted advertisements.

34. Define virus and worm?

Virus:

Computer virus is a program that can “infect” legitimate programs by modifying them to include a possibly “evolved” (modified) copy of itself. Viruses spread themselves, without the knowledge or permission of the users. Viruses contain malicious instructions.

Worm:

Computer Worm is a self replicating malware computer program. It uses computer network to send copies of itself to other computers on the network without any user intervention/ user’s help. Worms cause least harm to the network compared to viruses.

35. What do you mean by Trojan Horse and Backdoor attack?

Trojan Horse:

A Trojan Horse, often referred to as a Trojan, is a type of malicious software that disguises itself as a legitimate program or file to trick users into downloading and executing it. Once installed, it can perform various destructive actions, including stealing sensitive information, compromising system security, and providing unauthorized access to the attacker. Unlike viruses and worms, Trojans do not replicate themselves but rely on social engineering tactics to deceive users into initiating their execution.

Backdoor Attack:

backdoor attack involves the unauthorized insertion of a hidden access point (often a software vulnerability or covert channel) into a system, allowing attackers to bypass normal authentication measures and gain clandestine access. Once a backdoor is established, malicious actors can exploit it to access or control the compromised system, exfiltrate data, manipulate settings, or distribute additional malware.

36. Define Stenography and cryptography?

Steganography:

Steganography is the practice of concealing messages or information within other non-secret data, such as images, audio files, or text, in a way that prevents unintended individuals from suspecting the existence of the hidden content. This technique aims to ensure that the information’s existence remains secret, as opposed to cryptography, which primarily focuses on rendering the information itself unintelligible. Steganography techniques include hiding data within the least significant bits of images or altering the spacing of letters in a text to convey a concealed message.

Cryptography

Cryptography, on the other hand, is the science and practice of securing communication and information through the use of mathematical algorithms and keys. It involves the process of transforming plaintext into ciphertext to ensure confidentiality, integrity, authenticity, and non-repudiation of the information being transmitted. Cryptography encompasses various methods, such as encryption, hashing, and digital signatures, and is widely used in information security, including secure communication over the internet, data protection, and authentication.

37. What is DoS Attack?

A denial-of-service (DoS) attack is a malicious attempt to disrupt the normal functioning of a targeted system, network, or service by overwhelming it with a flood of illegitimate traffic, requests, or other forms of disruptive activity.

38. What is DDoS attack?

DDoS attack is a type of cyber attack that utilizes multiple compromised computer systems or devices to flood a targeted system, server, or network with an overwhelming volume of traffic. This coordinated attack aims to disrupt the availability of the targeted resource, resulting in service interruption or downtime.

In a DDoS attack, the attacker gains control of a network of compromised devices, often referred to as a botnet, and uses these devices to simultaneously send a massive amount of traffic or requests to the target. These attacks can exploit vulnerabilities in network protocols, consume server resources, or saturate the network bandwidth, making it difficult for legitimate users to access the targeted system.

39. What is SQL Injection?

SQL injection is a type of cybersecurity vulnerability that occurs when an attacker injects malicious SQL (Structured Query Language) code into input fields of a web application. This exploit can compromise the security of a database-driven application, allowing the attacker to execute unauthorized SQL commands and potentially gain access to sensitive information or manipulate the database.

40. What is buffer overflow?

Buffer overflow is a type of software vulnerability that occurs when a program writes more data to a buffer, such as an array or a memory space, than it can hold. This overflow can lead to overwriting adjacent memory locations, including crucial program data, potentially leading to crashes, erratic behavior, or unauthorized access to the system.

41. Define digital signature?

A digital signature is a cryptographic technique used to verify the authenticity and integrity of a digital message, document, or electronic data. It involves the creation of a unique digital signature using a private key, which can be verified using the corresponding public key. Digital signatures provide non-repudiation, meaning that the signer cannot later deny their involvement, and they also ensure that the signed data has not been altered since the signature was applied.

42. Define Personally Identifiable Information (PII)?

Personally Identifiable Information (PII) refers to any information that can be used to identify or distinguish an individual’s identity. This includes data elements such as full names, addresses, social security numbers, passport numbers, driver’s license numbers, email addresses, telephone numbers, and biometric records. Additionally, PII can encompass more contextual information, such as employment history, financial details, or medical information, if it is tied or can easily be tied to a specific individual.

43. What is Digital forensics?

Digital forensics, also known as computer forensics, is the process of collecting, analyzing, and interpreting digital evidence from electronic devices and computer systems to present in a court of law. It involves the application of forensic techniques to investigate digital devices and data storage to uncover and preserve evidence related to a crime, security breach, or unauthorized activity.

Digital forensics procedures include the identification, preservation, extraction, analysis, and documentation of digital evidence such as files, emails, logs, metadata, and network traffic.

44. Define forensic science and computer forensic?

Forensic science is the application of scientific principles, techniques, and methodologies to investigate and solve crimes, legal disputes, or other issues within the legal system. It encompasses various scientific disciplines such as biology, chemistry, physics, and computer science to analyze physical evidence and provide objective findings for legal proceedings. Forensic scientists play a crucial role in processing and analyzing evidence to support criminal investigations, identify suspects, and aid in the administration of justice.

Computer forensics, also known as digital forensics, is a branch of forensic science that specifically focuses on the investigation and analysis of digital evidence from electronic devices and computer systems. Computer forensic experts use specialized tools and methodologies to recover, examine, and interpret data from various types of digital media, including hard drives, mobile devices, and networks. This field is highly relevant in modern criminal investigations, cybersecurity incidents, and civil litigations involving digital evidence. Computer forensic techniques are used to uncover digital artifacts, reconstruct events, and determine the authenticity and integrity of electronic information.

45. What is network forensics?

Network forensics is a specialized field within the realm of digital forensics that concentrates on the investigation of network traffic and the activity within computer networks. It involves the capture, analysis, and reconstruction of events and behaviors occurring in networked environments to identify security incidents, unauthorized access, or malicious activities.

46. What is chain of custody?

Chain of custody refers to the chronological documentation of the handling, transfer, and control of physical and digital evidence during its lifecycle in a legal case or investigation. It is a critical process that involves maintaining meticulous records of the possession, storage, and movement of evidence from the time it is obtained until its presentation in a court of law.

The chain of custody documentation typically includes details such as the names of individuals who handled the evidence, the date and time of transfer, the purpose of transfer, and the condition of the evidence at each stage. This documentation is crucial to establish the integrity and authenticity of the evidence, as it ensures that the evidence has not been tampered with, altered, or compromised during the investigative process.

47. Define forensic auditing?

Forensic auditing is a specialized type of examination and analysis of financial information, transactions, and records conducted with the intention of uncovering evidence for use in a court of law or legal proceedings. This practice combines elements of traditional financial auditing with investigative techniques to detect fraud, embezzlement, or financial mismanagement within an organization.

48. What anti forensic?

The term “anti-forensic” refers to techniques and methods employed to hinder or evade forensic investigation and analysis. These methods are used to obscure, alter, or delete digital or physical evidence in an attempt to prevent its discovery or to diminish its evidential value. Anti-forensic measures can involve various activities, such as data encryption, file hiding, file deletion, data overwriting, and the use of tools designed to cover digital tracks or obfuscate investigative efforts.

49. What is network security?

Network security refers to the comprehensive set of measures and strategies designed to protect the integrity, confidentiality, and availability of data and resources within a computer network. It encompasses the implementation of both hardware and software technologies, policies, and procedures aimed at preventing unauthorized access, misuse, modification, or denial of network assets and information.

50. What is cyber-attack?

A cyber-attack refers to a deliberate, offensive action carried out by individuals, groups, or organizations to exploit weaknesses in computer systems, networks, or digital devices. The primary goal of a cyber-attack is to compromise, disrupt, or gain unauthorized access to data, systems, or resources for malicious purposes.

51. Define vulnerability. And list the 4 important vulnerabilities.

A vulnerability in the context of cybersecurity refers to a weakness or flaw in a system, network, or application that can be exploited by a cyber attacker to compromise the confidentiality, integrity, or availability of data or resources.

Here are four important types of vulnerabilities:

1. Software Vulnerabilities.

2. Hardware Vulnerabilities.

3. Network Vulnerabilities.

4. Human-Related Vulnerabilities.

52. What is pharming attack?

A pharming attack is a type of cyber attack that involves redirecting website traffic from a legitimate website to a fraudulent one without the user’s knowledge or consent. This is typically achieved by exploiting vulnerabilities in the Domain Name System (DNS) or by compromising the user’s local host file. Once the user is redirected to the fraudulent website, their sensitive information, such as login credentials, credit card numbers, or personal data, can be collected by the attackers.

53. Define eaves-dropping or snooping?

Eavesdropping or snooping refers to the act of secretly listening to, monitoring, or observing private conversations or activities of others without their knowledge or consent. This unauthorized surveillance can occur through various means, including listening in on conversations, monitoring electronic communications, or covertly observing individuals for the purpose of obtaining confidential or sensitive information.

Eavesdropping can be carried out for malicious purposes such as espionage, theft of information, or invasion of privacy. In digital contexts, snooping can involve unauthorized access to electronic communications, such as emails, instant messages, or other forms of digital data, leading to privacy breaches and potential security risks.

54. What is encryption?

Encryption is the process of converting plain, readable data into an encoded form, known as ciphertext, using an algorithm and a cryptographic key. The purpose of encryption is to ensure the confidentiality, integrity, and security of sensitive information during transmission or while stored.

55. What is decryption?

Decryption is the process of converting encrypted data, in the form of ciphertext, back into its original plaintext form using a decryption algorithm and the appropriate cryptographic key. This process allows authorized individuals to retrieve and read the original data that was encrypted.

The decryption process utilizes the decryption key and algorithm that are complementary to those used for encryption. When the correct decryption key is applied to the ciphertext, the original plaintext is restored, making the data readable and understandable once again.