Scribd
Upload
52 views2 pages

Understanding Hacking and Cyber Security

The document provides an overview of hacking, including definitions, types of hackers, and the main purposes of hacking. It discusses various cybersecurity concepts such as password sniffing, vulnerabilities, denial-of-service attacks, and social engineering techniques. Additionally, it outlines the importance of cybersecurity policies and the classification of social engineering methods.

Uploaded by

moteom9021
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
52 views2 pages

Understanding Hacking and Cyber Security

The document provides an overview of hacking, including definitions, types of hackers, and the main purposes of hacking. It discusses various cybersecurity concepts such as password sniffing, vulnerabilities, denial-of-service attacks, and social engineering techniques. Additionally, it outlines the importance of cybersecurity policies and the classification of social engineering methods.

Uploaded by

moteom9021
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

1. What is hacking? Hackers? What is the main purpose of hacking?

Hacking: Unauthorized access to a computer system or network. Hackers: Individuals who perform
hacking. - Black Hat → Malicious hackers. - White Hat → Ethical hackers. - Grey Hat → Hackers in
between. Purpose: Stealing data, disrupting systems, testing security (ethical), financial gain,
political/activist motives.

2. Define password sniffing.


Password sniffing is the process of capturing passwords during network transmission using sniffing
tools. It exploits unsecured protocols (like HTTP, FTP) and allows attackers to steal login
credentials.

3. What is vulnerability? Explain different causes of vulnerability.


Vulnerability: A weakness in software, hardware, or processes that can be exploited by attackers.
Causes: - Poor coding practices - Misconfigured systems - Outdated/Unpatched software - Weak
passwords - Social engineering - Lack of encryption

4. Write a note on Denial-of-Service (DoS).


A DoS attack floods a server or network with excessive traffic, making it unavailable to legitimate
users. Types: - DoS (single source attack) - DDoS (Distributed DoS from multiple systems).

5. Cyber security, cyber crime, cyber criminals.


Cyber Security: Protection of digital systems from attacks. Cyber Crime: Illegal activities using
computers/networks (e.g., identity theft, hacking, phishing). Cyber Criminals: Individuals or groups
who perform cyber crimes.

6. Define brute force technique (hacking).


Brute force is a hacking method that tries all possible password or key combinations until the
correct one is found. Prevention: Strong passwords, account lockout, CAPTCHA, MFA.

7. Describe active and passive attacks with examples.


Active Attack: Attacker modifies, deletes, or injects data. Example: DoS, data modification,
man-in-the-middle. Passive Attack: Attacker only monitors/reads communication without changing
data. Example: Eavesdropping, traffic analysis.

8. Define Reconnaissance.
Reconnaissance = Gathering information about a target system before an attack. Types: - Passive
Reconnaissance → Collecting data without direct contact (Google, Whois). - Active
Reconnaissance → Direct probing of target (ping, port scanning).

9. What is Social Engineering? Explain different types.


Social Engineering = Manipulating people to reveal sensitive info. Types: - Phishing (fake emails) -
Pretexting (fake identity) - Baiting (infected USB drive) - Tailgating (entering restricted area behind
someone) - Spear Phishing (targeted phishing)
10. What is Cyber Security Policy?
A Cyber Security Policy is a set of rules and best practices defined by an organization to protect its
IT systems, networks, and data. Includes: Password policy, data protection rules, access control,
incident response guidelines.

11. Define Cyber Security Social Engineering and classification of Social


Engineering.
Cyber Security Social Engineering: Using psychological manipulation to trick people into revealing
confidential info online. Classification: - Human-based → Phishing, impersonation, pretexting. -
Computer-based → Malware emails, fake pop-ups, phishing websites. - Mobile-based → Smishing
(SMS phishing), Vishing (voice call phishing).

You might also like