CYBER SECURITY

Unit 1
1.Define Information Security. Explain the importance of
information security(REPEATED IN 0CT 2019)
Information Security is not only about securing information from unauthorized access.
Information Security is basically the practice of preventing unauthorized access, use, disclosure,
disruption, modification destruction of information. Information can be physical or electronic
one. Information can be anything like Your details or we can say your profile on social media,
your data in mobile phone, your biometrics etc.
Importance:
#1. Most businesses/individuals have information that needs protection
Businesses, hospitals, and governments are at risk because they handle massive amounts of
sensitive information. That includes financial accounts, social security numbers, medical
information, national security secrets, and more.
#2. Threats are everywhere
Information security threats are very common. They include worms, viruses, information
extortion, intellectual property theft, identity theft, and physical equipment theft. Information
security threats aren’t limited to malicious actors.
#3. Information security is required
In many countries, businesses dealing with data must implement information security policies
and strategies. entities will need to comply as data privacy remains a major issue.
#4. Security breaches are expensive
There are many aspects of a security breach and they can all be costly. To prevent another
breach, businesses and governments must also pay a specialist to analyze the situation and figure
out what happened
#5. Attacks are getting more impressive
Information security is even more essential these days because cyberattacks are getting more
sophisticated. The technology is improving, which not only means that hackers are getting better.
#6. There are state-sponsored hackers
sometimes a bigger agenda behind cyberattacks. Some hacker groups are funded by governments
to destabilize or interfere with other nations.
#7. IoT makes life easier for hackers
“IoT” stands for “internet of things.”. It’s a massive network of physical objects, Unfortunately,
many of these devices are vulnerable to attacks.
#8. Information security is a growing career field
It’s clear that information security is essential for any organization dealing with data. They’ll
need specialists to help implement strategies and policies. As the need increases, so do
employment opportunities.
#9. Information security builds trust

Companies can build trust by thoroughly researching the best security measures, conducting
regular assessments, and knowing what their third parties are up to.

#10. Cyberattacks increase during chaotic times

Information security is always important, but it’s most important in times of crisis. The global
pandemic is a good example. Cyberattacks doubled in 2020.

Explain The Principles of Network Security[Oct 19]

Information Security is not only about securing information from unauthorized access.
Information Security is basically the practice of preventing unauthorized access, use, disclosure,
disruption, modification destruction of information. Information can be physical or electronic
one. Information can be anything like Your details or we can say your profile on social media,
your data in mobile phone, your biometrics etc.
Information Security programs are build around 3 objectives, commonly known as CIA –
Confidentiality – means information is not disclosed to unauthorized individuals, entities and
process. The purpose of the confidentiality principle is to keep personal information private and
to ensure that it is visible and accessible only to those individuals who own it or need it to
perform their organizational functions.
Integrity – means maintaining accuracy and completeness of data. This means data cannot be
edited in an unauthorized way. The principle of integrity ensures that data is accurate and reliable
and is not modified incorrectly, whether accidentally or maliciously.
Availability – means information must be available when needed.
Denial of service attack is one of the factor that can hamper the availability of information. The
purpose of availability is to make the technology infrastructure, the applications and the data
available when they are needed for an organizational process or for an organization’s customers.

2. Explain various threats and attacks to information

security system. (REPEATED IN 0CT 2019)
Threats and attacks are given below:
on the basis of Infection Method
1)Virus – They have the ability to replicate themselves by hooking them to the program on the
host computer like songs, videos etc and then they travel all over the Internet.
2)Worms – Worms are also self-replicating in nature but they don’t hook themselves to the
program on host computer. Biggest difference between virus and worms is that worms are
network-aware.
3)Trojan – The Concept of Trojan is completely different from the viruses and worms. Their
purpose is to conceal themselves inside the software that seem legitimate and when that software
is executed they will do their task of either stealing information or any other purpose for which
they are designed.
4)Bots –: can be seen as advanced form of worms. They are automated processes that are
designed to interact over the internet without the need for human interaction. They can be good
or bad
on the basis of Actions:
5)Adware – Adware is not exactly malicious but they do breach privacy of the users. They
display ads on a computer’s desktop or inside individual programs.
6)Spyware – It is a program or we can say software that monitors your activities on computer
and reveal collected information to an interested party. Spyware are generally dropped by
Trojans, viruses or worms.
7)Ransomware – It is type of malware that will either encrypt your files or will lock your
computer making it inaccessible either partially or wholly. Then a screen will be displayed
asking for money i.e. ransom in exchange.
8)Scareware – It masquerades as a tool to help fix your system but when the software is
executed it will infect your system or completely destroy it. The software will display a message
to pay them to fix your system.
9)Rootkits – are designed to gain root access or we can say administrative privileges in the user
system. Once gained the root access, the exploiter can do anything from stealing private files to
private data.
10)Zombies – They work similar to Spyware. Infection mechanism is same but they don’t spy
and steal information rather they wait for the command from hackers.
11)Outdated Security Software – With new threats emerging every day, updating in security
software is a prerequisite to have a fully secured environment.
12)Social media attacks – In this cyber criminals identify and infect a cluster of websites that
persons of a particular organization visit, to steal information.

Unit 2
3. What are the Security Threats to E-Commerce?
1)Financial frauds: Ever since the first online businesses entered the world of the internet,
financial fraudsters have been giving businesses a headache. There are various kinds of financial
frauds prevalent in the e-commerce industry
2)Credit Card Fraud: It happens when a cybercriminal uses stolen credit card data to buy
products on your e-commerce store. Usually, in such cases, the shipping and billing addresses
vary.
3) Fake Return & Refund Fraud: The bad players perform unauthorized transactions and clear
the trail, causing businesses great losses. Some hackers also engage in refund frauds, where they
file fake requests for returns.
4. Phishing: fraudsters present fake copies of your website pages or another reputable website to
trick the users into believing them. For example, see this image below. A seemingly harmless and
authentic email from PayPal asking to provide details
5)Spamming:Some bad players can send infected links via email or social media inboxes. They
can also leave these links in their comments or messages on blog posts and contact forms. Once
you click on such links, they will direct you to their spam websites, where you may end up being a
victim.
6)DoS & DDoS Attacks:Many e-commerce websites have incurred losses due to disruptions in
their website and overall sales because of DDoS (Distributed Denial of Service) attacks.
7)Malware:Hackers may design a malicious software and install on your IT and computer systems
without your knowledge. These malicious programs include spyware, viruses, trojan, and
ransomware
.8) Exploitation of Known Vulnerabilities:Attackers are on the lookout for certain vulnerabilities
that might be existing in your e-commerce store.
Often an e-commerce store is vulnerable to SQL injection (SQLi) and Cross-site Scripting (XSS)
9). Bots: can be seen as advanced form of worms. They are automated processes that are designed
to interact over the internet without the need for human interaction.
Some attackers develop special bots that can scrape your website to get information about
inventory and prices
10)Man in The Middle (MITM):A hacker may listen in on the communication taking place
between your e-commerce store and a user. If the user is connected to a vulnerable Wi-Fi or
network, such attackers can take advantage of that.
11) e-Skimming:E-skimming involves infecting a website’s checkout pages with malicious
software. The intention is to steal the clients’ personal and payment details.
12)Brute force:The online environment also has players who can use brute force to attack your
admin panel and crack your password. These fraudulent programs connect to your website and try
out thousands of combinations in an attempt to obtain you site’s passwords.

4.Explain Business Transaction on web[Oct 19]

 There are two primary types of e-commerce. One is B2B and other is B2C. You are
engaging in B2B (business-to-business e-commerce) when you buy products or services for
your own business. B2C (business-to-customer) is far more common. it occurs when you
buy products online for yourself.
 The process of Business transaction over internet is simple. For example, consider you
want to purchase a book from a website. First you should go to the vendor web site and
select what are the items (books) you want to purchase with the help of different catalog
(according to your choice: fiction, no-fiction, short story etc.). Then you have to select the
book with the buy now option. After that you have to enter your details for the delivery.
 Typically, the payment methods are debit, credit card and online banks. payment is the
final steps of any business transaction.
 Next process is Consumer Information Security and Concerns. You have to enter all the
card details / bank details (for example card number, validity etc.). Then it will redirect to
bank site with security (Most of the payment sites enabled secure socket layer — SSL
security to send your confidential data)
 To understand the concept of Electronic Payment System and its security services.
 To bring out solution in the form of applications to uproot Electronic Payment.
 To understand working of various Electronic Payment System based applications.

5.Explain Concepts In Electronic Payments System:

[Oct 19]
What is an e-payment system?
An e-payment or Electronic Payment system allows customers to pay for the services via
electronic methods.
They are also known as online payment systems. Normally e-payment is done via debit, credit
cards, direct bank deposits, and e-checks, other alternative e-payment methods like e-wallets,
bitcoin, cryptocurrencies, bank transfers are also gaining popularity.
Types:
Internet banking – In this case, the payment is done by digitally transferring the funds over the
internet from one bank account to another.Some popular modes of net banking are, NEFT, RTGS,
IMPS.
Card payments – Card payments are done via cards e.g. credit cards, debit cards, smart cards,
stored valued cards, etc. In this mode, an electronic payment accepting device initiates the online
payment transfer via card
E-cash – It is a form where the money is stored in the customer’s device which is used for
making transfers. (Like Wallets of some app)
E-check – This is a digital version of a paper check used to transfer funds within accounts.

Credit card – An e payment method where the card is required for making payments through an
electronic device.

Direct debit – Direct debit transfers funds from a customer’s account with the help of a third
party (like Phonepe)

6.What are the basic needs of physical security.

1) Physical security is an important part of a security plan. It forms the basis for several
security efforts, such as data security.
2) Physical security defines the protection of constructing sites and from theft, vandalism,
natural disaster, man-made catastrophes, and accidental damage.
3) It can need the vulnerabilities list to set priorities on resources required.
4) It can improve the system to the extent possible, and maintain a list of improvements still
needed.
5) Physical security is generally unobserved (and its significance undervalued) in support of
more technical and dramatic concerns like hacking, virus, Trojans, and spy ware.
6) Protection against intrusions into the computer system by external is an important
element of the security policy.
7) In physical security, unauthorized access can result in lost data, altered data, altered
equipment configurations
8) Therefore, hardware should protect against inside and outside intruders by using
authentication factor. Security lock can be used.
9) It can be minimize outside access. Secure rooms must have one or two solid, fireproof,
and lockable doors.
10) The doors must be observable by security staff. Doors to secure areas should not be left
open.
 11) It can be maintain secure system for keys and combinations. If there is a breach, each
compromised lock must be changed.
12) Backup media must be more protected. Some hardware techniques supports a larger level
of security than non-secure media including backup tapes, floppy diskettes, or smart
cards

7.WHAT IS DISASTERS AND CONTROLS EXPLAIN IT

WITH EXAMPLE.
A disaster is defined as a sudden, destructive occurrence that disrupts a community's or society's
functioning and causes human, environmental damage, economic and material losses.
Types of Disaster

Natural Disaster: Natural Disasters are naturally occurring physical phenomena caused either
by rapid or slow onset events that have immediate impacts on human health and secondary
impacts causing further death and suffering.These disasters can
be:Geophysical,Hydrological,Climatological,Meteorological,Biologicale.g. Earthquakes,
Landslides, Tsunamis and Volcanic.

A natural disaster is a natural process or occurrence that can lead to property harm, injury or
other health effects, loss of livelihoods, loss of life, environmental damage, and economic
disruption

Man-Made Disasters: Man-Made Disasters as viewed by the International Federation of Red

Cross & Red Crescent Societies are events that are caused by humans which occur in or close to
human settlements often caused as a results of Environmental or Technological Emergencies.
This can include: Environmental Degradation,Pollution,Accidents (e.g. Industrial, Technological
and Transport usually involving the production, use or transport of hazardous materials)

Man-made disasters have an element of human intent, negligence, or error involving a failure of
a man-made system, as opposed to natural disasters resulting from natural hazards. Such man-
made disasters are crime, arson (firebombing), civil disorder, terrorism, war, biological/chemical
threat, cyber-attacks, etc.

List arid Explain Natural Disaster and controls.[Oct

19]
A disaster is described as a sudden misfortune that is disastrous to an undertaking. Natural
disasters contains all types of severe weather, which have the potential to pose an essential threat
to human health and safety, property, demanding infrastructure, and homeland security.

Natural disasters appears both seasonally and without warning, subjecting the nation to frequent
time of insecurity, disruption, and monetary loss. These resources serve to prepare IHEs for
several natural disasters, such as winter storms, floods, tornados, hurricanes, wildfires,
earthquakes, or any combination thereof.

There are specific natural disasters can severely damage the computer system directly, or avoid
its operations. These includes are as follows −

 It can be local flooding such as fracture of air conditioning or water cooling equipment.
 It can be local landslide, earth quake, subsidence, etc.
 It is used to exceptional weather conditions.

8.Explain the concept and benefits of biometrics system[Oct

19]
Biometrics is a technology used to identify, analyze, and measure an individual’s physical and
behavioural characteristics.
Each human being is unique in terms of characteristics, which make him or her different from
all others. The physical attributes such as finger prints, color of iris(eye,pupil), color of hair,
hand geometry, and behavioral characteristics such as tone and accent of speech, signature, or
the way of typing keys of computer keyboard etc., make a person stand separate from the rest.
This uniqueness of a person is then used by the biometric systems to −

 Identify and verify a person.

 Authenticate a person to give appropriate rights of system operations.
 Keep the system safe from unethical handling.
Benefits of Biometrics System
High security and assurance :
 Biometrics provide increased levels of assurance to providers that a person is real by
verifying a tangible, real-world trait as both something the user has and something the
user is.
 Introducing biometric authentication into the process adds in a road-block for fraudsters
that only a real, authorized user can circumnavigate
User experience is convenient and fast
  it’s incredibly easy and quick. Placing a finger on a scanner and unlocking an account in
seconds is faster than typing out a long password.
 In addition, forgetting a password is a common mistake of most users. The chances of
you forgetting your own biometrics? Never!

Non-transferable

 Biometric authentication requires its input is present upon authorization.

 You can’t transfer or share a physical biometric digitally – the only way to utilize most
biometric authentication systems is with a physical application.

Near spoof-proof

 Biometrics like face patterns, fingerprints, iris scanning, and others are near-impossible to
replicate with current technology.
 There's a one in 64 billion chance that your fingerprint will match up exactly with
someone else's.

Unit 3
9.Explain Model of Cyptography Systems.[Oct 19]

Cryptography is a method of protecting information and communications through the use of

codes, so that only those for whom the information is intended can read and process it.
In computer science, cryptography refers to secure information and communication techniques
derived from mathematical concepts and a set of rule-based calculations called algorithms, to
transform messages in ways that are hard to decipher.
Modern cryptography concerns itself with the following four objectives:
1. Confidentiality The information cannot be understood by anyone for whom it was
unintended.

2. Integrity The information cannot be altered in storage or transit between sender and
intended receiver without the alteration being detected.

3. Non-repudiation. The creator/sender of the information cannot deny at a later stage their

intentions in the creation or transmission of the information.

4. Authentication. The sender and receiver can confirm each other's identity and the
origin/destination of the information.
Types of cryptography
Symmetric key ncryption:
This is the simplest kind of encryption that involves only one secret key to cipher and decipher
information. Symmetric encryption is an old and best-known technique. It uses a secret key that
can either be a number, a word or a string of random letters. It is a blended with the plain text of
a message to change the content in a particular way.
The sender and the recipient should know the secret key that is used to encrypt and decrypt all
the messages. The main disadvantage of the symmetric key encryption is that all parties involved
have to exchange the key used to encrypt the data before they can decrypt it.
Asymmetric Encryption

Asymmetric encryption is also known as public key cryptography, which is a relatively new
method, compared to symmetric encryption. Asymmetric encryption uses two keys to encrypt a
plain text. Secret keys are exchanged over the Internet or a large network. It ensures that
malicious persons do not misuse the keys.
It is important to note that anyone with a secret key can decrypt the message and this is why
asymmetric encryption uses two related keys to boosting security. A public key is made freely
available to anyone who might want to send you a message. The second private key is kept a
secret so that you can only know.
Asymmetric encryption is mostly used in day-to-day communication channels, especially over
the Internet.

10. Explain Digital Signature and its requirements.[Oct 19]

A digital signature is a mathematical technique which validates the authenticity and integrity of a
message, software or digital documents. It allows us to verify the author name, date and time of
signatures, and authenticate the message contents. The digital signature offers far more inherent
security and intended to solve the problem of tampering and impersonation (Intentionally copy
another person's characteristics) in digital communications.

The digital signatures are different from other electronic signatures not only in terms of process
and result, but also it makes digital signatures more serviceable for legal purposes. Some
electronic signatures that legally recognizable as signatures may not be secure as digital
signatures and may lead to uncertainty and disputes.

Requirements of Digital Signature:

1)Digital document signing is becoming standard protocol as businesses process thousands of electronic
transactions each day.
2) when you digitally sign pdf documents it frees you because it prevents you from the hustle of printing
the document, signing, and scanning the document before sending the document
3) Digital signatures significantly reduce the cost associated with the purchase of papers, employment of
personnel, and other stationaries
4)It also helps to protect the environment as the number of trees required to produce paper significantly
reduces as the use of electronic signatures gradually becomes universal.
5) Also, the elimination of costs relating to sending and receiving documents through the courier service
occurs in most cases.
6) Using digital signatures as validation stamps for documents gives you the advantage of having a near
inexhaustible virtual storage space on remote computer servers.

Unit 4
11)Explain the basic concept of Network Security.[Oct 19]

Network security is the security provided to a network from unauthorized access and risks. It is
the duty of network administrators to adopt preventive measures to protect their networks from
potential security threats.
Computer networks that are involved in regular transactions and communication within the
government, individuals, or business require security. The most common and simple way of
protecting a network resource is by assigning it a unique name and a corresponding password.

Types of Network Security Devices

1) Active Devices
These security devices block the surplus traffic. Firewalls, antivirus scanning devices, and
content filtering devices are the examples of such devices.
2) Passive Devices
These devices identify and report on unwanted traffic, for example, intrusion detection
appliances.
3) Preventative Devices
These devices scan the networks and identify potential security problems. For example,
penetration testing devices and vulnerability assessment appliances.

12)Explain Intrusion Detection System and their needs.

Intrusion Detection Systems, also known as Intrusion Detection and Prevention Systems, are the
appliances that monitor malicious activities in a network, log information about such activities,
take steps to stop them, and finally report them.

Intrusion detection systems help in sending an alarm against any malicious activity in the
network, drop the packets, and reset the connection to save the IP address from any blockage.

Intrusion detection systems can also perform the following actions −

• Correct Cyclic Redundancy Check (CRC) errors

• Prevent TCP sequencing issues

• Clean up unwanted transport and network layer options

Needs:
1) Attackers continuously develop new exploits and attack techniques designed to
circumvent your defenses.
2) A network intrusion detection system (NIDS) is crucial for network security because it
enables you to detect and respond to malicious traffic.
3) The primary benefit of an intrusion detection system is to ensure IT personnel is notified
when an attack or network intrusion might be taking place.
 4) A network intrusion detection system (NIDS) monitors both inbound and outbound
traffic on the network, as well as data traversing between systems within the network.
5) The network IDS monitors network traffic and triggers alerts when suspicious activity or
known threats are detected.
6) IT personnel can examine more closely and take the appropriate steps to block or stop an
attack.

14)What is VPN? Explain the use of Tunneling with VPN.

What is VPN?:
VPN stands for the virtual private network. A virtual private network (VPN) is a technology that
creates a safe and encrypted connection over a less secure network, such as the internet.

A VPN provides a secure, encrypted connection between two points. Before setting up the VPN
connection, the two endpoints of the connection create a shared encryption key. This can be
accomplished by providing a user with a password or using a key sharing algorithm.

A Virtual Private Network is a way to extend a private network using a public network such as
the internet.
The name only suggests that it is a Virtual “private network” i.e. user can be part of a local
network sitting at a remote location. It makes use of tunnelling protocols to establish a secure
connection.

Use of Tunneling with VPN:

1) A VPN tunnel is an encrypted link between your computer or mobile device and an
outside network.
2) A VPN tunnel — short for virtual private network tunnel — can provide a way to cloak
some of your online activity.
3) A VPN tunnel connects your smartphone, laptop, computer, or tablet to another network
in which your IP address is hidden and all the data you generate while surfing the web is
encrypted.
 4) By connecting to websites through a VPN tunnel you can help keep hackers, or other
snoops from tracking your online activity or viewing your IP address
5) Hiding your IP address and encrypting the data you send and receive is a powerful
combination to help keep your online browsing sessions private.
6) A VPN tunnel is useful when you’re logging onto the internet using public Wi-Fi at
hotels, coffee shop, or library.

15)What is VPN? Explain the need and types of VPN[Oct

19]
VPN stands for the virtual private network. A virtual private network (VPN) is a technology that
creates a safe and encrypted connection over a less secure network, such as the internet.

A VPN provides a secure, encrypted connection between two points. Before setting up the VPN
connection, the two endpoints of the connection create a shared encryption key. This can be
accomplished by providing a user with a password or using a key sharing algorithm.

A Virtual Private Network is a way to extend a private network using a public network such as
the internet.

Types of VPNs

VPNs are designed to provide a private, encrypted connection between two points – but does not
specify what these points should be. This makes it possible to use VPNs in a few different
contexts:

• Site-to-Site VPN: A site-to-site VPN is designed to securely connect two

geographically-distributed sites. VPN functionality is included in most security gateways today.
For instance a next-generation firewall (NGFW) deployed at the perimeter of a network protects
the corporate network and also serves as a VPN gateway. All traffic flowing from one site to the
other passes through this gateway, which encrypts the traffic sent to the gateway at the other site.
This gateway decrypts the data and forwards it on to its destination.

Needs:

 All traffic flowing over a site-to-site VPN is encrypted.

 Data crossing over the public Internet is encrypted, protecting it against eavesdropping
and modification.
 With site-to-site VPNs, traffic from one LAN to another remains “internal”, meaning that
all sites can use internal addresses for each others’ resources.

• Remote Access VPN: A remote access VPN is designed to link remote users securely
to a corporate network. For instance when the COVID-19 pandemic emerged in 2020, many
organizations transitioned to a remote workforce, and set up secure remote access VPNs from the
remote clients to connect to critical business operations at the corporate site.

Needs:

 Remote access VPNs is data security that extends to remote workers.

 Offsite employees can send data through the VPN without worrying about a hacker
intercepting it, since it’s encrypted
 A remote access VPN is an affordable solution compared to other security options on the
market.

• VPN as a Service: VPN as a Service or a cloud VPN is a VPN hosted in cloud-based

infrastructure where packets from the client enter the Internet from that cloud infrastructure
instead of the client’s local address. Consumer VPNs commonly use this model, enabling users
to protect themselves while connecting to the Internet via insecure public Wi-Fi and provide
some anonymity while accessing the Internet.

Needs:

 Cloud Access: VPNaaS solutions are natively integrated into cloud platforms. This enables
remote workers to have secure, direct access to an organization’s cloud-based resources.

 Global Footprint: VPNs deployed as physical appliances are limited to the locations where
an organization can host these appliances. VPNaaS solutions are implemented in the cloud,
providing them with a global footprint.

 Mobile Support: Traditional VPNs are often clunky and difficult to use on mobile devices.
Many VPNaaS solutions have explicit mobile support that provides improved usability for the
remote workforce.

UNIT 5
16)Explain the Term Cybercrime in Brief[Oct 19]
What is meant by Cybercrime? What falls under the purview of Cybercrime, and what
constitutes the crime? Cybercrime is a criminal activity that mainly targets or involves using a
computer, network associated with a computer, or a connected device Cybercrime is not always
conducted by individuals or hackers but could be done by organizations too.

The primary aim of Cybercrime is to damage computers for-profit – personal or political.

Cybercrime is a broad term that covers a range of illegal activities conducted via the computer
or the Internet.
Examples:
1) Stealing credit card information
 2) Breaking into government websites or manipulating any data or Information
3) Accessing Some private information of another person in illegal manner or way.
Types of Cyber Crime

 Hacking
 Credit card fraud
 Viruses Dissemination
 Cyber terrorism
 Spoofing (Email Spoofing, screen spoofing etc)

17)Explain the concept of Email Tracing and Email Spoofing.[Oct 19]

Email Tracing:
Email tracking is a method for monitoring whether the email messages is read by the intended
recipient. Most tracking technologies use some form of digitally time-stamped record to reveal
the exact time and date that an email was received or opened, as well as the IP address of the
recipient.
 How Email Tracing Works:

1. Email trackers are browser extensions for Chrome, which automatically add a 1x1 pixel
image to the body of the email you send.
2. Once a recipient opens it, their browser requests to get that image from the server where
it is hosted.
3. This request will be parsed, indicating that the email has been opened.
4. You can use this tool for recruitment and link-building to save time and know when to
follow-up with more emails in case the recipient opened the email but never answered.
They could have forgotten to reply, or something could have disturbed their attention.

Email Spoofing:
Email spoofing is the process of sending emails with a forged sender address. It deceives the
recipient into believing that the email is sent by someone they know or trust. It’s usually a
phishing tool designed to take over your online accounts, send malware, or steal money.

 How does email spoofing work?

1. An attacker can spoof emails with a working Simple Mail Transfer Protocol (SMTP)
server and a popular email platform like Outlook or Gmail.
2. When the email arrives in the intended inbox, the email programme reads the contents of
these fields and generates the output that the end-reader sees.
3. If certain information is entered into the appropriate fields, what they see will differ from
what is true, such as the location of the email’s origin.
 4. This is possible because SMTP does not support the authentication of addresses.
Although protocols and methods exist to combat spoofing, their adoption has been slow.

18)Explain data recovery in cyber crime.

Def: Data recovery is a process of recovering deleted, inaccessible, lost, corrupted, damaged, or
formatted data from secondary storage, removable media or files, when the data stored in them
cannot be accessed in a usual way.
The data is most often recovered from storage media such as internal or external hard disk drives
(HDDs), solid-state drives (SSDs), USB flash drives, magnetic tapes, CDs, DVDs, RAID
subsystems, and other electronic devices.
Recovery may be required due to physical damage to the storage devices or logical damage to
the file system that prevents it from being mounted by the host operating system (OS).

How the process of data recovery works is to delve into the most common data
loss scenarios.
Accidental File/Folder Deletion
 Even after a file/folder is deleted, it is actually still in place. It is simply earmarked to be
written over when new files/folders are created.

 For this reason, it’s possible to recover accidentally deleted files/folders with recovery
software. The software looks for these files that still remain after user deletion and gives
them the option of saving them to a location of their choice if they are found.

File System Formatting

 When a data storage device is formatted, you won’t be able to access the files that were
present before formatting. However, this doesn’t mean that those files aren’t recoverable.
Formatting erases the pointers that instruct your operating system on where to find your
files.
 As long as your data storage device isn’t written to before attempting to recover files
after formatting, you should be able to recover your files. Data recovery software can
restore the file system pointers, allowing you to regain access to your files.

Logical Damage of a File System

 A file system may become damaged as a result of a power outage, a software crash, or as
a result of a power failure. This type of damage will result in users being unable to access
their files.
 Many data recovery software tools are capable of repairing this logical damage, giving
users access to their data again.

Hardware Failure
  Unfortunately, if your hard drive has physically failed, you will need to take it to a
professional data recovery shop to try to salvage your data.
 They have the tools needed to attempt this intricate and potentially difficult process.
Software Error
 Software errors can lead to things like accidentally deleted files and corrupted file
systems.
 Luckily, in this case, data can be recovered using data recovery software.

19)What can happen if your website is hacked?

Fraud detection is a process that detects and prevents fraudsters from obtaining money or
property through false means. It is a set of activities undertaken to detect and block the attempt
of fraudsters from obtaining money or property fraudulently. Fraud detection is prevalent across
banking, insurance, medical, government, and public sectors, as well as in law enforcement
agencies
Having your website hacked can be a terrible and distressing experience. However, the damage
can go much further than the distress and inconvenience it causes. And with GDPR coming in
May 2018 it’s more important than ever to keep your website and data secure.
 A Data breach could, in theory, land you with a hefty fine form the ICO (Information
Commissioner’s Office) – although it’s not yet clear how likely it is that these
sanctions will be issued.
 Your website could be blacklisted by Google and other search engines if malicious
code is found on there – and you’ll have to request to be removed from each blacklist
once you can prove your site is clean again.
 You can lose trust from your current clients and customers.
 Your brand’s reputation could be in tatters.
 Your website will obviously have downtime which will lose you sales/leads.
 It can cost a considerable amount of money to get your website cleaned and restored.
 It can be emotionally and mentally traumatic.

20)Explain DOS Attack[Oct 19]

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making
it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with
traffic, or sending it information that triggers a crash. In both instances, the DoS attack deprives
legitimate users (i.e. employees, members, or account holders) of the service or resource they
expected.Victims of DoS attacks often target web servers of high-profile organizations such as
banking, commerce, and media companies, or government and trade organizations. Though DoS
attacks do not typically result in the theft or loss of significant information or other assets, they
can cost the victim a great deal of time and money to handle.

There are three general methods of DoS attacks:

 Buffer overflow attacks – the most common DoS attack. The concept is to send more
traffic to a network address than the programmers have built the system to handle. It
includes the attacks listed below, in addition to others that are designed to exploit bugs
specific to certain applications or networks

 ICMP flood – leverages misconfigured network devices by sending spoofed packets that
ping every computer on the targeted network, instead of just one specific machine. The
network is then triggered to amplify the traffic. This attack is also known as the smurf
attack or ping of death.

 SYN flood – sends a request to connect to a server, but never completes the handshake.
Continues until all open ports are saturated with requests and none are available for
legitimate users to connect to.

Unit 6
21)Explain the features of IT Act 2000 with respect to
cyber law[Oct 19]
Cyber Law also called IT Law is the law regarding Information-technology including computers
and internet. It is related to legal informatics and supervises the digital circulation of information,
software, information security and e-commerce.
IT law does not consist a separate area of law rather it encloses aspects of contract, intellectual
property, privacy and data protection laws. Intellectual property is a key element of IT law

1. All electronic contracts made through secure electronic channels are legally valid.

2. Legal recognition for digital signatures.

3. Security measures for electronic records and also digital signatures are in place

4. A procedure for the appointment of adjudicating officers for holding inquiries under the Act
is finalized

5. Provision for establishing a Cyber Regulatory Appellant Tribunal under the Act. Further,
this tribunal will handle all appeals made against the order of the Controller or Adjudicating
Officer.

6. An appeal against the order of the Cyber Appellant Tribunal is possible only in the High
Court

7. Digital Signatures will use an asymmetric cryptosystem and also a hash function

8. Provision for the appointment of the Controller of Certifying Authorities (CCA) to license
and regulate the working of Certifying Authorities. The Controller to act as a repository of
all digital signatures.

9. The Act applies to offences or contraventions committed outside India

10. Senior police officers and other officers can enter any public place and search and arrest
without warrant

11. Provisions for the constitution of a Cyber Regulations Advisory Committee to advise the
Central Government and Controller.
22) Write a note on IT act 2008[Oct 19]