1)​ Intro to Cyber Space

1. History of the Internet

●​ Origins (1960s - early 1970s):​

○​ 1962: J.C.R. Licklider proposed a global computer network.​

○​ 1965: Lawrence Roberts demonstrated wide-area networking.​

○​ 1969: ARPANET, the first packet-switching network, connected 4 universities.​

●​ Expansion and Protocol Development (1970s - early 1980s):​

○​ 1972: Ray Tomlinson introduced email on ARPANET.​

○​ 1980: TCP/IP protocol was proposed.​

○​ 1983: TCP/IP became the standard.​

●​ NSFNet and Opening Access (1986 - early 1990s):​

○​ 1986: NSFNet created as a backbone for research use.​

○​ 1989: Archie indexed FTP sites.​

○​ 1990: Hytelnet indexed telnet-accessible libraries.​

●​ Web Emergence (1990s):​

○​ 1991: World Wide Web developed by Tim Berners-Lee.​

○​ 1993: Mosaic browser launched.​

○​ 1995: NSF ended funding, opening the Internet to full commercialization.​

2. How the Internet Works

 ●​ Basic Structure:​

○​ Internet is a network of networks.​

○​ Devices connect via ISPs (Internet Service Providers).​

●​ Communication Basics:​

○​ URL tells browsers where to find content.​

○​ Protocols like HTTP, SMTP, and FTP enable communication.​

●​ Domain Names and Hosts:​

○​ Domain names identify networks; hosts identify specific computers.​

○​ URLs may include a path and file after the domain.​

3. Addressing Scheme

●​ IP Addressing:​

○​ IPv4 (32-bit) and IPv6 (128-bit) addresses identify devices.​

○​ IPv4 addresses are being replaced due to exhaustion.​

●​ Address Configuration:​

○​ Static, dynamic, and autoconfiguration (e.g., APIPA) methods used.​

●​ Address Types:​

○​ Unicast, Broadcast, Multicast, Anycast.​

●​ Public vs Private Addresses:​

○​ Public IPs are routable on the internet; private IPs are used internally.​

●​ NAT and IP Translation:​

 ○​ NAT allows multiple devices to share one public IP.​

4. Internet Service Providers (ISPs)

●​ Types of ISPs:​

○​ Access Providers: Offer connectivity via various technologies (DSL, fiber, Wi-Fi).​

○​ Mailbox Providers: Host email services.​

○​ Hosting ISPs: Provide web hosting and online storage.​

○​ Transit ISPs: Backbone internet access for smaller ISPs.​

5. Domain Name System (DNS)

●​ Function:​

○​ Translates domain names into IP addresses.​

○​ Uses hierarchical structure with root, TLD, and authoritative servers.​

●​ TLDs:​

○​ Generic, Country Code, Sponsored, and new TLDs.​

○​ DNSSEC adds security.​

6. World Wide Web (WWW)

●​ Definition:​

○​ A system of interlinked hypertext documents accessed via the HTTP protocol.​

●​ Difference Between Internet and WWW:​

 ○​ Internet is the infrastructure; WWW is a service on the Internet.​

7. Applications of the Internet

●​ Key Applications:​

○​ Communication, Business, Education, Health, Travel, Entertainment, Shopping,

Finance, Online Communities, Long-Distance Computing.

2)​Cyber Crime
1)​ Intro

🔐 Introduction to the Internet and Cyber Crime

●​ Birth of the Internet: Started in the 1960s, initially limited to a small group.​

●​ Public Access: Became a global utility in the mid-1990s.​

●​ Cyber Crime Emergence: With the rise of the Internet, new vulnerabilities emerged.​

💻 Evolution of Cyber Crime

●​ Early Days: Focused on physical damage to systems.​

●​ 1980s Shift: Transitioned to software-based attacks (e.g., viruses).​

●​ Post-1996: Internet became widespread, making users less aware of security risks.​

●​ By 2013: 25 computers per second were falling victim to cyber attacks, impacting 800
million globally.​
🌍 India's Internet Landscape
●​ Third Largest Users: Over 100 million users by June 2011.​

●​ Broadband Connections: 22 million broadband connections by 2011.​

⚠️ What is Cyber Crime?

●​ Definition: Illegal activities involving computers or digital devices.​

🔍 Classification of Cyber Crime

1.​ Insider Attack: Perpetrated by individuals with authorized access.​

○​ Motives: Revenge, greed.​

○​ Prevention: Intrusion detection systems, role-based access management.​

2.​ External Attack: Launched from outside the organization.​

○​ Methods: Malware, data theft, network scanning.​

○​ Prevention: Monitor firewall logs, use IDS tools.​

🧠 Attack Based on Skill & Intent

1.​ Unstructured Attacks: Amateurs with random motives using readily available tools.​

2.​ Structured Attacks: Skilled professionals or groups with specific motives (espionage,
sabotage, corporate theft).​

🏢 Organized Cyber Crime

●​ Characteristics: Low-investment, low-risk, high-reward business with hierarchical
structures.​

●​ Targets: Financial institutions, defense agencies, political entities, pharmaceuticals.​

2) Malware & Types

 1.​ Adware: Forces ads, may slow down systems.​

2.​ Spyware: Tracks data and sends it to remote servers.​

3.​ Browser Hijackers: Alters browser settings, redirects traffic.​

4.​ Virus: Requires human action to activate, can corrupt files.​

5.​ Worm: Self-replicates, spreads autonomously.​

6.​ Trojan Horse: Disguises as legitimate software, creates backdoors.​

7.​ Botnets: Network of compromised machines used for malicious activities.​

8.​ Scareware: Triggers fake alerts to install malware and extort money.​

3) Types of Cyber Crimes

1.​ Cyber Stalking: Harassing or threatening through the internet.​

2.​ Child Pornography: Distribution of explicit content involving minors.​

3.​ Forgery & Counterfeiting: Creating fake documents via computers.​

4.​ Software Piracy & IPR Crimes: Illegal distribution of digital content.​

5.​ Cyber Terrorism: Using computers for political or social intimidation.​

6.​ Phishing: Acquiring sensitive information by impersonating a trusted entity.​

7.​ Computer Vandalism: Destruction or damaging of computer systems.​

8.​ Hacking: Unauthorized access to systems.​

9.​ Spamming: Sending unsolicited bulk messages.​

10.​XSS: Injecting scripts to steal information.​

11.​Online Auction Fraud: Scamming customers through auctions.​

12.​Cyber Squatting: Registering domains to sell at inflated prices.​

 13.​Logic Bombs: Malicious code triggered by specific conditions.​

14.​Web Jacking: Unauthorized access to modify or block content.​

15.​Time Theft: Hacking into ISP accounts for free service.​

16.​DoS Attack: Overloading systems with traffic to make them unusable.​

17.​Salami Attack: Small frauds leading to significant losses.​

18.​Data Diddling: Altering data before it enters a system.​

19.​Email Spoofing: Manipulating email headers to disguise the sender.​

3 ) INFORMATION SECURITY

1. Introduction to Technology & Security

●​ Ubiquitous Technology: Technology is integrated into daily life, increasing the risk of
security issues.​

●​ Security Concerns: With increased reliance on technology, sensitive data faces greater
exposure to risks such as financial loss, data breaches, and reputational damage.​

●​ Historical Context: 30 years ago, security was less of a concern due to limited
technology; today, security issues are more prevalent.​

●​ Slow-Paced Theories: While technology evolves quickly, security theory lags, making it
hard to keep up with new threats.​

●​ Basic Security Knowledge: Understanding the fundamentals of information security is

crucial in managing emerging challenges.​
2. What is Information Security?

●​ Definition: Protecting information and systems from unauthorized access, disruption, or

destruction to maintain confidentiality, integrity, and availability.​

●​ Scope: Includes securing devices like smartphones, tablets, and IT systems, especially
within businesses.​

●​ Security vs. Productivity: Too much security can impair productivity, so there must be a
balance between security measures and operational efficiency.​

●​ Information Assurance: Ensures data is protected in critical situations like disasters,

theft, or malfunctions.​

●​ Legal & Regulatory Compliance: Organizations must adhere to relevant security

standards to avoid legal repercussions.​

3. Cybersecurity Models

●​ CIA Triad: Focuses on:​

○​ Confidentiality: Prevent unauthorized access.​

○​ Integrity: Ensure data is not altered.​

○​ Availability: Ensure systems and data are accessible when needed.​

●​ Parkerian Hexad: Builds on the CIA Triad, adding:​

○​ Possession/Control: Physical access to data.​

○​ Authenticity: Validating data or transactions.​

○​ Utility: Ensuring data is useful.

 ●​ Difference: CIA is simpler, while the Parkerian Hexad is more detailed but less
commonly used.​

4. Attacks

●​ Categories of Attacks:​

○​ Interception: Targets confidentiality.​

○​ Interruption: Affects availability.​

○​ Modification: Affects integrity.​

○​ Fabrication: Impacts integrity and availability.​

5. Threats, Vulnerabilities, and Risk

●​ Threats: External dangers that exploit vulnerabilities.​

●​ Vulnerabilities: Weaknesses in systems that can be exploited.​

●​ Risk: Likelihood of a threat exploiting a vulnerability.​

●​ Impact: Consequences of an attack, e.g., loss of sensitive data.​

●​ Risk Assessment: Identifying and evaluating risks to prioritize mitigation efforts.​

6. Controls

●​ Physical Controls: Safeguards like locks, cameras, and fire suppression systems.​

●​ Logical Controls: Authentication, access control, and software protections.​

 ●​ Administrative Controls: Policies and procedures that guide secure behavior (e.g.,
acceptable use policies).​

7. Defense in Depth

●​ Core Principle: Multiple layers of defense enhance security.​

●​ Purpose: Delays attackers, increases cost for attackers, and compensates for failures in
individual controls.​

●​ Common Layers: Include network firewalls, intrusion detection, application firewalls,

data encryption, etc.​

●​ Penetration Testing: Identifies vulnerabilities from an attacker's perspective.​

●​ Additional Layers: Physical security, administrative policies, and user awareness

programs.​

4 ) Ethical Aspect Of Information

Security

1 Intro

Introduction to Ethics in Information Security

●​ Ethical Theories: Ethics in information security is framed by two major theories:

Consequentialism, where actions are judged by their outcomes, and Deontology,
 where actions are judged by duty regardless of outcomes.​

●​ Key Questions: Ethical dilemmas in information security often revolve around privacy,
legal vs. ethical behavior, and the extent to which personal data should be protected.​

●​ Key Topics:​

○​ Information Privacy​

○​ Modern Privacy Issues (cloud storage, AI, IoT, biometric data)​

○​ Security Tactics (policies, tools, training)​

○​ Email and Web Security​

○​ Physical Security​

2. Computer Security & Ethics

●​ Computer Security: Protects data and systems from unauthorized access,

manipulation, and destruction. Key principles include Confidentiality, Integrity, and
Availability.​

●​ Ethical Issues: Includes balancing the rights of individuals with the need for national
security, potential harms from security breaches, and how overly restrictive or invasive
security measures may violate rights.​

●​ National Security vs. Privacy: Governments may want backdoor access to systems for
cybersecurity, which can conflict with individual privacy concerns.​

3. Ethical Issues in Computer Security

●​ Hacking and Cybercrime: Unethical actions like hacking can lead to serious
consequences such as data theft or disruption.​

○​ Cybercrime includes cybertrespass, cybervandalism, and cyberpiracy.​

●​ Cyberterrorism: A politically motivated form of hacking that causes significant harm to

individuals, systems, or national security.​
 ●​ Moral Responsibilities of IS Professionals: Security professionals have a duty to
safeguard data while considering ethical dilemmas related to rights, harm, and law.​

4. Information Privacy & Ethics

●​ Privacy Importance: Privacy protects individuals from harm, supports autonomy, and is
vital for democratic rights. It must balance against other societal interests like national
security.​

●​ Surveillance: The rise of digital surveillance tools has made privacy more challenging,
as personal data is collected, analyzed, and potentially exploited without consent.​

●​ Ethical Considerations: Ensuring that privacy protections are built into technology, and
balancing privacy with the need for surveillance, is a key issue.​

5. Privacy Issues in Modern Data Management

●​ Internet Privacy: Unconsented posting, tracking, and data aggregation of personal

information raises ethical concerns.​

●​ Record Merging & Data Mining: Combining different data sources or using AI to mine
personal data poses risks to privacy and can lead to discrimination or profiling.​

●​ Biometric Identification: The use of biometrics for identification raises concerns about
bodily privacy and the loss of anonymity.​

●​ Ubiquitous Computing: The increasing use of connected devices can lead to persistent
surveillance, blurring the line between private and public life.​

6. Tactics to Ensure Computer Security & Maintain Privacy

●​ Best Practices for Privacy and Security: Regularly back up data, use encryption,
employ strong passwords, secure mobile phones, and stay anonymous online with tools
like VPNs and Tor.​

●​ Physical Security: Secure your workspace and devices, and always delete sensitive
information securely.​

Key Takeaways:
 ●​ Ethical behavior in information security goes beyond simply following the law; it involves
making thoughtful decisions about privacy, rights, and potential harms.​

●​ Privacy is essential for autonomy, freedom, and democracy but is increasingly under
threat due to advancements in digital surveillance and data tracking.​

●​ Information security professionals play a crucial role in balancing security and privacy,
and they need to be trained to handle the ethical dilemmas they may face.​

5 ) Choosing Best Browser

According To Conditions

Check Your Computer's Age/Specs: Ensure your computer or device is compatible with the
browser you choose.​

Define Your Ideal Browser: Consider what features you need (e.g., simplicity, bookmarks, web
feeds, etc.).​

Know Your Platform: Make sure the browser is available for your operating system (e.g.,
Windows, OS X, iPhone).​

Research Browsers: Popular options include Safari, Firefox, Opera, Konqueror, Seamonkey,
Flock, etc. Each has unique features.​

Compare Browser Features: Match browser features to your needs and preferences.​

Consider Low-Memory Browsers: If your computer has low memory, consider options like Off
By One or Dillo.​

Consider Text-Based Browsers for Speed: For maximum speed, consider ELinks.​

Check for Add-ons/Extensions: Ensure the browser allows adding features or extensions
(e.g., Firefox).​

Download and Install: Once you’ve made your choice, install the browser and start using it.
6 ) Securing Web Browser

1.​ Update Regularly: Keep your browser up to date to patch security vulnerabilities.​

2.​ Enable Browser Security Features: Use built-in security features like pop-up
blockers, tracking protection, and anti-phishing tools.​

3.​ Install Antivirus/Anti-Malware: Use security software to protect against malicious

attacks.​

4.​ Use HTTPS: Ensure websites use HTTPS for secure communication and avoid
HTTP.​

5.​ Use Strong Passwords: Use strong, unique passwords and consider a password
manager.​

6.​ Disable Unnecessary Plugins/Extensions: Limit the use of browser extensions and
plugins to minimize vulnerabilities.​

7.​ Clear Cache and Cookies Regularly: Regularly clear browsing history, cache, and
cookies to protect privacy.​

8.​ Enable Two-Factor Authentication: Enable two-factor authentication for accounts

that support it to add an extra layer of security.​

9.​ Avoid Suspicious Links and Downloads: Be cautious of clicking on suspicious

links or downloading unknown files.

7) AntiVirus
 Avast Antivirus: Anti-spyware, anti-rootkit, web shield, automatic updates.​

AVG Antivirus: Basic antivirus, anti-spyware, safe surf feature.​

Avira AntiVir Personal: Virus, worm, Trojan protection, anti-rootkit, anti-phishing.​

BitDefender Free Edition: On-demand virus scanner, scheduled scanning.​

Blink Personal: Antivirus, anti-spyware, firewall, identity protection (1 year).​

Calmwin Antivirus: Open-source, high detection rates, no real-time scanning.​

Comodo Antivirus: Virus detection, on-access scanning, host intrusion detection.​

Moon Secure Antivirus: Multiple scan engines, firewall, rootkit prevention.​

PCTools Antivirus: Virus, worm, Trojan protection, file and email guard.​

Rising Antivirus: Virus, Trojan, worm, rootkit protection, smart updates.​

Threatfire Lite: Real-time behavior-based malware detection, quarantine.

8) Email Security

1.​ Email Usage: Quick, efficient communication, but tone can be misunderstood; best for
straightforward topics.​
2.​ Access Methods: Use applications (e.g., Outlook, Thunderbird) or webmail services
(e.g., Gmail, Yahoo).​

3.​ Security Risk: Emails are readable during transmission, so they can be intercepted.​

4.​ Secure Email Providers:​

○​ Gmail: Secure with HTTPS, but Google scans content and may share data.​

○​ Riseup: Highly secure, strict privacy policies, no commercial interests, but

requires invite codes.​

5.​ Email Security:​

○​ Use SSL connections (e.g., Gmail via HTTPS).​

○​ Ensure both sender and recipient use secure email services for full privacy.​

6.​ Security Tips:​

○​ Avoid opening unknown email attachments.​

○​ Use updated antivirus software.​

○​ Use Tor for anonymity.​

○​ Avoid using personal info in your email account.​

7.​ Spam Prevention:​

○​ Guard your email address, avoid replying to spam, use spam filters.​

○​ Be cautious with subject lines to avoid being marked as spam.​

8.​ Beware of Scams:​

○​ Avoid emails claiming urgent action needed for accounts (bank, eBay, etc.).​

○​ Be cautious if you receive unusual requests from known contacts (e.g.,

emergency money requests).​

9.​ Invalid Security Certificates: Be wary of browser warnings about invalid

certificates—could indicate interception.​
 9) GuideLines For Security
Passwords

Basic Tips for Strong Passwords:

1.​ Length: Use at least 8 characters. The longer, the better (up to 15+ characters).​

2.​ Complexity: Mix upper and lowercase letters, numbers, symbols, and punctuation
marks.​

3.​ Randomness: Avoid dictionary words, and don’t use simple patterns or predictable
sequences.​

4.​ Uniqueness: Never reuse the same password across multiple sites or accounts.​

Things to Avoid:

●​ Simple variations of words (e.g., "apple1" or "password123").​

●​ Repeated words (e.g., "appleapple").​

●​ Reversing or rearranging words (e.g., "elppa" or "1234abcd").​

●​ Key sequences (e.g., "qwerty", "abcdef").​

●​ Substituting letters for numbers (e.g., "z3r0-10v3").​

Tips for Choosing Passwords:

1.​ Memorability: Pick a password that you can remember but others can't guess easily.​

2.​ Typing Speed: Choose a password that is easy for you to type without looking over your
shoulder.​
3.​ Password Generators: Use secure password generator software to create strong
passwords.​

Bad Password Examples:

●​ "fred8" (too short, based on a name).​

●​ "christine" (personal name, easy to guess).​

●​ "gandalf" (a common word, easily guessed).​

Good Password Examples (Created by You, Not Shared Here):

●​ Create passwords by using phrases you can remember, such as "mItWdOtW4Me" (a

phrase from a meaningful sentence).​

Password Protection Guidelines:

1.​ Don't store passwords insecurely: Avoid saving them in unencrypted files or password
caches.​

2.​ Never share passwords: Even system admins should not ask for them.​

3.​ Don't send passwords via email: Use secure channels for sharing sensitive data.​

4.​ Lock password storage: If you write passwords down, store them securely (e.g., in a
locked drawer or encrypted document).​

Ways Hackers May Obtain Your Password:

1.​ Shoulder Surfing: Someone may look over your shoulder while you enter the password.​

2.​ Guessing: Many people use easily guessable information (e.g., names, birthdays).​

3.​ Brute Force Attacks: Automated systems trying every possible combination of
characters.​

4.​ Dictionary Attacks: Using word lists or commonly used passwords to guess your
password.​
 How to Remember Your Passwords:

●​ Use a password manager (secure, encrypted storage for passwords).​

●​ Create memorable phrases or combine unrelated words with symbols (e.g.,

"seat%tree").​

Changing Your Password:

●​ Change it regularly, ideally once a month, or if you suspect it may be compromised.​

●​ Do not reuse passwords.​

By following these guidelines, you can significantly enhance your password security and protect
your digital life.

10) 2 Step Authentication

Here’s a guide on how to set up Two-Step Verification (2SV) for your Gmail account,
adding an extra layer of security to your login process.

Method 1: Text Message or Voice Call

1.​ Choose your preferred verification method (Text message or Voice call). You’ll
receive a code via text or a phone call.​

2.​ Go to Google’s "My Account" page: https://myaccount.google.com/.​

3.​ Sign in to your Google account (if you're not already signed in).​

4.​ Click on “Sign-in & Security” on the left side.​

5.​ Scroll down and select “2-Step Verification”. If it’s already on, you can add this
method as a backup.​

6.​ Click “GET STARTED” at the bottom-right of the page.​

7.​ Enter your Google account password to confirm your identity.​

8.​ Enter your phone number: Choose the phone you want to use for receiving
verification codes.​

9.​ Select your preferred method: Choose either Text message or Phone call to
receive the code.​

10.​Click “Next”, and Google will send you a code.​

11.​Retrieve the code from your text or phone call.​

12.​Enter the code on the page and click “Next”.​

13.​Click “TURN ON” to enable two-step verification.​

Method 2: Google Prompt (Best for Android Devices)

1.​ Choose Google Prompt: This method sends a prompt to your phone, asking if
you’re signing in. Tap Yes to confirm.​

2.​ Go to Google’s "My Account" page: https://myaccount.google.com/.​

3.​ Click on “Sign-in & Security”.​

4.​ Select “2-Step Verification”.​

5.​ Click “GET STARTED”.​

6.​ Enter your Google account password.​

7.​ Scroll down to “Choose another option” and select Google Prompt.​

8.​ Ensure your phone is listed under devices and click Try It Now.​

9.​ Tap “Yes” on your phone to approve the sign-in.​

10.​Choose a backup option: This is important in case you lose access to the Google
Prompt (e.g., use text message or a voice call).​

11.​Click “Turn On” to enable two-step verification.​

 Method 3: Authenticator App

1.​ Choose an Authenticator App: Google recommends using apps like Google
Authenticator or Authy. These apps generate time-based codes for sign-ins.​

2.​ Go to Google’s "My Account" page: https://myaccount.google.com/.​

3.​ Click on “Sign-in & Security”.​

4.​ Select “2-Step Verification”.​

5.​ Click “GET STARTED”.​

6.​ Enter your Google account password.​

7.​ Click on "Set Up" under the Authenticator app option.​

8.​ Choose your phone type (Android or iPhone).​

9.​ Scan the QR code displayed on the screen with the Authenticator app.​

10.​Enter the code generated by the app and click Verify.​

11.​Click “Done” to finalize the setup.​

Important Tips

●​ Backup Verification: It’s highly recommended to have a backup verification

method (text message, voice call, or backup codes).​

●​ Password Updates: Even with 2-step verification, you should still periodically
change your password.​

●​ Revoke Access: If you ever suspect your account is compromised, click REVOKE
ALL on the 2-Step Verification page to clear all devices.​

●​ Safety First: Never share your verification code or backup codes with anyone. If
you do accidentally give them away, immediately disable and reset your 2-step
verification.​

Warnings
 ●​ If you lose access to your phone or backup methods, contact Google support.​

●​ If you receive a login prompt you didn’t initiate, change your password
immediately.​

●​ Google will never ask you for your verification code—if someone does, it’s a
scam.​

By setting up two-step verification, you’re making sure your Gmail account is much
harder to compromise!

11) Using Password Manager

Here are the main points for your exam based on the content about using password managers:

1. Importance of Password Management:

●​ Passwords are essential for security and protecting data.​

●​ Identity theft is a major concern when passwords are compromised.​

●​ Good password management is crucial to prevent unauthorized access.​

2. What is a Password Manager?

●​ A password manager is software that helps store and manage passwords securely.​

●​ It encrypts passwords and other sensitive data, requiring only one master password for
access.​

3. Why Use a Password Manager?

●​ Solves the problem of remembering multiple passwords.​

●​ Prevents the need for the “Forgot password?” routine.​

●​ Stores critical login information for various websites securely.​

4. How Password Managers Work:

●​ Online vs Local Storage: Online password managers store data in the cloud; local ones
store it on a device.​

●​ Some use removable media or two-factor authentication for added security.​

5. Types of Password Managers:

●​ KeePassX: Open-source, cross-platform, with strong encryption (AES or Twofish).

Features include a password generator, two-factor authentication, and portability.​

●​ Clipperz: Web-based, open-source, encrypted using JavaScript, no installation needed.​

●​ Password Gorilla: Cross-platform, open-source, encrypts data with Twofish. Features

include automatic locking, portable, and supports group organization.​

●​ Gpassword Manager: Lightweight, cross-platform, stores passwords securely, allows

quick access via system tray.​

●​ Password Safe: Open-source, simple GUI, encrypted with Twofish. Supports multiple
databases and advanced search.​

6. Key Features to Look for in Password Managers:

●​ Encryption: Strong encryption protocols (256-bit or higher) for security.​

●​ Password Generators: Helps create strong, random passwords.​

●​ Auto-fill: Automatically enters credentials into websites.​

●​ Two-Factor Authentication: Enhances security by requiring multiple forms of

verification.​

●​ Portability: Ability to use the manager on various devices.​

●​ Backup and Recovery: Ensures data is not lost.​

●​ User-Friendly Interface: Makes it easy to organize and retrieve passwords.

 12) Wifi Security
1. Wi-Fi Security Risks:

●​ Many Wi-Fi devices are vulnerable due to their default configuration.​

●​ Unsecured access points (APs) allow hackers to connect and perform illegal activities
like sending malicious emails, downloading confidential data, and spreading malware.​

●​ Users are legally responsible for securing their own Wi-Fi networks to avoid misuse by
attackers.​

2. Real Incidents:

●​ Hackers stealing private emails from luxury hotels in the US via unsecured Wi-Fi.​

●​ Terrorists using unsecured Wi-Fi for communication before the 2008 Delhi blasts.​

3. Types of Attacks on Wireless Networks:

●​ Denial of Service (DoS) Attack: Prevents legitimate users from accessing the network.​

●​ Man-in-the-Middle (MITM) Attack: Attackers intercept and manipulate data transmitted

between users and access points.​

●​ WarDriving: Tracking unprotected Wi-Fi hotspots while moving in a vehicle to find

unsecured networks for attacks.​

4. How Attacks Happen in Wi-Fi Networks:

●​ Physical Layer DoS: Attackers generate noise on the same frequency band as the
access point to block connections.​

●​ Spoofing the Access Point: Attackers set up an AP with the same SSID, tricking users
into connecting, and then gather packets to crack the encryption.​

5. Tips for Wi-Fi Security:

●​ Enable Encryption: Always use encryption protocols like WPA/WPA2 instead of WEP.​

●​ Enable MAC Address Filtering: Only allow authorized devices to connect based on
their MAC address.​

●​ Avoid Dynamic IPs: Use static IP addresses for better control and security.​

6. Guidelines for Securing Wi-Fi Communications:

●​ Use Strong Passwords: At least 15 characters with a mix of uppercase, lowercase,

numbers, and symbols. Change encryption keys frequently.​

●​ Maximize Key Size: Larger encryption keys take longer to crack.​

●​ Isolate Networks: Use a firewall and antivirus gateway to protect the wired network from
compromised Wi-Fi clients.​

●​ Change Default Admin Passwords: Always change default credentials for your router
to prevent unauthorized access.​

●​ Shutdown When Not in Use: Turn off the access point during extended periods of
inactivity to prevent brute force attacks.​

●​ Do Not Broadcast SSID: Hide the network name (SSID) to prevent unauthorized users
from discovering it.​

●​ Update Firmware Regularly: Ensure the access point’s firmware is up to date to close
security vulnerabilities.​

●​ Use VPN or IPsec: Protect critical communications with a VPN or IPsec to secure data
from potential sniffers.​

●​ Disable DHCP: If there are fewer users, disabling the DHCP service prevents
unauthorized devices from automatically connecting to the network.

13) Guidelines For Social

Media Security
 1. History of Online Communities:

●​ Early online communities included bulletin boards and email lists.​

●​ Modern social networking sites allow sharing messages, pictures, files, and real-time
updates about your activities and location.​

2. Risks of Social Networking Sites:

●​ Privacy Concerns: Information shared on social networking sites can be accessed by

others, even people you don’t know.​

●​ Data Collection: Social networking sites collect personal data and sell it to third-party
advertisers, making privacy a significant concern.​

3. Social Networking Sites as a “Party”:

●​ Analogy: Think of social networking sites as a party with people you know and others
you don’t. Sharing personal information in such a space can make it accessible to
unintended parties.​

4. Privacy Limitations:

●​ Site Ownership: Social networking sites are owned by private companies that profit
from your data.​

●​ Privacy Settings: While privacy settings protect you from other members, they don’t
shield your data from the owners of the platform.​

5. Special Considerations for Sensitive Information:

●​ Individuals working with sensitive information, such as human rights advocates, must be
extra cautious about what they share.​

●​ Revealing too much about yourself or others can expose you to risks.​

6. Precautionary Measures:
 ●​ Understand Vulnerabilities: Before using social networking sites, understand the
privacy and security risks.​

●​ Protect Your Information: Take steps to safeguard both your personal information and
the information about others, especially if you work in sensitive fields.​

These points emphasize the need for caution when using social networking sites, especially
regarding privacy and the potential for data misuse.

14) Tips & Practice for safer &

social networking

✅ General Tips for Safer Social Networking:

●​ Ask Critical Questions before posting:​

○​ Who can see this information?​

○​ Who controls and owns it?​

○​ Am I sharing someone else’s information?​

○​ Do I trust everyone in my network?​

●​ Use Strong, Unique Passwords and change them regularly.​

●​ Understand and configure privacy settings to restrict who sees your data.​

●​ Use HTTPS instead of HTTP for secure communication.​

●​ Avoid logging in from public/shared computers; clear your history if you must.​
 🔒 Managing Personal Information:
●​ Avoid posting sensitive data like:​

○​ Birthdate, phone numbers, address​

○​ Family details​

○​ Employment or education history​

●​ Revealing too much can lead to identity theft, monitoring, or even harassment.​

👥 Friends, Followers, and Connections:

●​ Only connect with people you trust.​

●​ Be cautious with unknown members of online communities.​

●​ Your information becomes more exposed with every new connection.​

📢 Status Updates:
●​ Know who can see your posts.​

○​ Use options like “Friends Only” on Facebook, or “Protect Tweets” on Twitter.​

●​ Even private posts can be shared or screenshotted.​

●​ Avoid posting controversial or emotional statements—many people have faced

consequences like losing jobs.​

🔗 Sharing Links and Content:

●​ Think about how a shared link might attract government or hostile attention.​
●​ Always review privacy settings on shared posts.​

📍 Location Sharing:
●​ Be cautious with GPS/location tagging.​

●​ Photos/videos may have embedded location data (metadata).​

●​ Check and disable location settings if unnecessary.​

📸 Photo and Video Sharing:

●​ Always get consent before posting pictures/videos of others.​

●​ Be aware that metadata can reveal time, date, and place.​

●​ Photos can accidentally expose identities and private information.​

💬 Instant Messaging and Chats:

●​ Most social network chats are insecure.​

●​ Use HTTPS as a minimum, but prefer tools like Pidgin with OTR plugin for encrypted
chats.​

🧑‍🤝‍🧑 Groups, Events, and Communities:

●​ Joining a group may reveal your affiliations (e.g., political, sexual orientation).​

●​ Be cautious when creating groups—others who join may be exposed to risks too.​
●​ Consider how group membership could be used against someone in a hostile
environment.​

15) Basic Securities For

Windows

🛡️ BASIC SECURITY FOR WINDOWS – KEY POINTS

🔹 1. Introduction
●​ Windows is the most widely used consumer OS, often pre-installed.​

●​ It is also the most targeted by malware due to its popularity.​

●​ Closed-source: Users can't verify the security; must trust Microsoft.​

●​ Guide is based on Windows 10, with relevance for Windows 7 and 8.1.​

🔹 1.0. Alternatives to Windows

●​ Mac OS X (Apple) and GNU/Linux (open source) are main alternatives.​

●​ GNU/Linux distributions (Ubuntu, Mint, Fedora, etc.) are free, auditable, and run on
most Windows-compatible machines.​

🔹 2. Privacy-Enhancing Settings
🖥️ When Installing Windows:
●​ Avoid "Express Settings": Choose [Customise settings] instead.​

●​ Turn OFF most data-sharing options except for SmartScreen (security tool).​

●​ Use "NEXT" to move through setup, prioritizing privacy over convenience.​

🛠️ If Windows Is Already Installed:

🧾 General Tab
●​ Turn OFF all tracking and advertising options.​

●​ Use Microsoft ad settings link to disable personalized ads.​

📍 Location Tab
●​ Turn OFF location access and clear location history.​

●​ Disable individual apps from accessing your location.​

📷 Camera Tab
●​ Turn OFF general camera access and restrict apps.​

🎙️ Microphone Tab
●​ Turn OFF general microphone access and restrict apps.​

💬 Speech, Inking & Typing

●​ Do not enable "Get to know me" feature.​

●​ Turn OFF options collecting personal speech/text data.​

👤 Account Info Tab

●​ Turn OFF app access to name, picture, account info.​
 📇 Contacts Tab
●​ Disable individual app access to your contacts.​

📅 Calendar Tab
●​ Turn OFF calendar access for apps.​

📞 Call History Tab

●​ Turn OFF call history access for apps.​

📧 Email Tab
●​ Turn OFF app access to emails.​

📨 Messaging Tab
●​ Selectively restrict apps from reading/sending messages.​

📡 Radios Tab
●​ Turn OFF app control of radios (e.g., Bluetooth, Wi-Fi).​

📲 Other Devices Tab

●​ Turn OFF syncing with other devices.​

📝 Feedback & Diagnostics Tab

●​ Set to:​

○​ Never ask for feedback.​

○​ Send only Basic diagnostic info.​

⚙️ Background Apps
●​ Turn OFF all unnecessary background apps to reduce tracking and improve
performance.
16) User Account Password For
Windows

User Account Password & Access Control

Always use a password for your Windows account to prevent unauthorized access.

Use unique user accounts for each person.

Check if password is set by pressing Windows + L; if it asks for a password, it's set.

To set a password: Go to Settings → Accounts → Sign-in options → Add password.

To add new user accounts: Settings → Accounts → Family & other users → Add
someone else to this PC.

2.3. Screen Lock

Enable automatic screen lock:

Search “Change screen saver” → Enable “On resume, display logon screen” → Set
timeout (e.g., 3 minutes).

3. Security
3.1. System Updates (Windows 7–8.1)

Go to Windows Update from the Start menu.

Enable automatic updates and schedule them for daytime hours (e.g., 5:00 PM).

Enable all update-related checkboxes to stay protected.

3.2. Windows Firewall

Go to Control Panel → Windows Firewall.

Make sure it’s turned ON for both Private and Public networks.

3.3. Removing Bloatware

Go to Add or Remove Programs.

Uninstall unknown, non-Microsoft software.

Avoid software with no publisher name.

4. Avoiding Malware

4.1. Windows SmartScreen

Go to Control Panel → System and Security → Security and Maintenance.

Enable “Get administrator approval before running unrecognized apps”.

4.2. Windows Defender

Go to Control Panel → Security and Maintenance.

Use Scan now to check for malware.

Keep virus definitions updated.

4.3–4.5. File Visibility

Enable viewing file extensions to spot suspicious files (.exe, .bat).

Enable hidden files and system files to detect malware hiding in USB drives.

4.6. Disable AutoPlay

Search for AutoPlay settings → Turn off “Use AutoPlay for all media and devices”.

5. Full-Disk Encryption with BitLocker

Use BitLocker to encrypt the entire system drive.

If TPM chip is not present:

Use Group Policy Editor (gpedit.msc) to allow BitLocker without TPM.

Always save the recovery key securely (preferably on USB).

Restart the computer and enter your BitLocker password to complete setup.

Alternatives to BitLocker

Use VeraCrypt or DiskCryptor for open-source full disk encryption.

✅ USER ACCOUNT PASSWORD

●​ Use a unique password for each Windows account.​

●​ Shortcut to check password protection: Press Windows + L. If it asks for a

password, the account is protected.​

●​ Set a password:​

○​ Go to Start → Settings → Accounts → Sign-in options → Add Password​

○​ Enter a strong password, re-enter it, and click Next.​

✅ ADD NEW USER ACCOUNTS / GUEST ACCOUNT

●​ Path: Settings → Accounts → Family & other users → Add someone else to this
PC​

●​ Choose “I don’t have this person’s sign-in info” → “Add a user without a Microsoft
account”​

●​ Enter username, password, and a hint​

●​ Click Next to finish​

✅ SCREEN LOCK
 ●​ Prevent unauthorized physical access when you're away.​

●​ Auto-lock after inactivity:​

○​ Search for “Change screen saver”​

○​ Enable “On resume, display logon screen”​

○​ Set timeout (e.g., 3 minutes) → Click OK​

✅ SYSTEM UPDATES (Windows 7–8.1)

●​ Search for “Windows Update”​

●​ Turn on automatic updates​

●​ Change time for updates (e.g., 5:00 PM instead of 3:00 AM)​

●​ Enable checkboxes for:​

○​ Recommended updates​

○​ Allow all users to install updates​

○​ Updates for Microsoft products (e.g., Office)​

✅ WINDOWS FIREWALL
●​ Protects against unauthorized internet access.​

●​ How to check/enable:​

○​ Search for Firewall​

○​ Go to “Turn Windows Firewall on or off”​

○​ Ensure it’s ON for both Private and Public networks​

✅ REMOVING BLOATWARE
●​ Bloatware = Unnecessary software pre-installed by manufacturers (e.g., Superfish)​

●​ Steps to remove:​

○​ Search for “Add or Remove Programs”​

○​ Identify non-Microsoft or unknown software​

○​ Uninstall those using the Uninstall button

17) Introduction To Mobile

Phone & smart phone security
Introduction to Mobile Phones:​

●​ Smartphones are powerful and widely accessible technologies with various

security challenges, including threats related to portability, location tracking, and
insecure networks.​

Operating Systems:​

●​ Most smartphones use Android or iOS. Android devices often come with
customized software, while iOS is more restrictive with apps, making it harder to
install non-approved applications.​

●​ Operating system updates are crucial, especially for Android phones, to avoid
security flaws.​

Branded and Locked Smartphones:​

 ●​ Smartphones may be locked to specific carriers, restricting functionality and
potentially compromising security. Unlocked phones are generally safer but more
expensive.​

Basic Security Setup:​

●​ Smartphones offer settings that can improve security. Paying attention to device
configuration is important for protecting data.​

Installing and Evaluating Applications:​

●​ The safest way to install apps is via official stores (Google Play for Android, App
Store for iOS). Be cautious of downloading from unknown sources, as these can
contain malware.​

●​ Apps require specific permissions; always evaluate whether these permissions

make sense for the app’s function.​

Mobility and Information Vulnerability:​

●​ Mobile phones often contain sensitive information that can be compromised if the
device is lost or stolen.​

Storing Information on Your Smartphone:​

●​ Modern smartphones offer significant storage but are vulnerable if not properly
protected.​

Device and Data Encryption:​

●​ Both iOS and Android offer encryption to protect device data. It’s important to
enable encryption and back up data before doing so. Keep the device off when
crossing borders for stronger security.​
Recording Passwords Safely:​

●​ Use encrypted tools like KeePassDroid (Android) or MiniKeePass (iOS) to store

and manage passwords securely.​

Best Practices for Physical Phone Security:​

●​ Keep the phone with you at all times and use strong screen lock codes.​

●​ Regularly back up important data and avoid storing sensitive information on SIM
cards.​

●​ Secure your phone number with a PIN or password with your mobile carrier to
prevent unauthorized access.​

●​ Consider placing a removable sticker over the camera to prevent potential

surveillance.
●​ Protecting Against Theft and Loss:​

○​ Record your phone's IMEI number for identification in case of theft.​

○​ Use anti-theft features like “Find My Phone” on Android and iOS to track or
disable your phone.​

○​ Remove and destroy SIM cards and memory cards when disposing of or
selling your phone to protect data.​

●​ Privacy and Surveillance Risks:​

○​ Mobile phones are susceptible to tracking by service providers and

governments due to constant communication with cell towers.​

○​ Calls and messages are often unencrypted, exposing them to interception

by third parties (e.g., IMSI catchers).​

○​ Phones can be remotely activated to listen in on conversations.​

●​ Ensuring Secure Communication:​

○​ Use encrypted messaging apps like Signal to secure your text, voice, and
video communications.​
 ○​ For secure email communication, use GPG encryption and ensure device
encryption is enabled.​

●​ Anonymity Challenges:​

○​ True anonymity on mobile phones is difficult, especially with phones linked

to your identity via phone numbers.​

○​ Using disposable phones or prepaid SIM cards can offer temporary

anonymity but requires strict precautions.​

●​ Internet Security:​

○​ Use VPNs or Tor to secure your internet traffic, especially on public or

untrusted networks.​

●​ Media Privacy:​

○​ Use tools like ObscuraCam to remove metadata and blur faces in sensitive
photos and videos.​

●​ General Best Practices:​

○​ Regularly check your phone for malware or unusual behavior.​

○​ Disable unnecessary features like Bluetooth and NFC when not in use.​

○​ Be cautious when connecting to untrusted Wi-Fi networks.​

These steps will help you protect your phone, communications, and sensitive
information from theft, eavesdropping, and unauthorized access.

18) Android
Security Settings for Android:

1. Access to Your Phone

 ●​ SIM Card Lock: Enable PIN protection for the SIM card, ensuring no phone
calls can be made without the PIN.​

●​ Screen Lock: Set a code, pattern, or password to lock your phone’s

screen. The PIN or Password option is recommended.​

●​ Security Lock Timer: Automatically lock the phone after a specific time of
inactivity.​

2. Device Encryption

●​ Turn on device encryption if your device uses Android 4.0 or newer. This
requires a screen lock password first. Ensure the phone is fully charged
and plugged in during encryption.​

3. Network Settings

●​ Wi-Fi and Bluetooth: Turn off by default and disable tethering/hotspot when
not in use.​

●​ NFC: Switch off manually if supported by the device.​

4. Location Settings

●​ Location Services: Turn off Wi-Fi, GPS, and mobile data by default to
reduce the risk of tracking and save battery.​

5. Caller Identity

●​ To hide your caller ID, go to Phone Dialer > Settings > Additional
Settings > Caller ID and select Hide Number.​

6. Software Updates
 ●​ System Updates: Go to Settings > About phone > Updates to check for
updates.​

●​ App Updates: Open Play Store and select My Apps to update apps.​

●​ Important Note: Update software from trusted locations like home Wi-Fi.​

Recommended Android Apps for Security:

Encryption & Secure Communication Apps:

●​ APG: Encrypt/decrypt files or emails using public key cryptography or a

passphrase.​

●​ ChatSecure: Encrypted Instant Messaging with OTR support for IM

conversations.​

●​ K-9 Mail + APG: GnuPG encrypted email client.​

●​ Signal: Encrypted messaging and voice calls over the internet.​

Password Management & Privacy Apps:

●​ KeePassDroid: Secure password management tool.​

●​ Notecipher: Encrypted note-taking app for storing notes with a

passphrase.​

●​ Obscuracam: App for blurring/deleting faces in photos for privacy

protection.​

Anonymity & VPN Apps:

 ●​ Orbot: App to route internet traffic through the Tor network, increasing
anonymity.​

●​ Orweb: Browser to use with Orbot for anonymous web browsing.​

●​ OpenVPN for Android: Tunnel apps over OpenVPN-based VPNs for

secure internet traffic.​

Anti-Theft & Security Apps:

●​ Cerberus: Anti-theft solution for locating and remotely locking or wiping your
phone.​

●​ Avira: Anti-virus software that also includes phone locator and security
features.​

●​ Panic Button: Sends an SMS to predefined contacts in case of danger.​

●​ Applock: App for locking individual apps with an additional password for
added security.​

For Rooted Devices:

●​ AFwall+: Firewall to control which apps can access the internet.​

●​ SnoopSnitch: Monitors mobile network security and detects threats like

IMSI catchers.​

●​ X-Privacy: Prevents apps from leaking sensitive information such as

contacts and location.​

19) IOS
 iOS Security: How to Encrypt Your iPhone

If you have an iPhone 3GS or later, iPod Touch (3rd generation or later), or any iPad, you can
encrypt your device's contents. This ensures that if someone gains physical access to your
device, they will need your passcode to decrypt the data (e.g., contacts, texts, emails, call logs).

Here's how to enable encryption and enhance security on your iPhone:

Encryption Basics:

●​ Most Apple devices encrypt content by default with varying levels of protection. To
ensure this encryption is tied to a passcode, follow these steps:​

Steps to Set a Passcode (iOS 4–iOS 7):

1.​ Open Settings > General.​

2.​ Tap Passcode (or iTouch & Passcode).​

3.​ Follow the prompts to set up a passcode.​

For iOS 8–iOS 11:

1.​ Open the Settings app.​

2.​ Tap Touch ID & Passcode.​

3.​ Follow the prompts to create a passcode.​

Important:

●​ For iOS 8 and later, disable Simple Passcode to create a longer code (e.g., 6 digits or
alphanumeric).​

●​ Choose a strong alphanumeric passcode (letters and numbers) as it’s harder to crack.​

Passcode Settings:

●​ Set the “Require passcode” option to “Immediately” so your device locks instantly
when not in use.​
●​ Scroll down in the Passcode Settings to verify that “Data protection is enabled,”
meaning encryption is tied to your passcode.​

Backup Encryption:

●​ iTunes Backup: By default, iTunes doesn’t encrypt backups. To encrypt:​

1.​ Connect your device to iTunes.​

2.​ On the Summary tab, check Encrypt iPhone Backup.​

3.​ Set a strong backup password.​

●​ iCloud Backup: iCloud backups are encrypted, but Apple holds the encryption keys. For
extra protection, use a strong passphrase for your iCloud account. If law enforcement
requests data, Apple can potentially access your iCloud data.​

Security Features:

●​ Erase Data on Failed Attempts: Set your device to erase all its data after 10 failed
passcode attempts. Ensure your phone is backed up to avoid losing data.​

1.​ In Touch ID & Passcode, enable Erase Data.​

Law Enforcement and Data Access:

●​ Prior to iOS 8, Apple could extract specific user data (SMS, photos, contacts, etc.) from
passcode-locked devices under a legal request. However, for iOS 8 and later, Apple
cannot access encrypted data since it doesn't possess the encryption keys.​

●​ Be aware: If the device syncs with iCloud or is backed up to a computer, law

enforcement may still access data from those backups.​

Remote Device Erase:

●​ Find My iPhone: If your device is lost or stolen, you can erase it remotely. However, be
cautious as Find My iPhone can potentially expose your device's location to Apple.​
Important: Keep your iPhone powered off (or rebooted and not unlocked) to ensure encryption
remains effective if the device is seized or lost. Some attackers may still access data from an
active device or when it’s recently powered off.

20) Cyber Security Invitations in

India

With the exponential growth of internet usage and reliance on computers, securing critical
information infrastructure in sectors such as civil aviation, railways, power, oil, gas, banking,
telecom, and others has become essential to prevent cyber attacks. India ranks fourth globally
in terms of cyber crime complaints, as reported by the Internet Crime Complaint Centre (IC3).
However, the country faces a shortage of trained cybersecurity professionals, with only 556
experts in government agencies, in contrast to other nations like China and the US. India’s
reputation as an IT superpower makes it crucial to address data security concerns, especially to
maintain its high-value outsourced business.

Counter Cyber Security Initiatives in India

1.​ National Counter Terrorism Center (NCTC)​

○​ Established post-26/11 attacks, NCTC coordinates counterterrorism efforts

across various agencies, ensuring effective control and intelligence sharing.​

2.​ National Information Security Assurance Programme (NISAP)​

○​ Led by CERT-In, NISAP develops policies and best practices for information
security, promoting awareness and offering computer forensics services to law
enforcement.​

3.​ Computer Emergency Response Team-India (CERT-In)​

○​ Created in 2004, CERT-In responds to security incidents, reports vulnerabilities,

and promotes IT security practices nationwide, while administering the IT Act.​

4.​ Indo-US Cyber Security Forum (IUSCSF)​

 ○​ A partnership between India and the US, the forum focuses on securing critical
infrastructure and fostering cooperation in cyber forensics, law enforcement, and
research.​

5.​ National Critical Information Infrastructure Protection Centre (NCIPC)​

○​ NCIPC is responsible for protecting India's critical infrastructure, providing

malware analysis, cyber forensics, and research on secure environments.​

6.​ National Intelligence Grid (Natgrid)​

○​ A counterterrorism initiative that integrates data from various government

databases (e.g., tax, banking, travel) to aid intelligence agencies in real-time
threat assessment.​

7.​ Crime and Criminal Tracking Networks and Systems (CCTNS)​

○​ A nationwide IT system for tracking crime and criminals, it facilitates the

collection, storage, and sharing of data to improve law enforcement and criminal
investigations.​

8.​ National Cyber Coordination Centre (NCCC)​

○​ NCCC is a proposed agency to handle cyber security and e-surveillance,

focusing on cyber attack prevention, investigations, and coordination across
agencies.​

9.​ Botnet Cleaning Center​

○​ Aimed at detecting and eliminating malicious botnets from users’ devices, this
initiative is part of the broader Digital India program.​

10.​Email Policy of Government of India​

○​ Introduced in 2013, this policy standardizes email communication within

government agencies to ensure secure communication and data exchange.​

11.​Ministry of Home Affairs (MHA)​

○​ MHA oversees internal security and coordinates various agencies for national
safety and counterterrorism efforts, including cybersecurity measures.​

12.​National Crime Records Bureau (NCRB)​

 ○​ The NCRB supports law enforcement agencies with IT solutions and criminal
intelligence to improve crime detection and public service delivery.​

13.​Data Security Council of India (DSCI)​

○​ DSCI, established by NASSCOM, focuses on promoting cyber security best

practices, privacy standards, and capacity building in India’s cybersecurity
industry.​

These initiatives demonstrate India's commitment to strengthening its cybersecurity framework

and ensuring the safety of its critical infrastructure and data from cyber threats.

21) Cyber Security Exercise

Importance of Cyber Security Exercises

Cybersecurity exercises are an essential tool for assessing and improving the security posture
of an organization. They play a vital role in enhancing the defense capabilities and
preparedness of teams to respond to cyber threats effectively. The number of cybersecurity
exercises has increased globally in recent years, underlining their importance in improving
defense, detection, response, and coordination capabilities.

Cybersecurity exercises can range from simple discussions, such as quizzes and tabletop
exercises, to more complex full-scale simulation drills. These exercises help organizations test
their preparedness and response mechanisms against cyber incidents.

Types of Cyber Security Exercises

Cybersecurity exercises can be categorized based on their nature and focus:

1.​ Discussion-Based Exercises​

○​ These exercises include formats like walk-throughs, quizzes, and tabletop

exercises. These typically involve senior management and focus on strategic
decision-making, governing actions, and high-level coordination.​

○​ Limitations: While these exercises improve preparedness, coordination, and

cooperation, they don't assess real-ground responses or the organization's ability
 to handle actual cyber events.​

2.​ Functional or Action-Based Exercises​

○​ These exercises simulate real cyber incidents, focusing on practical, hands-on

experience and how the organization responds to cyber threats.​

○​ Categories:​

■​ Simulated-Attack-Based Exercises: In these exercises, participants

face actual cyber attack scenarios designed to test their security
response, such as malware infections or website defacement.​

■​ Hypothetical-Scenario-Based Exercises: These exercises present a

fictional crisis and test the effectiveness of security plans, SOPs
(Standard Operating Procedures), coordination, and communication
strategies.​

Importance of Functional Exercises

Functional exercises are critical for testing people, processes, and technology implemented in
an organization. These exercises provide real-time insights into how well the organization can
respond to and mitigate cyber threats, improve security policies, and enhance operational
readiness.

Types of Functional Exercises

1.​ Hypothetical Scenario-Based Exercises​

○​ These exercises simulate a crisis situation to assess the effectiveness of security

plans, SOPs, and coordination within the organization.​

○​ They unfold through stages like:​

■​ Steady: Pre-crisis status and preparation.​

■​ Discovery: Detection of an incident or breach.​

■​ Attack: The event or attack unfolds.​

■​ Impact: The consequences of the attack are felt.​

■​ Recovery: Mitigating the damage and recovering systems.​

 ■​ Response & Coordination: Final actions and coordination to manage
the event.​

2.​ Simulated-Attack-Based Exercises​

○​ Artifacts-Based Cybersecurity Exercises: In these exercises, participants are

provided with digital artifacts like packet captures, malware samples, or
compromised machines to simulate a cyber attack.​

○​ Real-Time Simulation-Based Exercises: Participants protect a simulated

infrastructure from an announced or unannounced attack. The attackers attempt
to exploit vulnerabilities, and the defenders must respond according to their
security plans and SOPs.​

Exercise Type Selection Recommendations

When selecting the appropriate type of cybersecurity exercise, organizations should consider
the maturity level of their information security program and the goals they aim to achieve. A
gradual progression from discussion-based exercises to more complex, full-scale attack
simulations is recommended for organizations that wish to improve their cybersecurity posture
over time.

●​ Start with simpler discussion-based exercises like quizzes and walk-throughs to

build awareness and coordination.​

●​ As the organization matures, move towards full-attack-simulation-based functional

exercises to simulate real-world cyber threats.​

Components of Simulated-Attack-Based and Scenario-Based Cybersecurity

Exercises

Components of Hypothetical Scenario-Based Exercises

●​ The exercise unfolds through stages, each focusing on different aspects of crisis
management, such as initial detection, response, and recovery.​

●​ Tools like the EXercise event Injection TOolkit (EXITO) help develop master inject
lists, conduct trial runs, and manage the exercise process.​

Components of Simulated-Attack-Based Exercises

 ●​ Exercise Setup: Participants are given an isolated network setup, separate from the
production environment, to host during the exercise.​

●​ Coordination Teams: Coordinators, attacker teams, and incident response teams

simulate real-world attacks and responses.​

●​ Monitoring: Real-time communication (e.g., IRC chat) and a status website keep all
participants informed about the situation.​

Evaluation Metrics for Cyber Security Exercises

Before conducting the exercises, organizations must define the evaluation parameters to assess
the performance of participants effectively. The evaluation should capture critical metrics based
on the type of exercise and the scenario.

Assessment Parameters for Simulated-Attack-Based Exercises

●​ Detection: Did the team detect the attack (e.g., defacement of a website)?​

○​ Attack detected or not.​

○​ Detection of the vulnerability exploited (e.g., Remote File Inclusion vulnerability).​

○​ Identifying attack traces in logs (web-server/IDS logs).​

●​ Defense: Was the attack defended?​

○​ Whether the attack was successful.​

○​ Recovery time.​

○​ Response and coordination activities.​

Assessment Parameters for Hypothetical-Scenario-Based Exercises

●​ Response and Coordination: How well did the team respond during different stages of
the scenario (e.g., malware outbreak in a power plant)?​

○​ Expected actions at each stage (e.g., steady stage, attack stage).​

○​ Coordination with internal teams and external stakeholders.​

○​ Communication effectiveness during the incident.

22) Cyber Security Assurance

Introduction to Information Assurance

Information assurance (IA) refers to the practice of managing risks related to the
confidentiality, integrity, and availability of information and systems. John McCumber developed
a model called The McCumber Cube, which provides a comprehensive framework for
managing information assurance. It emphasizes the interconnectedness of various factors,
ensuring that no single aspect is overlooked during the implementation of information security
measures.

McCumber Cube

The McCumber Cube is divided into three main dimensions:

1.​ Objectives: The core goals for securing information:​

○​ Confidentiality: Protecting sensitive information from unauthorized access or

disclosure.​

○​ Integrity: Ensuring the information is not altered maliciously or accidentally.​

○​ Availability: Ensuring authorized users can access information when needed.​

2.​ Information States: Different stages in which information can exist:​

○​ Storage: Data at rest, e.g., on disks or in databases.​

○​ Transmission: Data in transit, e.g., during transmission over networks.​

○​ Processing: Data being manipulated or used for processing tasks.​

3.​ Safeguards: Methods to secure information systems:​

○​ Policy and Practices: Administrative controls and guidelines for information

security.​
 ○​ Human Factors: Awareness and training of users in their security
responsibilities.​

○​ Technology: Software and hardware solutions to protect information systems.​

The McCumber Cube helps organizations ensure that they approach information assurance
holistically, considering all dimensions in a balanced way.

Cyber Security Assurance Framework - India

India has taken significant steps to enhance cybersecurity, particularly through the
establishment of a comprehensive Cyber Security Assurance Framework aimed at safeguarding
critical infrastructure. The framework’s strategic approach focuses on preventing attacks,
reducing vulnerabilities, and minimizing damage from cyber threats.

Key Elements of the Framework:

1.​ Preventing Cyber Attacks: Securing critical infrastructures, such as defense, finance,
energy, and telecommunications.​

2.​ Forensics and Attribution: Identifying the sources of cyber attacks to hold perpetrators
accountable.​

3.​ Early Warning Systems: Establishing systems for early detection and response to
cyber threats.​

Strategic Objectives:

●​ Cyber Security Policy and Compliance: Creating national cybersecurity policies and
guidelines for organizations to comply with.​

●​ Cybersecurity R&D: Developing new technologies and methods for securing critical
infrastructure.​

●​ Public Awareness and Training: Raising awareness about cyber risks and providing
training to build the skills needed to defend against them.​

Security Assurance Initiatives in India

India's strategy includes several actions aimed at improving national cybersecurity:

1.​ Security Policy and Assurance: The government works with critical infrastructure
organizations to ensure compliance with cybersecurity best practices and provide
resources like certifications and training.​

2.​ Incident Response: The creation of the National Cyber Alert System (NCAS) helps
with rapid identification and response to cybersecurity incidents.​

3.​ Sectoral CERTs: Sector-specific Computer Emergency Response Teams (CERTs),

such as those for defense and finance, are being established to address the unique
cybersecurity needs of each sector.​

Key Programs:

●​ Cybersecurity Incident Response: Strengthening CERT-In’s capabilities and

establishing sectoral CERTs.​

●​ International Collaboration: Collaborating with other nations and international

cybersecurity agencies to mitigate global cyber threats.​

●​ Security R&D: Encouraging indigenous research to create tailored security solutions

and avoid reliance on foreign technologies that may pose security risks.​

Security Best Practices and Compliance

To ensure effective cybersecurity in critical sectors, organizations in India need to adopt and
comply with international security standards, such as ISO 27001 for information security
management. Key steps include:

1.​ Identifying a Chief Information Security Officer (CISO) to lead cybersecurity efforts.​

2.​ Implementing Security Controls: Regular assessments and tests, such as penetration
testing and vulnerability assessments, to ensure robust security measures are in place.​

3.​ Security Audits: Conducting periodic audits to evaluate the security infrastructure and
identify areas of improvement.​

4.​ Incident Reporting: Reporting cybersecurity incidents to CERT-In for coordinated

responses.​
E-Governance and Secure Software Development

In the context of e-governance, it is vital for all initiatives to adhere to best cybersecurity
practices, ensuring the security of government data and systems. This involves:

●​ Secure Intranet: Developing secure communication networks within government

agencies to share information safely.​

●​ Software Security: Ensuring that software development processes include security

measures and adherence to secure coding standards.​

Conclusion

Information assurance is critical to ensuring the security and resilience of an organization's

information systems. By considering confidentiality, integrity, and availability in tandem with
various safeguards (technology, policies, and human factors), organizations can develop robust
systems that mitigate risks. India's cybersecurity framework, including strategic initiatives,
incident response systems, and compliance programs, provides a solid foundation for securing
critical infrastructure and promoting cybersecurity awareness.

23) Online Banking Security

Securing Online Banking

Introduction

With the advancement of internet technologies, the banking industry has increasingly integrated
online services to improve accessibility, convenience, and efficiency. Online banking, also
known as internet banking or e-banking, enables customers to manage their accounts and
perform financial transactions securely over the internet. This shift from traditional branch-based
banking enhances customer service and operational performance.

What is Online Banking?

Online banking is an electronic payment system provided through a financial institution’s

website. It connects to the bank's core banking system, allowing customers to perform a wide
range of activities such as:
 ●​ Viewing account balances and statements​

●​ Transferring funds​

●​ Paying bills​

●​ Managing investments​

Unlike traditional banking, these services can be accessed globally, anytime.

Threats to Online Banking

Despite its advantages, online banking introduces various cybersecurity risks. The
confidentiality, integrity, and availability of user data are critical concerns. Common threats
include:

●​ Phishing & Pharming – Trick users into disclosing credentials.​

●​ Keyloggers & Spyware – Capture sensitive information.​

●​ Trojan Horses & Malware – Infect systems to steal or manipulate data.​

●​ Cross-Site Scripting (XSS) – Exploit browser vulnerabilities.​

●​ Adware & Viruses – Disrupt or monitor online activity.​

Major Attack Types:

1.​ Credential Stealing Attack (CSA):​

Gathers login information through phishing or malicious software.​

2.​ Channel Breaking Attack (CBA):​

Intercepts data between the client and server by impersonating each end.​

3.​ Content Manipulation (Man-in-the-Browser or MiTB):​

Alters web content in real-time, without the user's knowledge.​

Best Practices for Online Banking Users

Protect Your Device

 ●​ Install and regularly update anti-virus and anti-spyware software.​

●​ Use a personal firewall to block unauthorized access.​

●​ Keep your operating system and browser updated to fix security vulnerabilities.​

Secure Your Credentials

●​ Create strong, unique passwords and update them regularly.​

●​ Memorize your login details; avoid writing them down.​

●​ Never share your login credentials—banks never ask for PINs or passwords via phone
or email.​

●​ Always log out after completing your banking session.​

Browse Safely

●​ Access your bank's website by typing the URL directly—avoid suspicious links.​

●​ Ensure the page is secure: Look for “https” and the lock icon in the browser.​

●​ Never use public/shared computers for online banking.​

Stay Vigilant

●​ Monitor your account frequently for unauthorized activity.​

●​ Check the last login time displayed on the banking dashboard.​

●​ Report suspicious emails or activities to your bank and CERT-In at

[email protected].​

Act Promptly

●​ Immediately report any suspected fraud or credential theft to your bank.​

●​ Forward phishing emails to your bank's official fraud reporting address.

24) Mobile Banking Security
Securing Mobile Banking

Introduction

The rapid proliferation of smartphones has led to a significant increase in the use of mobile
applications, including mobile banking. Today, more users prefer mobile apps over traditional
desktop or web-based banking due to convenience and accessibility.

Mobile banking allows users to conduct a variety of banking tasks such as:

●​ Viewing account balances and mini statements​

●​ Checking detailed transaction histories​

●​ Transferring funds between accounts​

●​ Paying bills and managing finances​

Threats to Mobile Banking

1. Mobile Banking Malware

Malware can infect banking applications and compromise user credentials. Some malware even
bypasses two-factor authentication (2FA) by showing a fake login screen to users.

How malware spreads:

●​ Through malicious applications disguised as legitimate ones​

●​ Via phishing links or unsafe downloads​

Preventive Measures:

●​ Install reputable anti-malware and security software​

●​ Keep banking apps updated to receive timely security patches​

 ●​ Download apps only from trusted sources like Google Play Store or Apple App Store​

●​ Verify the developer’s name, app reviews, and permissions requested​

2. Phishing / Smishing / Vishing Attacks

Attackers use fraudulent emails, SMS (smishing), phone calls (vishing), and voicemails to trick
users into revealing personal banking information.

Preventive Measures:

●​ Do not share confidential details (PIN, CVV, OTP, passwords) via SMS or phone​

●​ Ignore suspicious messages requesting personal information​

●​ Ensure banking apps implement SSL/TLS encryption to protect data in transit​

3. Jailbroken or Rooted Devices

Jailbreaking or rooting a mobile device disables built-in security controls, allowing unauthorized
applications to gain full access to the device.

Risks:

●​ Malware can hijack sensitive functions like SMS or call logs​

●​ Critical mobile banking functions become vulnerable​

Recommendation:

●​ Avoid using jailbroken or rooted devices for mobile banking​

4. Outdated OS and Insecure Network Connections

Older OS versions and unsecured Wi-Fi connections expose mobile devices to security
vulnerabilities.
Preventive Measures:

●​ Regularly update your device’s operating system​

●​ Connect only to trusted, secure Wi-Fi networks (preferably WPA2-secured)​

●​ Avoid public Wi-Fi for financial transactions​

Best Practices for Mobile Banking Users

1.​ Enable Strong Device Security:​

○​ Set a strong device password, PIN, or biometric lock​

○​ Use the built-in security features (e.g. fingerprint/face recognition)​

2.​ Secure Your Banking Information:​

○​ Never store your bank account number or IPIN on the device​

○​ If your phone is lost, immediately report to the bank to disable access​

3.​ Download Apps from Trusted Sources:​

○​ Use the official App Store or Google Play​

○​ Verify app details via the bank’s official website​

○​ Never install apps from third-party or unofficial sources​

4.​ Be Alert to Suspicious Activity:​

○​ Regularly check your account for unusual transactions​

○​ Report phishing emails or suspicious texts to the bank

24) Crest & Debit Card Security ​

Secure Usage of Credit, Debit & ATM Cards

Security Threats

1. Identity Theft

The fraudulent acquisition and misuse of a person's private identifying information, typically for
financial gain. It includes:

●​ Application Fraud: Criminals use stolen or forged documents to open accounts in

someone else’s name. They may steal utility bills, bank statements, or identification
documents.​

●​ Account Takeover: Fraudsters gather information to impersonate the cardholder,

request address changes, report cards lost, and obtain replacement cards fraudulently.​

2. Credit/Debit Card Fraud

This involves unauthorized use of another person’s card details to obtain goods or services.
Techniques include:

●​ Phishing: Tricking users via fake emails or websites to gain sensitive card information.​

●​ Skimming: Using a skimming device to copy card details, especially at places where the
card is taken out of sight (e.g., restaurants).​

●​ Vishing: Voice-based phishing using phone calls to extract sensitive card details.​

●​ Social Engineering: Fraudsters pose as helpful individuals (e.g., fake security guards)
to trick users into revealing their card or PIN details.​

Precautionary Measures

Before Using Credit/Debit/ATM Cards

●​ Ensure the card mailer is sealed and undamaged.​

 ●​ Immediately sign the back of the card upon receipt.​

●​ Register your mobile number to receive transaction alerts.​

●​ Change the default PIN immediately.​

●​ Mask the CVV (3-digit security code) if not needed frequently.​

At Shopping Malls and Restaurants

●​ Keep the card in sight during transactions.​

●​ Never sign blank receipts.​

●​ Draw a line through blank spaces on receipts.​

●​ Avoid sharing personal information in public surveys.​

Online Card Usage

●​ Use only secure, reputable websites (check for HTTPS and lock icon).​

●​ Shop with known and trusted merchants.​

●​ Log off and clear browser cookies after online transactions.​

●​ Use a virtual keyboard for net banking when available.​

●​ Avoid sharing payment details via email or unverified links.​

●​ Beware of scams, fake offers, and requests for personal info.​

Do's and Don'ts for Card Security

✅ Do’s
 ●​ Inspect the ATM for tampering before use.​

●​ Shield your PIN when entering it.​

●​ Change your ATM PIN every 3 months.​

●​ Retain receipts and compare with statements.​

●​ Shred documents with card information.​

●​ Notify the bank when changing your address.​

●​ Immediately report lost/stolen cards.​

●​ Destroy expired cards by cutting them diagonally.​

❌ Don’ts
●​ Don’t accept unsealed/damaged cards.​

●​ Don’t write your PIN on or near your card.​

●​ Don’t carry multiple cards unnecessarily.​

●​ Don’t share your PIN, CVV, or card number.​

●​ Don’t hand over your card to strangers, even if they claim to be bank staff.​

●​ Don’t accept unsolicited help at ATMs.​

●​ Don’t use compromised or suspicious ATMs.​

●​ Don’t use shared or public devices for net banking.​

●​ Don’t respond to suspicious emails or calls requesting card info.​

●​ Don’t post card details or banking info on social media or blogs.​

●​ Don’t store your ATM PIN on your mobile phone.

25) UPI Security ​

Online Payments through Unified Payment Interface (UPI)

Introduction

Unified Payment Interface (UPI) is an initiative by the National Payments Corporation of India
(NPCI), backed by the Reserve Bank of India (RBI), to promote a less-cash, more digital
economy. It facilitates instant, seamless, and secure online payments through smartphones,
eliminating the need for traditional bank details.

How UPI Works

●​ UPI is built on the Immediate Payment Service (IMPS) platform, enabling real-time
interbank transactions 24x7.​

●​ Users create a Virtual Payment Address (VPA) (e.g., name@bank) that acts as their
financial identity—no need to share account number or IFSC.​

UPI Registration Process

1.​ Download UPI App: From App Store, Google Play Store, or your bank’s website.​

2.​ Create Profile: Enter your name, create a VPA, and set a password.​

3.​ Link Bank Account: Use the "Add/Link Bank Account" feature to link your account with
your VPA.​

4.​ Generate MPIN: Select the account, verify via OTP, and set your 4- or 6-digit MPIN for
secure transactions.​
Types of UPI Transactions

1. PUSH – Sending Money

●​ Login to UPI app.​

●​ Select “Send Money” option.​

●​ Enter recipient's VPA, amount, and your account.​

●​ Review details and click "Confirm."​

●​ Enter MPIN to authorize the payment.​

●​ Receive success or failure notification.​

2. PULL – Requesting Money

●​ Login to your bank’s UPI app.​

●​ Select “Collect Money” option.​

●​ Enter payer’s VPA, amount, and your account.​

●​ Confirm payment request.​

●​ Payer receives a notification, opens the UPI app, and chooses to Accept or Decline.​

●​ If accepted, payer enters MPIN to complete the transaction.​

●​ Both parties receive confirmation messages.​

Advantages of UPI

●​ No Wallet Required: Direct bank-to-bank transfer, no need to load funds.​

●​ Secure: VPA masks actual bank account details.​

●​ 24/7 Real-Time Transfers: Based on IMPS, works round the clock including holidays.​
 ●​ Multi-Bank Linking: One UPI app can manage multiple bank accounts.​

●​ Convenient for Merchants: Simplifies cash-on-delivery and e-commerce transactions.​

●​ Customizable: Banks can build their own apps on UPI's open architecture.​

Security Measures for Safe UPI Usage

✅ Do’s:
●​ Download UPI apps from official bank websites or trusted app stores.​

●​ Set strong passwords for your device and UPI app.​

●​ Use biometric authentication where available.​

●​ Keep your OS and apps updated to prevent exploitation of security vulnerabilities.​

●​ Lock your SIM card with a PIN.​

●​ Enable encryption, remote wipe, and install anti-virus software on your phone.​

❌ Don’ts:
●​ Do not share your MPIN or personal banking information with anyone, even if they
claim to be from the bank.​

●​ Avoid using public or unsecured Wi-Fi for UPI transactions.​

●​ Never install apps from unknown sources or respond to phishing links.​

●​ Be cautious of fraudulent calls asking for UPI credentials.

26) E-Wallet Security

Security of Electronic Wallets (E-Wallets)
What is an E-Wallet?

An electronic wallet (e-wallet) is a digital application that enables users to perform a wide
range of online financial transactions such as:

●​ Purchasing goods and services​

●​ Paying utility bills​

●​ Booking tickets​

●​ Transferring money​

These transactions are executed using smartphones or computers, and linked to financial
instruments like credit/debit cards or digital currency. E-wallets are often preloaded with funds
by the user and offer convenience, better management, and security compared to traditional
wallets.

Benefits of E-Wallets

●​ Manage multiple payment methods in one platform​

●​ Store digital receipts, offers, and warranty info​

●​ Access transactions with secure passwords or biometric authentication​

●​ Receive real-time alerts from merchants​

●​ Support point-of-sale and peer-to-peer transactions​

Security Risks and Countermeasures

🔒 1. Impersonation and SIM Swapping

Threat: Fraudsters gather personal details to impersonate users and perform unauthorized
transactions. In SIM swapping, attackers convince mobile operators to deactivate the user’s
SIM and issue a duplicate to gain OTPs and access.
Prevention:

●​ Never share personal information (passwords, OTPs, account details) via phone or
email.​

●​ Monitor SIM swap alerts sent by mobile operators and report suspicious activity
immediately.​

●​ Be cautious of unsolicited calls, especially if they ask you to switch off your phone.​

🌐 2. Man-in-the-Middle (MitM) & Phishing Attacks

Threat: Attackers intercept data during online transactions or create fake websites/emails to
steal login credentials.

Prevention:

●​ Verify website URLs and check the digital certificate (click the padlock icon in the
browser).​

●​ Avoid clicking on suspicious links or responding to emails asking for sensitive data.​

●​ Always access e-wallet apps and sites through trusted links or bookmarks.​

🦠 3. Malware Attacks
Threat: Malware can infiltrate your device, stealing e-wallet data or modifying transactions.

Prevention:

●​ Keep the e-wallet and operating system updated.​

●​ Use reputable antivirus and security software.​

●​ Avoid installing apps from unverified sources.​

Best Practices for Secure E-Wallet Usage

 ●​ Enable Strong Device Passwords: Use passcodes, biometrics, or patterns to lock your
device.​

●​ Use Secure Networks: Avoid public Wi-Fi. Prefer WPA/WPA2-encrypted networks.​

●​ Install Only Trusted Apps: Read app reviews, and install from trusted app stores or
official websites.​

●​ Secure Your Login Credentials: Do not store passwords in plain text or share them.​

●​ Create a Unique Password: Choose a strong, unique password for your e-wallet.​

●​ Register for Alerts: Enable SMS and email notifications for every transaction.​

●​ Stay Vigilant: If you suddenly stop receiving messages or calls, contact your mobile
operator to check for SIM tampering.​

●​ Understand the Terms & Points of Contact: Familiarize yourself with the terms and
support channels of your e-wallet provider in case of fraud, loss, or compromise.​

In Case of Fraud

If your phone is lost, a card is compromised, or your account is hacked:

●​ Contact your e-wallet provider’s helpline immediately.​

●​ Inform your mobile network provider to block or verify your SIM.​

●​ Review and follow up on the e-wallet provider's fraud resolution policies.

27) Micro ATM Security

Security of Micro ATM
Micro ATMs are Point of Sale(PoS)Devices that work with minimal power, connect to central banking servers
through GPRS, thereby reducing the operational costs considerably. Micro ATM solution enables the unbanked
rural people to easily access micro banking services in a very effective manner.

The basic interoperable transaction types that

the micro ATM will support are:
1.​ Deposit
2.​ Withdrawal
3.​ Funds transfer
4.​ Balance enquiry and mini-statement.

The micro ATM will support the following

means of authentication for interoperable
transactions:
1.​ Aadhaar + Biometric
2.​ Aadhaar + OTP
3.​ Magnetic stripe card + Biometric
4.​ Magnetic stripe card + OTP
5.​ Magnetic stripe card + Bank PIN

Threats to Micro ATMs :

Data Vulnerabilities
With respect to POS data vulnerabilities, there are three specific areas that should be given attention including
data in memory; data in transit; data at rest. Data in memory in this context is when the card track data is
brought into the system at the POS system via a POI (Point of Interface or some other input device). Data in
memory is nearly impossible to defend if an attacker has access to the POS system. Traditionally, data input
into the POS system was in memory in clear text, which is what allowed, attackers¿ memory scrapers to be
very successful. The way to minimize this risk is by encrypting the card data as soon as possible and keeping it
encrypted to the maximum extend throughout its life within the system. Point to Point Encryption (P2PE) could
be used to address the issue of encrypting data in memory.

Skimming
Skimming is the theft of credit card / Debit card information. Thief can obtain victim's credit card number using a
small electronicCredit Card device near the card acceptance slot and store hundreds of victim's credit card
numbers.
Social Engineering
Social engineering involves gaining trust - hence the fraudster poses as a member of staff. The fraudster would
then ask the customer to check the card for damages. The fraudster would have gained confidence from his
prey using various tactics such as offering assistance to the customer who perhaps would have tried to use the
ATM without success or perhaps the customer who is not familiar with use of micro ATM machine and requires
assistance.

Best practices for users:

●​ Before using micro ATM, please ensure that there are no strange objects in the insertion panel
of the ATM(to avoid skimming)
●​ Cover the PIN pas while entering PIN. Destroy the transaction receipts securely after
reviewing.
●​ Change ATM PIN on a regular basis.
●​ Keep a close eye on bank statements, and dispute any unauthorized charges or withdrawals
immediately.
●​ Shred anything that contains credit card number written on it.(bills etc)
●​ Notify credit/debit card issuers in advance for change of address.
●​ Don not accept the card received directly from bank in case if it is damaged or seal is open.
●​ Do not write PIN number on credit/debit card.
●​ Do not disclose Credit Card Number/ATM PIN to anyone.
●​ Do not hand over the card to anyone, even if he/she claims to represent the bank.
●​ Do not get carried away by strangers who try to help you use the microATM machine.
●​ Do not transfer or share account details with unknown/non validated source.
●​ In case of any suspected transactions or loss of cards, contact the service provider/bank
immediately.

Best practices for service providers

●​ The microATM must not transmit any confidential data unencrypted on the network
●​ The microATM must automatically logout the operator and lock itself after a period of inactivity
●​ Keep all the microATM software ,application,anitvirus regularly dated
●​ Educate the customer about basic functionalities and security best practice

28) Social Engineering

What is Social Engineering?
●​ A method of gaining unauthorized access by manipulating people, not technology.​

●​ It exploits the human element, the weakest link in any security system.​

●​ Difficult to defend against using hardware/software alone.​

Objectives of Social Engineering

●​ Gaining access to systems or information to:​

○​ Commit fraud​

○​ Perform identity theft​

○​ Conduct network intrusion​

○​ Carry out industrial espionage​

○​ Disrupt systems or networks​

Social Engineering Attack Cycle

1. Research

●​ Gathering information about the target using:​

○​ Social media​

○​ Public documents​

○​ Company websites​

○​ Insider details (e.g., birthdays, org charts, phone directories)​

2. Developing Rapport and Trust

●​ Establishing trust through:​

○​ Insider knowledge​
 ○​ Pretending to be someone familiar​

○​ Showing authority or asking for help​

●​ Uses friendly conversation to learn sensitive data (names, systems, procedures).​

3. Exploiting Trust Factor

●​ Leveraging the trust built to:​

○​ Request sensitive information​

○​ Ask for specific actions​

○​ Manipulate the victim into volunteering help​

4. Utilise & Execute

●​ Using obtained information to:​

○​ Reach the attack goal​

○​ Carry out unauthorized actions (e.g., asking for login credentials, sending malicious emails)​

5. Recruit & Cloak

●​ Actions taken to:​

○​ Hide the attack​

○​ Maintain the relationship to appear normal​

○​ Recruit the victim as an insider (knowingly or unknowingly)​

6. Evolve / Regress

●​ Evolve: Move to the next level of the attack using the gained data​

●​ Regress: Step back or stop the attack if it's not working, then reattempt from an earlier phase

1)​ Types Of Social Engineering

Types of Social Engineering Attacks
🔹 Broad Categories
●​ Physical Social Engineering​

●​ Remote Social Engineering​

●​ Hybrid Social Engineering (combines both physical and remote)​

1. Physical Social Engineering

●​ Piggybacking: Gaining access to a restricted area by tailgating an authorized person.​

●​ Eavesdropping: Listening to private conversations or reading screens/papers.​

●​ Impersonation: Pretending to be someone else (employee, contractor, etc.).​

●​ Dumpster Diving: Retrieving sensitive data from discarded trash or paper.​

●​ Reverse Social Engineering: Creating a problem and posing as the solution-provider to extract
sensitive information.​

2. Remote Social Engineering

●​ Conducted via: Phone, Email, Social Media, IM, Search Engines.​

●​ Physical Honeypots: USBs, CDs planted intentionally to spread malware when plugged in.​

3. Computer-based Social Engineering

●​ E-mails, Pop-ups, Websites, Messaging apps used for deception.​

📧 Social Engineering via Email

 ●​ Phishing: Fake emails imitating trusted sources to steal information.​

○​ Subtypes:​

■​ Spear Phishing: Targeted phishing on specific individuals.​

■​ Whale Phishing: Targeting high-profile individuals (e.g. CEOs).​

■​ SMiShing: Phishing via SMS.​

■​ Vishing: Phishing via voice/phone.​

🔍 Common signs of phishing:

●​ Poor grammar or misspellings.​

●​ Urgent request for personal information.​

●​ Suspicious attachments (.exe, .zip, etc.).​

●​ Generic greeting or strange “From/To” addresses.​

●​ Fake/malicious URLs.​

●​ Unknown or low reputation IP addresses.​

🕵️ Nigerian 419 (Advance-Fee Fraud)

●​ Victim is promised a large reward in exchange for upfront payment.​

●​ Ongoing fees may be requested or the scammer may disappear after initial payment.​

4. Pop-Up Attacks / Browser Interceptions

●​ Fake pop-up alerts (e.g., network issue or malware infection).​

●​ Trick users into entering credentials or downloading malware.​

5. Social Engineering by Phone

 ●​ Impersonators posing as tech support, bank staff, etc., to extract information.​

●​ Use of friendly, authoritative, or pressuring tactics.​

📞 Specific Phone-based Attacks:

●​ Mumble Attack: Feigning speech impairment to confuse and manipulate call center agents.​

●​ Vishing (Voice Phishing): Fake IVR systems or calls asking for account info or passwords.​

6. Other Notable Methods

●​ Boy Who Cried Wolf Attack: Triggering false alarms repeatedly so the real attack is ignored.​

●​ Road Apples / Baiting: Leaving infected USBs or CDs labeled with tempting info to lure users.​

●​ Diversion Theft: Redirecting legitimate deliveries to attacker-controlled locations.​

Tools Used
●​ Social Engineer Toolkit (SET):​

○​ Python-based, freely available.​

○​ Used for crafting targeted phishing emails and malicious payloads.​

○​ Common in penetration testing.

2)​ Defending Against Social Engineering

​

1. Importance of Employee Training

●​ Social engineering targets employees; hence, training is critical.​
 ●​ Educate staff on types of social engineering attacks and the value of information.​

●​ Conduct continuous security awareness programs (seminars, quizzes, internal websites, etc.).​

2. Key Elements of a Strong Social Engineering Defense

(As per Aaron Dolan, SANS 2004):

●​ Security Awareness Training​

●​ Password Policies​

●​ Data Classification​

●​ Acceptable Use Policy​

●​ Background Checks​

●​ Termination Process​

●​ Incident Response​

●​ Physical Security​

3. Data Classification Policy

●​ Top Secret: Highly sensitive (e.g., mergers); most secure.​

●​ Confidential: Legal protection required (e.g., personal data).​

●​ Restricted: Access limited to specific roles (e.g., HR or IT).​

●​ Internal Use Only: Not for public; moderate security.​

●​ Public: No confidentiality needed (e.g., press releases).​

4. Waste Management
●​ Secure disposal of documents/media.​
 ●​ Shredders should be used; staff must understand data disposal risks.​

5. Acceptable Use Policy

●​ Defines appropriate use of company systems and devices.​

●​ Includes monitoring, unauthorized hardware/software, and system accounts.​

6. Network & Remote Access Policies

●​ Specify who can access networks (wired/wireless/mobile).​

●​ Remote access rules: authorization, security requirements, termination.​

7. Physical Security Policy

●​ Covers visitor check-in/out, ID verification, escorting, visitor passes.​

●​ Employees should challenge unknown/unbadged individuals.​

●​ Define visitor network access restrictions.​

8. Electronic Communication Policy

●​ Rules for handling emails, attachments, instant messaging.​

●​ Educate users on phishing identification.​

9. Password Policies
●​ Strong, complex passwords (min 12 characters, upper/lowercase, symbols).​

●​ Key Rules:​
 ○​ Don't share or write down passwords.​

○​ Avoid default/same passwords.​

○​ Use password managers (e.g., KeePass).​

○​ Enable and secure hidden “Administrator” accounts.​

○​ Lock accounts after failed login attempts.​

○​ Use passphrases (e.g., "Ile@rn-d1pl0mafr0mU0U").​

●​ Reference site: passrequirements.com​

10. BIOS and Boot Security

●​ Protect BIOS with a password.​

●​ Change boot order to prevent booting from external media (e.g., Linux Live CD).

29) How Cyber Criminal Works &

How to Prevent

1. Identify Targets

●​ Cyber criminals choose targets based on:​

○​ Weak security systems​

○​ High-value data (e.g., financial, personal info)​

○​ Potential for profit or disruption​

2. Reconnaissance (Information Gathering)

●​ Collect info about target systems, networks, employees (using social media, websites,
phishing).​

●​ Tools: WHOIS, Google hacking, footprinting.​

3. Exploiting Human Weakness (Social Engineering)

●​ Trick people into giving up sensitive information (e.g., phishing, baiting, pretexting).​

●​ Employees are often the weakest link.​

4. Delivering Malware

●​ Use email attachments, fake software, malicious websites, or USB drives to install
malware like:​

○​ Trojans​

○​ Ransomware​

○​ Keyloggers​

○​ Spyware​

5. Gaining Unauthorized Access

●​ Use stolen credentials or software vulnerabilities to break into systems.​

●​ Exploit weak passwords, outdated software, or unpatched systems.​

6. Maintaining Access
 ●​ Install backdoors, rootkits, or remote access tools (RATs) to keep access without
detection.​

7. Data Theft or Damage

●​ Steal sensitive data (e.g., credit card info, business secrets).​

●​ Encrypt files for ransom (ransomware).​

●​ Destroy or manipulate data (cyber sabotage).​

8. Hiding Tracks

●​ Delete logs, use encryption, and anonymizing tools (VPNs, Tor).​

●​ Cover up the origin of the attack.​

9. Monetizing the Attack

●​ Sell stolen data on the dark web.​

●​ Demand ransom payments (in cryptocurrency).

1. Importance of Internet Safety for Families

●​ Family Internet Usage: Computers and mobile devices are often shared by family
members, including children and teenagers.​

●​ Risks: The Internet offers endless possibilities but also risks such as unreliable
information, malware, and privacy concerns.​

●​ Awareness: Not everything online is trustworthy; it's important to be cautious about

where you share personal and financial information.​
2. Online Safety Guidelines for Families

●​ Online Privacy: Online information is not always private. Be aware that strangers may
not be who they claim to be.​

●​ Avoid Offensive Content: Children may encounter harmful content (violent, racist, or
pornographic) unintentionally.​

●​ Supervision: Parents must supervise online activity, especially for younger family
members.​

3. Step 1: Secure Your Home Wi-Fi Network

●​ Password Protection: Change default admin passwords to secure ones.​

●​ Encryption: Enable wireless encryption (WPA2 or WPA3) to prevent unauthorized

access.​

●​ Device Control: Allow only authorized devices (MAC addresses) to connect to your
network.​

●​ Filtering: Set up filters to block inappropriate content.​

4. Step 2: Common Area for Family Computer

●​ Central Location: Place computers in common areas where everyone can easily
monitor usage.​

●​ Helps with Supervision: Easier for parents to manage screen time and ensure safe
usage for children.​

5. Step 3: Set Family Rules for Internet Usage

●​ Rules and Boundaries: Set clear guidelines about Internet usage, such as:​
 ○​ Permission before accessing the Internet.​

○​ Time limits for screen use.​

○​ Monitoring social media interactions.​

●​ Be Cautious of Strangers Online: Remind family members that people online can be
strangers, and online friendships may be deceptive.​

6. Step 4: Understand and Set Boundaries for Online Safety

●​ Agree on What’s Acceptable: Define safe and unsafe websites, chat rooms, and forum
usage.​

●​ Create Unique Usernames: Avoid using real names or revealing personal details
online.​

●​ Privacy: Do not share sensitive information such as phone numbers or family details.​

●​ No In-Person Meetings: Never meet strangers met online without informing family.​

7. Step 5: Online Behavior Agreement

●​ Sign an Agreement: Create an agreement with family members outlining appropriate

online behavior and safety rules.​

●​ Clear Expectations: Everyone should understand the rules regarding Internet and
computer usage.​

8. Step 6: Secure Your Computer

●​ Update Software: Keep operating systems and applications up to date with the latest
patches.​
 ●​ Create Restore Points: In case of issues, create a restore point after updating software
to roll back to a safe version.​

9. Step 7: Keep Software Up to Date

●​ Automatic Updates: Ensure that operating systems and programs (e.g., browsers,
Adobe software) are updated regularly.​

●​ Security Software: Install security programs (antivirus, firewalls) and update them to
protect against malware and hackers.​

10. Step 8: Install Antivirus and Security Software

●​ Antivirus Protection: Install antivirus software to protect your system from threats like
viruses, malware, and spyware.​

●​ Automatic Scanning: Ensure the antivirus software is set to automatically update and
scan your devices for new threats.​

Key Takeaways

●​ Education and Monitoring: Keep your family informed about the risks of the Internet
and monitor usage regularly.​

●​ Secure Devices: Always use strong passwords, enable encryption, and ensure proper
device and software security.​

●​ Privacy Awareness: Encourage the family to be cautious about what they share and
with whom, both online and offline.​
30) Cyber Security Threat
Landscape

1. Evolving Cyber Threats

●​ Increased Complexity: Cyber threats are becoming more sophisticated, making them
harder to detect and defend against.​

●​ New Attack Vectors: Attackers are constantly exploring new ways to infiltrate systems,
such as exploiting cloud services, mobile apps, IoT devices, and even supply chain
vulnerabilities.​

2. Key Factors Driving the Changing Threat Landscape

●​ Proliferation of Internet-Connected Devices (IoT): The rise in smart devices increases

the number of potential entry points for cyber attackers.​

●​ Cloud Adoption: As more businesses move to the cloud, cyber criminals are targeting
cloud infrastructure and services for data breaches.​

●​ Mobile Device Usage: The growth of mobile devices in both personal and professional
environments creates new vulnerabilities.​

●​ BYOD (Bring Your Own Device): Employees using personal devices for work increases
the risk of unsecured connections and data leakage.​

3. Types of Emerging Cyber Threats

●​ Ransomware: Cyber criminals encrypt data and demand payment to unlock it.
Ransomware attacks have grown significantly, targeting both individuals and
organizations.​
 ●​ Phishing: Cyber attackers use deceptive emails or websites to steal personal
information or install malware.​

●​ Advanced Persistent Threats (APT): These are prolonged, targeted attacks designed
to infiltrate a network and stay undetected, often for espionage or sabotage.​

●​ Insider Threats: Employees or trusted individuals who intentionally or unintentionally

cause harm by leaking sensitive information or aiding external attackers.​

●​ Zero-Day Exploits: Attacks that exploit previously unknown vulnerabilities in software or

hardware, often before a fix is available.​

4. Key Attack Techniques

●​ Social Engineering: Attackers manipulate people into divulging confidential information,

such as phishing, baiting, and pretexting.​

●​ DDoS (Distributed Denial of Service): Cyber criminals overwhelm systems with traffic,
making services unavailable. Often used to distract from more serious attacks.​

●​ Man-in-the-Middle (MitM) Attacks: Cyber criminals intercept and manipulate

communications between two parties without their knowledge.​

5. Impact of Cyber Attacks

●​ Financial Losses: Cyber crime can lead to direct financial losses through fraud,
ransomware payments, or legal fees.​

●​ Reputation Damage: Attacks can cause long-lasting harm to a company’s reputation,

eroding customer trust and brand image.​

●​ Intellectual Property Theft: Stolen data, trade secrets, and proprietary information can
severely impact an organization's competitive edge.​
 ●​ Operational Disruption: Attacks can disrupt business operations, halt production, or
cause downtime, affecting business performance.​

6. Response to Changing Threats

●​ Security Frameworks: Organizations are adopting security frameworks like NIST

(National Institute of Standards and Technology) and ISO 27001 to guide their security
efforts.​

●​ AI and Machine Learning: The use of artificial intelligence to detect patterns and
anomalies in data is becoming increasingly important for defending against cyber
threats.​

●​ Endpoint Security: As more devices are connected, securing endpoints (laptops,

mobile devices, etc.) is essential to prevent breaches.​

●​ Zero Trust Security: This security model assumes no one, inside or outside the
network, can be trusted and requires continuous verification of identities and devices.​

7. The Role of Cyber Security Awareness

●​ Employee Training: Continuous awareness programs are essential to educate

employees on recognizing phishing attempts, using strong passwords, and following
safe online practices.​

●​ Regular Security Audits: Performing audits helps to identify vulnerabilities in systems,

ensuring that defenses are always updated and robust.​

8. Regulatory and Compliance Changes

●​ GDPR: The General Data Protection Regulation in the EU has placed an emphasis on
protecting personal data and privacy, influencing cyber security practices globally.​

●​ Cybersecurity Maturity Models: Governments and industries are developing

cybersecurity maturity models to guide organizations in assessing and improving their
 security posture.​

9. Future Threats

●​ AI-powered Attacks: As AI and automation become more advanced, cyber criminals

may leverage AI for more sophisticated attacks, such as deepfake videos, personalized
phishing, and autonomous hacking tools.​

●​ Quantum Computing: The rise of quantum computing may lead to a new generation of
cyber threats capable of breaking current encryption standards.​

Key Takeaways

●​ Constantly Evolving: The cyber threat landscape is dynamic, and organizations must
continually adapt to new challenges and technologies.​

●​ Layered Defense: Cyber security is not just about one solution but a multi-layered
approach that combines technology, processes, and human awareness.​

●​ Proactive Stance: Organizations should adopt proactive security measures like threat
intelligence, AI-powered defenses, and strong employee training to mitigate risks.​

31) Emerging Threats &

Technology Change

1. Emerging Cyber Threats

Emerging threats are evolving due to advances in technology and increasing digital
interconnectivity. Cyber criminals are exploiting new vulnerabilities as the digital landscape
expands.

Types of Emerging Threats:

 ●​ Ransomware: A type of malicious software that locks users' files or systems and
demands payment for unlocking them. It's evolving to be more targeted and destructive.​

●​ Fileless Malware: Malware that operates in memory and doesn’t leave traces on the
disk, making it harder to detect with traditional antivirus solutions.​

●​ Advanced Persistent Threats (APT): Prolonged, multi-phase attacks where cyber

criminals infiltrate a network and remain undetected for long periods, usually with the
goal of espionage or sabotage.​

●​ Social Engineering Attacks: As cyber criminals target human vulnerabilities,

techniques like phishing and vishing (voice phishing) have become increasingly
sophisticated.​

●​ Cryptojacking: Malicious use of a victim’s computer resources to mine cryptocurrencies

without their consent.​

●​ Supply Chain Attacks: Cyber attackers target vulnerabilities within a company’s supply
chain, often through third-party vendors or software providers.​

●​ IoT-Based Attacks: With the rise of the Internet of Things (IoT), cyber criminals are
targeting insecure devices, turning them into entry points for larger cyber attacks.​

2. Technological Changes Driving Emerging Threats

Several technological advancements are contributing to the emergence of new threats:

A. The Rise of AI and Machine Learning

●​ AI-Powered Attacks: Cyber criminals are beginning to use artificial intelligence (AI) to
automate attacks. For example, deepfake technology can create realistic but fake
videos and audio to deceive people or manipulate public opinion.​

●​ Automated Hacking: AI-driven tools can automate hacking techniques, making attacks
faster and more widespread. Machine learning can be used to predict and exploit
vulnerabilities in systems.​

●​ AI in Defense: AI is also being used in cybersecurity to detect anomalies, predict

threats, and improve system defenses.​

B. Cloud Computing
 ●​ Cloud Infrastructure Risks: As businesses increasingly rely on cloud services, new
attack vectors emerge. Misconfigured cloud storage or weak authentication can expose
sensitive data.​

●​ Data Breaches: Cloud service providers may be targeted for breaches that expose large
amounts of customer data, especially if there are weak security protocols in place.​

C. The Internet of Things (IoT)

●​ Vulnerable Devices: IoT devices, such as smart thermostats, security cameras, and
wearable tech, can be insecure, leaving networks exposed to attack.​

●​ Botnets: IoT devices are commonly hijacked to create botnets that perform Distributed
Denial of Service (DDoS) attacks, overwhelming systems with massive traffic.​

3. Technology Changes Impacting Cybersecurity

The rapid adoption of new technologies has created a need for advanced security measures
and adaptive responses.

A. Zero Trust Architecture

●​ No Implicit Trust: Zero Trust models assume that no user, device, or network should be
trusted by default, even if they are within the organization's internal network.​

●​ Continuous Verification: This requires the continuous authentication of users and

devices before granting access to systems and data.​

B. Blockchain Technology

●​ Potential for Cybersecurity: Blockchain offers decentralized, transparent, and

immutable records, which can be used for securing data, preventing fraud, and ensuring
integrity in transactions.​

●​ Cryptocurrency Fraud: However, blockchain also brings new risks, particularly in the
cryptocurrency space, where cyber criminals target users to steal crypto assets.​

C. Quantum Computing
 ●​ Threat to Encryption: Quantum computers have the potential to break existing
encryption standards, such as RSA, which underpins much of today's data security.​

●​ Post-Quantum Cryptography: To counter this, researchers are working on developing

encryption algorithms that are resistant to quantum computing threats, known as
post-quantum cryptography.​

D. 5G Networks

●​ Increased Attack Surface: The rollout of 5G networks enables faster, more

interconnected systems, but also expands the potential attack surface for cyber
criminals. Devices and sensors connected to 5G are vulnerable to attacks.​

●​ Privacy Risks: 5G enables more data transfer, increasing the risk of surveillance and
data breaches, especially for individuals and organizations relying on the network for
sensitive communications.​

4. Changing Cybersecurity Defense Strategies

As technology evolves, so too must the strategies used to defend against emerging cyber
threats.

A. AI and Automation in Cybersecurity

●​ Automated Threat Detection: AI and machine learning algorithms can be used to

analyze vast amounts of data in real-time, spotting anomalies and potential threats faster
than traditional methods.​

●​ AI-Powered Defense Systems: Machine learning can help create more adaptive
defense mechanisms that evolve alongside cyber threats.​

B. Cybersecurity Mesh Architecture (CSMA)

●​ Distributed Security: Instead of a centralized security model, the cybersecurity mesh

approach provides a flexible, distributed model that ensures security at every access
point in a network, regardless of location.​
5. Key Takeaways

●​ Evolving Threats: The rapid pace of technological change brings new types of cyber
threats. Organizations must stay ahead of the curve to protect sensitive data and
systems.​

●​ Adaptation is Key: As technology changes, cybersecurity practices need to evolve.

Emphasizing proactive defense mechanisms, continuous monitoring, and AI-driven
security solutions are essential.​

●​ Personal Vigilance: With the rise of social engineering and phishing, individuals must
stay educated on cyber threats and maintain strong personal security practices, such as
using multi-factor authentication and avoiding suspicious emails.​

32) Cyber Security Techniques

1. Authentication

●​ Confirms identity of a user (e.g., via username/password).​

●​ Two-factor authentication: Combines something the user knows (password) and

something the user has (e.g., OTP, biometric, physical token).​

●​ Authorization: Grants access to resources based on user credentials.​

●​ Strong passwords are essential (min. 12 characters, mix of letters, numbers, symbols).​

●​ High-security setups use hybrid authentication (e.g., biometrics + VPN).​

2. Encryption

●​ Converts data into unreadable form for secure transmission.​

●​ Decryption: Reverting encrypted data back to original using a key.​

 ●​ Symmetric encryption: Same key for encryption/decryption (key sharing is a
challenge).​

●​ Asymmetric encryption: Uses a public key for encryption and private key for
decryption.​

○​ E.g., Sender encrypts with receiver’s public key; receiver decrypts with private
key.​

3. Digital Signatures

●​ Used for authentication and validation of data/documents.​

●​ Sender encrypts data with their private key.​

●​ Receiver verifies using sender’s public key.​

●​ Ensures data integrity (no tampering) and sender authenticity.​

●​ Useful in legal/financial transactions to prevent denial of actions.​

4. Antivirus Software

●​ Protects against malware, viruses, worms, trojans.​

●​ Detects, blocks, and removes malicious programs.​

●​ Needs regular updates to tackle new threats.​

5. Firewall

●​ Acts as a barrier between internal network and internet.​

●​ Controls inbound and outbound traffic.​

 ●​ Can be hardware, software, or both.​

●​ Types of firewall filtering:​

○​ Proxy: Monitors outbound traffic.​

○​ Packet Filtering: Filters based on IP, ports, protocols.​

○​ Stateful Inspection: Checks packets based on key features.​

●​ Needs proper configuration to be effective.​

●​ Prevents unauthorized access and DoS attacks.​

6. Steganography

●​ Hides secret messages within other files (image, audio, video).​

●​ Message is invisible without special tools.​

●​ Uses techniques like altering least significant bits in images or adding noise in audio.​

●​ Applications: Secret communication, digital watermarking, data protection.

33) FireWall

🔥 FIREWALL – Key Points

1.​ Definition:​
A firewall is a hardware or software system that acts as a barrier between a trusted
internal network and untrusted external networks (like the Internet).​

2.​ Purpose:​
 ○​ Blocks unauthorized access.​

○​ Controls inbound and outbound traffic.​

○​ Protects against malware, viruses, and hackers.​

○​ Helps prevent DoS (Denial of Service) attacks.​

3.​ Types of Firewalls:​

○​ Hardware Firewall: Physical devices (e.g., routers) that protect an entire

network.​

○​ Software Firewall: Installed on individual computers or servers (e.g., Windows

Firewall).​

4.​ Filtering Techniques:​

○​ Packet Filtering:​

■​ Filters data packets based on IP address, port number, protocol.​

■​ Common in routers.​

○​ Stateful Inspection:​

■​ Remembers past connections and inspects packets based on context.​

■​ More secure than basic packet filtering.​

○​ Proxy Services:​

■​ Routes traffic through a proxy server.​

■​ Monitors and filters outgoing data.​

5.​ Configuration:​

○​ Must be properly configured with rules and policies.​

○​ Can allow or block traffic based on:​

■​ IP addresses​
 ■​ Domain names​

■​ Protocols​

■​ Port numbers​

6.​ Limitations:​

○​ Not a complete solution by itself.​

○​ Needs to be combined with other security tools (e.g., antivirus, encryption).​

1)​Configuring FireWall
🛡️ Configuring Firewall on macOS – Key Points
1.​ Purpose:​

○​ Protects your Mac by blocking unauthorized incoming connections.​

○​ Helps stop hackers from exploiting open ports via automated scans.​

2.​ Steps to Enable macOS Firewall:​

○​ Open System Preferences from the Apple menu.​

○​ Select Security & Privacy.​

○​ Go to the Firewall tab.​

○​ Click the lock icon to make changes (enter admin credentials).​

○​ Click Start to enable the firewall.​

○​ Click Advanced to configure settings:​

■​ ✅ Allow signed software to receive incoming connections.​

■​ ✅ Enable stealth mode to ignore ping/port scan requests.​
 ○​ Click OK and close System Preferences.​

3.​ Important Settings:​

○​ Signed Software Rule: Automatically allows trusted apps to communicate.​

○​ Stealth Mode: Makes your Mac invisible to basic network probes.

2)​Windows FireWall

🔥 Windows Firewall – Key Points

✅ What is Windows Firewall?
●​ A built-in security tool by Microsoft that filters incoming and outgoing network
traffic.​

●​ Protects against unauthorized access from local networks and the internet.​

●​ First introduced in Windows XP (2001) as "Internet Connection Firewall."​

🛡️ What Windows Firewall Does

●​ Blocks harmful or unauthorized connections.​

●​ Uses predefined rules for filtering traffic.​

●​ Can stop threats like worms, Trojans, and network-based malware.​

●​ Applies rules differently based on network location (private/public).​

❌ What It Does NOT Do

●​ Cannot remove existing malware on your PC.​

●​ Not a replacement for antivirus software.​

●​ Doesn’t protect from malicious communications if the malware is already present.​

🖥️ How to Access Windows Firewall

●​ Control Panel → System and Security → Windows Firewall.​

●​ Or search for "firewall" in:​

○​ Windows 10: Cortana or Start menu.​

○​ Windows 7/8.1: Start Menu or Start Screen.​

🔄 How to Turn Windows Firewall ON or OFF

1.​ Open Windows Firewall.​

2.​ Click “Turn Windows Firewall on or off” (left panel).​

3.​ Choose for each network type:​

○​ ✅ "Turn on Windows Firewall" (recommended).​

○​ ❌ "Turn off Windows Firewall" (only if you have another firewall installed).​
4.​ Click OK to apply changes.​

5.​ Requires administrator access to make changes.​

💡 Additional Notes
●​ Most apps add exceptions automatically to access the internet.​
●​ If not, you’ll get a Windows Security Alert to manually allow/block the app.​

●​ Always use Windows Firewall + Antivirus for complete protection.

3) Windows Defender FireWall

🧱 Windows Defender Firewall with Advanced Security: Overview
​

📌 What is it?
●​ An advanced tool in Windows for managing firewall rules.​

●​ Gives full access to inbound, outbound, and connection security rules.​

●​ Found in Windows 10, Windows 7, and Windows 8.1.​

●​ Uses the Microsoft Management Console (MMC) – runs via wf.msc.​

🔍 How to Open It
✅ Three common methods:
1.​ Search for wf.msc in the Start Menu or Search box.​

2.​ Control Panel → System and Security → Windows Defender Firewall → Advanced
Settings.​

3.​ Start Menu → Windows Administrative Tools → Windows Defender Firewall with
Advanced Security.​

🔐 What You Can Do With It

✅ Inbound Rules
●​ Control what network traffic is allowed IN to your PC.​

●​ Protect against unauthorized access or attacks.​

●​ Can be customized by program, port, IP, or user.​

✅ Outbound Rules
●​ Control what traffic goes OUT from your PC to the internet or network.​

●​ Useful for blocking programs from sending data.​

●​ Like inbound rules, you can customize them in detail.​

✅ Connection Security Rules

●​ Use IPsec to enforce authentication and encryption between two devices.​

●​ Must be configured on both ends of the connection.​

●​ Mostly used in business or enterprise environments.​

✅ Monitoring
●​ Shows active rules, connection security status, and security associations.​

●​ Helps track how rules are being applied in real time.​

⚙️ Why Use It?

●​ Provides fine-grained control over Windows Firewall.​

●​ Useful for advanced users and IT professionals.​

●​ Can enhance security by precisely defining what’s allowed and what’s blocked.​

●​ No additional software or cost—built into Windows.​

 🛠️ Example Use Case
●​ Want to block a specific app from accessing the internet?​

○​ Go to Outbound Rules → Create a New Rule → Select the program → Block

the connection.​

●​ Want to require encryption between two computers?​

○​ Set up a Connection Security Rule using IPsec.

34) IT Security Act 2000

Overview of the IT Act, 2000

●​ Came into force: 17th October 2000.​

●​ Scope: Applies across India and to offenses committed outside India if they involve a
computer system/network in India.​

●​ Chapters: 13 Chapters, 94 sections.​

●​ Purpose: To provide legal recognition to electronic transactions and enable

e-commerce, e-governance, and electronic communication with legal backing.​

Objectives of the Act

●​ Legal recognition of electronic records and digital signatures.​

●​ Promotion of secure digital transactions.​

●​ Facilitation of electronic filing and retrieval of information.​

 ●​ Prevention and punishment of cybercrimes such as hacking, identity theft, and online
fraud.​

●​ Establishment of a legal framework for secure e-commerce and e-governance.​

Key Provisions

●​ Digital Signatures: Recognized for authenticating electronic records.​

●​ Certifying Authorities: Entities licensed to issue digital signature certificates.​

●​ Cyber Regulations Appellate Tribunal: For appeals related to adjudication.​

●​ Adjudicating Officers: Handle claims up to ₹5 crore.​

●​ Exemptions: The Act does not apply to negotiable instruments, powers of attorney,
wills, trusts, and contracts related to immovable property.​

Major Definitions

●​ Access: Interaction with computer systems/networks.​

●​ Computer/Computer Network: Devices and interconnections used for processing and

communication.​

●​ Digital Signature/Certificate: Authentication tools for electronic records.​

●​ Intermediary: Entity transmitting or storing electronic records on behalf of others.​

●​ Secure System: Reliable and protected IT environment.​

2008 Amendment Highlights

●​ Addressed gaps in cybercrime laws in the original Act.​

 ●​ Introduced provisions for data protection, especially for BPOs, banks, and healthcare
sectors.​

●​ Section 43A: Companies handling sensitive personal data must implement adequate
security; negligence leading to harm results in liability.​

●​ Introduced stricter provisions for cyber terrorism, privacy violations, and identity theft.​

●​ Lowered police rank for investigations from DySP to Inspector (Section 78).​

Punishments for Cybercrimes (Selected Sections)

Section Offense Punishment

65 Tampering with computer source Up to 3 years + ₹2 lakh fine

66 Hacking & data breach Up to 3 years + up to ₹5 lakh fine

66A Offensive messages 3 years + fine (struck down in 2015)

66C/D Identity theft, fraud Up to 3 years + ₹1 lakh fine

66E Privacy violation Up to 3 years + ₹2 lakh fine

66F Cyber terrorism Life imprisonment

67/67A/B Obscene/pornographic content 5–7 years + up to ₹10 lakh fine

 67C Failure to retain information 3 years + fine

Who Can Investigate?

●​ Police Inspector or higher rank can investigate cybercrimes.​

●​ Adjudicating Officer: Handles claims up to ₹5 crore.​

●​ Civil Court: Handles claims above ₹5 crore.​

This Act lays the foundational legal structure for the digital ecosystem in India, addressing the
growing dependence on digital communication and commerce, while also tackling threats like
cybercrime and privacy breaches.

35) Recovering From

Information Loss

WHY BACKUPS MATTER

●​ Digital data loss is inevitable – due to theft, carelessness, hardware failure, malware,
or accidents.​

●​ You will eventually lose data – the only question is when.​

●​ Having current backups and a tested restore method is crucial.​

🧭 STEP-BY-STEP BACKUP STRATEGY
1. Identify & Organize Your Data

●​ List where all your information is stored: computers, USBs, phones, CDs, cloud, etc.​

●​ Include non-digital items: notebooks, printed contracts.​

●​ Identify master copies (editable originals) vs. duplicates (backups/copies).​

●​ Use a table to track devices, data types, and storage locations.​

2. Create a Backup Plan

●​ Store each file in at least two places and in different physical locations.​

●​ Encrypt sensitive files with VeraCrypt or other tools.​

●​ Back up:​

○​ Documents using Cobian Backup or similar.​

○​ Emails with email clients like Thunderbird.​

○​ Mobile phone data using manufacturer software.​

○​ Printed documents by scanning and storing digitally.​

💾 CHOOSING STORAGE DEVICES

Device Pros Cons

USB drives Portable, large capacity Fragile, finite lifespan (~10 yrs)
CDs/DVDs Good for long-term with Small capacity, data fades over time
care

Remote servers High capacity Internet speed matters, encryption is a

must

External hard Great for large backups Must be stored safely (offsite preferred)
drives

🛠 TOOLS
🔁 Cobian Backup
●​ Schedule automatic, incremental backups.​

●​ Can compress and encrypt data.​

♻️ Recuva
●​ Recovers accidentally deleted files.​

●​ Use the portable version immediately after deletion to prevent overwriting.​

✅ BEST PRACTICES
●​ Organize files in one place (e.g., “Documents” folder).​

●​ Schedule regular backups (daily, weekly, monthly depending on criticality).​

●​ Train others in your organization to follow secure backup practices.​

 ●​ Test restore procedures – backups are useless if you can’t restore them.​

🧠 Final Tip
Backups are only as good as your ability to restore them. Always verify your backups by
doing test restores and updating your system regularly.

36) Destroying Sensitive

Information

1. Understanding File Deletion

●​ File Deletion Doesn't Erase Data: Simply deleting a file (even emptying the Recycle
Bin) doesn't remove the actual data from your hard drive. The space is marked as
available for new data but remains filled with the deleted content.​

●​ The Need for Secure Deletion: Without secure deletion tools, someone could recover
deleted files using data recovery software.​

2. Wiping Data Using Secure Deletion Tools

●​ Wiping vs Deleting: Secure deletion involves overwriting data with random information
multiple times, making it harder to recover. Tools like Eraser do this effectively.​

●​ Best Practices: Experts recommend making at least three overwriting passes; some
standards recommend seven.​

●​ Two Methods of Wiping:​

 ○​ Wiping Individual Files: This guarantees that a specific file is fully removed.​

○​ Wiping Unallocated Space: Ensures that previously deleted information, even if

not visible, is completely erased.​

3. Handling Temporary and Hidden Data

●​ Temporary Files: These include browser cache, application data, and Windows swap
files. These can contain sensitive information and should also be wiped regularly.​

●​ CCleaner: This tool can help remove temporary files and also offers the ability to
securely delete data.​

4. Tips for Effective Secure Deletion

●​ Backup First: Always create an encrypted backup of important files before using secure
deletion tools.​

●​ Step-by-Step Process:​

1.​ Create an encrypted backup.​

2.​ Close unnecessary programs and disconnect from the internet.​

3.​ Delete unnecessary files and empty the Recycle Bin.​

4.​ Use tools like CCleaner to wipe temporary files.​

5.​ Use Eraser to wipe the swap file and unallocated space.​

6.​ Repeat this process regularly to ensure no residual sensitive data remains.​

5. Wiping Entire Storage Devices

●​ External Storage Devices: When you need to wipe an entire drive (e.g., before selling
or discarding it), Eraser can be used to wipe the contents, but the operating system must
not be running from that drive.​

●​ Physical Destruction: In cases where sensitive data is stored on non-rewritable media

(like CDs or DVDs), physical destruction is the most effective method.​
Conclusion:

Secure deletion tools like Eraser and CCleaner are essential for ensuring sensitive information
doesn't remain recoverable after deletion. Regularly wiping both temporary and unallocated
space can prevent unauthorized recovery of your data.

37) CC Cleaner

1. Introduction to CCleaner

●​ CCleaner is a privacy and security tool used to delete temporary files, browser history,
cookies, and free disk space to protect your system from potential threats.​

●​ Alternatives like BleachBit and tools for macOS (e.g., OnyX, Maintenance) can also be
used for similar purposes.​

2. Why Use CCleaner?

●​ Data trail: Applications and browsers collect temporary data that can reveal personal
information (e.g., recent websites, search history, emails).​

●​ Manual Deletion vs. CCleaner: Manually deleting temp files is cumbersome, but
CCleaner automates and simplifies the process.​

3. Installing and Configuring CCleaner

●​ Installation: The installation process involves disabling the option to install additional
software (e.g., Google Chrome) and proceeding with the setup.​

●​ Configuration:​

○​ CCleaner defaults to normal file deletion, but you must enable "Secure File
Deletion" in the settings to overwrite files with random data. This makes it harder
to recover deleted files.​
 ○​ You can set the number of passes for secure deletion (e.g., 1, 3, or 7 passes).​

4. Deleting Temporary Files

●​ CCleaner helps delete temporary files from Windows and applications (e.g., browsers,
Office apps).​

●​ Steps: Select the items to clean (e.g., temporary internet files, recent documents, etc.)
and then click the Run Cleaner button to delete them.​

●​ Important: CCleaner won’t delete personal documents, just the temporary files.​

5. Cleaning the Windows Registry

●​ Purpose: The Windows Registry stores system and application settings. Over time, it
accumulates obsolete or incorrect entries.​

●​ Process: Scan the registry, back it up, and fix issues by removing outdated entries. It
helps improve system performance and security.​

●​ Backup: Always create a backup before making changes to the registry.​

6. Advanced Features

●​ Uninstalling Programs: Use CCleaner to uninstall unwanted programs more easily than
via Control Panel.​

●​ Startup Programs: Disable unnecessary startup programs to speed up system boot

times.​

●​ Wiping Free Space: Securely wipe deleted files' remnants from the free space on your
hard drive to ensure they cannot be recovered.​

7. Portable CCleaner

●​ Portable Version: CCleaner can be used without installation, which is useful for privacy
reasons (e.g., on USB sticks).​
 ●​ Difference: Portable version is functionally the same as the installed version but can be
run from external devices.​

8. Precautions

●​ Backup: Always back up critical data and registry entries before using CCleaner to avoid
unintended loss.​

●​ Secure Deletion: Secure file deletion can be slower depending on the number of
passes set for overwriting data.​

Focus Areas for the Exam:

●​ Functionality of CCleaner: Understand the key features (e.g., temporary file cleanup,
registry cleaning, free space wiping).​

●​ Secure Deletion: Be clear on how CCleaner securely deletes files and the implications
of the number of overwrite passes.​

●​ Registry Cleaning: Know how to clean the registry and the importance of backing it up.​

●​ Advanced Usage: Be aware of the advanced tools like uninstalling programs, managing
startup items, and wiping free space.