Scribd Logo
Upload

Welcome to Scribd!

  • Introduction to Information Security, Cyber Laws, and Ethical Hacking

    Uploaded by

    jada
    21 views4 pages
    This document provides an overview of information security concepts including the CIA triad of confidentiality, integrity and availability. It discusses ethical hacking and different types of hackers such as black hat, white hat and grey hat hackers. Cyber laws in India are also summarized, including sections of the IT Amendment Act 2008 related to hacking, identity theft, cyber terrorism and more. The document concludes with important notes on proof of concept attacks, man-in-the-middle attacks, and tasks to research the Fifth Estate documentary, Snowden and Vault 7 leak.

    Original Description:

    LCEH Session 1

    Original Title

    Lecture 1 (4th June)

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides an overview of information security concepts including the CIA triad of confidentiality, integrity and availability. It discusses ethical hacking and different types of hackers such as black hat, white hat and grey hat hackers. Cyber laws in India are also summarized, including sections of the IT Amendment Act 2008 related to hacking, identity theft, cyber terrorism and more. The document concludes with important notes on proof of concept attacks, man-in-the-middle attacks, and tasks to research the Fifth Estate documentary, Snowden and Vault 7 leak.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    21 views4 pages

    Introduction to Information Security, Cyber Laws, and Ethical Hacking

    Uploaded by

    jada
    This document provides an overview of information security concepts including the CIA triad of confidentiality, integrity and availability. It discusses ethical hacking and different types of hackers such as black hat, white hat and grey hat hackers. Cyber laws in India are also summarized, including sections of the IT Amendment Act 2008 related to hacking, identity theft, cyber terrorism and more. The document concludes with important notes on proof of concept attacks, man-in-the-middle attacks, and tasks to research the Fifth Estate documentary, Snowden and Vault 7 leak.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    SESSION 1

    =========

    INFORMATION SECURITY
    =====================

    DATA | INFORMATION

    CIA TRIAD
    ==========

    1. CONFIDENTIALITY - that the data which is confidential and private should be


    secured from bad people.

    2. INTEGRITY - Dis-manipulation of data which should be secured from others.

    2. AVAILABILITY - Availability simply means that some data should be available to


    specific persons only having access rights.

    -----------------------------------------------------------------------------------
    -------------------------------------------------------------------

    ETHICAL HACKING / CYBER SECURITY


    =================================

    Ethical - Means legal practices which should be performed.

    Hacking - Hacking means accessing any data, information or any system with or
    without the permission of individual.

    Hackers - Hackers are the most skilled and techniocal people who are profiecient in
    understanding the technical aspects.

    -----------------------------------------------------------------------------------
    ----------------------------------------------------------------------

    TYPES OF HACKERS
    =================

    1. BLACK HAT HACKERS - These are the bad people who access and gain resources of
    any individual for the sake of there own wealth. Eg. Shadow Brokers.
    Also Shadow Brokers found Vault 7 in NSA.
    Eternal Series was an expliot in Vault 7.
    Julian Assange is owner of WikiLeaks(the most popular
    website where all kinds of leaks are posted)

    2. WHITE HAT HACKERS - These are those people who gains access and tamper the
    resource for the sake of the individual. EG. Rahul Tyagi, Abhijeet Singh. Sanjeev
    Multani etc.

    3. GREY HAT HACKERS - These are those hackers who hacks and gains resources for the
    sake of the society and culture.

    -----------------------------------------------------------------------------------
    ----------------------------------------------------------------------

    Other Categories
    ================

    1. Script Kiddies - These are those people who steals the programs, ideas or any
    other method of hacking and perform hacks without any knoweledge.(YouTube Guys
    mostly)

    2. Noobz - These are the new born technical babies who just arrived in the field of
    cyber security.

    3. Crackers - These are those people who are good in cracking into a particular
    machine or a authentication check.(By using brute force and basically applying PnC)

    -----------------------------------------------------------------------------------
    -----------------------------------------------------------------------

    TYPES OF INFORMATION
    ====================

    1. Confidentials Information - Adhar Cards, Passwords, BirthCertificates, PAN Cards


    etc.
    2. Financial Information - Financial Statements, Bank Details, Login Credentials
    for banking poractices etc.
    3. Health Information - Policies, Diseases etc.
    4. Personal Information - Address, Phone NUmbers, DOBs etc.

    -----------------------------------------------------------------------------------
    -----------------------------------------------------------------------

    CYBER LAWS
    ===========

    For Cyber Security Domain, there are some acts which are called IT Acts, These acts
    are for preventing any malicious person black hat hacker to gain access
    of any system.

    The first act was launched and appreciated was IT ACT 2000. Which was having very
    less acts for the cybrr crimes which are being reported in the constritution.

    After a new act was launched IT AMENDMENT ACT 2008.

    - Section 43 / 43 A- Losses and damages which a person bear due to the harm of
    any computer.
    Improsinment - 1 year and fine is of 2,00,000. or both

    - Section 65 - It covers up the losses and damage of tampering and misuing of


    any source code.
    Imprisonment upto 3 years and Fine upto 200,000 INR. or both

    - Section 66 - Covers up all the Hacking Activities. Hacking with computer


    system dishonestly or fraudulently.
    Imprisonment upto 3 years and Fine upto 500,000 INR.
    - Section 66 A - If a person illegally hacks and gain access into a
    machine he/she will be arrested. Imprisonment upto 3 years
    and Fine upto 100,000 INR or both.
    - Section 66 C - Identity Theft Crimes done by any individual.
    Imprisonment upto 3 years and Fine upto 100,000 INR or both.
    - Section 66 F - Covers up all the activities which follows up with
    Cyber Terrorist.
    Life Imprisonment, Fine of 10 Lac INR.

    - Section 67 - Covers up all the activvities having providding and leading


    obscene material and adult materials in a public domain.
    First conviction with imprisonment of three years and with
    fine five 5,00,000 INR or both.

    - Section 70 - Covers up all the activities having misleading and gaining


    access into Government Restricted Areas or Private Protected Access.
    Imprisonment of Ten Years and can also be liable to fine or
    both.

    - Section 71 - It covers up all the Misrepresentaion facts comes along with


    Identity, Data and other factors.
    Imprisonment for this is 2 Years, with fine of 1 LAC INR. or
    both.

    - Section 72 - Breaches of CIA Triad of electronic records.


    Imprisonment for Ten Years, or with fine, or with both.

    - Section 73 - Covers up all the practices covers and come along with
    Misleading of Digital Certificates and Signatures.
    Imprisonment for upto two years, or with fine upto 1,00,000
    INR, or with both.

    -----------------------------------------------------------------------------------
    ----------------------------------------------------------------------

    Basic Guide to IT Amendment Act 2008 - https://lucideustech.blogspot.in/2018/02/a-


    basic-guide-to-indian-it-amendment.html

    NATgrid and CERT-In, the two most Control Authorities to take action.

    -----------------------------------------------------------------------------------
    ----------------------------------------------------------------------

    IMPORTANT NOTES:
    POC- Proof of Concept(Read about it, needed in cooperate sector)
    MITM Attack- Man-in-the-middle attack(Read on it)

    TASK
    ====
    1. Movies - Fifth Estate , Snoden
    2. Read on Vault 7.
    3. How Search Engine Works?

    ------------------------------

    Contact Details :

    Phone Number : SANJEEV : +91-7500901015


    PRABHANKAR : +91-8960949159
    JYOTI MAM : 9560644011
    Email : sanjeev.m@lucideustech.com
    -------------------------------------------------------

    You might also like