Learning Doc - Introduction To Cybersecurity - Cybersecurity

Session 1: Introduction to Cybersecurity
Segment 1: Module Introduction

Platform Text
Welcome to the module on ‘Introduction to Cybersecurity’.
Have you ever wondered about the privacy and security of your data over the internet? You
might have seen the apple advertisement where they have mentioned that some things
shouldn’t be shared. So what did you understand from that? From this they wanted to convey
that privacy of data is important and they do care of it. This implies that security of data and
applications are important so now questions arise how to protect the data and from whom. After
this module you will get to know how important cybersecurity is in today's life. We will be
covering following topics in this module:
● Introduction to Internet & Infrastructure

● Basic of Cyber Security
● Terminologies and Challenges in Cyber Security
● Introduction to Hacking and its types
● Introduction to Security Technologies and Domains
● Introduction to Cyber Attacks
● Introduction to Cyber Crime & Laws
<Video Placeholder>
Guidelines for this module

The in-video and in-content questions for this module are not graded. Note that graded
questions are given in a separate segment labelled 'Graded Questions' at the end of this
session. These questions will adhere to the following guidelines:
First Attempt Marks Second Attempt Marks

Questions 10 5
with 2 Attempts
Questions 10 0
with 1 Attempt
People you will hear from in this module

Subject Matter Expert
Shashank Bajpai
Chief Information Security Officer at ECGC Ltd.
Shashank is currently working as a Chief Information Security Officer at ECGC Ltd. He has over
10+ years of experience in the cybersecurity domain. He has worked in various companies like
Jio, BSE India, Acko and others. He has a deep knowledge of various tools and technologies
used today.
Session 2: Introduction to the Internet and

Infrastructure
Segment 1: Session Introduction
Platform Text
Welcome to the session on 'Introduction to the Internet and Infrastructure'.
Everyone is using the internet nowadays. Have you ever wondered how it works? While sending
a text to your close friend in India, have you ever thought about how the internet knows where
your friend is and delivers the text? Why doesn't your text go to Australia and then US and just
travelling here and there and not able to find your friend? All of these things you will be able to
know in this session by learning below mentioned topics:
● What are the Internet and Infrastructure?

● What are the IP addresses and the need?
● How Information flows over the internet and how IP addresses get searched for a
particular website.
● Demonstration of few terminal based network commands.
The Internet plays a very important role in day to day life. Can you imagine a day or a week
without the internet? So in this session we will cover a few important aspects of the internet.
<Video1 placeholder>
People you will hear from in this session

Shashank Bajpai
10+ years of experience in the Cybersecurity domain. He has worked in various companies like
JIO, BSE India, Acko and others. He has a deep knowledge of various tools and technologies
used today.
Sandeep Sinha
Software Developer, AJIO.com
Sandeep is a Software Developer with more than two years of experience. He is currently
working under AJIO.com as a Software Development Engineer. He was previously working as a
Software Developer at Capgemini.
Segment 2: Basics of Internet

Platform Text
The Internet is nothing but a worldwide network of computers all of which work together. It is a
global communication system that links thousands of individual networks. The Internet enables
the transfer of messages through email, chat, video and so on, functioning as a medium to
exchange information between two or more computers. Have you ever wondered how the idea
of the Internet was conceived and what triggered it? Let’s hear from our SME Sandeep in the
next video about the history of the Internet and its definition.
In-Video Question
Video 1 - 1:09
The first Internet network was known as?
a. ARPANET
b. DARPA
c. INTRANET
d. INTERNET
Correct Answer: a
Number of attempts: 2
Feedback for option a: ARPANET was the network that became the basis for the Internet.
It was made by the Advanced Research Projects Agency of the United States Department of
Defense.
Feedback for option b: The Defense Advanced Research Projects Agency is a research
and development agency of the United States Department of Defense.
Feedback for option c: An intranet is a computer network used for sharing information,
collaboration tools, operational systems and other computing services within an
organisation, usually to the exclusion of access by outsiders.
Feedback for option d: The Internet is a more comprehensive network that allows
computer networks around the world run by companies, governments, universities and other
organisations to talk to one another.
Platform Text
The Internet can be considered to have two broader categories of devices: clients and servers.
The machines which provide services to others are called servers, and those that consume
such services are called clients. When you connect to the upGrad website, there are a host of
machines working in the background to serve your request, which can be called servers. The
machine from which you are trying to access the upGrad website is known as the client
machine. Let’s understand more about the client-server relationship in the video.
In this segment we have understood the history of the internet, how it got evolved and the client
server relationship. In the next segment you will learn about the IP addresses and the need for
them.
Segment 3: IP Address
Platform Text
In the previous segment we have learnt the basics of the internet and now we are going to
understand the Internet Protocol (IP) address.
IP address is a numerical label assigned to each device on a network accessing the Internet. The
IP address helps in sending data/information to the specified computers on the network. IP
addresses can be dynamic or static, depending on the Internet Service Providers (ISP). The range
of the IP addresses is usually represented in the dot-decimal notation, consisting of four decimal
numbers, each ranging from 0 to 255, separated by dots. Let’s learn more about IP addresses in
the video.
In-Video Question
Video 4 - 3:43
Which of the following is not a correct IP address?
a. 192.189.124.244
b. 145.233.252.1
c. 119.242.342.65
d. 76.130.230.55
Correct Answer: c
Feedback for option a: This is a correct IP address.
Feedback for option b: This is a correct IP address.
Feedback for option c: Correct, the range of the IP addresses is usually represented in a
dot-decimal notation, consisting of four decimal numbers, each ranging from 0 to 255,
separated by dots. But in this case, the third number after the dot is greater than 255.
Feedback for option d: This is a correct IP address.
Platform Text
IP address is a unique identifier, it allows computers to send and receive information to and
from specific computers in a given network. If a computer is unable to configure a valid IP
address, it can't connect to a network. Let’s understand more about the need of IP addresses in
the following video.
In this segment we have understood the IP addresses and the need for them. In the next
segment you will learn about Caching and Domain Name Servers.
Segment 4: Caching and Domain Name Servers

Platform Text
In the last segment we have learnt what are IP addresses and why do we need those and now
we are going to understand what is caching and Domain Name Servers (DNS).
Caching is nothing but a technique by which the copy of a given resource is stored and returned
back when requested. It helps in faster loading of web pages by helping the browser to not
download the content again while revisiting the same web pages. This eases the load on the
server while improving the performance on the client side.
Platform Text
There are several kinds of caches.

1. Browser Caching
2. OS Caching
3. Router Caching
4. ISP Caching
And there is another term known as Domain Name System (DNS), which functions as a
phonebook of the Internet. We access the Internet through domain names, like upgrad.com,
youtube.com, etc. The web browsers will utilise the Internet Protocol (IP) address to match with
the domain names to load the internet resources. The IP address will be easily sought with the
help of caching, as discussed earlier. The following video explains the different types of caching
and the concept of DNS briefly and how they both work together to load a website.
In-Video Question
Video 7 - 3:44
The function of Domain Name System (DNS) protocol is to _______________.
a. Transfer files across the network.
b. Resolve domain names to IP address.
c. Dynamically assign IP address to any host over the network.
d. Synchronise clock times in a network.
Correct Answer: b
Feedback for option a: FTP is responsible for transferring files over the network.
Feedback for option b: The DNS protocol is responsible for resolving domain names to a
specific IP address.
Feedback for option c: DHCP is a protocol used to dynamically assign IP addresses to
any host over the network.
Feedback for option d: NTP is a protocol responsible for synchronising clock times in a
network.
Out-of-Video Question
The default port number used by Domain Name Server (DNS) is:
a. 80
b. 21
c. 22
d. 53
Correct Answer: d
Feedback for option a: Port number 80 is used by HTTP as a default port for establishing
connection between any HTTP clients.
Feedback for option b: Port number 21 is used by FTP as a default port for establishing
connection between two computers.
Feedback for option c: Port number 22 is used by SSH as a default port for client
connections.
Feedback for option d: Port number 53 is used by DNS as a default port for transmitting
DNS queries.
In this segment we have understood the Caching, Domain Name Servers and how they both
work together to find the IP address of a website. In the next segment you will learn about the
need of Secure IP connectivity and DNS security.
Segment 5: Secure IP Connectivity and DNS

Security
Platform Text
In the last segment we have understood what is Caching, DNS and working. Now in this
segment we will understand why we need secure IP connectivity and DNS security.
Have you ever wondered what will happen if your IP address is exposed or not secured? If a
hacker has your IP address, they could harm you with several types of attack. In the following
video we will understand why and how we can ensure the security of IP address and DNS.
In-Video Question
Video 8 - 1:12
Which of the following is true about VPN?
a. It is a tool that authenticates the communication between a device and a secure network.
b. VPN creates a secure, encrypted channel across the open internet.
c. It is typically based on IPsec or SSL.
d. All of the above
Correct Answer: d
Feedback for option a: Correct but incomplete option, this is true that VPN authenticates
the communication between a device and a secure network.
Feedback for option b: Correct but incomplete option, this is true that VPN creates a
secure, encrypted channel.
Feedback for option c: Correct but incomplete option, this is true that VPN is based on
IPSec and SSL.
Feedback for option d: Correct because VPN is an IPsec- or SSL-based tool that
authenticates the communication between a device and a secure network, creating a
secure, encrypted channel across the open internet.
In this segment we have understood the need of secure IP connectivity and DNS security. In
this segment you will learn a few basic networking commands.
Segment 6: Basic Networking Commands

Platform Text
In the last segment we have understood the need of secure IP connectivity and DNS security.
Now in this session we will see what are the basic and needful commands for networking.
The networking commands are utilities which are used for network troubleshooting. In the
following video we will see various most important networking commands which are essentials
or useful for every network administrator.
Which command is used to measure the time taken by the packets to return from a specific
destination sent to check connection?
a. nslookup
b. traceroute
c. ping
d. Ifconfig
Correct Answer: c
Feedback for option a: The nslookup command is used to query DNS for the IP address
of any given domain or domain name specific to any given IP address, e.g., nslookup
www.google.com.
Feedback for option b: The traceroute command is used to find the IP addresses of all the
routers which are pinged in when a packet is transferred from the source to the destination,
e.g., traceroute www.google.com.
Feedback for option c: The ping command is used to check the connectivity between the
source and the destination by measuring the time taken by a packet to return from a
particular destination, e.g., ping www.google.com.
Feedback for option d: The ifconfig command is used to assign an address to a network
interface or configure any network interface, e.g., ifconfig.
What is the use of tracert command?
a. To trace the url IP address
b. To trace the MAC address
c. To trace the path that an Internet Protocol (IP) packet takes to its
destination
d. None of the above
Correct answer: c
Feedback for option a: tracert is not used to trace the IP address.
Feedback for option b: tracert is not used to trace the MAC address.
Feedback for option c: tracert is used to trace the path that an Internet Protocol
(IP) packet takes to its destination.
Feedback for option d: A correct option is present.
Session 3: Basic of Cybersecurity

Platform Text
Welcome to the session on 'Basic of Cybersecurity'.
In the last session we understood the basics of the internet, what are IP addresses and the
DNS. We also learnt the need of secure IP connectivity and DNS security followed by some
basic networking commands. In this session we will introduce cybersecurity and the need for it?
Cyber security is the application of technologies and controls to protect systems, networks,
programs, devices and data from cyber attacks. We will understand why we need cybersecurity
and then we will see how cybersecurity comes in the picture and evolution. Later in this session
we will learn some important terms.

Shashank Bajpai
used today.
Segment 2: Importance and need of Cybersecurity
Platform Text
Cybersecurity's importance is on the rise. Fundamentally, our society is more technologically

reliant than ever before and there is no sign that this trend will slow. Personal data that could
result in identity theft is now posted to the public on our social media accounts. Sensitive
information like social security numbers, credit card information and bank account details are
now stored in cloud storage services like Dropbox or Google Drive. So in this segment we will
see some data points and understand what exactly is the need of cybersecurity.
For which of the following purposes can a computer virus be used?
a) Corrupt data in your computer
b) Log users' keystrokes
c) Access private data such as user IDs and passwords
d) All of the above
Correct answer: d
Feedback for option a: Viruses are powerful enough to corrupt data

Feedback for option b: They can also track users’ keystrokes.
Feedback for option c: Viruses can easily access sensitive data.
Feedback for option d: All of the above can be done using computer viruses.
Now we know what role cybersecurity plays in today's world and what exactly is the need. In the
next segment let's understand what exactly cybersecurity is?
Segment 3: Introduction to Cyber Security

Platform Text
Cybersecurity is the state or process of protecting and recovering computer systems, networks,
devices, and programs from any type of cyber attack. So in this segment we will learn what
exactly is cybersecurity and some important definitions. Later in the segment we will understand
the role of cybersecurity in real world application with the help of example.
Subjective:
According to you, what is cybersecurity?
5-100 words
State whether the following statement is true or false.
Computer security is a battle of wits between a perpetrator who tries to find holes
and an administrator who tries to close them.
a) True
b) False
Correct answer: a
Feedback for option a: Computer security perpetrators always devise newer

methods to break security and exploit any known gaps. However, the administrator
fixes these gaps and monitors the security controls for defence against the
perpetrators.
Feedback for option b: The reason is that it is a battle of wits between a
perpetrator who tries to find holes and an administrator who tries to close them.
In this session we understood what cybersecurity is and why do we need it. In the next session
we will learn the terminologies and the challenges of the cybersecurity domain.
Session 4: Terminologies and Challenges in Cyber

Security
Platform Text
Welcome to the session on 'Terminologies and Challenges in Cyber Security'.
In the last session we understood what is cybersecurity and why do we need it. Like every other
field this field also has some challenges which cybersecurity professionals are facing. So we will
cover a few challenges in this session. Also, we will understand the three principles of
enterprise security and understand the same via case study of real world scenarios.

Shashank Bajpai
used today.
Segment 2: Challenges in the Cybersecurity

Platform Text
Cybersecurity is becoming tougher every year as cybercriminals perform new attacks, exploit
new vulnerabilities, and execute new attacks constantly. While regulatory institutions change
and improve standards. Your task is to be fully prepared to face these challenges. So let's
understand in this segment that what are the things which are helping hackers/attacker to
make cybersecurity challenging.
Segment 3: CIA Triad : Three principle of enterprise
security
Platform Text
In the information security domain “CIA” has nothing to do with a US Central Intelligence
Agency. These three letters stand for confidentiality, integrity and availability. This is
considered the core factor of the majority of IT security. In this segment we will understand
what each of them mean and the role they play.
Which of the following means that you are protecting your data from getting
disclosed?
a) Confidentiality
b) Integrity
c) Authentication
d) Availability
Correct answer: a
Feedback for option a: Confidentiality means that your information needs to be

protected from getting disclosed to unauthorised parties.
Feedback for option b: This option is incorrect because integrity ensures that data
that is generated or edited is correct or not modified by any unauthorised party.
Feedback for option c: This option is incorrect because authentication ensures
that only authorised individuals can access data.
Feedback for option d: This option is incorrect because availability ensures that
data is available when required.
Segment 4: Case Study - ATM

Platform Text
In the previous segment we have understood the three principles of enterprise security. In this
session we will relate the CIA triad with the real world. We will see how each of them
(Confidentiality, Integrity and availability) plays a major role in real world application. Let’s hear
from our SME Shashank in the next video about how the ATM provides all the CIA functionality.
Fill in the blank with the appropriate option.
_______ of information means that only authorised users are capable of

accessing information.
a) Confidentiality
b) Integrity
c) Non-repudiation
d) Availability
Correct answer: d
Feedback for option a: This option is incorrect because confidentiality means

that your information needs to be protected from getting disclosed to unauthorised
parties.
Feedback for option b: This option is incorrect because integrity ensures that data
that is generated or edited is correct or not modified by any unauthorised party.
Feedback for option c: This option is incorrect because non-repudiation makes
sure that data is not repeated more than once.
Feedback for option d: Availability makes sure that only authorised users are
able to access information.
Data ___________ is used to ensure confidentiality.

a) Encryption
b) Sharing
c) Deleting
d) Backup
Correct answer: a
Feedback for option a: Data encryption is a method of converting plaintext to
cipher text, and only authorised users can decrypt the message back to plain text.
This preserves the confidentiality of data.
Feedback for option b: This option is incorrect because sharing does not make
sure that data is confidential as it can be accessed by multiple people.
Feedback for option c: This option is incorrect because deleting data does not
make it confidential; rather, it will make it inaccessible.
Feedback for option d: This option is incorrect because backup can guarantee the
availability of data even if something happens to data but not confidentiality.
In this session we got to know about the challenges of this domain. Also we understood the
three principles of enterprise security with the help of ATM case study. In the next session we
will learn about the hacking/hackers and their types.
Session 5: Introduction to Hacking and its types

Platform Text
Welcome to the session on 'Introduction to Hacking and its types'.
In the last session we understood the cybersecurity challenges and the CIA triad.
You may have heard the news that this company website got hacked or someone precious data
got leaked. So have you ever wondered/thought who are the persons responsible for and what
are their intentions? In this session you will learn what is hacking or who is a hacker along with
the different types. Later in this session you will learn about the different teams in this
cybersecurity domain and the relation between threat, vulnerability, and risks.

Shashank Bajpai
used today.
Segment 2: Introduction to Hacking

Platform Text
Hacking is the unauthorised access or control over computer network security systems for
some illegal purpose. This is done through cracking of passwords and codes which gives access
to the systems. There are many reasons or intentions behind this. Let’s hear from our SME
Shashank what is hacking and why people do it or the motive behind this.
Information gathering about the system, person, organisation or network is not

important.
a) True
b) False
Correct answer: b
Feedback for option a: This option is incorrect because a hacker can get trapped
in security controls if they are not aware of the target systems.
Feedback for option b: Information gathering is important so that a hacker can
get to know the target system or victim well.
Have you thought about why Windows or Android devices are more targeted by the hackers.
There is a very interesting reason behind this. Let’s get the answer in the video below.
People generally attract more towards common/popular things. Same thing applies to hacking,
we understand that more the number of users, more will be the hacking activities towards that
particular user group. In the coming segment we will understand who does these kinds of
activities and their types.
Segment 3: Introduction to Hackers and Types

Platform Text
In the last segment we have understood the hacking and purpose or motive behind these kinds
of activities. So now the question arises: who carries out hacking attacks? If it is done by normal
people so how to segregate those from normal people. Are there any types by which we can
differentiate them. Let’s see the video and find the answers.
We generally level people in the workplace on their skills basis. Skills come with time or
experience. In general, we notice that freshers are less skilled as compared to people who are
working from past few years in the same domain. Hackers also have varied skills - some have
less skills and some have more skills. Let’s understand in the video what are the different levels
of hackers.
An ethical hacker must have the skills of understanding the problem, have
networking knowledge and know how the technology works.
a) True
b) False
Correct answer: a
Feedback for option a: He needs to have the skills of understanding the problem,
have networking knowledge and know how the technology works.
Feedback for option b: This option is incorrect because without skills, it is
difficult for any hacker to gain unauthorised control and/or perform breaches.
Which of the following types of hackers helps in finding bugs and vulnerabilities in
a system and do not intend to crack it?
a) Black hat hackers
b) White hat hackers
c) Grey hat hackers
d) Red hat hackers
Correct answer: b
Feedback for option a: This option is incorrect because black hat hackers are
involved in exploiting bugs, which leads to data breaches.
Feedback for option b: White Hat Hackers are cybersecurity professionals who
have the intent to identify the loopholes to secure a system and help firms and
governments.
Feedback for option c: This option is incorrect because grey hat hackers
intentionally hack the systems but do not disclose their methodologies.
Feedback for option d: This option is incorrect because red hat Hackers is not a
concept.
Segment 4: Red, Blue and Purple team

Platform Text
In the last segment we got to know about the hackers and different types/levels. That was from
a hacker perspective, do we have any team or specific names allotted to people working in
different organisations on the defensive side? In this session we will get to know about the
teams who are working from the cybersecurity side to ensure the security of cyberspace.
There are three teams working for cybersecurity to increase security:

● Red team : A red team is typically independent of the company and hired to test its
defences.
● Blue team : A blue team is a company's own cybersecurity personnel, typically within a
Security Operations Centre (SOC). They are expected to detect, oppose and weaken the
red team.
● Purple team : A purple team is not permanent; it has a transient function to oversee
and optimise the red and blue team exercise.
Segment 5: Threat, Vulnerability and Risk

Platform Text
In the last segment we have learnt the teams who are working for cybersecurity to ensure the
security of cyberspace. In this session we will understand the relationship between threat,
vulnerability and risk. We will also understand the different types of threat, vulnerability and
risk.
Threat: It is a potential negative action or event facilitated by a vulnerability that results in an

unwanted impact to a computer system or application.
Vulnerability: These are the weaknesses or gaps in a security that can be exploited by threats
to gain unauthorized access to an asset.
Risk: These are the potentials for loss, damage or destruction of an asset as a result of a threat
exploiting a vulnerability.
Which of the following is a danger leading to compromise in cybersecurity?
a) Threat
b) Vulnerability
c) Exploit
d) Attack
Correct answer: a
Feedback for option a: A threat is a danger that may lead to breach of
cybersecurity and may cause possible harm to the system or the network.
Feedback for option b: This option is incorrect because vulnerability is the
existing flaw in the system that may or may not be exploited.
Feedback for option c: This option is incorrect because exploit is a successful
cyber breach of vulnerability by a hacker.
Feedback for option d: This option is incorrect because attack is the overall
scenario of hacking.
In this session we understood what is hacking or who are hackers and what are the different
types of each. Also the various teams working for cyber security and the relationship between
threat, vulnerability and risk. In the next session we will understand the security technologies
and different domains of cyber security.
Session 6: Introduction to Security Technologies

and Domains
Platform Text
Welcome to the session on ' Introduction to Security Technologies and Domains'.
In the last session we understood what is hacking or who are hackers and what are the
different types of each. Also the various teams working for cyber security and the relationship
between threat, vulnerability and risk. Now in this session we will understand the layered
approach which every industry follows to prevent the organisation from cyber attacks. First we
will understand each layer and what are the technologies used in that layer and then we will
understand what kind of attacks these layers prevent. We will also understand the organisation
wise team structure and what are their roles and responsibilities.

Shashank Bajpai
used today.
Segment 2: Layers of Security - |

Platform Text
In winters, we often wear multiple layers of clothes to protect us from the cold. The same goes
for IT network security: more the layers you have, better will be the protection. Let’s here from
our SME Shashank about the layers of security and what are the roles of each.
Five layers of security:

● Perimeter Security : this layer includes tools to monitor network traffic for anything
unusual and reports issues to the administrator.
● Network Security : this layer includes things like hardware firewalls and firewall
monitoring and reporting.
● Endpoint Security : this layer includes both antivirus software and DNS filtering to shore
up defenses.
● Application Security : this layer includes Windows and antivirus firewalls to protect both
mobile and web-based applications.
● Data Security : This layer includes tools for authentication and encryption of data to
prevent it from unauthorised access.
_________________ is the type of firewall that is connected between the device

and the network connecting to the internet.
a) Hardware firewall
b) Software firewall
c) Microsoft firewall
d) None of the above
Correct answer: a
Feedback for option a: Hardware firewalls need to be connected as additional

hardware between the device through which the internet is coming to the system
and the network that is used for connecting to the internet.
Feedback for option b: This option is incorrect because software firewalls are
within the domain of operating systems and are not separately connected to the
device.
Feedback for option c: This option is incorrect because microsoft firewalls are
software firewalls for Windows operating systems and are not separately
connected to the device.
Feedback for option d: This option is incorrect.
Segment 3: Layers of Security - ||

Platform Text
In the last segment we understood all the 5 layers of security. In this session let’s understand
what kind of attack each layer prevents. We will understand how an organisation implements
all 5 layers to prevent itself from cyber attacks.
We have understood the purpose and the different technologies used at each layer. Let’s
understand the positions available in each organisation to defend from hackers/outsiders in the
next segment.
In-Video Question
Which of the following is examined by a hardware (HW) firewall?
a) Email users
b) Updates
c) Data packets
d) Connections
Correct answer: c
Feedback for option a: This option is incorrect because HW firewalls do not

examine email users. An email gateway is required for the same.
Feedback for option b: This option is incorrect because HW firewalls do not
examine the updates. A software firewall is required for the same.
Feedback for option c: Firewalls examine each data packet that is entering or
leaving the internal network, which ultimately prevents unauthorised access.
Feedback for option d: This option is incorrect because HW firewalls do not
examine connections. Layer 3 devices such as routers / L3 switches are required
for the same.
Which of the following is a data security consideration?
a. Backups
b. Archival storage
c. Disposal of data
d. All of the above
Correct answer: d
Feedback for option a: Backups are part of security considerations because you
can access data from the backup if the original data is compromised.
Feedback for option b: Archival storage is a source for data that is not needed for
an organisation's everyday operations but may have to be accessed occasionally.
Feedback for option c: Whether you are planning to discard, recycle, reuse or
maybe even sell your computer, this ensures that the information stored on your
system is either removed or ‘sanitised’ or completely deleted or destroyed.
Feedback for option d: All of the above are data security considerations.
Segment 4: - Organisation team structure - |
Platform Text
In the last segment, we understood how an organisation implements all 5 layers to prevent
itself from cyber attacks. Each domain has specific positions and roles in the organisation, so
also the cybersecurity have its own position/team structure. In this session we will understand
what are the teams/positions in each organisation for the cybersecurity domain and their
responsibilities.
We have understood the positions and the role of each position inside the organisation but there
are more things which also play important roles in the security of organisation. Let’s understand
more things in the next segment.
Which of the following ways CISOs often expected to represent the company?
a. Compliance
b. Marketing
c. Finance
d. Operations
Correct answer: a
Feedback for option a: A CISO writes/adjusts policies based on new rules or

compliances to ensure that the information security controls set in place are
functioning as they are meant to.
Feedback for option b: This option is incorrect because marketing is handled by
the marketing department.
Feedback for option c: This option is incorrect because the budget is handled by
the chief financial officer.
Feedback for option d: This option is incorrect because the operations are
handled by employees and the owners of the business.
Segment 5: - Organisation team structure - ||
In the last segment we understood the positions/ teams in the cybersecurity domain. Now in
this session we will focus on the Third Party Services providers. A 3rd party service provider is a
specialist company that provides a range of distribution, storage, transport and fulfillment
services to customers. So we will understand the importance of these 3rd party service
providers and the responisibilies of the cyber security team while the organisation is working
with 3rd party service providers.
In this session we understood the layers of security and the different technologies used in each
layer. We also got to know about the different teams working in the organisation to improve
the security and prevent the organisation from hackers/outsiders. In the next session we will
understand the cyber attacks and the different types of it.
Session 7: Introduction to Cyber Attacks

Platform Text
Welcome to the session on 'Introduction to Cyber Attacks'.
In the last session we understood the layers of security and the organisation wise cybersecurity
team/positions with their responsibilities. you might have received a fake email including some
interesting offer or some email like you won some x amount in this lautory please provide your
bank details. So have you ever wondered why we get these emails? In this session we will
understand about such types of cyber attack. Later we will also understand the famous attack
that happened on the nuclear program of Iran via a case study.

Shashank Bajpai
used today.
Segment 2: Introduction to Cyber Attacks

Platform Text
An attack is any attempt to expose, alter, disable, destroy, steal or gain unauthorized access to
or make unauthorized use of an asset. There are a variety of cyber attacks but in this video we
will understand what are some most common attacks and how they are carried out. So let’s
here from our SME Shashank what are cyber attacks and some most common attacks.
Trojan-Spy software can keep an eye on how you are using your system.
a) True
b) False
Correct answer: a
Feedback for option a: Trojan-Spy software is the most silent observer software
that tracks your browsing data; they keep track of all the programs that you use.
Feedback for option b: This option is incorrect because Trojan-Spy software can
keep track of users activities.
Segment 3: Case Study on Stuxnet

Platform Text
In the last segment we understood some common attacks. In this video lets understand about
the Stuxnet. Stuxnet is a computer worm that was originally aimed at Iran’s nuclear facilities
and has since spread to other industrial and energy-producing facilities. The original Stuxnet
malware attack targeted the programmable logic controllers (PLCs) used to automate machine
processes. So let’s here from our SME Shashank what is stuxnet and the motive behind this.
In-Video Question
What is Stuxnet?
a) Worm
b) Virus
c) Firewall
d) Antivirus software
Correct answer: a
Feedback for option a: It is a popular and powerful worm that came into
existence in mid-2010 and is accountable for causing huge damage to Iran’s
nuclear program.
Feedback for option b: This option is incorrect because a virus is a software or
computer program that connects itself to another software or computer program to
harm the computer system.
Feedback for option c: This option is incorrect because a firewall is a security
control for data packet monitoring.
Feedback for option d: This option is incorrect because an antivirus software is
designed to detect and destroy computer viruses.
Which of the following becomes evident in the Stuxnet attack?
a) Remote locations can be attacked.

b) Legacy systems such as SCADA can be attacked.
c) Web is not cyber-safe.
d) Hackers are not safe from nuclear attacks.
Correct answer: b
Feedback for option a: This option is incorrect because this is not in the context
of the cyber hacking case study of Stuxnet.
Feedback for option b: SCADA systems are legacy-embedded systems with
no/the least internet connectivity. However, there exists multiple vulnerabilities in
those systems.
Feedback for option c: This option is incorrect because this is not in the context
Feedback for option d: This option is incorrect because this is not in the context
Segment 4: OWASP Framework

Platform Text
In the last segment we understood the stuxnet and why/how it was done. In this segment we
will learn about an open source community which produces freely-available articles,
methodologies, documentation, tools, and technologies in the field of web application security.
Also we will understand the top-10 attacks on web applications.
Which of the following is in the OWASP Top 10 list?
a) Cascading Style Sheets (CSS)

b) Hypertext Markup Language (HTML)
c) Extensible Markup Language (XML)
d) Cross Site Scripting (XSS)
Correct answer: d
Feedback for option a: This option is incorrect because this is a web language or
technology used to create web applications.
Feedback for option b: This option is incorrect because this is a web language or
Feedback for option c: This option is incorrect because this is a web language or
Feedback for option d: XSS is one of the OWASP Top 10 where hackers attack
the client-side functionality to execute malware scripts.
In this session we understood what are cyber attacks and the different types of attacks. Also we
understood the stuxnet attack happened on Iran's nuclear facilities. Later we understood the
OWASP framework. In the next session we will understand what cyber crimes are and some
laws to tackle these attacks.
Session 8: Introduction to Cyber Crime & Laws

Platform Text
Welcome to the session on 'Introduction to Cyber Crime & Laws'.
In the last session we understood cyber attacks and some common attacks. Also we understood
the OWASP framework. In this session we will understand what cyber crimes are. By word
crime you might be thinking about the crime which is an illegal act for which someone can be
punished by the government or some higher authority but there is a difference between crime
and cybercrime. Let’s hear it from our SME Shashank what are crimes and laws.

Shashank Bajpai
used today.
Segment 2: Introduction to Cyber Crimes and

Classification
Platform Text
Like we have crime in the normal world we also have crime in the cyber field too. Cybercrime,
or computer-oriented crime, that use a computer as an instrument to committing fraud,
trafficking in child pornography and intellectual property, stealing identities, or violating
privacy. Let’s hear from our SME Shashank what is cybercrime and how it can be classified.
Cyber crimes are mainly classified into 4 types:

● Insider : is a malicious crime that comes from people within the organization.
● Outsider : is a malicious crime that comes from people outside from the organization.
● Structured : are more focused by one or more individuals with higher-level skills actively
working to compromise a system
● Unstructured : are often done via script kiddies, who use already available software
created by more advanced hackers to gain information from or access to a system.
Which of the following can be a source of cybercrime: Internal Attack?
a) Advanced persistent threat

b) Disgruntled employee
c) Denial of service
d) Social engineering
Correct answer: b
Feedback for option a: This option is incorrect because this is a type of cyber
attack and can not be a source.
Feedback for option b: An employee is an internal user and can perform an
internal attack.
Feedback for option c: This option is incorrect because this is a type of cyber
attack and can not be a source.
Feedback for option d: This option is incorrect because this is a manipulation
technique that exploits human error to gain useful information.
Segment 3: Introduction to Cyber Laws

Platform Text
In the last segment we understood the cyber crimes and the classification. We do have some
laws in the normal world to punish those who commit some illegal activities. So we do need
such laws in the field of computer or internet world. Let’s understand in this segment what are
the needs of cyber laws and what are the different laws which exist in this domain.
Which of the following is a cyber law that India has in the Indian Legislature?
a) National Institute of Standards and Technology (NIST)

b) The General Data Protection Regulation (GDPR)
c) India’s Information Technology (IT) Act, 2000 (rev. 2008)
d) International Law on Cyber Security
Correct answer: c
Feedback for option a: This option is incorrect because this is a US-based cyber
law and standard.
Feedback for option b: This option is incorrect because GDPR is the European
Union Law for Privacy.
Feedback for option c: The Indian Legislature brought India’s Information
Technology (IT) Act, 2000, which deals with different cybercrimes and their
associated laws.
Feedback for option d: This option is incorrect because this is a US-based cyber
law and standard.
In this session we understood the cyber crimes and what are the different laws which are made
to tie the people hand from committing the illegal activities in the cyber domain.
Session 9: Module summary
Segment 1: Summary
Platform Text
Congratulations! you have finished the “Introduction to Cybersecurity” module.
We have covered the introduction to almost all the aspects of cybersecurity. Let’s hear from our
SME Shashank what all we have covered in this module.
You might have seen around you that nowadays everything is coming online. Some time back
people used to store everything on local computers and nowadays they don’t prefer to store
data on local machines as online cloud storages are providing the facilities of accessing data
from anywhere. Such facilities are giving more room for hackers to do illegal activities. It’s not
the only case there are many more things like that. With the increase of online facilities the
changes of hacking or fraud will increase. To tackle such things cybersecurity came in picture.
To understand the cybersecurity we have covered the below mentioned topics in this module.
1. Basics of the Internet : We understood what the internet is and how it works.
2. Basics of cybersecurity : We understood the need of it and then we got to know some
useful definitions
3. Terminologies and Challenges : We understood what are the things which makes this
field more challenging nowadays. Also understood the three principles of enterprise
security with the help of ATM case study.
4. Hacking: This whole cybersecurity is around hacking and hackers because if we do not
have these things then we don’t require cybersecurity. We understood the hacking,
what is this and why do people do it. We also understood what are the teams in
cybersecurity domain to tackle such situations
5. Security technologies and domain: Cybersecurity is a big domain, there are many people
and technologies working at different levels. Here we understood the 5 layers of
security and the positions available in this domain with the responsibilities of each
6. Cyber Attack: Nowadays we are seeing that someone/some company is getting attacked
or data got stolen. These are the activities which come under this. We understood what
cyber attacks are with some common/famous attacks.
7. Cyber crime & laws: Cyber crime and laws are the same as the normal crimes and laws
with one big difference that cybercrimes are done with the help of/in the field of
computer/network. We understood how cyber crimes are classified and what are the
laws to prevent crimes.
Overall we got to know about almost everything of this cybersecurity domain. In later modules
we will go deeper into these.
Segment 10: Graded Questions
Graded Question
(MCQ)
Heading: Introduction to the Internet and Infrastructure
Which of the following is the best way to secure your router?
a. Change the default name and password of the router
b. Turn off the router’s remote management
c. Log out as the administrator once the router is set up
d. All of the above
Correct answer: d
Feedback for option a: Correct but incomplete option
Feedback for option b: Correct but incomplete option
Feedback for option c: Correct but incomplete option
Feedback for option d: To help secure your router, change the

default name and password, turn off remote management and log out
as the administrator when not performing administrative functions.
These all steps can help to secure the router.
Graded Question
(MCQ)
Heading: Basic of Cybersecurity
Computer viruses are ______ ?
a. Man made
b. Naturally occur
c. Machine made
d. All of the above
Correct answer: a
Feedback for option a: Computer viruses are man made. Amjad

Farooq Alvi made the first computer virus.
Feedback for option b: This option is incorrect because computer

virus do not occur naturally.
Feedback for option c: This option is incorrect because when

computer virus was developed machines were not that much smart
to understand everything by there own.
Graded Question
(MCQ)
Heading: Terminologies and Challenges in Cyber Security
Which of the following means protection of data from modification by unknown

users?
a. Confidentiality
b. Integrity
c. Authentication
d. Non-repudiation
Correct answer: b
Feedback for option a: This option is incorrect because confidentiality means

that your information needs to be protected from getting disclosed to unauthorised
parties.
Feedback for option b: Integrity makes sure that the data that is generated or
edited is correct and not modified by any unauthorised party in between.
Feedback for option c: This option is incorrect because authentication makes sure
that only authorised parties can access data.
Feedback for option d: This option is incorrect because availability makes sure
that data is available when required.
Graded Question
(MCQ)
Heading: Terminologies and Challenges in Cyber Security
What is APT with respect to cybersecurity

a. Active Profiling Threat
b. Advanced Persistent Threat
c. Advanced Penetration of Trust
d. Actual pProof of tTheory
Correct answer: b
Feedback for option a: This option is incorrect because active Threat Profiling is
an activity conducted by security administrators to keep monitoring known threats.
Feedback for option b: APT means advanced persistent threat, an attack in which
an unauthorized user gains access to a system or network and remains there for an
extended period of time without being detected
Feedback for option c: This option is incorrect because there is no such concept
as Advanced Penetration of Trust.
Feedback for option d: This option is incorrect because actual proof of
theory/concept is a mechanism of implementation of technology, not
cybersecurity.
Graded Question
(MCQ)
Heading: Introduction to Hackers and Types
Which of the following is a weakness of a system or a network?

a. Threat
b. Vulnerability
c. Exploit
d. Attack
Correct answer: b
Feedback for option a: This option is incorrect because threat is a danger that
may lead to a breach of cybersecurity and may cause possible harm to the system
or the network.
Feedback for option b: Vulnerability is used to define weakness in any network
or system that can get exploited by an attacker.
Feedback for option c: This option is incorrect because exploit is the successful
cyber breach of vulnerability by a hacker.
Feedback for option d: This option is incorrect because attack is the overall
scenario of hacking.
Graded Question
(MCQ)
Heading: Introduction to Hackers and Types
Who can deploy a malware in a system or network?

a. Criminal organisations, malware developers, Black hat hackers and
cyberterrorists
b. Criminal organisations, malware developers, White hat hackers and
cyberterrorists
c. Criminal organisations, software developers, Black hat hackers and
cyberterrorists
d. Criminal organisations, malware developers, grey hat hackers and
penetration testers
Correct answer: a
Feedback for option a: Criminal organisations, malware developers, Black hat
hackers and cyberterrorists can deploy any malware to any target system or
network in order to deface it.
Feedback for option b: This option is incorrect because white hat hackers help
firms in getting the loopholes fixed.
Feedback for option c: This option is incorrect because software developers help
in developing systems.
Feedback for option d: This option is incorrect because grey hat hackers and
penetration testers also hack the system but do not harm the network by deploying
any malware.
Graded Question
(MCQ)
Heading: Introduction to Security Technologies and Domains
Which of the following security technologies can be used in Layer 3(L3):

Application Security?
a. Firewall
b. Intrusion Prevention System
c. Web application firewall
d. Database encryption
Correct answer: c
Feedback for option a: This option is incorrect because Firewall is used in L1.
Feedback for option b: This option is incorrect because IPS is used in L0.
Feedback for option c: The Web Application Firewall belongs to the Application
Security layer which is layer 3 (L3) of security.
Feedback for option d: This option is incorrect because DB Encryption is used in
L4.
Graded Question
(MCQ)
Heading: Introduction to Cyber Attacks
Which of the following is not a wireless attack?

a. Eavesdropping
b. MAC spoofing
c. Wireless hijacking
d. Phishing
Correct answer: d
Feedback for option a: This option is incorrect because eavesdropping is the act
of secretly or stealthily listening to private conversations or communications and
can be done wirelessly.
Feedback for option b: This option is incorrect because MAC Spoofing is a
technique for changing a factory-assigned MAC address of a network interface on
a networked device and can be done wirelessly.
Feedback for option c: This option is incorrect because this is a type of a network
security attack in which the attacker takes control of communication and can be
done wirelessly.
Feedback for option d: Wireless attacks are malicious activities conducted in
wireless systems, networks or devices. Phishing can be done wirelessly/remotely.
Graded Question
(MCQ)
Heading: Introduction to Cyber Crime & Laws
Which of the following is not done by cybercriminals?

a. Unauthorised account access
b. Mass attack using Trojans as botnets
c. Email spoofing and spamming
d. Reporting of a vulnerability in any system
Correct answer: d
Feedback for option a: This option is incorrect because this task is done by
cybercriminals
Feedback for option b: This option is incorrect because this task is done by
cybercriminals
Feedback for option c: This option is incorrect because this task is done by
cybercriminals
Feedback for option d: Cybercriminals do not report any bug found in a system;
instead, they exploit it for their profit.
Graded Question
(MCQ)
Heading: Introduction to Cyber Crime & Laws
Why can’t conventional laws be applied to cybercrime?

a. Lack of technology usage and related clauses in conventional laws
b. Cyberspace is an unbounded context with respect to governments and
territories.
c. Both A and B
d. None of the above
Correct answer: c
Feedback for option a: Correct but incomplete option

Feedback for option b: Correct but incomplete option
Feedback for option c: Cyber laws are needed because conventional laws do not
cover all aspects of transactions and activities on the internet, World Wide Web
and cyberspace.

Learning Doc - Introduction To Cybersecurity - Cybersecurity

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Learning Doc - Introduction To Cybersecurity - Cybersecurity

Uploaded by

Copyright:

Available Formats

Session 1: Introduction to Cybersecurity

Segment 1: Module Introduction

Welcome to the module on ‘Introduction to Cybersecurity’.

● Introduction to Internet & Infrastructure

Guidelines for this module

First Attempt Marks Second Attempt Marks

People you will hear from in this module

Chief Information Security Officer at ECGC Ltd.

Session 2: Introduction to the Internet and

Welcome to the session on 'Introduction to the Internet and Infrastructure'.

● What are the Internet and Infrastructure?

People you will hear from in this session

Chief Information Security Officer at ECGC Ltd.

Software Developer, AJIO.com

Segment 2: Basics of Internet

Feedback for option a: This is a correct IP address.

Feedback for option b: This is a correct IP address.

Feedback for option d: This is a correct IP address.

Segment 4: Caching and Domain Name Servers

There are several kinds of caches.

Segment 5: Secure IP Connectivity and DNS

Segment 6: Basic Networking Commands

Feedback for option a: tracert is not used to trace the IP address.

Feedback for option d: A correct option is present.

Session 3: Basic of Cybersecurity

Welcome to the session on 'Basic of Cybersecurity'.

People you will hear from in this session

Chief Information Security Officer at ECGC Ltd.

Cybersecurity's importance is on the rise. Fundamentally, our society is more technologically

Feedback for option a: Viruses are powerful enough to corrupt data

Segment 3: Introduction to Cyber Security

Feedback for option a: Computer security perpetrators always devise newer

Session 4: Terminologies and Challenges in Cyber

Welcome to the session on 'Terminologies and Challenges in Cyber Security'.

People you will hear from in this session

Chief Information Security Officer at ECGC Ltd.

Segment 2: Challenges in the Cybersecurity

Feedback for option a: Confidentiality means that your information needs to be

Segment 4: Case Study - ATM

_______ of information means that only authorised users are capable of

Feedback for option a: This option is incorrect because confidentiality means

Data ___________ is used to ensure confidentiality.

Session 5: Introduction to Hacking and its types

Welcome to the session on 'Introduction to Hacking and its types'.

People you will hear from in this session

Segment 2: Introduction to Hacking

Information gathering about the system, person, organisation or network is not

Segment 3: Introduction to Hackers and Types

Segment 4: Red, Blue and Purple team

There are three teams working for cybersecurity to increase security:

Segment 5: Threat, Vulnerability and Risk

Threat: It is a potential negative action or event facilitated by a vulnerability that results in an

Session 6: Introduction to Security Technologies

Welcome to the session on ' Introduction to Security Technologies and Domains'.

People you will hear from in this session

Chief Information Security Officer at ECGC Ltd.

Segment 2: Layers of Security - |

Five layers of security:

_________________ is the type of firewall that is connected between the device

Feedback for option a: Hardware firewalls need to be connected as additional

Segment 3: Layers of Security - ||

Feedback for option a: This option is incorrect because HW firewalls do not