BH Notes CSL

4:31 PM M
Bh.Notes
cyber Security and Laws | MU
Aquality product by
BrainheatersT LLC
6D
Brainheaters Notes
CSLI Semester-7
Revised 2016 (A.Y 2019 20)

2016-18 Proudly Powered by www.brainheaters.in
o 25 Page 1 of 90
4:31 PM M
Bh.Notes
BH.Index
(Learn as per the Priority to prepare smartiy)
Sr No Chapter Name & Content Priority Pgno
Introduction to cybercrime: 02
cyber offenses & Cybercrime: 07
3. Tools and Methods Used in Cyberline 3 29
The Concept of Cyberspace 36
Indian IT Act. 62
Information Security Standard compliances 87
Page no 1 Handcrafted by Engineers | P -

Priority
o 25 Page 2 of 90
4:31 PM M
Bh.Notes
MODULE-1
QI. classify the cybercrimes and explain any one briefly. (P4- Appeared
ITime) (5-1OM)
Ans: Cyber crime or computer-oriented crime is a crime that includes a

computer and a network. The computer may have been used in the
execution of a crime or it may be the target
Cyber crime is the use of a computer as a weapon for committing
crimes such as committing fraud, identities theft or breachingg
privacy.
Cyber crime, especially through the Internet, has grown in
importance as the computer has become central to every field like
commerce, entertainment and government.
cyber crime may endanger a person or a nation's security and
financial health.
Cyber crime encloses a wide range of activities but these can generally be
divided into two categories:
1. Crimes that aim at computer networks or devices. These types of
crimes involve different threats (like virus, bugs etc.) and
denial-of-service (Dos) attacks.
2. Crimes that use computer networks to commit other criminal
activities. These types of crimes include cyber stalking, financial
fraud or identity theft
Classification of Cyber Crime:
1.
Cyber Terrorism: Cyber terrorism is the use of the oomputer and
internet to perform violent acts that result in loss of life. This may
Page no 2 Handcrafted by Engineers| P -

Priority
o 25 Page 3 of 90
4:31 PM M
Bh.Notes
include different types of activities either by software or hardware

for threatening the life of citizens. Iin general, Cyber terrorism can be
defined as an act of terrorism committed through the use of
cyberspace or computer resources.
2. Cyber Extortion: cyber extortion occurs when a website, e-mail
server or computer system is subjected to or threatened with
repeated denial of service or other attacks by malicious hackers.
These hackers mand huge money in return for assurance stop
the attacks and to offer protection.
3. Cyber Warfare: Cyber warfare is the use or targeting in a battle
space or warfare context of computers, online control systems and
networks. It involves both offensive and defensive operations
concerning the threat of cyber attacks, espionage and sabotage.
4. Internet Fraud: Internet fraud is a type of fraud or deceit which
makes use of the Internet and could include hiding of information or
providing incorrect information for the purpose of deceiving victims
for money or property. Internet fraud is not considered a single,
distinctive crime but covers a range of illegal and illicit actions that
are committed in cyberspace
5. Cyber Stalking: This is a kind of online harassment wherein the
victim is subjected to a barrage of online messages and emails. In
this case, these stalkers know their victims and instead of offline
stalking, they use the Internet to stalk. However, if they notice that
cyber stalking is not having the desired effect, they begin offline
stalking along with cyber stalking to make the victims' lives more
miserable.

Priority
o 25 Page 4 of 90
4:31 PM M
Bh.Notes
Q2.cybercrime and information security. (P4 Appeared 1

Time)
(5-10M)
Ans: Cybercrime can be committed against an individual or a group; it can

also be committed against government and private organizations. It may
be intended to harm someone's reputation, physical harm, or even mental
harm.
Cybercrime can cause direct harm or indirect harm to whoever the
victim is.
However, the largest threat of cybercrime is on the financial security
of an individual as well as the government.
Cybercrime causes loss of billions of USD every year.
Types of Cybercrime
Let us now discuss the major types of cybercrime-
Hacking
It is an illegal practice by which a hacker breaches the computer's
security system of someone for personal interest.
Unwarranted mass-surveillance
Mass surveillance means surveillance of a substantial fraction of a
group of people by the authority especially for the security purpose,
but if someone does it for personal interest, it is considered as
cybercrime.
Child pornography
It one of the most heinous crimes that is brazenly practiced
is
across the world.
Children are sexually abused and videos are being made and
uploaded on the Internet.
Page no 4 Handcrafted by Engineers| P- Priority
o 25 Page 5 of 90
4:31 PM M
Bh.Notes
Child grooming
It is the practice of establishing an emotional connection with a
child especially for the purpose of child-trafficking and child

prostitution.
Copyright infringement
If someone infringes someone's protected copyright without
permission and publishes that with his own name, is known as
copyright infringement
Money laundering
llegal possession of money by an individual or an organization is
known as money laurndering
.It typically involves transfers of money through foreign banks
and/or legitimate business.
In other words, it is the practice of transforming illegitimately
earned money into the legitimate financial system.
Cyber-extortion
Whena hacker hacks someone's email server, or computer system
and demands money to reinstate the system, it is known as
cyber-extortion.
cyber-terrorism
Normally, when someone hacks government's security system or
intimidates government or such a big organization to advance his
political or social objectives by invading the security system
through computer networks, it is known as cyber-terrorism.
cyber Security
.Cyber security is a potential activity by which information and other
communication systems are protected from and/or defended
against the unauthorized use or modification or exploitation or even
theft.
o 25 Page 6 of 90
4:31 PM M
Bh.Notes
Likewise, cyber security is a well-designed technique to protect

computers, networks, different programs, personal data, etc., from
unauthorized access.
All sorts of data whether it is government, corporate, or personal
need high security; however, some of the data, which belongs to the
government defense system, banks, defense research and
development organization, etc. are highly confidential and even
small amounts of negligend to these data may cause great
damage to the whole nation.
Therefore, a
such data need security at very high level.
How to Secure Data?
Let us now discuss how to secure data. In order to make your
security system strong, you need to pay attention to the following-
Security Architecture
.NetworkDiagram
Security Assessment Procedure
.Security Policies
Risk Management Policy
Backup and Restore Procedures
Disaster Recovery Plan
Risk Assessment Procedures
Once you have a complete blueprint of the points mentioned
above, you can put a better security system to your data and can
also retrieve your data if something goes wrong.
Page no -6 Handcrafted by Engineers | P -

Priority
o 25 Page 7 of 90
4:31 PM M
Bh.Notes
MODULE-2
QI.compare active attacks vs Passive attacks. (P4 -

Appeared 1
Time)
(5-10M)
Ans: Active and Passive Attacks are security attacks. In Active attack, an
attacker tries to modify the content of the messages. Whereas in Passive
attack, an attacker observes the messages, copy them and may use them
for malicious purposes.
Following are the important differences between Active Attack and Passive
Attack.
No. Key Active Attack Passive Attack
ModificatiIn Active Attack, In Passive Attack,

on information is information remains
modified. unchanged.
Dangerou Active Attack is Passive Attack is

s For dangerous for Integrity dangerous for
as well as Availability. Confidentiality.
Attention Attention is to be paid Attention is to be paid on

on detection. prevention.
Impact on In Active Attack, the In Passive Attack, the

system system is damaged. system has no impact.
Page no 7 Handcrafted by Engineers | P- Priority
o 25 Page 8 of 90
4:31 PM M
Bh.Notes
Victim Victim gets informed in Victim does not get

an active attack informed in passive
attack.
System System Resources can System Resources are not

Resources be changed in active changed in passive
attack. attack.
Q2. Explain the category "cybercrimes against persons". (P4 -

Appeared
1 Time) (5-10M)
Ans: Cybercrimes can be broadly divided into three major categories
Cybercrimes
Crimes Crimes against Crimes

against individual against
persons property govemment
Cyber-stallking, Computer
vandalism, Cyber
email spoofing, etc.
transmitting terrorism
viruses, etc.
Cybercrimes against People:

Cybercrimes committed against people include crimes such as
Page no 8 Handcrafted by Engineers | P Priority
o 25 Page 9 of 90
4:31 PM M
Bh.Notes
cyber porn, transmission of child pornography, harassment of an

individual through email, false legal agreement scams, etc.
The trafficking, distribution, posting, and dissemination of obscene
material, together with pornography and misdemeanour, constitute
important cybercrimes committed against people.
The potential impact of such a criminal offense to humanity can
hardly be explained. cyber harassment could be a distinct
cybercrime. Various harassments can and do occur on the internet,
or through the use of the internet.
This includes sexual, racial, religious, or other harassments. People
perpet- uating such harassments are guilty of cybercrimes.
Cybercrimes against Property:
cybercrime against all forms of property is the second category of
cybercrime.
.Crimes in this category include computer devilry, meaning
destruction of others property and transmission of harmful
viruses, worms, or programs
An Indian-based upstart engineering company lost its money and
reputation when the rival company, an associate degree business
major, scarfed the technical catalogue from their computers with
the assistance of a company cyber spy software.
cybercrimes against Government
cybercrimes against Government is the third type of cybercrime.
Cyber terrorism is a distinct crime in this category.
The spread of the internet has shown that this medium is used by
people and teams to threaten the international governments
conjointly to terrorize the voters of a village.
This crime manifests itself into an act of terrorism once a private
'cracks' into a government or military maintained website
o 25 Page 10 of 90
4:31 PM M
Bh.Notes
Q3. what is the difference between virus and worms? (P4 - Appeared 1
Time) (5-10M)
Ans: Worms and viruses are malicious programs that can cause harm to
our workstation, but both are different.
Virus:
Alter
Data
Can Self
Mutate Replicate
Virus
Passive Steal
Transmission Information
Software Delete
Code Data
Figure Virus.
Virus (vital information resources under siege) is a code designed

to duplicate itself, and this is often done by replicating itself into
varied programs that square measure holds within the laptop.
.Computer virus attaches itself to a program or a file, spreads from
one digital computer to another, exploits infections as it travels.
A computer virus can range in harshness for example some may
cause slightly irritating effects, or some can damage

hardware/software/files.
Page no 10 Handcrafted by Engineers |
P -
Priority
25 Page 11 of 90
4:31 PM M
Bh.Notes
Virus can enter into our system using.EXE files (Executable files)
which means, a virus cannot affect our computer unless and until
we run or release the malicious program.
It is significant to make a note that a virus cannot spread withouta
human action for example running the infected program(exe file)

Worm:
Alter
Data
Can Self
Mutate Replicate
Worm
Active Steal
Transmission Information
Self-
Contained Delete
Software Data
Figure Wom.
A worm (write once read many) is similar to a computer virus by

design.
It is considered to be a secondary category of virus.
A worm spreads from computer to computer, but unlike a virus it
has the capability to travel without any human action.
The main threat witha worm is the capability to replicate itself on
Our system.
So rather than our computer sending a single worm, it could send
o 25 Page 12 of 90
4:31 PM M
Bh.Notes
hundreds or thousands of copies of itself and cause a huge

devastating effect.
For example, a worm sending out a copy of itself to everyone listed
in the address book, then the worm replicates itself to each of the
receiver's address book and it manifests itself.
Since the worm copies itself and also travels across networks, it
consumes more system memory and network bandwidth, causing
web servers and individual computers to stop responding.
Q4.what is Hacking ? Who is a hacker? (P4 - Appeared 1

Time) (5-10M)
Ans: There are various security breaches and the art of exploring such
various security breaches is termed as hacking. For so many years,
computer hackers are around us.
We have started to hear more and more about hacking, as the
internet is becoming the main part of our life, and it is being used
up widely throughout the world.
There are very few hackers which are well known such as Kevin
Mitnick
The digital world has many different types of hackers.
It is hard to outline an exact profile, since hackers are also human
ike the rest of us are and they are unique individuals.

It is necessary to note that all hackers are not equal.
Each hacker has different motives, methods and skills.
not necessary that all the hackers are antisocial or teenagers.
It is
They are mostly sharp minded and curious to know new things and
brave enough to take steps.

P -
Priority
oO 25 Page 13 of 90
4:31 PM M
Bh.Notes
It is a term which has two meanings:

1.
Traditionally, the ones who like to play with software or electronic
systems are termed as hackers. They find excitement and
happiness in exploring and learning how computer systems
operate. For working electronically in new ways, they try to discover
new things.
2. Recently, it has been termed hacker as the one who maliciously
breaks the systen personal gain. Technically these hackers are
criminal hackers and also known as crackers. Cracker's intentions
are to break into the system maliciously. Crackers do this for
revenge, profit, fame or for personal gain. They make people's lives
miserable by modifying, deleting and by stealing critical
information.
Hacking isa special art as well as skill. The guys who are engaged in
hacking activities are said to be criminals as they are associatedin
breaking Iaws of hacking.
Actually, hacking is more about performing the steps within the
limits and following the laws.
There are two types of hacker: good guy and bad guy. Good guys
are also called 'White-hat and bad guys are called 'Black-hat.
Hackers which are also said as bad guys try to compromise your
computers, while ethical hackers said as good guys try to protect
your computers against illicit entry.
As many malicious hackers claim that they don't cause harm to the
system just by helping others are none other than electronic
thieves.
The hacker status increases in hacker circles by hacking anyone's
system which is d well protected system.
Page no -13 Handcrafted by Engineers | P- Priority
o 25 Page 14 of 90
4:31 PM M
Bh.Notes
Q5. what is a hacker? Explain hacker tools concept. (P4- Appeared1

Time) (5-10M)
Ans: During investigations of computer crime, particularly computer

intrusions, you encounter rogue files with an unknown purpose.
will
The rogue file is doing something that the attacker wants, but al we
have is a binary file and perhaps a few theories about what that file
does.
If attackers left their source code behind Tool analysis would be
much simpler
Goals of Tool Analysis:
The hacker tools will have filenames that give enormous clues
about their function, you are lucky enough.
if
Afile called sniffer or esniff is likely to be a sniffer tool.

There is a great possibility that the attackers have renamed their
code to some innocuous system filename such as xterm or d..
How Files Are Compiled:
An entire program written in a high-level language, such as C or
Pascal, and converts it to object code, which is often called
machine code, binary code, or executable code compiler, by a such
as the GNUC compiler.
Think of compilers as programs that translate human readable
source code into the machine language that a system
understands.
system's processor can directly execute Machine language.
There are many ways for attackers to compile their source code.
Some methods of compilation make tool analysis easier than
others

Priority
o 25 Page 15 of 90
4:31 PM M
Bh.Notes
Static Analysis of a Hacker Tool

Without any need of executing the rogue code Static analysis is a
tool to perform analysis.
You can perform static analysis on any operating system,
regardless of the type of object code, because you do not intend to
execute the rogue code during static analysis.
For example, you can use the Solaris operating system to perform
static analysis of a Win32 application
The general approach to static analysis involves the following steps:
1.
Determine the type of file you are examining.
2. Review the ASCIl and Unicode strings contained within the binary
file.
3. Perform online research to determine if the tool is publicly available
on computer security or hacker sites. Compare any online tools
identified with the tool you are analyzing.
4. Perform source code review if you either have the source code or
believe you have identified the source code via online research.
Dynamic Analysis of a Hacker Tool
Your next step is to determine how the executable files were
compiled, as well as their native operating system and architecture.
Once you have identified the executable files that require tool
analysis. you may encounter many different types of executable
files including the following common types:
LWindows 95/98/NT/2000/xP executable or dynamically
linked library (DLL)
2. Linux a.out/elf/script
3. Solaris a.out/elf/script
4. DOS 32-bit COFF
5. DOS 16-bit .com file
Page no -15 Handcrafted by Engineers| P -

Priority
o 25 Page 16 of 90
4:31 PM M
Bh.Notes
6. DOS 16-bit executable

7. Atari ST/TT
Fortunately, the needed information can be retrieved from both Unix and
Windows.
Q6. How should the Security system Evolve to Handle Cyber Security
Threats and Vulnerabilities? (P4 -

Appeared 1
Time) (5-10M)
Ans: Stories of organizations, paralyzed by cybersecurity threats and

vulnerabilities are at its peak
According to a report published by Symantec Corp, India is one of the top
five countries, who have become the victim of cybercrime.
Nowadays, modern technologies such as cloud computing, loT,
cognitive computing., etc. are categorized as the critical assets of
any organization.
With the increase in the use of advanced technology and
interconnected applications, there is a rapid spike not only in
businesses but also in threats and vulnerabilities as well.
In this feature, we focus on security threats, challenges faced by
defenders to protect the organization from emerging threats, and
how the security system should evolve to overcome the day-to-day
critical security challenges
Let's dig deep into the below topics.
Cyber Threats
Security Challenges
How must security systems evolve?
cyber Threats
Technology is transforming as never before.
Page no -16 Handcrafted by Engineers | P -

Priority
o 25 Page 17 of 90
4:31 PM M
Bh.Notes
With the advancement in technology, organizations started to

experience consistent business growth at a faster pace.
They were able to interconnect people, robots, gadgets, contents,
and more in an intelligent way that drives more business.
But, at the same time, this advancement in technology opens up a
center of attention for cybercrimes, targeted attacks, and corporate
espionage.
A cyber threat is a malicious attack that gains unauthorized access
to a system or network and thereby damages or steals the

confidential data. Let's go a bit further to understand the different
types of cyber threats.
. Ransomware
2. DDoS Attack
3. Threats originated within an organization
4. Data Breaches
5. Advanced Persistent Threat (APT)
1.
Ransomware
Ransomware is malware that encrypts the system data and
demands payment for access permission.
It prevents you from accessing the system, and it can also destroy
the data if the payment is not made on time.

Based on a survey conducted by Sophos, over 51% of organizations
were attacked by ransomware during the year 2019.
Ransomware is also available as Ransomware-as-a-service (Raas)
over the dark web marketplace.
.WannaCry, NotPetya, Simplelocker, TeslaCrypt, Cryptolocker, and
PC Cyborg are some of the Ransomware.
2. Distributed denial-of-service (DDos) attacks
The DDoS attack is a malicious attack that increases the traffic of a
o 25 Page 18 of 90
4:31 PM M
Bh.Notes
server with overwhelming random traffic.

In DDoS, the server is targeted from different independent networks
with the help of botnet, and this is how it differs from Dos.
One of the famous and highest reported impacts was against Dyn,
a US-based DNS service provider.
The DDoS attack against Dyn has affected many websites that
include Twitter, GitHub, Amazon, Netflix, and more.
3. Threats originated within an organization
.Internal threats are malicious threats that come from people within
the organization who have access to confidential information.
It can be employees, former employees, partners, associates, and
so on. Using these threats, the attacker can bypass security in a

legalized way.
4. Data Breaches
Data Breaches can be defined as the leakage of confidential
information that includes sensitive corporate documents, technical
blueprints, trade secrets, and more.
It can lead to financial loss, brand reputation loss, customer trust
loss, and so on.

Some of the main reasons for Data Breaches are malicious attacks,
a weak security system, and human errors.
As per the Verizon Data Breach report, over 88% of data breaches
involve human errors.
5. Advanced persistent threat (APT)
APT is an advanced attack threat. It uses multiple phases to break
the network and thereby allow unauthorized people to stay in the
organization network.
APT can happen through spear-phishing or inside threats.
This threat is hard to detect and can retrieve valuable information
o 25 Page 19 of 90
4:31 PM M
Bh.Notes
over a sustained period.

Security Challenges
Be ahead of your adversaries; you fail to do so, soon you will
If
become a victim. Let's discuss some of the security challenges.

1.
Slow security adaption
One of the issues related to the cybersecurity system is that
cybersecurity solutions are not advancing at an expected rate.
In today's digital era, cloud technologies and other solutions are
evolving at a faster pace, and the traditional network architecture
has been deputized with simple and flat architecture.
But, concerning cybersecurity solutions, many organizations still use
traditional zone-based security solutions to prevent threats.
2. Human Errors
Human errors such as system misconfiguration, insufficient patch
management, etc. are common in the majority of organizations.
These errors resulted in numerous cyber attacks.
According to the IBM security threat, over 95% of cyber-attacks are
due to human errors.
3 Third-party vendor security risk
In today's world, everything is connected.
Organizations let third parties store their information for better
business operations.
But, if they don't choose a trustworthy third-party vendor, then the
organization is at risk
Here, an attacker can bypass the security system by initiating
supply chain attacks.
How must security systems evolve?
In this section, we will discuss advanced security strategies to
defend threats and strengthen the cybersecurity system. Let's take
o 25 Page 20 of 90
4:31 PM M
Bh.Notes
a moment to understand some of the best security practices. They

are as follows:
Threat prevention strategies
Zero-trust approach
Assume breach approach
1. Threat Prevention Strategies
Security researchers are researching and innovating effective
solutions to prevent threats.
They work around the clock aiming at zero-day vulnerabilities and
also actively involved in conducting awareness programs.
Threat prevention strategies are mainly categorized into four main
sections.
They are as follows:
oReduce the attack surface: Continuous process of
vulnerability scanning practice helps to determine top risk
applications, security gaps in the network, risky users and
processes, and more. Relative Attack Surface Quotient
RASO) is one such method that can keep track of every
change to the attack surface.
Complete visibility: End-point protection is another factor to
take on board. In most cases, end-point security can be
compromised by using SMB-based vulnerabilities. So, it is
important to separate normal SMB behavior from strange
SMB behaviors, and this categorization can be done by
providing complete visibility. It is the key that can identify

malicious behavior.
Prevent known threats: Firewalls and anti-virus software are
necessary to prevent known threats. It is the first step
towards defending networks and endpoints.
o 25 Page 21 of 90
4:32PM M
.
Bh.Notes
o Prevent unknown threats: Advanced and unknown threats

are evolving as never before. As a result, it is more
challenging to achieve a 100% threat protection. To deal with
such threats, organizations have to adopt new techniques
such as dynamic and behavioral analysis, deep learning
techniques, and attacker techniques, tactics, and
procedures (TTPs) analysis.
2.Zero-trust approach
The Zero-trust approach strategy is the continuous verification of all
data and assets.
It helps to detect the attackers who exfiltrate sensitive information
through lateral movements.
Let's take a moment to understand the process of the Zero-trust
approach.
Identify and classify sensitive data: It is necessary to identify and
classify sensitive data for data protection.
Map the data flow: You have to understand the application flow
across the network by collaborating with the network team,
application team, and security architect.
Architect the network: Architect the network by identifying the
physical and virtual configurations. It includes the communication
flow between multiple networks and external data accessing
procedures.
Create the policy base: While creating a policy base, you should
include an efficient access control mechanism, information about
user identity, application behavior, and so on.
Continuous monitoring: In this process, continuous monitoring of
both internal and external traffic is performed. Here the network and
application logs are checked frequently on a real-time basis.
o 25 Page 22 of 90
4:32PM M
.
Bh.Notes
3. Assume breach approach

The reality is that none of the security prevention technology can
ensure you 100% protection against threats.
As the days pass, advance threats manage to bypass the security
system.
Here comes the importance of the assume breach approach.
It is a way of testing the incident response force of an organization.
It provides various security solutions and services

They are as follows:
o Red-team exercise: It is an advanced version of penetration
testing, where a team of highly professional security experts
not only finds vulnerabilities but also tests an organization's
threat detection and response capabilities. It opens up a
way of immediate as well as long-term security posture
improvement.
Continuous monitoring: Continuous monitoring is necessary
to detect threats at an early stage, and it can be achieved
by providing real-time visibility of users as well as network
endpoints. An active security monitoring system can ensure
cyber hygiene and compliance by actively monitoring the
network, application, and user activities. Some of the
common tools used for monitoring are security information
and event management (SIEM) tools and endpoint detection
and response(EDR) tools.
Q/.compare Vishing, Phishing and Smishing in cyber security. (P4-

Appeared 1
Time) (5-1OM)

Priority
o 25 Page 23 of 90
4:32PM M
.
Bh.Notes
Ans: There are several types of Email attacks that are used by the attackers
to steal the confidential information from users. The confidential
information may include login credentials, bank card details or any other
sensitive data. Phishing and Vishing are also such types of attacks.
1. Phishing
Phishing is a type of email attack in which the attacker tries to find

the sensitive information of users in a fraud manner through
electronic communication by intending to be from a related trusted
organization. A
attackers design emails carefully to target a group and clicking on

a link installs malicious code on the computer.
Example
Stealing bank transaction password from users.
Stealing login credentials from users.
2.Vishing
Vishing is the type of cyber attack in which voice communication is
used for stealing confidential data from a group of people.
In vishing, the attacker tricks the target to give the sensitive
information through the voice call pretending to be an employee
from the related and trusted firm.
Example
Asking for bank transaction OTP from users.
Asking for UPI PIN from users.
Difference between Phishing and Vishinng
PHISHING VISHING
Victim needs to click on Victim needs to tell the

malicious links. information on own.
Page no 23 Handcrafted by Engineers |P -

Priority
o 25 Page 24 of 90
4:32PM M
.
Bh.Notes
Phishing attacks are targeted Vishing attack is also targeted for

for a wide range of people a wide range of people through
through emails. voice communication.
It is an automated attack. While it is a manual attack.
Voice calling to target can be

A single attacker can send
done by an attacker one at a
various emails at a time.
time.
It has more accuracy. It has less accuracy.
was mostly used in earlier days

It
It is more used now-a-days.
but still attackers use it.
The attackers involved in

While the vishing attackers are
phishing are cyber criminals or
not expert in hacking.
professional hackers.
Q8. Discuss basic security precautions to be taken to sateguard

Laptops and wireless devices. (P4 -
Appeared 1
Time) (5-10M)
Ans: 1) Establish strong passwords

This first measure is really easy to put in place. You must put
together a combination of capitals, lower-case letters, numbers,
and symbols to create a strong password.
The more characters you put, the better. With that, you must avoid
using your birthday or any personal information and change the

Priority
o 25 Page 25 of 90
4:32PM M
.
Bh.Notes
password accordingly.
2) Set up a firewall
In order to protect your network, firewalls are an important initiative
to consider.
They are a must-have for any company, as they control the internet
traffic coming and leaving your business.
3) Think of antivirus protection
Antivirus and anti-malware are indispensable to protecting your
Data.
They are designed to prevent, search for, detect and remove viruses
but also adware, worms, trojans, and so on.
4) Updating is important
Your computer must be properly patched and updated. Recent
updates allow your Data to be more secured.
5) Secure every laptoP
.Laptops are portable so there is a higher risk that they can be
stolen.
As a consequence, it is important to take more security measures in
order to protect all laptops.
A simple solution is to encrypt them. In doing so, without the right
password, your computer's Data is unreadable.

6) Secure mobile phones
Mobile phones are even more easily stolen than laptops but they
are as valuable for companies.
Equally to laptops, phones can be encrypted- you can put a strong
password and enable an automatic lock-out.
You can also set up a wiping process if the phone is lost or stolen.
7) Schedule backups
You can schedule backups to external hard drives or in the cloud in
o 25 Page 26 of 90
4:32PM M
.
Bh.Notes
order to keep your data stored safely.

The right frequency is weekly but you can do incremental backups
every few days.
You can also use Wimi, which centralizes your documents.
With it, you can then share your documents with your team, your
clients, and your partners
8) Monitor steadily
Data, Software technologies, everything is moving so fast. 2ep
track of them, keep in touch with news to see what is new on the
market.
9 Be smart with emails and surfing the web
.Downloading apps or files, opening emails and clicking on links can
infect your computer and your network.
Be careful with the sources you find online or you receive.
Take every "warning box" seriously.
10) Educate your employees about Data Security
Prevention is the best way to keep your Data safe.
Warned employees will always be more attentive.
Q9. security Implications for Organizations and Organizational

Measures for Handling Mobile. (P4- Appeared 1
Time) (5-10M)
Ans: Security Management System (SMs) is defined as an efficient method

to manage sensitive company information so that it remains secure. The
security management system is a very broad area that generally includes
everything from the supervision of security guards at malls and museums
to the installation of high-tech security management systems that are
generally made to protect an organization's data.

Priority
o 25 Page 27 of 90
4:32PM M
.
Bh.Notes
Read on to learn more about this field and get examples of the types of
security management in place today.
Feature of Security Management System:
Security management relates to the physical safety of buildings,
people and products.
Security management is the identity of the organization's assets.
Generally Security Management System is provided to any
enterprises used for security management and procedures as
information classification, risk assessment, and risk analysis to
identify threats, categorize assets, and rate.
Importance of security management
There are some important of security management which is
generally provided to any organization and which are given below:
Intellectual Property:
There are principle reasons that organizations formalize an
innovation management program is to gain a competitive edge on
the competition.
Although if the initial ideation phases are open to everyone, a lot of
work goes into developing and refining those ideas and that
refinement is often the difference between an incremental idea and
a transformative one and the companies don't protect those later
stage refinement activities, then they could lose the competitive
edge they gain by instituting an innovation management program
in the first place.
Data Integrity:
.Security Management systems confidence in lots of data to help
prioritize and validate initiatives and generally we could be talking
about votes and comments on ideas, ROI data, and beyond.
If security management systems aren't secure, this data could be
Page no -
27 Handcrafted by Engineers | P Priority
o 25 Page 28 of 90
4:32 PM m M
Bh.Notes
stripped or tampered with.

It will be simple to make an idea or project appear more popular or
more valuable if the system can be gamed.

Personally ldentifiable Information:
All who participate ina security management program share at
least their personal information in order to log on to the system and

where privacy is everything security management systems are
-
provided to protect all their users as a matter of course.

System Interconnectivity:
Generally, security management software interacts with a variety of
other systems like project management, social software, and
beyond, etc.
Frailness in one system can lead to frailness in others, which is why
any security management system has to be equal to the systems
with which it interacts.

Priority
o 25 Page 29 of 90
4:32 PM m M
Bh.Notes
MODULE-3
QI. Explain various types of key-loggers in brief. (P4 -

Appeared 1
Time)
(5-10M)
Ans: Keyloggers are many hackers and script kiddie's favorite tools.
Keylogging is a method that was first imagined back in the year 1983.
Around then, the utilization of this product was uncommon and just the top
examination organizations and spies could get their hands on it, yet today,
it is a typical element offered by most government operative applications
like TheOneSpy.
Individuals use it all as an opportunity to guarantee the assurance
of their families, organizations, and the ones they care about.
Keylogger is a software that records each and every keystroke you
enter, including mouse clicks.
Hardware keyloggers are also available which will be inserted
between keyboard and CPU.
It provides the following features:
1. It takes a minute to install this software/hardware in the
victim's system, from the next second onwards the attacker

will get every activity going on in the victim computer.
2. Each and every activity happening in the victim's system with
screenshots will be recorded. This activity will be saved in the
victim's system or it can be mailed to the attacker email or
can be uploaded to the FTP server. Wondered? Let's see how
attackers do this along with protection techniques.
3. Keylogging highlight of spy applications is adept at recording

Priority
o 25 Page 30 of 90
4:32 PM m M
Bh.Notes
2ach and every keystroke made by utilizing a console,

regardless of whether it is an on-screen console.
4. It likewise takes a screen capture of the screen when the client
is composing (Usually this screern capture is taken whern a
catch on the mouse is clicked).
5. It works watchfully, escaping the client's view, for example, the
focus on the client could never discover that all his keystrokes
are being recorded.
6. Keyloggers recorder can record writings, email, and any
information you compose at whatever point using your
support.
7. The log record made by the keyloggers would then have the
option to be sent to a predefined gatherer
8. Some keyloggers tasks will likewise record any email that
tends to your use and Web website URLs you visit.
Some software keyloggers code can capture additional information
without requiring any keyboard key presses as input.
They include:
1.
Clipboard logging: Anything duplicated to the clipboard is
caught.
2. Screen logging: Randomly coordinated screen captures of
your PC are logged.
3. Control text capture: The Windows API allows for programs to
request the text value of some controls, it means a password
can still be captured albeit it is behind a password mask.
4. Activity tracking: Recording of which programs, folders, and
windows are opened and also the screenshots of every.
5. Recording of program queries, instant message
conversations, FTP downloads alongside the other internet
o 25 Page 31 of 90
4:32 PM m M
Bh.Notes
activities.
Types Of Keylogger
There are basically two types of Keyloggers:
1.
Hardware Keylogger: This is a thumb-size device. It records all
the keystrokes you enter from the keyboard then saves it in its
memory. Later this data will be analyzed. The drawback of this
device is, It can't record mouse clicks, can't take screenshots,
and even can't email, more importantly, It requires physical
access to the machine. Hardware Keylogger is advantageous
because it's not hooked into any software nor can it's
detected by any software.
2. Software Keylogger: Software Keylogger can be installed in the
victim's system even if they use updated Antivirus. There are
lots of software available in the market which make a
Keylogger undetectable by latest antivirus, we are going to
study about them too in upcoming chapters There are many
keyloggers available in the market with various features. Some
examples of Software Keyloggers are:
1. Blazing tools perfect Keylogger
2. Ardamax Keylogger
3. WinSpy
4. Invisible Keylogger
5. Refog Keylogger
6. Activity Keylogger
Keystroke Keyloggers
7.
What are the uses of a Keylogger?
Keylogger offers following uses to the user:
1.
Parental control: It's a great way to track the activity of your
children through Keylogger without getting caught. Likewise,
o 25 Page 32 of 90
4:32 PM m M
Bh.Notes
you can get informed rapidly in regard to a specific page they

got to on the web, their area, and numerous other
fundamental things. Numerous guardians decide to control
the perusing history of their children, with some extraordinary
keyloggers.
2. Security: If you need to be certain your staff is regarding the
standards, at that point you can get a warning with respect to
their exercises througha Keylogger. Along these lines, you get
the chance to save them in a protected mode for the
organization's advantage.
3. Partner exercises following: On the off chance that you sense
things showing that your mate is undermining you; at that
point, you can utilize a Keylogger for android phones that will
empower you to realize what your companion is doirng. Leave
it alone over the web fueled projects (i.e, WhatsApp,
Snapchat, looking in the versatile program, and so on.) or even
on phone messages. So with everything taken into account,
the Android Keylogger applications can assist you with
following your life partner's movement.
How does your Computer get a Keylogger?
A Keylogger is often installed on your computer any number of the
way. Anybody with access to your PC could introduce it; keyloggers

could come as an ared of a plague or from any application
establishment, in spite of how misleadingly honest it's getting the
chance to look.
This is a part of the rationale why you ought to always make certain
you're downloading files from a trusted resource
Most companies implant Keylogger software to send recorded data
to a foreign location. This happens by using one of the following
Page no - 32 Handcrafted by Engineers | P Priority
o 25 Page 33 of 90
4:32 PM m M
Bh.Notes
methods:
1.
Uploading the info to an internet site, database, or FTP server.
2. Periodically emailing data to a predefined email address.
3. Wirelessly transmitting information through a joined
equipment framework.
4. Software empowering far off login to your neighborhood
machine.
How to Detect and Remove Keylogger?
There is a spread of the way to detect a Keylogger, though none are
a catchall, so if you've got a reason to suspect your computer
features a Keylogger, we recommend trying a variety of these
tactics:
1. Choose the best Antivirus, to detect a Keylogger on your
system. There is some specific sort of AV dedicated for such
scans.
2. Press Ctrl+Alt+Delete to check the task list on your computer.
Examine the tasks running, and if you're unacquainted with
any of them, look at them abreast of an inquiry engine.
3. Scan your hard disc for the foremost recent files stored. Look
at the contents of any files that often update, as they could be
logs.
4. Use your system configuration utility to look at which
programs are loaded at computer start-up. Access this list by
typing "msconfig" into the run box.
Pros Of Keylogger
1. Monitor Every Keystroke Made.
2. Protect Confidential Iinformation.
3. Safety Concerns.

Priority
o 25 Page 34 of 90
4:32 PM m M
Bh.Notes
Cons Of Keylogger
1. Zero Privacy.
2. Release of Sensitive Information.
3. Gives Keylogging Service Providers Free Reign.
Q2. what is Bluetooth hacking? Explain Bluetooth hacking tools in brief.

(P4-Appeared1 Time) (5-10M)
Ans: Bluetooth has been used for a long time, there exist several flaws in
the system. These flaws have been subject to different types of attacks
over time, vulnerable to hacking. which makes the technology veryy
Types of Bluetooth hacking:

Bluejacking
The first most popular attack on Bluetooth enabled devices is
Bluejacking
This type of attack enables unknown people to send unwanted
messages or electronic business cards to Bluetooth enabled mobile
phones.
The attackers modify the procedure for card passing so as to make
the message to be sent to appear as a business card and then
send the business card to a nearby mobile phone which is
Bluetooth enable
Bluejacking tools are very easy to use and these messages can be
shooted in crowded places for example in shopping malls.
Some people even use the bluejacking technique to send
commercial advertisement messages to people passing nearby.
Bluesnarfing
The Bluesnarfing attack is much more damaging to the bluejacking

Priority
o 25 Page 35 of 90
4:32 PM m M
Bh.Notes
technique as it enables you to wirelessly connect to to Bluetooth

enabled mobile phones without any knowledge from the owner and
copy their the mobile phone's address book, their sms messages,
their call Iogs and some more advanced features enable you to to
update the directory of the mobile by adding new contacts in the
mobile phones.
Most bluesnarfing tools are downloaded as JAR files.
The Bluesnarfing technique works like the Bluejacking technique by
making use of the exchange of business cards.
This exchange is done using the OBEX protocol and enables the
Bluetooth machine to connect to the device which needs to be
compromised but instead of exchanging a business card,it
requests for information (the phonebook file, the call logs etc) from
the target.
Bluebugging
The Bluebugging attack is more powerful than the bluejacking and
bluesnarfing attacks. It allows the attacker to take complete control
of your mobile phone without the user knowing anything about it.
They can make phone calls, listen to conversations where the
phone is located.
Bluesnarfing capabilities also exist in bluebugging tools like copying
the phone book and the phone's call list.

Priority
o 25 Page 36 of 90
4:32 PM m M
Bh.Notes
MODULE-4
QI. what is E-commerce? Explain different types ofe-commerce with

suitableexamples. (P4- Appeared Time) (5-10M) 1
Ans: Ecommerce, or electronic commerce, refers to transactioons

conducted via the internet. Every time individuals and companies are
buying or selling products and services online they're engaging in
ecommerce. The term e commerce also encompasses other activities
including online auctions, internet banking, payment gateways, and online
ticketing.
1. Business to consumer (B2C)
As the name suggests, the B2C ecommerce model represents a
transaction between businesses and individuals. B2C ecommerce is
the most common business model among both physical and online
retailers.
Nike, Macy's, IKEA, and Netflix are all examples of comparnies that
engage in B2C ecommerce.
2. Business to business (B28)
In the B2B ecommerce model both parties involved are businesses.
In this type of a transaction, one business provides the other with
products and/or services.
Slack a platform for communication between remote businesses,
and Xero, a coud-based accounting software for businesses, are
examples of B28 companies.
3. Consumer to business (C28)
The C28 business model represents a transaction in which

Priority
o 25 Page 37 of 90
4:32 PM m M
Bh.Notes
individuals create value for businesses, unlike the traditional

business-to-consumer model where companies are the ones that
deliver value.
Consumers provide companies with products and/or services,
co-operate on projects, and ultimately help businesses increase
their profits.
Freelancer, a freelance platform that connects remote workers and
companies, is an example of a company that brings two parties to
engage in c2B transactions.
4. Consumer to consumer (C2Cc)
c2C e commerce happens when the two parties involved are
consumers that trade with one another.
eBay and Craigslist are examples of online marketplaces where
individuals buy and sell products to each other.
5. Government to business (G28)
The G2B e commerce models happen when the government
provides companies with goods and services
Government procurement, data centres, and e-learning are all
examples of G28 e commerce.
6. Business to government (82G)
The B2G model refers to companies and businesses that provide
goods and services for the government.
For example, OpenGov is a company that offers governments
cloud-based platforms for communication, reporting, and
budgeting.
7.Consumerto government (C26)
Every time consumers pay taxes, health insurance, electronic bills,
or request information concerning the public sector, they're
engaging in C2G.
Priority
o 25 Page 38 of 90
4:32 PM m M
Bh.Notes
Make note that we've included all these sections to give you a
general idea of e commerce classification, although models like
G2C or C2G are part of ecommerce only in its loosest definition.
80% of the time, when we're talking about ecommerce, we're
talking about the B2C or the B2B model
Q2. ilustrate human based social engineering techniques to acquire

information. (P4- Appeared 1
Time) (5-10M)
Ans: Impersonating an employee or valid user:

1.
Impersonation is perhaps the greatest technique used by social

engineers to deceive people. Social engineers take advantage of
the fact that most people are basically helpful, so it seems
harmless to tell someone who appears to be lost where the
computer room is located, to to let someone into the building who
forgot his/her badge or pretending to be an employee or valid user
on the system.
2. Posing as an important user:
.The attacker pretends to be an important user. The attacker uses
intimidation so that a lower-level employee such a help-desk
worker will help him/her in gaining access to the system. Most of the
low-level employees will not ask any question to someone who
appears to be in a position of authority.
3. Using a third person:
An attacker pretends to have permission from an authorised source
to use a system. This trick is useful when the supposed authorised
personnel is on vacation or cannot be contacted for verification.

Priority
o 25 Page 39 of 90
4:32 PM m M
Bh.Notes
4. Calling technical support:

Caling the technical support for assistance is a classic social
engineering example. Help-desk and technical support personnel
are trained to help users, which makes them good prey for social
engineering attacks.
5. Shoulder surfing:
It is a technique of gathering information such as usernames and

passwords by watching over a person's shoulder while he/she le
into the system, thereby helping an attacker to gain access to the
system.
6. Dumpster diving:
It involves looking in the trash for information written on pieces of

paper or computer printouts.
Q3. Discuss safety and security measures while using the computer in a
cyber cafe. (P4 -
Appeared 1
Time) (5-10M)
1.
Ans: Always logout:
While checking emails or logging into chatting services such as
instant messaging or using any other services that require
username and password, always click logout or sign out before
leaving the system.
Do not save your login information through options that allow
automatic login.
2. Stay with the computer:
While surfing/browsing, one should not leave the system

unattended for any period of time. If one has to go out, logout and
close all browser windows.

Priority
o 25 Page 40 of 90
4:32 PM m M
Bh.Notes
3. Clear history and temporary files:

Internet Explorer saves pages that you have visited in the history
folder and in temporary internet files. Your passwords may also be
stored in the browser if the option has been enabled on the
computer that you have used.
4. Be alert:
One should have to stay alert and aware of the surroundings while
using a public computer. Snooping over the shoulder is an easy way
of getting your username and password.
5. Avoid online transactions:
Ideally one should avoid online banking, shopping or other
transactions that require one to provide personal, confidential and
sensitive information such as credit card or bank account details. In
case of emergency one has to do it, one should change the
passwords using a more trusted computer such as at home and/or
in office.
6. Virtual Keyboard
Nowadays almost every bank has provided the virtual keyboard on
their website.
7. Security warnings:
One should take utmost care while accessing the websites of any
banks/financial institution.
8. Change passwords
Q4. Draw and explain how Botnets are used for gainful purposes. (P4
Appeared1 Time) (5-10M)
Ans: Botnet is a term used for collection of software robots, or bots, that run
Page no 40
-
Handcrafted by Engineers | P -
Priority
o 25 Page 41 of 90
4:32 PM m M
Bh.Notes
automatically and autonomously. The term is often associated with

malicious software but can also refer to the network of computers using
distributed computing software.
Botnet Creation
Botnet renting Botnet selling
Malware Stealing
DDoS Spam confidential Phishing
and Adware Spamdexing
Attacks Attacks installations infomation attacks
Selling credit Selling personal Selling intenet

card and bank identity services and
account details information shops account
In simple terms, a bot is simply an automated computer program.

One can gain the control of your computer by infecting them witha
virus or other malicious code that gives the access.
Your computer system may be a part of a botnet even though it
appears to be operating normally.
Botnets are often used to conduct a range of activities, from
distributing spam and viruses to conducting denial-of-service
attacks.
A botnet (also called a zombie network) is a network of computers
infected with a malicious program that allows cybercriminals to
Page no - 41 Handcrafted by Engineers | P -

Priority
o 25 Page 42 of 90
4:32 PM m M
Bh.Notes
control the infected machines remotely without users' knowledge

Zombie networks have become a source of income for entire
groups of cybercriminals.
The invariably low cost of maintaining a botnet and the ever
diminishing degree of knowledge required to manage one are
conducive to the growth in popularity and consequently the
number of botnets.
someone wants to start a business and has no programming
If
skills, there are plenty of bots for sale offers on forums.

Obfuscation and encryption of these programs' code can also be
ordered in the same way to protect them from detection by
antivirus tools.
Another option is to steal an existing botnet.
Q5. List and explain risks associated with cloud computing

environments. (P4 -
Appeared 1
Time) (5-10M)
Ans: Areas and the associated risks:

1. Elevated user access: Any data processed outside the organisation
brings with it an inherent level of risk, as outsourced services may
bypass the physical, logical and personnel controls and will have
elevated user access to such data.
2. Regulatory compliance: Cloud computing service providers are not
able and/or not willing to undergo external assessments. This can
result in non-compliance with various standards/laws.
3. Location of the data: The organisations that are obtaining cloud
computing services may not be aware about where the data is
hosted and may not even know in which country it is hosted.
Page no -
42 Handcrafted by Engineers | P -
Priority
o 25 Page 43 of 90
4:32 PM m M
Bh.Notes
4. Segregation of data: As the data will be stored under a stored

environment, the encryption mechanism should be strong enough
to segregate the data from other organisations, whose data are
also stored under the same server.
5. Recovery of data: Business continuity in case of any disaster
availability of the services and data without any disruption.
Application environment and IT infrastructure across multiple sites
are vulnerable to a total failure.
6. Information security violation reports: Due to the complex IT
environment and several customers logging in and logging out of

the hosts, it becomes difficult to trace inappropriate and/or illegal
activity.
7. Long term viability: case of any major change in the cloud
In
computing service provider the service provided is at stake.
Q6. How willyou classity cybercrime? (P4 Appeared 1

Time) (5-10M)
Ans: Cybercrimes:
1.
Cybercrime against individuals
a. Electronic mail spoofing
b. Phishing
C. Spamming
d. Cyber defamation
e. Cyber stalking and harassment
f.Computer sabotage
g. Pornographic offenses
h. Password sniffing

Priority
o 25 Page 44 of 90
4:32 PM m M
Bh.Notes
2. Cybercrime against property

a. Credit card fraud
b. Intellectual property crime
c. Internet time theft
3. Cybercrime against organisations
a. Unauthorised accessing computer
b. DOS attacks
C. Password niffing
d. Email bombing
e. Virus attacks
f. Salami attacks
g. Logic bomb
h. Trojan horse
i. Data diddling
j Industrial spying
k. Computer network intrusions
I.
Software privacy
4. Cybercrime against society
a. Forgery
b. Cyberterrorism
c. Web jacking
5. Crimes emanating from usenet newsgroup
Q/. what are modern techniques of credit card fraud? (P4

- Appeared 1
Time) (5-10M)
Ans: modern techniques of credit card fraud are:

P -
Priority
o 25 Page 45 of 90
4:32 PM m M
Bh.Notes
1. Skimming
Skimming is where the information is held on either the
magnetic strip on the back of the credit card or the data stored on
the smart chip are copied from one card to another.
2. Triangulation:
It is another method of credit card fraud and works in the following
way:
The criminal offers the goods th heavy discounted rates t rough
a website designed and hosted by him, which appears to be a
legitimate merchandise website.
The customer registers on the website with their details
.The criminal orders the goods from a legitimate website with the
help of stolen credit card details and supply shipping address that
have been provided by the customer while registering on the
criminal's website.
The goods are shipped to the customer and the transaction gets
completed.
The criminal keeps on purchasing other goods using fraudulent
credit card details of different customers till the criminal closes the
existing website and starts a nevw one.
Such websites are usually available for a few weeks/months, till the
authorities track the websites through which the criminal has
enticed the individuals to reveal their personal details, which
enabled the criminal to commit the transaction by using credit card
details of these customers.
.The criminals aim to create a great deal of confusion for the
authorities so that they can operate long enough to accumulate a
vast amount of goods purchased through such fraudulent
transactions.
Page no-45 Handcrafted by Engineers | P -

Priority
o 25 Page 46 of 90
4:32 PM m M
Bh.Notes
3. Credit card generators:

It is another modern technique computer emulation software-
that creates valid credit card numbers and expiry dates.
The criminals highly rely on these generators to create valid credit
cards.
These are available for free download on the internet.
Q8. Draw and explain pull and push attacks on mobile devices. (P4 -
Appeared 1
Time) (5-10M)
Captured E Mal,
passwords, etc
wEP Encrypted
WEP Eneryted Rogue Access Pont

ncucana a wEP Eecrypted
with passwords
WEP Encrypted
Legitnae
Pocket PC Device Access Point
conta
Containing credential
aata. naare of
these atacks
and enterprise data
Caphred ties,
EMal,
passworda, etc
ogue Peer
SGH T0 Open po
pocket PC
Fig: Pull attack on mobile devices.

Priority
o 25 Page 47 of 90
4:32 PM m M
Bh.Notes
Attack
Launches blended attack over
network
o0 0hoc
(B0211,
bluetooth, infrared)
Worm/ Zombie
Pocket PCE Mail

Device
Res
zomble installed
Worm/ Zombie
worm prorogates DDosZombies flood
Enterprises server
Wom/2ombie
WomzTombio
Contactist
of victin
Worm/Zombie Worm/Zombie
Fig: Push attack on mobile devices. DDos implies distributed denial-of-service attack.
Q9. Explain the following terms: (P4 -Appeared 1

Time) (5-10M)
Ans: i.Mishing:
Mishing isa combination of mobile phone and phishing. Missing
attacks are attempted using mobile phone technology.
M-Commerce is fast becoming a part of everyday life.
Ifyou use your mobile phone for purchasing goods/services and for
banking you could be more vulnerable to a phishing scam.
A typical mishing attacker usesa call termed as vishing or message
(sms) known as smishing.

Attacker will pretend to be an employee from your bank or another
organisation and will claima need for your personal details.

Priority
o 25 Page 48 of 90
4:32 PM m M
Bh.Notes
ii.Vishing:
Vishing is the criminal practice of using social engineering over the
telephone system most often using features facilitated by VolP to
gain access to personal and financial information from the public
for the purpose of financial reward.
The term is a combination of V-voice and phishing.
Vishing is usually used to steal credit card numbers or other related
data used in ID theft schemes from individuals.
ii.Smishing
Smishing isa criminal offence conducted by using social
engineering techniques similar to phishing.
.The name is derived from SMS Phishing.
SMS- short message service is a text messages communication
component dominantly used in mobile phones.
Smishing uses cell phone text messages to deliver a lure message
to get the victim to reveal his/her Pl.
The popular technique to hook the victim is either to provide a
phone number to force the victim to call or provide a website URL to
force the victim to access the URL wherein the victim gets
connected with bogus website that is duplicate but fake site
created by the criminal and submits his/her Pl
iv.Proliferation of mobile devices:
Mobile computing is "taking a computer and all necessary files and
software out into the field". Many types of mobile computers have
been introduced since the 1990s.
a.Portable computer: It is a general purpose computer that can be
easily moved from one place to another but cannot be used while
in transit, usually because it requires some setting up and an ac
power supply
o 25 Page 49 of 90
4:32 PM m M
Bh.Notes
b.Tablet PC: Lacks a keyboard, is shaped like a slate or a paper

notebook and has features of a touchscreen with a stylus and
handwriting recognition software.
Capable of carrying out most tasks
that an ordinary laptop would be able to perform.
c.Internet Tablet: It is the internet appliance in tablet form. Unlike a
tablet PC, the internet tablet does not have much computing power
and its applications are limited and it cannot replace a general
purpose computer. Typically has a MP3 and video player, a web
browser, a chat application and a picture viewer.
d.Personal Digital Assistant: It is a small, usually pocket sized,
computer with limited functionality. It is intended to supplement
and synchronise with a desktop computer, giving access to
contacts, address books, notes, Emails and other features.
.e.Ultra Mobile PC: It is a full-featured, PDA-sized Computer running a
general- purpose operating system
f.Smartphone: It is a PDA with an integrated cell phone functionality.
Current smartphones have a wide range of features and installable

applications.
g.Smartphone: It is a PDA with an integrated cell phone functionality.
hCarputer: It is a computing device installed in an automobile. It
operates with a wireless computer, sound system, GPS, DVD player
Also contains word processing and is bluetooth compatible.
.i.Fly fusion pent-up computer: a computing device with the size
It is
and shape of a pen. It functions as a writing utensil, MP3 player,

language translator, digital storage device and calculator.
v.RAS Security:
RAS is an important consideration for protecting the business-
sensitive data that may reside on the employees' mobile devices.
o 25 Page 50 of 90
4:32 PM m M
Bh.Notes
terms of cybersecurity, mobile devices are sensitive.

In
In addition to being vulnerable to unauthorised access on their own,
mobile devices also provide a route into the systems with which
they connect.
By using a mobile device to appear as a registered user to these
systems, a would-be cracker is then able to steal data or
compromise corporate systems in other ways.
The security of a RAS system can be divided into following 3 areas:
1.
The security of the RAS server
2. The security of the RAS client
3. The security of data transmission
Although the desired level of security of the RAS server can be
controlled, the RAS client is typically not under complete control and
the security of data transmission media is generally completely out
of their control.
vi.LDAPSecurity:
LDAP is a software protocol for enabling anyone to locate
individuals, organisations and other resources such as files, and
devices on the network.
Ina network, a directory tells you where an entity is located in the
network.
LDAP a lightweight version of Directory Access Protocol because
is it
does not include security features in its initial version.

Centralised directories such as LDAP make revoking permissions
quick and easy.
An LDAP directory is organised into a simple tree structure that
consists of the following levels:

1.
Root directory which branches out to
2. Countries, which branches out to

P -
Priority
o 25 Page 51 of 90
4:32 PM m M
Bh.Notes
3.Organisations, which branches out to

4 Organisational units, which further branch out to
5. Individuals
An LDAP server is called a Directory Systems Agent (DSA).
It receives a request from a user, takes responsibility for the request,
passing it to other DSAs as necessary, but ensuring a single
coordinated response for the user.
An LDAP directory can be distributed among many servers.
Each server can havea replicated version of the total directory that
is synchronised periodically.
vii.Cryptographic Security
CGA (Cryptographically Generated Address) is internet protocol
version 6 that addresses up to 64 address bits that are generated
by hashing the owner's public-key address.
The address the owner uses is the corresponding private key to
assert address ownership and to sign messages sent from the
address without a public-key infrastructure or other security
infrastructure.
Deployment of provides many benefits for users to secure their
PKI
financial transactions initiated from mobile devices.

CGA-based authentication can be used to protect IP layer
signalling protocols, neighbour discovery and mobility protocols
It can also be used for key exchange in opportunistic Internet
Protocol Security. Palms are one of the most common hand-held
devices used in mobile computing.
Cryptographic Security Controls are deployed on these devices. For
example, the Cryptographic Provider Manager (CPM) in palm Os5 is
a system-wide suite of cryptographic services for securing data
and resources on a palm-powered device.
o 25 Page 52 of 90
4:32 PM m M
Bh.Notes
The CPM extends encryption services to any application written to

take advantage of these capabilities, allowing the encryption of
only selected data or of all data and resources on the devices.
vii.Authentication Service Security:
There are two components of security in mobile computing: security
of devices and service of networks.
A secure network access involves mutual authentication between
the device and the base stations or Web serv rs.
This is to ensure that only authenticated devices can be connected
to the network for obtaining the requested services.
No malicious code can impersonate the service provider to trick the
device into doing something it does not mean to.
Thus, the networks also play a crucial role in security of mobile
devices.
Some eminent kinds of attacks to which mobile devices are
subjected to are: push, pull and crash.
Authentication service security is important given the typical
attacks on mobile devices through wireless networks: DoS attacks,
traffic analysis, eavesdropping, man-in-the-middle attacks and
session hijacking.
Security measures in this scenario come from wireless application
protocols, use of VPNs, media access control address filtering and
development in 802.xx standards.
ix.DoS:
A denial-of-service attack (Dos) or distributed denial-of-service
DDos) an attempt to make a computer resource unavailable to
is
its intended users.
DoS attacks: In this type of criminal act, the attacker floods the
bandwidth of the victim's network or fills his email box with spam
o 25 Page 53 of 90
4:32 PM m M
Bh.Notes
mail depriving him of the services he is entitled to accessor

provide.
Although this means to carry out, motives for and targets of a DoS
attack may vary, it generally consists of the concerted efforts of a
person or people to prevent the Internet site or service from
functioning efficiently or at all, temporarily or indefinitely
The attackers typically target sites or services hosted on
high-profile web servers such as banks, credit card payment
gateways, mobile phone networks and even root name servers.
The goal of Dos is not to gain unauthorised access to systems or
data, but to prevent intended users of a service from using it.
A DOS attack may do the following
1 Flood a network with traffic, thereby preventing legitimate

network traffic
2. Disrupt connections between two systems, thereby
preventing access to a service

3. Prevent a particular individual from accessing a service
4. Disrupt service to a specific system or person Types of DoS
attacks:
a. Flood attack
b. Ping of death attack
c. SYN attack
d. Teardrop attack
e. Smurf attack
f Nuke Tools used
9. Jolt2
h. Nemesy
i. Targa
Crazy pinger
Priority
o 25 Page 54 of 90
4:32 PM m M
Bh.Notes
k. SomeTrouble
x.Spamming:
People who create electronic spam are called spammers.
Spam is the abuse of electronic messaging systems that send
unsolicited bulk messages indiscriminately.
Although the most widely recognised form of spam is EMail spam,
web search engine spam, spam in blogs, wiki spam, social
networking spam, file sharing network spam, video sharing sit et c.
Spamming is difficult to control because it has economic viability-
advertisers have no operating costs beyond the management of
their mailing lists, and it is difficult to hold senders accountable for
their mass mailings.
Spammers are numerous: the volume of unsolicited mail has
become very high because the barrier to entry is low.
The costs, such as lost productivity and fraud are borne by the
public and by the internet service providers, who are forced to add
extra capacity to cope with this deluge. Another definition of
spamming is in the context of "search engine spamming".
.In this context, spamming is alteration or creation of a document
with the intent to deceive an electronic catalog or a filing system.
xi.cyber defamation:
According to IPC section 499:
1. It may amount to defamation to impute anything to a deceased
person, if the imputation would harm the reputation of the person if

living, and is intended to be hurtful to the feelings of his family or
other near relatives.
2. Itmay amount to defamation to make an imputation concerning a
company or an association or collection of persons as such.
3. An imputation the form of an alternative or expressed ironically,
o 25 Page 55 of 90
4:33 PM m M
Bh.Notes
may amount to defamation.

4. No imputation is said to harm person's reputation unless that
imputation directly or indirectly, in the estimation of others, lowers
the moral or intellectual character of that person, or lowers the
character of that person in respect of his caste or of his calling, or
lowers the credit of that person, or causes it to be believed that the
body of that person is in a loathsome state or in a state generally
considered as disgraceful.
xii.Hacking
The main purposes of hacking are:
1.
Greed
2. Power
3. Publicity
4. Revenge
5. Adventure
6. Desire to access forbidden information
7. Destructive mindset
Every act committed toward breaking into a computer and/or
network is hacking and it is an offence.
Hackers write or use ready-made computer programs to attack the
target computer.
Some hackers hack for personal monetary gains, such as stealing
credit card information, transferring money from various bank
accounts to their own account followed by money withdrawal
Government websites are hot on hackers' target lists and attacks
on government websites receive wide press coverage.
xii. Industrial espionage:
.Spying not limited to governments.
is
Corporations, like the government, often spy on the enemy.
o 25 Page 56 of 90
4:33PM m Mi
Bh.Notes
The internet and privately owned networked systems provide new

and better opportunities for espionage.
Spies" can get information about product finances, research and
development and marketing strategies, an activity known as
"industrial spying".
However, cyber spies rarely leave behind a trail. Industrial spying is
not new; in fact it is as old industries themselves.
Traditionally, this has been the reserved hunting field of a few
hundreds of highly skilled hackers, contracted by high-profile
companies or certain governments via the means of escrow
organisations.
With the growing public availability of Trojans and Spyware
material, even low-skilled individuals are now inclined to generate
high volume profit out of industrial spying
This aspect of industrial spying is the one to be addressed in thee
fight against cybercrime.
xiv.Pornographic Offenses:
"Child pornography" means any visual depiction, including but not
limited to the following:
. Any photograph that can be considered obscene and/or
unsuitable for the age of the child viewer
2. Film, video, picture
3. Computer-generated image or picture of sexually explicit
conduct where the production of such visual depiction
involves the use of a minor engaging in sexually explicit
conduct.
Child pornography is considered an offence. Unfortunately, child
pornography is the reality of internet.
The internet is being highly used by its abusers to reach and abuse
o 25 Page 57 of 90
4:33 PM m M
Bh.Notes
children sexually, worldwide. In India too, the internet has become a

household commodity in the urban areas of the nation.
Its explosion has made the children a viable victim to cybercrime.
"Pedophiles" are people who physically or psychologically coerce
minors to engage in sexual activities, which the minors would not
consciously consent to.
xv.Email bombing
Email bom ing refers to sending a large number of emails to the
victim to crash the victim's email account or to make the victim's
mail servers crash. Computer programs can be written to instruct a
computer to do such tasks on a repeated basis.
.In recent times, terrorism has hit the internet in the form of mail
bombings. By instructing a computer to repeatedly send email to a
specified person's email address the cybercriminal can overwhelm
the recipient's personal account and potentially shut down the
entire system.
xvi.Solutions to password sniffing:
Password sniffers are programs that monitor and record the name
and password of network users as they login, jeopardising security
at a site.
Whoever installs a sniffer can then impersonate an authorised user
and login to access restricted documents.
Solutions:
1. Passwords and user login identities should be unique
2. Passwords should consist of a minimum of eight alphanumeric
characters
3. There should be computer-controlled list of prescribed password
rules and periodic testing to identify any weakness
4. Passwords should be kept private

Priority
o 25 Page 58 of 90
4:33 PM m M
Bh.Notes
5. Passwords shall be changed every 30/45 days or less

6. User accounts should be frozen after five failed login attempts
7. Sessions should be suspended after 15 minutes of inactivity and
require the passwords to re-enter
8. Successful login should display the time and date of the last login
and logoff
9. Passwords for business accounts, personal accounts and banking
accounts should be kept separate
10. Previously used passwords should not be reused
xvii.Hackers, crackers and phreakers:
Hackers: A hacker is a person with a strong interest in computers
who enjoys learning and experimenting with them. Hackers are
usually very talented, smart people who understand computers
better than others.
Crackers: A cracker is a person who breaks into a computer. The
term cracker is usually connected to computer criminals. Some of
their crimes include vandalism, theft and snooping in unauthorised
areas.
Phreakers: phreaker is a person that breaks into a telephone line
A
or a communication system
xvii.Reconnaissance
The literal meaning of "reconnaissance "
is an act of
reconnaissance explore, often with the goal of finding something
or somebody.
Reconnaissance phase begins with footprinting this is the
preparation toward pre attack phase and involves accumulating
the data about the target's environment and computer architecture
to find ways to intrude into that environment.
Footprinting gives an overview about system vulnerabilities and
o 25 Page 59 of 90
4:33 PM m M
Bh.Notes
provides a judgement about possible exploitation of those

vulnerabilities.
The objective of this preparatory phase is to understand the system,
its networking ports and services, and any other aspects of its
security that are needful for launching the attack.
xix.Steps for SQL injection attack:
sQL injection is a code injection technique that exploits a security
vulnerability occurring in the database layer of application. Steps:
1. The attacker looks for the web pages that allow submitting data,
that is, login page, search page, feedback, etc. The attacker also
looks for the web pages that display the HTML commands such as
POST or GET by checking the site's source code
2. To check the source code of any website, right click on the
webpage and click on "view source" source code is displayedin

notepad. The attacker checks the source code of HTML and looks for
the "FORM" tag in the HTML code. Everything in between the <FORM
and /FORM> have potential parameters that might be useful to
find the vulnerabilities
3. The attacker inputs a single quote under the text box provided on
the web page to accept the username and password. This checks
whether the user-input variable is sanitised or interpreted literally
by the server. If the response is an error message such as use "a" =
"a" then the website is found to be susceptible to an SQL injection
attack
4. The attacker uses SQL commands such as SELECT statement
command to retrieve data from the database or INSERT statement
to add information to the database
Xx.Cyber stalking:
Cyberstalking has been defined as the use of information and
o 25 Page 60 of 90
4:33 PM m M
Bh.Notes
communications technology, particularly the internet, by an

individual or group of individuals to harass another individual,
group of individuals or organisation.
The behaviour includes false accusations, monitoring, transmission
of threats, ID theft, damage to data or equipment, solicitation of
minors for sexual purposes, and gathering information for
harassment purposes.
As the internet has bec me an integral part of our personal and
professional lives, cyberstalkers take advantage of ease of
communication and an increased access to personal information
available with a few mouse clicks or keystrokes.
Stalking works in the following way:
1. Personal information of the victim is gathered
2. A contact with the victim is established through
phone/telephone cal. Once the contact is established, the

stalker may make calls to the victim to threaten/harass.
3. Stalkers will almost always establish a contact with the
victims through email. The letters may have the tone of
loving, threatening or can be sexually explicit. The stalker
may use multiple names while contacting the victim.
4. Some stalkers keep on sending repeated emails asking for
various kinds of favours or threaten the victim.
5. The stalker may post the victim's personal information on
any website related to illicit services such as sex-workers'
services or dating services, posing as if the victim has
posted the information and invite the people to call the
victim on the given contact details to have sexual services
6. Whosoever comes across the information, start calling the
victim on the given contact details asking for sexual services
o 25 Page 61 of 90
4:33 PM M M@ WiFi wir
7
Bh.Notes
or relationships.
7. Some stalkers subscribe/register the email account of the
victim to innumerable porno raphic and sex sites, becaus
of which victim will start receiving such kind of unsolicited
emails
Page no- 61 Handcrafted by Engineers |

P -
Priority
o 25 Page 62 of 90
4:33 PM m M
Bh.Notes
MODULE-5
QI. Explain data protection and the new clause 43A under the amended
IT Act (P4- Appeared 1
Time) (5-10M)
Ans: The amended Indian IT Act provides for penalty for damage to
computers, computer systems under the title Penalty and Adjudication in
Section 43 that is widely interpreted as a clause to provide data protection
in the country.
Unauthorised access to a computer, computer system or computer
network is punishable with a compensation of up to l crore rupees
This section has been improved to include stealing of computer
source code for which compensation can be claimed.
Data protection has now been made more explicit through insertion
of a new clause 43A that provides for compensation to an
aggrieved person whose personal data including sensitive personal
data may be compromised by a company, during the time it was
under processing with the company, for failure to protect such data
whether because of negligence in implementing or maintaining
reasonable security practices
Furthermore, reasonable security practices and procedures will
constitute those practices and procedures that protect such
information from unauthorised access, damage, use, modification,
disclosure or impairment as may be specified in an agreement
between the parties or as may be specified in any law in force.
In the absence of such an agreement or any law, the Central
Government will prescribe security practices and procedures in

Priority
o 25 Page 63 of 90
4:33 PM m M
Bh.Notes
consultation with professional bodies or associations.
Q2.what are the amendments in ITA 2008 under section 66, 67, 68 (P4-
Appeared 1 1Time) (5-10M)
Ans: Section 66:

This clause has been rewritten with significant changes. Applies to
all contraventions listed in section 43 and shall be punishable with
imprisonment for a term which may extend to 3 years or with fine
which may extend up to 5 lakhs and both.
The section applies an act is done "dishonestly" or "fraudulently
if
as defined in CrPC(Criminal Procedure Code).

New sections added under 66A, 668, 66C, 66D, 66E and 66F to cover
new offences.
Section 66A:
Sending offensive messages.
Punishment: Imprisonmentfor a term which may extend to three
years and fine.
Section 66B:
Receivinga stolen computer resource.
Punishment: Imprisonment for a term which may extend to three
years or with fine which may extend to lakh rupees or both.
1
Section 66C:
.Identity theft.
years also liable to fine which may extend to Iakh rupees.
1
Section 66D:
Cheating by personation.

Priority
o 25 Page 64 of 90
4:33 PM m M
Bh.Notes

years also liable to fine which may extend to lakh rupees.
1
Section 66E:
Violation of Privacy.
years or with a fine not exceeding 2 Iakh rupees.
Section 66F:
Cyber Terrorism.
Punishment: Imprisonment which may extend to imprisonment for
life.
Section 67:
Fine increased to 5 Iakhs for first instance and 10 lakhs for
subsequent instance.
Imprisonment reduced to 3 years for first instance and 5 years for
subsequent instance.
New section 67A introduced to cover material containing "sexually
explicit acts".
Punishment: On first conviction with imprisonment for a term which
may extend to 5 years and with fine which may extend to 10 Iakhs.
In the event of second and subsequent conviction with
imprisonment for a term which may extend to 7 years and also with
fine which may extend to 10 lakhs.
New section 67B introduced to cover child explicit act or conduct.
Punishment On first conviction with imprisonment for a term which
may extend to 5 years and with fine which may extend to 10 lakhs.
In the event of second and subsequent conviction with
imprisonment for a term which may extend to 7 years and also with
fine which may extend to 10 lakhs.
New section 67C, this provision will require intermediaries to
Page no -64 Handcrafted by Engineers | P Priority
o 25 Page 65 of 90
4:33 PM m M
Bh.Notes
preserve and retain certain records for a stated period.

Section 68:
Refers to the powers of the Controller to direct Certifying Authorities
for compliance.
No significant change.
Penal powers to be applicable only on intentional violation.
Q3.what are the positive aspects and weak areas of ITA 2000 Positive
Aspects: (P4- Appeared 1 Time) (5-10M)
Ans: 1.Prior to the enactment of ITA 2000 even an email was not accepted
under the prevailing statutes of India as an accepted legal form of
communication and as evidence in a court of law.
But the 2000 changed this scenario by legal recognition of the
ITA
electronic format. Indeed, the ITA 2000 is a step forward.

2. From the perspective of the corporate sector, companies are able to
carry out E- commerce using the legal infrastructure provided by ITA 2000.
Till the coming into effect of the Indian cyberlaw, the growth of
E-commerce was impeded in our country basically because there was no

legal infrastructure to regulate commercial transactions online.
3. Corporate will now be able to use digital signatures to carry out their
transactions online. These signatures have been given legal validity and
sanction under the ITA 2000.
4. In today's scenario, information is stored by the companies on their
respective computer system, apart from maintaining a backup. Under the
ITA 2000, it became possible for corporations to have a statutory remedy if
anyone breaks into their computer systems or networks and causes

damages, by the way of compensation, not exceeding 10,00,000 rupees.

Priority
o 25 Page 66 of 90
4:33 PM m M
Bh.Notes
to the coming into effect of

5. ITA 2000 defined various cyber crimes. Prior
the Indian cyberlaw, the corporate were helpless as there was no legal
redress for such issues. However, with the ITA 2000 instituted, the scenario
changed altogether.
Weak Areas:
1. The ITA 2000 is likely to cause a conflict of jurisdiction
2. E-commerce on the system of domain names. The ITA
is based
2000 does not even touch the issues relating to domain names.
Domain names have not been defined and the rights and liabilities
of domain name owners do not find any mention in the law. The law
does not address the rights and liabilities of domain name holders.
3. The ITA 2000 does not deal with the issues concerning the
protection of Intellectual Property Rights (IPR) in the context of the
online environment. Contentious yet very important issues
concerning online copyrights, trademarks and patents have been
left untouched by the law, thereby leaving many loopholes. Thus,
the law lacks "Proper Intellectual Property Protection for Electronic
Information and Data" the law misses out the issues of IPR and
makes no provisions whatsoever for copyrighting, trade marking or
patenting of electronic information and data. However, the
corresponding provisions are available under the Indian Copyright
Act
4. As the cyber law is evolving, so are the new forms and
manifestations of cyber crimes. The offences defined in ITA 2000 are
by no means exhaustive. However, the drafting of the relevant
provisions of the 2000 makes it appear as if the offences
ITA
detailed therein are the only cyber offeences possible and existing.
o 25 Page 67 of 90
4:33 PM m M
Bh.Notes
The ITA 2000 does not cover various kinds of cyber crimes and
Internet-related crimes. Including
a. Theft of Internet hours
b. Cyber theft
C. Cyber stalking
d. Cyber harassment
e. Cyber defamation
f.Cyber fraud
g. Misuse of credit card numbers
h. Chat room abuse
i.
Cyber squatting
5. The ITA 2000 has not tackled vital issues pertaining to E-commerce
sphere like privacy and content regulation to name a few
not explicit about regulation of Electronic Payments, and
6. The ITA is
avoids applicability of ITA to negotiable instruments. The ITA stays silent
over the regulation of electronic payments gateway and rather segregates
the negotiable instruments from the applicability of the ITA. This may have
a major effect on the growth of E-commerce in India. This has led to
tendencies of banking and financial sectors being irresolute in their stands.
7.1TA does not touch upon antitrust issues.
8. The most serious concern about the Indian Cyber Law relates to its
implementation. The ITA 2000 does not lay down parameters for its
implementation. Also, when Internet penetration in India is extremely low
and government and police officials, in general, are not very computer
savvy, the new Indian cyber law raises more questions than it answers. It
seems that the parliament would be required to amend the ITA 2000 to
remove the gray areas mentioned above.

Priority
o 25 Page 68 of 90
4:33 PM m M
Bh.Notes
Q4.what are the amendments to the Bankers Books Evidence Act and
Reserve Bank of India act (P4 -
Appeared 1
Time) (5-10M)
Ans: Amendments to the Bankers Books Evidence Act

1In Section 2:
a.For clause (3), the following clause shall be substituted, namely

(3) "bankers books" include ledgers, day-books, cash-books,
account-books and all other books used in the ordinary business of
a bank whether kept in the written form or as printouts of data
stored in a floppy disc, tape or any other form of electro-magnetic
data storage device.
b.For clause (8), the following clause shall be substituted, namely,
(8) "certified copy" means when the books of a bank:
aAre maintained in written form, a copy of any entry in such books
together with a certificate written; the foot of such copy that is a
true copy of such entry, that such entry is contained in one of the
ordinary books of the bank and was made in the usual and ordinary
course of business and that such book is still in the custody of the
bank, and where the copy was obtained by a mechanical or other
process which itself ensured the accuracy of the copy, a further
certificate to the effect, but where the book from which such copy
was prepared has been destroyed in the usual course of the bank's
business after the date on which the copy had been so prepared, a
further certificate to that effect, each certificate being dated and
subscribed by the principal accountant manager of the bank with
his name and official title and;
b.Consist of printouts of data stored in a floppy disc, tape or any
other electro- magnetic data storage device, a printout of such

Priority
o 25 Page 69 of 90
4:33 PM m M
Bh.Notes
entry or a copy of such printout together with such statements

certified in accordance with the provisions of section 2A
2.After section 2, the following section shall be inserted, namely,
Conditions in the printout. "2A. A printout of entry or a copy of
printout referred to in subsection (8) of section 2 shall be
accompanied by the following, namely,
a.A certificate to the effect that it is a printout of such entry or a
copy of such printout by the principal accountant or branch
manager and
bA certificate by a person in-charge of computer system
containing a brief description of the computer system and the
particulars of:
a.The safeguards adopted by the system to ernsure that data is
entered or any other operation performed only by authorised
persons
b.The safeguards adopted to prevent and detect unauthorised
change of data
c.The safeguards available to retrieve data that is lost due to
systematic failure or any other reasons
d.The manner in which data is transferred from the system to
removable media like floppies, discs, tapes or other
electro-magnetic data storage devices.
e.The mode of verification in order to ensure that data has been
accurately transferred to such removable media
f.The mode of identification of such data storage devices
.g.The arrangements for the storage and custody of such storage
h.The safeguards to prevent and detect any tampering with the
system
iAny otherfactor which will vouch for the integrity and accuracy of
Page no -69 Handcrafted by Engineers | P Priority
o 25 Page 70 of 90
4:33 PM m M
Bh.Notes
the system
cA further certificate from the person in-charge of the computer
system to the effect that to the best of his knowledge and belief
such computer system operated properly at the material time, he
was provided with all the relevant data and the printout in question
represents correctly, or is appropriately derived from, the revenant
data"
Amendments to the Reserve Bank of India Act
In the Reserve Bank of India Act 1934, in section 58, in subsection (2)
after clause (p), the following clause shall be inserted, namely,
"The regulation of fund transfer through electronic means between
the banks or between the banks and other financial institutions
referred to Clause(c) of section 45-1, including the laying down of
the conditions subject to which banks and other financial
institutions shall participate in such fund transfers, the manner of
such fund transfers and the rights and obligations of the
participants in such fund transfers"
Q5.what are the key IT requirements of HIPAA? (P4 Appeared Time)

- 1
(5-10M)
Ans: Conduct an initial risk assessment, periodic reviews and

reassessments
Designate security person
Implement termination policy and procedures
.Have a written security and incident handling policy
Have a backup, emergency operations and disaster recovery plan
Have policies for the use of the internet, various systems (laptops,

Priority
o 25 Page 71 of 90
4:33 PM m M
Bh.Notes
servers) and reusable storage media (USB Drivers, CDs/DVDs) along

with their reuse and disposable plan
Have audit controls, including unique user identifiers, for
authenticating users, recording and auditing user sessions and
logout/disconnect inactive sessions
Have a policy to encrypt sensitive data, monitor and audit access
and alterations to sensitive data, protect data in transmission with
backup.
Q6.what are the key IT requirements of FISMA? (P4 Appeared 1

Time)
(5-1OM)
Ans: Identify information and information systems

Perform risk assessment and categorise information and
information systems according to the risk level as per the Federal
Information Processing Standard Publication 199 based on the
-
rating- low, moderate or high impact, in the categories of

confidentiality, integrity and availability, with the most severe rating
as the overall security rating
The federal information system must meet the minimum security
requirements, hence, select and secure the systems with the
appropriate minimum recommended baseline controls required
Refine the controls using a risk assessment procedure to validate
the security control set and determine if any additional controls are
needed to protect agerncy operations, assets, individuals, other
organisations, or the nation
Document the controls in the system security plan which require
periodic review, modification, and plans of action and milestones

Priority
o 25 Page 72 of 90
4:33PM m M
Bh.Notes
for implementing security controls

Implement security controls in appropriate information systems
and then assess the effectiveness of the security controls once they
have been implemented
Determine agency-level risk to the mission or business case
Authorise the information system for processing
Monitor the security controls on a continuous basis which includes
activities like configuration management and control of information
system components, security impact analyses of changes to the
system, ongoing assessment of security controls, and status
reporting
Q7.what are the security practices and requirements of PCIi? (P4 -
Appeared1 Time) (5-10M)
Ans:
Security Practice Requirements
1. Build and Maintain
. Install and maintain a firewall configuration to
a Secure Network protect
. Do notdata.
use vendor-supplied defaults for system
passwords and other security parameters.
2. Protect 3. Protect stored data
Cardholder Data 4. Encrypt transmission of cardholder data and
sensitive information across public networks
Page no - 72 Handcrafted by Engineers | P- Priority
o 25 Page 73 of 90
4:33 PM m M
Bh.Notes
3. Maintain a 5. Use and regularly update anti-virus software

Vulnerability 6. Develop and maintain secure systems and
Management applications
Program
4. Implement Strong7. Restrict access to data by business
Access Control need-to-know
Measures 3. Assign a unique ID to each person with computer
access
9.Restrict physical access to cardholder data
5. Regularly Monitor o. Track and monitor all access to network
and Test Networks resources and cardholder data
1. Regularly test security systems and processes
6. Maintain an 2. Maintain a policy that addresses information
Information Security |security
Policy
Q8.what are information security standard compliances? (P4-

Appeared 1
Time) (5-10M)
Ans: An information security standard to manage their

helps organisations
information security requirements. It helps to manage the security risk and
implement security controls that meet legal and regulatory requirements.
It recommends the adoption of best practices to achieve
performance and cost benefits.
Over the years, many standards have been developed for
information security.
Most of them are specific to a particular domain.

Priority
o 25 Page 74 of 90
4:33 PM m M
Bh.Notes
The following are a few examples:

a. SOx/SARBOX: It is a United States federal law that applies to
all publicly traded companies. A number of provisions of the
Act also apply to privately held companies and to their
auditing, the board of directors, disclosures, improper
trading and practices, wilful destruction of evidence to
impede a federal investigation, etc.
b. GLBA: Applies to the financial services industry and includes
credit reporting agencies, ATM operators, appraisers,
couriers, and tax preparers. It requires financial institutions to
establish standards for protecting the security, integrity, and
confidentiality of their customers' Nonpublic Personal
Information.
C. HIPAA: The Health InsurancePortability and Accountability
Act was created to modernise the flow of healthcare
information and stipulate a way in which the Personally
ldentifiable Information could be maintained by the
healthcare and healthcare insurance sector. In general,
HIPAA applies to organisations which deal with healthcare,
medical records, insurance, or any medical-related

business.
d. FISMA: The Federal Information Security Modernisation Act
recognised the importance of information security to the
economic and national security interests of the United
States. It is applicable to the government agencies, including
contractors, grantees, state and local governments, industry
partners, service providers or any organisation that possess
or use federal information, or which operate, use or have
access to federal information systems on behalf of a federal
o 25 Page 75 of 90
4:33 PM m M
Bh.Notes
agency.
e. NERC: North American Electric Reliability Corporation wad
formed to oversee and regulate the reliability of the North
American bulk power systems. NERC is a self- regulated
organisation and has been designed as the National Electric
Reliability Organisation (ERO) by the US Federal Energy
Regulatory Commission.
f. ISO/IEC: It is a family of Information Security Management
Systems standards called ISO/IEC. It comprises information

security standards published jointly by the International
Organisation for Standardisation (Iso) and the International
Electrotechnical Commission (1EC). It provides an overview
of information security management systems along with the
terms and definitions commonly used in the ISMS family of
standards.
g. PCI SSC: The Payment Card Industry Security Standards
Council (PCI SSc) was originally formed by American
Express, Discover Financial Services, JCB Internationa,
MasterCard and Visa Inc. was formed in response to an
It
increase in data security breaches leading to losses to the

credit card companies and putting the customers at risk. It is
also responsible for education and awareness efforts related
to the standards.
Q9.write a short note on 1. ISO 2. NERC. (P4 -

Appeared 1
Time) (5-10M)
Ans: a.ISO
It is a family of Information Security Management Systems

Priority
o 25 Page 76 of 90
4:33 PM m M
Bh.NotesS
standards called ISO/ IEC.

It comprises information security standards published jointly by the
International Organisation for Standardisation (IsO) and the
International Electrotechnical Commission (EC).
It provides an overview of information security management
systems along with the terms and definitions commonly used in the
ISMS family of standards
b.NERG
North American Electric Reliability Corporation was formed to

oversee and regulate the reliability of the North American bulk
power systems.
NERC is a self- regulated organisation and has been designed as
the National Electric Reliability Organisation (ERO) by the US Federal
Energy Regulatory Commission.
FERC has granted NERC the legal authority to enforce reliability
standards with all users, owners and bulk power granted system
operators of the United States of America, Canada and Mexico to
meet its security standards.
QI0.what is meant by computer source code under section 65 of ITA
2000? What is the punishment for tampering with it? (P4 Appeared 1
Time) (5-1OM)
Ans: Whoever knowingly or intentionally conceals, destroys or alters or

intentionally or knowingly causes another to conceal, destroy or alter any
computer source code used for a computer, computer programme,
computer system or computer network, when the computer source code is
required to be kept or maintained by law for the time being in force, shall

Priority
o 25 Page 77 of 90
4:33 PM m M
Bh.Notes
be punishable with imprisonment up to 3 years, or with the fine which may

extend up to 2 Iakh rupees or with both.
For the purposes of this section, "computer source code" means the
listing of programmes, computer commands, design and layout
and programme analysis of computer resources in any form.
QII.what are the computer related offences under section 66 of ITA
2000 and punishment for it? (P4 -

Appeared 1
Time) (5-10M)
Ans: Whoever with the intent to cause or knowing that he is likely to cause
wrongful loss or damage to the public or any person destroys or deletes or
alters any information residing in a computer resource or diminishes its
value or utility or affects it injuriously by any means, commits hack.
.Whoever commits hacking, shall be punished with imprisonment
upto 3 years, or with a fine which may extend up to 5 lakh rupees or
with both.
Q12.what is the punishment for publishing obscene material in

electronic form under section 67 of ITA 2000? (P4
- Appeared Time) 1
(5-1OM)
Ans: Whoever publishes or transmits or causes to be published in the

electronic form, any material which is lascivious or appeals to the prurient
interest or if its effect is such as to tend to deprave and corrupt persons
who are likely, having regard to all relevant circumstances, to read, see or
hear the matter contained or embodied in it, shall be punished on first
conviction with the inmprisonment of either description for a term which

Priority
o 25 Page 78 of 90
4:33 PM m M
Bh.Notes
may extend to 3 years and with fine which may extend to 5 lakh rupees
and in the event of a second conviction with imprisonment of either
description for a term which may extend to 5 years and also with a fine
which may extend to 10 Iakh rupees.
QI3.what is the penalty of misrepresentation under section 71 of ITA
20002 (P4- Appeared 1

Time) (5-10M)
Ans: Whoever makes any misrepresentation to, or suppresses any material

fact from, the Controller or the Certifying Authority for obtaining any license
or Digital Signature
Certificate, as the case may be, shall be punished with
imprisonment for a term which may extend to 2 years or with fine
which may extend to lakh rupees or with both.
1
Q14.what is the penalty for breach of confidentiality and privacy under
section 72 of ITA 2000? (P4 Appeared 1

Time) (5-10M)
Ans: Save as otherwise provided in this Act or any other law for the time
being in force, any person who, in pursuance of any of the powers
conferred under this Act, rules or regulations made three-under, has
secured access to any electronic record, book, register, correspondence,
information, document or other material without the consent of the person
concerned discloses such electronic record, book, register,
correspondence, information, document or other material to any other
person shall be punished with imprisonment for a term which may extend
to 2 years or with a fine which may extend to llakh rupees or with both.
o 25 Page 79 of 90
4:33 PM m M
Bh.Notes
Ql5.what is the penaity for publishing Digital Signature Certificate false
in certain particulars under section 73 of ITA 2000? (P4 -

Appeared 1
Time)
(5-10M)
Ans: No person shall publish a Digital Signature Certificate or otherwise

make it available to any other person with the knowledge that:
a. The Certifying Authority listed in the certificate has not issued it, or
b. The subscriber listed in the certificate has not accepted it, or
c. The certificate has been revoked or suspended, unless such
publication is for the purpose of verifying a digital signature created
prior to such suspension or revocation
d. Any person who contravenes the provisions of subsection (1) shall
be punishable with imprisonment for a term which may extend to2
years or with a fine which may extend 1 lakh rupees or with both.
Ql6.what is the penaity tor publication for fraudulent purpose of digital

signature certificate under section 74 of ITA 2000? (P4 Appeared 1
Time)
(5-10M)
Ans: Whoever knowingly creates, publishes or otherwise makes available a

Digital Signature Certificate for any fraudulent or unlawful purpose shall be
punished with imprisonment for a term which may extend to 2 years or
with fine which may extend to Iakh rupees or with both.
1
Q17. List any 2 sections of ITA 2008 related to cyber café with their
statements (and comments for 5 marks)

Priority
o 25 Page 80 of 90
4:33 PM m M
Bh.Notes
Ans:
Section What is states
cybercafe means any facility from where access to the
Section 2(na) Internet is offered by any person in the ordinary course
of business to the members ofthe public
The definition of "Intermediaries" includes cybercafes

Section 2(w) The regulations for intermediaries therefore apply to
cybercafes after ITA2008 becomes effective
Ql8.uist any 2 sections of ITA 2008 related to Indian lT and ITES
companies. (P4 Appeared 1

Time) (5-10M)
Ans:
section What it states
Where a body corporate, possessing, dealing or

handling any sensitive personal data or information
Section 43A: in a computer resource which it owns, controls or
Compensation for operates, is negligent in implementing and
Failure to protect maintaining reasonable security practices and
data procedures and thereby causes wrongful loss or
wrongful gain to any person, such body corporate
shall be liable to pay damages by way of
compensation, to the person so affected

Priority
o 25 Page 81 of 90
4:33 PM m M llwr lw
Bh.Notes
The section states that:

Section 67C: Intermediary shall preserve and retain such
Preservation and information as may be specified for such duration
retention of and in such manner and format as the Central
information by Government may prescribe.
intermediaries Any intermediarywho intentionally or knowingly
contravenes the provisions of subsection (1) shall be
punished with an imprisonment for a term that may
extend to 3 years and shall also be liable to fine
QI9.Discuss the concept of cyberspace with reference to e-commerce

(P4 Appeared 1
Time) (5-10M)
Ans: Cyberspace law, also referred to as cyberlaw, is a term that

encompasses the legal issues related to the communication, distribution,
and transactions over the Internet or other networked technologies and
devices. This type of law is important to protect consumers and other
Internet searchers from ill-willed persons and companies.
It regulates many areas within cyberspace law include:
E-Commerce
Cyber crimes
Intellectual property
Freedom of expression
Privacy concerns
E-Commerce also known as business law, commerce law is a body
of laws that govern the conduct of individuals and businesses
engaged in commerce, merchandising, trade, and sales. As the
Internet continues to dominate all aspects of society, businesses
o 25 Page 82 of 90
4:33 PM m M
Bh.Notes
are no exception.
Thus e-commerce law has become an exciting new field in the
legal arena.
There are common issues that arise within e-commerce law in the
world of cyberspace, including:
oSecurity and digital signatures - Digital signatures and
biometrics are now used to ensure that parties to a contact
are who they say they are.
Contract formation -
Legal issues arise when forming a
contract an electric forum because
in it must still adhere to
traditional contract laws.
oLiability ofinternet providers- Internet service providers
often face liability when events such as Internet outages
occur because they can have devastating effects on
contract formation, particularly at the offer and acceptance
phase.
Q20.Discuss the intellectual property aspects in cyber law (P4 -
Appeared 1
Time) (5-10M)
Ans: A lot of content is published on the internet every day in different

formats. The internet is the ideal medium for the creators of artistic and
academic content to spread their work to larger audiences.
People can also edit, alter, distort and redistribute the words,
sounds, videos and images they find on the Internet, either legally or
illegally.
This is true for casualy posted content on a social networking
platform, as well as, content created for commercial purpose and is
Page no - 82 Handcrafted by Engineers | P -

Priority
o 25 Page 83 of 90
4:33 PM m M
Bh.Notes
called intellectual property theft.

Piracy of movies, software, etc, which causes a huge loss of
revenue to the copyright holder is one of the major forms of
intellectual property theft.
Stealing of copyrights, trade secrets, patents and published work,
etc, are also widely prevalent.
The Indian Information Technology Act 2000 has no provision for the
protection of intellectual property rights.
The Indian Copyright Act, 1957, deals with the protectionof
computer software and is inadequate to address all the aspects of
Information Technology.
Q21.Discuss the evidence aspects in cyber law (P4 -

Appeared 1Time)
(5-10M)
Ans: In legal terms, evidence refers to a proof legally presented in the court
of law to ascertain the truth of a matter. Pieces of evidence tend to prove
or disprove the fact in question and are required by the courts to reach a
conclusion in legal cases.
Pieces of evidence are produced by all the parties in a legal dispute.
Different types of evidence are given below:
Type Of Evidence Example
Testimony Oral or written statements, affidavit
Real Evidence Tangible things like a weapon, other objects
Demonstrative Pictures, x-rays, diagrams, maps, drawings,

graphs, animation, simulations, models
o 25 Page 84 of 90
4:33 PM m M llwr lw
Bh.Notes
Documentary Letter, invoice, contract, will, blog post, or any

Material other document
The "Law of Evidence", also called "Rules of Evidence", in general, is a

very important part of both the civil and criminal systems.
It is a set of rules that authorise how to collect, present and apply
evidence for each case in courts of law.

The Indian Evidence Act, 1872, is the primary law which defines the
rules of evidence in India.
Q22.Discuss the criminal aspects in cyber law (P4 -

Appeared 1
Time)
(5-10M)
Ans: A crime is an unlawful act that is forbidden and punishable by the law.
It is an act that could be harmful to an individual, a community, society or
the state.
The same is true even if it is done technology, and is called a
cybercrime.
To combat cybercrime, India enacted the Information Technology
Act, 2000, which amended various existing laws related to crime in
India.
Indian Penal Code, drafted in 1860, is the official criminal code of
India.
It provides a general penal code for India and is applicable
throughout India, except for the state of Jammu and Kashmir. It
contains 23 chapters with 511 sections.
The Information Technology Act 2000 has made several
o 25 Page 85 of 90
4:33 PM m M
Bh.Notes
amendments to the Indian Penal Code.

Due to this, cybercrime cases in India are also registered under the
IPC.
Q23.Explain legal framework for electronic data interchange law

related to electronic banking
Ans: The United Nations Commission on International Trade Law (UNCITRAL)

proposed the Model Law on Electronic Data Interchange in 1996. It was also
significant for e-commerce in general, as electronic trading through other
means increased, so UNCITRAL expanded the title to UNCITRAL Model Law
on Electronic Commerce.
UNCITRAL has defined EDI in Article 2 of the Model Law as:
"Electronic data interchange (EDI)" means the electronic transfer

from computer to computer of information using an agreed
standard to structure the information.
The Model Law was adopted to assist countries in the framing of
legislation to enable and facilitate electronic commerce. The Model
Law:
Establishes rules and norms that validate and recognise contracts
formed through electronic means
Sets the rules for forming contracts and governing electronic
contract performance
Defines the characteristics of valid electronic writing and of an
original document
Provides for the acceptability of electronic signatures for legal and
commercial purposes
Supports the admission of computer evidence in courts and
arbitration proceedings

Priority
o 25 Page 86 of 90
4:33 PM M M@ lll WiEiall wi
7
Bh.Notes
In India, the Information Technology Act 2000, provides legal

recognition for transactions carried out by means of electronic data
interchange and other means of electronic communication.

P -
Priority
o 25 Page 87 of 90
4:33 PM M M@
Bh.Notess
MODULE-6
QI. write key IT requirements for sox, HIPAA and PCI. (P4 - Appeared 1
Time) (5-10M)
Ans: SOX- Key IT Requirements

You must have a written security policy.
You should baseline your current compliance state and be
prepared to show progress towards full compliance. SOX is
commonly applied with progressive requirements year over year
Additional sections of SOX require "timely monitoring and response
to issues that may materially affect data used or relied upon to
generate public financial reports. In IT terms, you need to monitor
your logs, and respond to threats. SIEM tools and Intrusion Detection
Prevention Systems are commonly inferred from "timely monitoring
You must log and audit access to financial data and critical files
used in the preparation of public financial reports.
HIPAA Key IT Requirements
Conduct an initial risk assessment, periodic reviews and

reassessments.
Written security policy.
Designated security person.
Written incident handling policy.
Backup, Emergency Operations, and Disaster Recovery plan.
Reuse and disposal plan for reusable media.
Audit controls are required, including unique user identifiers.
Page no- 87 Handcrafted by Engineers |

P -
Priority
o 25 Page 88 of 90
4:33 PM m M
Bh.Notes
Termination Policy and Procedures

Implement user level processes of least privilege.
Log/audit logon and logoffs
Secure and authenticate before physical access to the facility and
sensitive areas is granted.
Written usage policies by system type (laptop, desktop, server..)
Physical removal tracking and policy of ail systems and data
including removable media).
Create an "exact copy backup prior to being moving data or
systems.
Logout/disconnect inactive sessions
Audit access to secure data
Encrypt sensitive data (addressable)
Monitor and audit access and alterations to sensitive data
Protect data in transmission
PCI Key IT Requirenments
You must have a written security policy. It must be communicated
to new employees, and have managemernt sponsorship, as well as
designating contact information for hosts and emergencies.
Annual assessments are required.
Quarterly vulnerability scans (annual for level 4 merchants), are
required (internal and external).
Do not store unnecessary cardholder information.
Do not store authentication information (CVV2, PIN) .
.Encrypt and obscure card information.

Systems must be "hardened' to industry standards (SANS, NIST, or
CIS)
a) Patch operating systems and software

P -
Priority
o 25 Page 89 of 90
4:33 PM m M
Bh.Notes
b) Disable unnecessary services.

c) Change default and vendor passwords and accounts.
Firewalls are required, and there are specific policies required for
DMZ to Internal, and Internal to External traffic, with both ingress and
egress filters.
Wireless networks must use their highest possible encryption
standard (WPA/WPA2, WEP has been phased out).
.Protocols should be restricted to HTTP, SSL, SSH, and VPN, except as
otherwise noted and justified in a separate written policy.
.Limit and Encrypt Administrative/Console access.
Implement only one function per server (ie Do not run file service
and DNS on the same host).
Anti-virus software is required for windows systems (not required on
Unix hosts)
Applications must follow a Secure Development Life cycle (SDLC),
model with code review.
Change control is required.
Individual unique accounts, with complex passwords are required.
Physical access controls are required (cameras, visitor logs,
document shredding.
system auditing (login/logout/system changes... must be
enabled, and backed up to a centralized log server, with 3 months
online and one year offline retention.
Penetration testing must be done annually or after significant
changes (both network and application layer pen testing).

Priority
o 25 Page 90 of 90

BH Notes CSL

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BH Notes CSL

Uploaded by

Copyright:

Available Formats

4:31 PM M

Revised 2016 (A.Y 2019 20)

Sr No Chapter Name & Content Priority Pgno

cyber offenses & Cybercrime: 07

3. Tools and Methods Used in Cyberline 3 29

The Concept of Cyberspace 36

Information Security Standard compliances 87

Page no 1 Handcrafted by Engineers | P -

Ans: Cyber crime or computer-oriented crime is a crime that includes a

Page no 2 Handcrafted by Engineers| P -

include different types of activities either by software or hardware

Page no 3 Handcrafted by Engineers | P -

Q2.cybercrime and information security. (P4 Appeared 1

Ans: Cybercrime can be committed against an individual or a group; it can

Page no 4 Handcrafted by Engineers| P- Priority

child especially for the purpose of child-trafficking and child

Page no 5 Handcrafted by Engineers| P- Priority

Likewise, cyber security is a well-designed technique to protect

Page no -6 Handcrafted by Engineers | P -

QI.compare active attacks vs Passive attacks. (P4 -

No. Key Active Attack Passive Attack

ModificatiIn Active Attack, In Passive Attack,

Dangerou Active Attack is Passive Attack is

Attention Attention is to be paid Attention is to be paid on

Impact on In Active Attack, the In Passive Attack, the

Page no 7 Handcrafted by Engineers | P- Priority

Victim Victim gets informed in Victim does not get

System System Resources can System Resources are not

Q2. Explain the category "cybercrimes against persons". (P4 -

Ans: Cybercrimes can be broadly divided into three major categories

Crimes Crimes against Crimes

Cybercrimes against People:

cyber porn, transmission of child pornography, harassment of an

Page no 9 Handcrafted by Engineers | P Priority

Virus (vital information resources under siege) is a code designed

cause slightly irritating effects, or some can damage

human action for example running the infected program(exe file)

A worm (write once read many) is similar to a computer virus by

So rather than our computer sending a single worm, it could send

Page no 11 Handcrafted by Engineers | P Priority

hundreds or thousands of copies of itself and cause a huge

Q4.what is Hacking ? Who is a hacker? (P4 - Appeared 1

ike the rest of us are and they are unique individuals.

Page no 12 Handcrafted by Engineers |

It is a term which has two meanings:

Page no -13 Handcrafted by Engineers | P- Priority

Q5. what is a hacker? Explain hacker tools concept. (P4- Appeared1

Ans: During investigations of computer crime, particularly computer

Afile called sniffer or esniff is likely to be a sniffer tool.

Page no 14 Handcrafted by Engineers| P -

Static Analysis of a Hacker Tool

Page no -15 Handcrafted by Engineers| P -

6. DOS 16-bit executable

Threats and Vulnerabilities? (P4 -

Ans: Stories of organizations, paralyzed by cybersecurity threats and

Page no -16 Handcrafted by Engineers | P -

With the advancement in technology, organizations started to

to a system or network and thereby damages or steals the

the data if the payment is not made on time.

Page no -17 Handcrafted by Engineers | P- Priority

server with overwhelming random traffic.

so on. Using these threats, the attacker can bypass security in a

loss, and so on.