CSLP

Explain what is threat in computer network? Explain Patriotic Hackers with real
country side example.
A network security threat is exactly that: a threat to your network and data
systems. Any attempt to breach your network and obtain access to your data is
a network threat.
Patriotic hacking is a term for computer hacking or system cracking in which
citizens or supporters of a country, traditionally industrialized Western
countries but increasingly developing countries, attempt to perpetrate attacks
on, or block attacks by, perceived enemies of the state.
Examples:
. War in Iraq – 2003
. Summer Olympics – 2008
. Op Vijaya by Indian Hackers – 2015
. Retaliation on India - 2017

What is Cyber Terrorism, explain this term with real scenario example.
Cyber terrorism (also known as digital terrorism) is defined as disruptive
attacks by recognised terrorist organisations against computer systems with
the intent of generating alarm, panic, or the physical disruption of the
information system.
While we’ve become used to hearing about cyber attacks, cyber
terrorism instils a different type of worry. Computer hackers have long worked
to gain access to classified information for financial gain, meaning terrorists
could do the same
The internet can be used by terrorists to finance their operations, train other
terrorists, and plan terror attacks. The more mainstream idea of cyber terrorism
is the hacking of government or private servers to access sensitive information
or even siphon funds for use in terror activities. However, there is currently no
universally accepted definition of cyber terrorism.
Examples of cyber terrorism
● Introduction of viruses to vulnerable data networks.
● Hacking of servers to disrupt communication and steal sensitive
information. 
● Defacing websites and making them inaccessible to the public thereby
 ●

causing inconvenience and financial losses.

● Hacking communication platforms to intercept or stop
communications and make terror threats using the internet.
● Attacks on financial institutions to transfer money and cause terror.

a. OSI Model
OSI or Open System Interconnection model was developed by International
Standards Organization (ISO). It gives a layered networking framework that
conceptualizes how communications should be done between heterogeneous
systems. It has seven interconnected layers. The seven layers of the OSI Model
are a physical layer, data link layer, network layer, transport layer, session layer,
presentation layer, and application layer

b. TCP/IP
TCP/IP stands for Transmission Control Protocol/Internet Protocol and is a suite
of communication protocols used to interconnect network devices on the
internet. TCP/IP is also used as a communications protocol in a private
computer network (an intranet or extranet).
The entire IP suite -- a set of rules and procedures -- is commonly referred to
as TCP/IP. TCP and IP are the two main protocols, though others are included in
the suite. The TCP/IP protocol suite functions as an abstraction layer between
internet applications and the routing and switching fabric.

c. Vulnerabilities
Vulnerability is the inability to resist a hazard or to respond when a disaster has
occurred. For instance, people who live on plains are more vulnerable to floods
than people who live higher up. In actual fact, vulnerability depends on several
factors, such as people's age and state of health, local environmental and
sanitary conditions, as well as on the quality and state of local buildings and
their location with respect to any hazards.

d. Packets
In computer networks, a packet is a container or box that carries data over a
TCP/IP network and internetworks. A packet is the most fundamental logical
arbitration of data that is passed over a network.
A packet normally represents the smallest amount of data that can traverse
over a network at a single time. A TCP/IP network packet contains several
pieces of information, including the data it is carrying, source destination IP
addresses, and other constraints required for quality of service and packet
handling.

e. Computer Network Exploitation

Computer network exploitation (CNE) is a technique through which computer
networks are used to infiltrate target computers' networks to extract and gather
intelligence data. It enables the exploitation of the individual computers and
computer networks of an external organization or country in order to collect
any sensitive or confidential data, which is typically kept hidden and protected
from the general public.

What is Cloud Computing? Explain 3 layers of Cloud with suitable examples.

Cloud computing is the on-demand availability of computer system resources,
especially data storage and computing power, without direct active
management by the user.
The major 3 lanes of cloud are as follows:

Software as a Service(SaaS)
Software-as-a-Service (SaaS) is a way of delivering services and applications
over the Internet. Instead of installing and maintaining software, we simply
access it via the Internet, freeing ourselves from the complex software and
hardware management. It removes the need to install and run applications on
our own computers or in the data centers eliminating the expenses of hardware
as well as software maintenance. The various companies providing Software as
a service are Cloud9 Analytics, Salesforce.com, Cloud Switch, Microsoft Office
365, Big Commerce, Eloqua, dropBox, and Cloud Tran. 

Platform as a Service(PaaS)
PaaS is a category of cloud computing that provides a platform and
environment to allow developers to build applications and services over the
internet. PaaS services are hosted in the cloud and accessed by users simply
via their web browser. 
A PaaS provider hosts the hardware and software on its own infrastructure. The
various companies providing Platform as a service are Amazon Web services
Elastic Beanstalk, Salesforce, Windows Azure, Google App Engine, cloud Bess
and IBM smart cloud. 

Infrastructure as a Service(IaaS)
Infrastructure as a service (IaaS) is a service model that delivers computer
infrastructure on an outsourced basis to support various operations. Typically
IaaS is a service where infrastructure is provided as outsourcing to enterprises
such as networking equipment, devices, database, and web servers. 
It is also known as Hardware as a Service (HaaS). The various companies
providing Infrastructure as a service are Amazon web services, Bluestack, IBM,
Openstack, Rackspace, and Vmware. 

Explain DDOS with suitable example and explain the impact of DDOS in any
organization.
● A denial-of-service (DoS) attack is a type of cyber attack in which a
malicious actor aims to render a computer or other device unavailable
to its intended users by interrupting the device's normal functioning.
DoS attacks typically function by overwhelming or flooding a targeted
machine with requests until normal traffic is unable to be processed,
resulting in denial-of-service to addition users. A DoS attack is
characterized by using a single computer to launch the attack.
● In a distributed denial-of-service attack (DDoS attack), the
 ●

incoming traffic flooding the victim originates from many different

sources. This effectively makes it impossible to stop the attack simply
by blocking a single source.
● A DoS or DDoS attack is analogous to a group of people crowding the
entry door of a shop, making it hard for legitimate customers to enter,
thus disrupting trade.
A DDoS attack might have a variety of effects, depending on the nature of the
attack and how prepared you are for it.
1. Website Downtime
The most immediate and obvious effect is that your website is overwhelmed
and becomes unavailable.
2. Server and Hosting Issues
If your site is subject to regular attacks that you don’t take steps to mitigate,
this could lead to issues with your hosting provider.
3. Website Vulnerability
A DDoS attack could render your site more vulnerable to hacking as all of your
systems are focused on getting the site back online, and security systems may
have been put out of action by the attack.
4. Lost Time and Money
Repairing a website that has been subject to a DDoS attack takes time. It can
also take money.