Scribd Logo
Upload

Welcome to Scribd!

  • CYBERASN1

    Uploaded by

    deekshith s
    9 views5 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views5 pages

    CYBERASN1

    Uploaded by

    deekshith s

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    CYBER CRIME ASN-1

    DEEKSHITH S
    ENG20CS0086

    1.What is cyber security?


    Cyber security is the practice of defending computers, servers, mobile
    devices, electronic systems, networks, and data from malicious attacks. It's also
    known as information technology security or electronic information security. The term
    applies in a variety of contexts, from business to mobile computing, and can be
    divided into a few common categories.

    2.Mention the 7 layers of cyber security ?

    1. Access Control Layer


    This layer is for the identification and authentication of the following:

    ● Users
    ● Systems
    ● Applications
    ● Data

    It also includes identification management, authorization management, network access control


    (NAC). Also, the identity-based security policies, identity federation, and access provisioning.

    2. Network Security Layer


    This layer is for the protection of the network infrastructure itself. It includes the following:

    ● firewalls
    ● intrusion detection systems (IDS)
    ● intrusion prevention systems (IPS)
    ● anti-virus software
    ● encryption
    ● restricting access to networks

    This layer aims to prevent an attack from happening in the first place.

    3. Data Security Layer


    This layer is for the protection of data at rest or in transit. It includes the following:

    ● Backup
    ● Encryption
    ● Patching systems
    ● Updating systems
    ● Upgrading systems
    ● Data storage

    This layer aims to prevent data from being stolen or lost by unauthorized individuals. So if an
    attack occurs through the system.

    The main concern here is to ensure that the data cannot be accessed. By anyone other than
    authorized users who are using authorized devices within authorized locations.

    4. Application Security Layer


    This layer is for the protection of applications that are used by multiple users over different
    systems or devices. It includes authentication processes like the following:

    ● multi-factor authentication
    ● application hardening
    ● penetration testing
    ● code reviews
    ● vulnerability assessment

    Hackers can exploit these vulnerabilities leading to loss of money or confidential information.
    Which can result in serious repercussions to brand reputation and customer loyalty.

    This layer aims to prevent attacks against applications themselves through firewalls. Also,
    IDS/IPS tools inspect traffic to applications for malicious content.

    5. Data Security Layer


    This layer is for the protection of data in motion. It includes the following:

    ● Encryption
    ● Tokenization
    ● MFA mechanisms

    This layer also provides a level of protection for data that is at rest or in motion. This is
    accomplished through encryption, tokenization, and multi-factor authentication (MFA).

    6. Endpoint Security Layer


    This layer is for the protection of systems and devices as well as the users who use those
    systems. It includes endpoint security software as well as patching operating systems.
    Also, applications on those devices are against known vulnerabilities. So they cannot be
    exploited by the bad guys.

    This layer also provides a level of protection for endpoints themselves and the data that is stored
    on them.

    7. Business Continuity Management


    Layer
    This layer focuses mainly on business continuity management (BCM) measures. Which covers
    both physical business continuity (PBC) measures.

    So like business impact analysis (BIA), risk assessments, disaster recovery planning. It is
    already done and it will be too late to reverse the effects of the attack and prevent any further
    attacks.

    3.. What is cyber terrorism?


    Cyber Terrorism basically involves damaging large-scale computer
    networks to achieve a loss of data and even loss of life. Hackers make use of
    computer viruses, spyware, malware, ransomware, phishing, programming
    language scripts, and other malicious software to achieve their purposes.
    ● Also, these types of cyber-attacks which often lead to criminal
    offenses are referred to as Cyber Terrorism. These cyber-attacks
    create panic and physical damage to a large number of people.
    ● Cyber Terrorism deals with creating damage to the people and their
    data using computer networks intentionally in order to achieve their
    meaningful purpose.
    ● Government Agencies like the FBI (Federal Bureau of Investigations)
    and the CIA (Central Intelligence Agency) in the past have detected
    multiple cyber attacks and cyber crimes through terrorist
    organizations.
    ● The main purpose behind carrying out Cyber terrorism is to carry out
    some cyberattack that makes a threat.
    ● According to the FBI, a Cyber Terrorism attack is defined as a
    cybercrime that may be used intentionally to cause harm to people
    on large scale using computer programs and spyware.
    ● A cyber terrorism attack is much more harmful than a normal
    cybercrime because to intentional harm to the victims and it may not
    cause financial damage to cause fear in society.
    ● In most cases, the criminals target the banking industry, military
    power, nuclear power plants, air traffic control, and water control
    sectors for making a cyber terrorism attack for creating fear, critical
    infrastructure failure, or for political advantage.

    4.Define the terms Confidentiality and hacking ?

    Confidentiality:

    As a legal term, confidentiality refers to a duty of an individual to refrain from


    sharing confidential information with others, except with the express consent
    of the other party. There are rules and regulations which place restrictions on
    the circumstances in which a professional, such as a doctor or attorney, may
    divulge information about a client or patient, and other situations may be
    deemed confidential by the use of a contract. To explore this concept,
    consider the following confidentiality definition.

    hacking :

    A commonly used hacking definition is the act of compromising digital devices and networks
    through unauthorized access to an account or computer system. Hacking is not always a
    malicious act, but it is most commonly associated with illegal activity and data theft by cyber
    criminals.
    Hacking refers to the misuse of devices like computers, smartphones, tablets, and networks to
    cause damage to or corrupt systems, gather information on users, steal data and documents, or
    disrupt data-related activity.

    A traditional view of hackers is a lone rogue programmer who is highly skilled in coding and
    modifying computer software and hardware systems. But this narrow view does not cover the true
    technical nature of hacking. Hackers are increasingly growing in sophistication, using stealthy
    attack methods designed to go completely unnoticed by cybersecurity software and IT teams.
    They are also highly skilled in creating attack vectors that trick users into opening malicious
    attachments or links and freely giving up their sensitive personal data.

    You might also like