Email Security:

Basically, Email security refers to the steps where we protect the email messages and
the information that they contain from unauthorized access, and damage. It involves
ensuring the confidentiality, integrity, and availability of email messages, as well as
safeguarding against phishing attacks, spam, viruses, and another form of malware.  It
can be achieved through a combination of technical and non-technical measures.

Steps to Secure Email:

We can take the following actions to protect our email.

 Choose a secure password that is at least 12 characters long, and contains
uppercase and lowercase letters, digits, and special characters.
 Activate the two-factor authentication, which adds an additional layer of
security to your email account by requiring a code in addition to your
password.
 Use encryption, it encrypts your email messages so that only the intended
receiver can decipher them. Email encryption can be done by using the
programs like PGP or S/MIME.
 Keep your software up to date. Ensure that the most recent security updates
are installed on your operating system and email client.
 Beware of phishing scams: Hackers try to steal your personal information
by pretending as someone else in phishing scams. Be careful of emails that
request private information or have suspicious links because these are the
resources of the phishing attack.
 Choose a trustworthy email service provider: Search for a service provider
that protects your data using encryption and other security measures.
 Use a VPN: Using a VPN can help protect our email by encrypting our
internet connection and disguising our IP address, making it more difficult for
hackers to intercept our emails.
 Upgrade Your Application Regularly: People now frequently access their
email accounts through apps, although these tools are not perfect and can be
taken advantage of by hackers. A cybercriminal might use a vulnerability, for
example, to hack accounts and steal data or send spam mail. Because of this,
it’s important to update your programs frequently.
 

Response Code :
HTTP response status codes are three-digit codes issued by a server in response to a
browser-side request from a client. These status codes serve as a means of quick and
concise communication on how the server worked on and responded to the client’s
request. 

 1XX – Informational code: This category indicates that the request was
received and understood. It is issued on a provisional basis while request
processing continues. It alerts the client to wait for a final response

 2XX – Success code: This category indicates the action requested by the
client was received, understood, and accepted. This essentially means
that the request that the client made was a good request, and that the
server completed what it was supposed to do completely and
successfully.

 3XX – Redirection code: This category indicates that the client may take
additional action to complete the request. Usually that additional action
is to redirect the user to another URL. Many of the status codes in this
category are used in URL redirection.

 4XX – Client error code: This category indicates that request cannot be
fulfilled because there is an error coming from the client. The request
might contain bad syntax or lack of authorization, etc. The server should
include an entity containing an explanation of the error situation (except
when responding to a HEAD request), and whether it is a temporary or
permanent condition.

 5XX – Server error code:This category indicates that the server has
encountered an error or is incapable of performing a valid request. The
server should include an entity containing an explanation of the error
situation (Except when responding to a HEAD request), and indicate
whether it is a temporary or permanent condition.

TCP 3-Way Handshake Process

This could also be seen as a way of how TCP connection is established. Before getting
into the details, let us look at some basics. TCP stands for Transmission Control
Protocol which indicates that it does something to control the transmission of the data in a
reliable way. 
The process of communication between devices over the internet happens according to
the current TCP/IP suite model(stripped out version of OSI reference model). The
Application layer is a top pile of a stack of TCP/IP models from where network
referenced applications like web browsers on the client-side establish a connection with
the server. From the application layer, the information is transferred to the transport layer
where our topic comes into the picture. The two important protocols of this layer are –
TCP, UDP(User Datagram Protocol) out of which TCP is prevalent(since it provides
reliability for the connection established). However, you can find an application of UDP
in querying the DNS server to get the binary equivalent of the Domain Name used for the
website. 

 Step 1 (SYN): In the first step, the client wants to establish a connection with
a server, so it sends a segment with SYN(Synchronize Sequence Number)
which informs the server that the client is likely to start communication and
with what sequence number it starts segments with
 Step 2 (SYN + ACK): Server responds to the client request with SYN-ACK
signal bits set. Acknowledgement(ACK) signifies the response of the segment
it received and SYN signifies with what sequence number it is likely to start
the segments with
 Step 3 (ACK): In the final part client acknowledges the response of the
server and they both establish a reliable connection with which they will start
the actual data transfer

Secure Socket Layer (SSL) provides security to the data that is transferred between
web browser and server. SSL encrypts the link between a web server and a browser
which ensures that all data passed between them remain private and free from attack. 

Secure Socket Layer Protocols: 

 SSL record protocol
 Handshake protocol
 Change-cipher spec protocol
 Alert protocol
SSL Protocol Stack:  

Handshake Protocol: 
Handshake Protocol is used to establish sessions. This protocol allows the client and
server to authenticate each other by sending a series of messages to each other.
Handshake protocol uses four phases to complete its cycle. 

Change-cipher Protocol: 

This protocol uses the SSL record protocol. Unless Handshake Protocol is completed,
the SSL record Output will be in a pending state. After the handshake protocol, the
Pending state is converted into the current state. 
Change-cipher protocol consists of a single message which is 1 byte in length and can
have only one value. This protocol’s purpose is to cause the pending state to be copied
into the current state. 

Alert Protocol: 
This protocol is used to convey SSL-related alerts to the peer entity. Each message in
this protocol contains 2 bytes.

Database security defines the collective measures used to protect and secure a database
or database management software from unauthorized use and malicious cyber threats and
attacks. Database security is a layer of information security. It is generally concerned with
physical protection of data, encryption of data in storage and data remanence problem.
Data security is generally defined as the confidentiality, availability and integrity of data. In
another terms, it is all of the practices and processes that are in place to provide data is not being
used or accessed by permitted individuals or parties. Data security provides that the data is
accurate and reliable and is accessible when those with authorized access require it.
An acceptable data security plan should target on collecting only the required data information,
maintaining it safe and destroying some data that is no longer needed. A plan that places priority
on these three components will support some business meet the legal obligations of possessing
sensitive information.
Database security process are aimed at securing not just the data inside the database, but the
database management system and all the applications that access it from intrusion, misuse of
information, and damage.
An Information Technology (IT) Security Policy recognizes the rules and procedures for some
individuals accessing and using an organization's IT assets and resources. Effective IT Security
Policy is a model of the organization’s culture, in which rules and processes are driven from its
employees approach to their data and work.

What Is a Cyber Security Threat?

A cyber security threat refers to any possible malicious attack that seeks to unlawfully
access data, disrupt digital operations or damage information. Cyber threats can
originate from various actors, including corporate spies, hacktivists, terrorist groups,
hostile nation-states, criminal organizations, lone hackers and disgruntled employees.

1. Malware

Malware is malicious software such as spyware, ransomware, viruses and worms.

Malware is activated when a user clicks on a malicious link or attachment, which leads
to installing dangerous software. Cisco reports that malware, once activated, can:

 Block access to key network components (ransomware)

 Install additional harmful software
  Covertly obtain information by transmitting data from the hard drive (spyware)
 Disrupt individual parts, making the system inoperable
2. Emotet

The Cybersecurity and Infrastructure Security Agency (CISA) describes Emotet as “an
advanced, modular banking Trojan that primarily functions as a downloader or dropper
of other banking Trojans. Emotet continues to be among the most costly and destructive
malware.”

3. Denial of Service

A denial of service (DoS) is a type of cyber attack that floods a computer or network so
it can’t respond to requests. A distributed DoS (DDoS) does the same thing, but the
attack originates from a computer network. Cyber attackers often use a flood attack to
disrupt the “handshake” process and carry out a DoS. Several other techniques may be
used, and some cyber attackers use the time that a network is disabled to launch other
attacks. A botnet is a type of DDoS in which millions of systems can be infected with
malware and controlled by a hacker, according to Jeff Melnick of Netwrix, an information
technology security software company. Botnets, sometimes called zombie systems,
target and overwhelm a target’s processing capabilities. Botnets are in different
geographic locations and hard to trace.

4. Man in the Middle

A man-in-the-middle (MITM) attack occurs when hackers insert themselves into a two-
party transaction. After interrupting the traffic, they can filter and steal data, according to
Cisco. MITM attacks often occur when a visitor uses an unsecured public Wi-Fi network.
Attackers insert themselves between the visitor and the network, and then use malware
to install software and use data maliciously.

5. Phishing

Phishing attacks use fake communication, such as an email, to trick the receiver into
opening it and carrying out the instructions inside, such as providing a credit card
number. “The goal is to steal sensitive data like credit card and login information or to
install malware on the victim’s machine,” Cisco reports.

6. SQL Injection

A Structured Query Language (SQL) injection is a type of cyber attack that results from
inserting malicious code into a server that uses SQL. When infected, the server
releases information. Submitting the malicious code can be as simple as entering it into
a vulnerable website search box.

7. Password Attacks
With the right password, a cyber attacker has access to a wealth of information. Social
engineering is a type of password attack that Data Insider defines as “a strategy cyber
attackers use that relies heavily on human interaction and often involves tricking people
into breaking standard security practices.” Other types of password attacks include
accessing a password database or outright guessing.

Information Assurance concerns implementation of methods that focused on

protecting and safeguarding critical information and relevant information systems by
assuring confidentiality, integrity, availability, and non-repudiation. It is strategic
approach focused which focuses more on deployment of policies rather than building
infrastructures. 
Information Assurance Model : 
The security model is multidimensional model based on four dimensions : 
 
1. Information States – 
Information is referred to as interpretation of data which can be found in three
states stored, processed, or transmitted. 
 
2. Security Services – 
It is fundamental pillar of the model which provides security to system and
consists of five services namely availability, integrity, confidentiality,
authentication, and non-repudiation. 
 
3. Security Countermeasures – 
This dimension has functionalities to save system from immediate
vulnerability by accounting for technology, policy & practice, and people. 
 
4. Time – 
This dimension can be viewed in many ways. At any given time data may be
available offline or online, information and system might be in flux thus,
introducing risk of unauthorized access. Therefore, in every phase of System
Development Cycle, every aspect of Information Assurance model must be
well defined and well implemented in order to minimize risk of unauthorized
access. 

Packet Filter Firewall 

No one can deny the fact that the dynamic rise of the Internet has brought the world
closer. But at the same time, it has left us with different kinds of security threats. To
ensure the confidentiality and integrity of valuable information of a corporate network
from outside attacks, we must have some robust mechanism. This is where
the Firewall comes into the picture. 
It can be compared with a security guard standing at the entrance of a minister’s home.
He keeps an eye on everyone and physically checks every person who wishes to enter
the house. It won’t allow a person to enter if he/she is carrying a harmful object like a
knife, gun, etc. Similarly, even if the person doesn’t possess any banned object but
appears suspicious, the guard can still prevent that person’s entry. 
The firewall acts as a guard. It guards a corporate network acting as a shield between
the inside network and the outside world. All the traffic in either direction must pass
through the firewall. It then decides whether the traffic is allowed to flow or not. The
firewall can be implemented as hardware and software, or a combination of both. 

Packet Filters –
  It works in the network layer of the OSI Model. It applies a set of rules (based
on the contents of IP and transport header fields) on each packet and based on
the outcome, decides to either forward or discard the packet.
 Packet filter firewall controls access to packets on the basis of packet source
and destination address or specific transport protocol type. It is done at the
OSI (Open Systems Interconnection) data link, network, and transport layers.
Packet filter firewall works on the network layer of the OSI model.
 Packet filters consider only the most basic attributes of each packet, and they
don’t need to remember anything about the traffic since each packet is
examined in isolation. For this reason, they can decide packet flow very
quickly.
 Example: Filter can be set to block all UDP segments and all Telnet
connections. This type of configuration prevents outsiders from logging onto
internal hosts using Telnet and insider from logging onto external hosts using
Telnet connections.
¶

What is cybercrime?
In plain English, cybercrime is crime committed on the Internet, on local
networks, or even against isolated computers. It can affect any of your digital
devices (including PCs, notebooks, smart TVs, tablets, smartphones, home
electronic systems, etc). Cybercrime also refers to any activity where crime is
committed using any computer system.

Cyber criminals are publicly known as hackers, although the term is technically
inaccurate, the correct term is "cracker".

¶How to prevent cybercrime?

Let's look at the most popular ways to prevent cybercrime in your computer
systems:

¶ Keep your software updated

This is a critical requirement for any computer system and application. Always
keep your OS system, services and applications updated to have the latest bugs
and vulnerabilities patched.

This advice applies to smart phones, tablets, local desktop computers,

notebooks, online servers and all applications they run internally.
¶ Enable your system firewall

Most operating systems include a full pre-configured firewall to protect against

malicious packets from both the inside and the outside. A system firewall will act
as the first digital barrier whenever someone tries to send a bad packet to any of
your open ports.

¶ Use different/strong passwords

Never use the same password on more than one website, and always make sure
it combines letters, special characters and numbers.

The best way to sort this out is to use a password manager like 1Password,
LastPass or Keepass, which will help you generate strong passwords for each
website, and at the same time store them in an encrypted database.

¶ Use antivirus and anti-malware software

This is an excellent measure for both desktop and corporate users. Keeping
antivirus and anti-malware software up to date and running scans over local
storage data is always recommended. While free antivirus/antimalware solutions
can be helpful they are often merely trial software, and don't offer full protection
against most common virus/malware and other network threats.

There are numerous options for Windows, and one of the best is the Windows
Malware Removal Tool. Linux and Unix systems also offer excellent choices
such as the all-mighty ClamAV, LMD, Chkrootkit, Rootkit Hunter, and others.

¶ Activate your email's anti-spam blocking feature

A lot of computer hacking takes place whenever you open an unsolicited email
containing suspicious links or attachments. First things first: enable the anti-spam
feature of your email client; and second (and most important): never open links or
attachments from unsolicited recipients. This will keep you safe from phishing
attacks and unwanted infections.

¶ Use a VPN

VPN services are becoming more popular every year, and it's completely natural
to use one if you plan on keeping third party companies (especially your ISP)
from spying on your online activities. Another reason to use a VPN may be to log
into your secure network from a remote place, including when you use
untrustworthy internet connections on the road while travelling, or when you are
merely away from home.

¶ Monitor your children's online activities

Sometimes local network breaches don't come from your computer, but from
your children's tablets, phones or notebooks. Educate your children to prevent
them from falling victim to cyber criminals, by using the same tips we've shared
with you. While we're pretty sure most teenagers and children will not use PGP
encryption, the rest of the tips can be easily applied to any of your kids.

WHAT IS PHISHING?
Phishing is a cyber crime that leverages deceptive emails, websites, and text
messages to steal confidential personal and corporate information.
Victims are tricked into giving up personal information such as their credit card
data, phone number, mailing address, company information, etc. Criminals then
use this information to steal the victim's identity and commit further crimes using
this stolen identity.

What Are The Different Types Of Phishing?

Email
This is the most common phishing tactic. An email is sent to multiple recipients
urging them to update personal information, verify account details, or change
passwords.
Typically, the email is worded to promote a sense of urgency, sometimes
highlighting the recipient's need to protect themselves or their organization. The
email is designed to appear to come from a legitimate source, such as customer
service for PayPal, Apple, Microsoft, a bank, or other known companies.
Content Injection
A familiar-looking webpage, like an email account login page or online banking
page, is injected with malicious content. The content can include a link, form, or
pop-up that directs people to a secondary website where they are urged to confirm
personal information, update credit card details, change passwords, etc.

Link Manipulation
A carefully worded email arrives with a malicious link to a familiar website such
as Amazon or another popular website. When you click on the link, it takes you to
a fake website designed to look exactly like the known website, where you are then
prompted to update your account information or verify account details.

Fake Websites
Hackers create fake websites that look just like highly frequented websites. This
fake website has a slightly different domain, for example, outlook.you.live.com
instead of outlook.live.com. People believe they're on the right website and
accidentally open themselves to identity theft.

Mobile Phishing
Mobile phishing can involve fraudulent SMS, social media, voice mail, or other in-
app messages informing the recipient that their account has been closed,
compromised, or is expiring. The message includes a link, video, or message to
steal personal information or install malware on the mobile device.

What Is a Trojan Horse ?

A Trojan Horse is a type of malware that downloads onto a computer disguised as

a legitimate program. The delivery method typically sees an attacker use social
engineering to hide malicious code within legitimate software to try and gain users'
system access with their software.

A simple way to answer the question "what is Trojan" is it is a type of malware

that typically gets hidden as an attachment in an email or a free-to-download file,
then transfers onto the user’s device. Once downloaded, the malicious code will
execute the task the attacker designed it for, such as gain backdoor access to
corporate systems, spy on users’ online activity, or steal sensitive data.

Trojan: Virus or Malware?

A Trojan is sometimes called a Trojan virus or Trojan horse virus, but
those terms are technically incorrect. Unlike a virus or worm, Trojan
malware cannot replicate itself or self-execute. It requires specific and
deliberate action from the user.

Trojans are malware, and like most forms of malware, Trojans are
designed to damage files, redirect internet traffic, monitor the user’s
activity, steal sensitive data or set up backdoor access points to the
system. Trojans may delete, block, modify, leak or copy data, which
can then be sold back to the user for ransom or on the dark web.

What is a Backdoor Attack?

In cybersecurity terms, a Backdoor Attack is an attempt to infiltrate a system or a
network by maliciously taking advantage of software's weak point.

Backdoors allow the attackers to quietly get into the system by deceiving the
security protocols and gain administrative access. It is similar to the real-life
robbery in which burglars take advantage of the loopholes in a house and get a
'backdoor' entry for conducting the theft.

After gaining high-level administrative privilege, the cyber attackers could perform
various horrendous tasks like injecting spyware, gaining remote access, hack the
device, steal sensitive information, encrypt the system through ransomware, and
many more.

Backdoors are originally meant for helping software developers and testers, so they
are not always bad.

What is SQL Injection (SQLi)

SQL Injection (SQLi) is a type of an injection attack that makes it possible
to execute malicious SQL statements. These statements control a
database server behind a web application. Attackers can use SQL Injection
vulnerabilities to bypass application security measures. They can go
around authentication and authorization of a web page or web application
and retrieve the content of the entire SQL database. They can also use
SQL Injection to add, modify, and delete records in the database.

An SQL Injection vulnerability may affect any website or web application

that uses an SQL database such as MySQL, Oracle, SQL Server, or others.
Criminals may use it to gain unauthorized access to your sensitive data:
customer information, personal data, trade secrets, intellectual property,
and more. SQL Injection attacks are one of the oldest, most prevalent, and
most dangerous web application vulnerabilities.

How to prevent SQL Injection?

To prevent SQLi attacks, web application and database programmers need to filter inputs, restrict
database code, restrict database access, maintain, and monitor the application and database.
While these five methods work, they apply mostly to code in development because existing code
is often too lengthy to check line by line. Fortunately, various open source and commercial tools
can guide dev teams to locate SQLi vulnerabilities and specialized vendors also provide
outsourced assistance.

 5 Key Methods to Prevent SQL Injection Attacks

o Filter database inputs
 o Restrict database code
o Restrict database access
o Maintain applications and databases
o Monitor application and database inputs and communications

What is Email Spoofing?

Email Spoofing is creating and sending an email with a modified sender's address. The sender's
address is forged in such a way that the receivers will trust the email, thinking it has been sent
by someone they know or from any trusted official source. After gaining their trust through a
forged address, the attackers can ask for sensitive information, such as personal data like bank
details,social security numbers, or organizational data like trade secrets and more.
Email Spoofing is a pretty common practice among cybercriminals because of the vulnerable
and weak email system. When you receive an email, the outgoing email servers have no way to
determine whether the sender's address is spoofed or original.

Why is Email Spoofing performed?

Email Spoofing is mainly conducted for the following reasons −
 Scamming − People can be easily scammed by a spoofed email. The intruders
will frame an intriguing email and send it pretending to be from an official, trusted
source. The email can contain fake offers like discounts, free tickets, lottery, and
more. The receivers believing it to be from a reliable source and, in anticipation of
getting the offers, provide everything asked in the email.
 Injecting Malware − Cybercriminals can easily inject malicious programs
through email spoofing. An email can be framed and sent to users pretending from
a security organization to download and install the fake security program to
safeguard their system. Users would easily trust the sender and, for protecting
their computer, install the fake security software, which is, in fact, a malware
program.
 Phishing − Spoofed email can be sent to thousands of users pretending to be from
the bank or similar organizations. It would ask them to give confidential
information like internet banking credentials or other details. Users would
willingly provide all the details, thinking the sender is a trusted one.

Reconnaissance
Information Gathering and getting to know the target systems is the first process in ethical
hacking. Reconnaissance is a set of processes and techniques (Footprinting, Scanning &
Enumeration) used to covertly discover and collect information about a target system.
During reconnaissance, an ethical hacker attempts to gather as much information about a target
system as possible, following the seven steps listed below −

 Gather initial information

 Determine the network range
 Identify active machines
 Discover open ports and access points
 Fingerprint the operating system
 Uncover services on ports
 Map the network
Reconnaissance takes place in two parts − Active Reconnaissance and Passive
Reconnaissance.

Active Reconnaissance
In this process, you will directly interact with the computer system to gain information. This
information can be relevant and accurate. But there is a risk of getting detected if you are
planning active reconnaissance without permission. If you are detected, then system admin can
take severe action against you and trail your subsequent activities.

Passive Reconnaissance
In this process, you will not be directly connected to a computer system. This process is used to
gather essential information without ever interacting with the target systems.

What is Salami Attack?

A salami attack is a method of cybercrime that attackers or a hacker typically used to
commit financial crimes. Cybercriminals steal money or resources from financial
accounts on a system one at a time. This attack occurs when several minor attacks
combine to create a sturdy attack. because of this sort of cybercrime, these attacks
frequently go undetected. Salami attacks are used for the commission of economic crimes
Those who are found guilty of such an attack face punishment under Section 66 of the IT
Act.
Prevention From Salami attack:
Users are encouraged to oversee their weekly transactions and month-to-month bank
statements to shield their bank accounts from being hindered by a salami attack. you’ll
monitor any potential charges on your account by actively scanning through these
activities. If you have got any issues with any strange charges on your account, contact
your bank. Financial institutions, like banks, should also update their security so that
the attacker doesn’t become conversant in how the framework is meant. Banks should
advise customers on the due to report any money deduction that they weren’t tuned in
to.
Cyber Stalking
In Cyber Stalking, a cyber criminal uses the internet to consistently threaten somebody.
This crime is often perpetrated through email, social media, and the other online medium.
Cyber Stalking can even occur in conjunction with the additional ancient type of stalking,
wherever the bad person harasses the victim offline. There’s no unified legal approach to
cyber Stalking, however, several governments have moved toward creating these
practices punishable by law. Social media, blogs, image sharing sites and lots of different
ordinarily used online sharing activities offer cyber Stalkers with a wealth of data that
helps them arrange their harassment. It includes actions like false accusations, fraud,
information destruction, threats to life and manipulation through threats of exposure. It
has stalkers take the assistance of e-mails and other forms of message applications,
messages announce to an online website or a discussion cluster, typically even the social
media to send unwanted messages, and harass a specific person with unwanted attention.
Cyber Stalking is typically cited as internet stalking, e-stalking or online stalking. 

Types of Cyber Stalking:

 Webcam Hijacking: Internet stalkers would attempt to trick you into
downloading and putting in a malware-infected file that may grant them
access to your webcam. the method is therefore sneaky that it’s probably you
wouldn’t suspect anything strange.
 Observing location check-ins on social media: In case you’re adding
location check-ins to your Facebook posts, you’re making it overly simple for
an internet stalker to follow you by just looking through your social media
profiles.
 Catfishing: Catfishing happens via social media sites, for example,
Facebook, when internet stalkers make counterfeit user-profiles and approach
their victims as a companion of a companion.
 Visiting virtually via Google Maps Street View: If a stalker discovers the
victim’s address, then it is not hard  to find the area, neighbourhood, and
surroundings by using Street View. Tech-savvy stalkers don’t need that too. 

Difference between Active Attack and Passive Attack

Active Attacks: Active attacks are the type of attacks in which, The attacker efforts
to change or modify the content of messages. Active Attack is dangerous to Integrity as
well as availability. Due to active attack system is always damaged and System resources
can be changed. The most important thing is that, In an active attack, Victim gets
informed about the attack.
Passive Attacks: Passive Attacks are the type of attacks in which, The attacker
observes the content of messages or copies the content of messages. Passive Attack is a
danger to Confidentiality. Due to passive attack, there is no harm to the system. The
most important thing is that In a passive attack, Victim does not get informed about the
attack. 

Active Attack Passive Attack

In an active attack, Modification in While in a passive attack, Modification in the

information takes place. information does not take place.

Active Attack is a danger

Passive Attack is a danger to Confidentiality.
to Integrity as well as availability.

In an active attack, attention is on While in passive attack attention is on

 Active Attack Passive Attack

prevention. detection.

Due to active attacks, the execution While due to passive attack, there is no harm to
system is always damaged. the system.

In an active attack, Victim gets While in a passive attack, Victim does not get
informed about the attack. informed about the attack.

In an active attack, System resources While in passive attack, System resources are
can be changed. not changing.

While in a passive attack, information and

Active attack influences the services
messages in the system or network are
of the system.
acquired.

In an active attack, information While passive attacks are performed by

collected through passive attacks is collecting information such as passwords, and
used during execution. messages by themselves.

An active attack is tough to restrict Passive Attack is easy to prohibit in

from entering systems or networks. comparison to active attack.

Can be easily detected. Very difficult to detect.

The purpose of an active attack is to The purpose of a passive attack is to learn

harm the ecosystem. about the ecosystem.

In an active attack, the original In passive attack original information is

information is modified. Unaffected.

The duration of an active attack is

The duration of a passive attack is long.
short.

The prevention possibility of active The prevention possibility of passive attack is

attack is High  low.
 Active Attack Passive Attack

Complexity is High  Complexity is low.

What is cyberbullying?
Cyberbullying is a type of bullying in which one or more individuals use digital
technologies to intentionally and repeatedly cause harm to another person.
Cyberbullies use mobile phones, computers or other electronic devices to
send texts, emails or instant messages; post comments on social media or in chat
rooms; or in other ways use private or public forums to attack their victims.

Steganography is a method of hiding secret data, by embedding it into an audio,

video, image, or text file. It is one of the methods employed to protect secret or
sensitive data from malicious attacks. 

How is it different from cryptography? 

Cryptography and steganography are both methods used to hide or protect secret data.
However, they differ in the respect that cryptography makes the data unreadable, or
hides the meaning of the data, while steganography hides the existence  of the data. 
In layman’s terms, cryptography is similar to writing a letter in a secret language:
people can read it, but won’t understand what it means. However, the existence of a
(probably secret) message would be obvious to anyone who sees the letter, and if
someone either knows or figures out your secret language, then your message can easily
be read. 
If you were to use steganography in the same situation, you would hide the letter inside
a pair of socks that you would be gifting the intended recipient of the letter. To those
who don’t know about the message, it would look like there was nothing more to your
gift than the socks. But the intended recipient knows what to look for, and finds the
message hidden in them. 
Features Steganography Cryptography

Meaning The term steganography contains The term cryptography means

Greek influences, which mean "hidden writing".
"covered writing".

Popularity It is less popular than cryptography. It is more popular and

commonly used than
steganography.

Dependabilit It relies on the key. It doesn't have any

y parameters.

Goal Its main goal is to offer secure Its main goal is to provide
communication. data protection.

Structure The structure of data is not frequently The structure of data is

of data altered. allowed to alter while
encrypting.

Attacks name The attack's name in the The attack's name in

steganography technique is cryptography is cryp.
steganalysis.