Chapter -7

Cyber Laws and Forensics

1. What is forgery?

ANSWER- Forgery is a white-collar crime that generally refers to the false making or
material alteration of a legal instrument with the specific intent to defraud.[1][2] Tampering
with a certain legal instrument may be forbidden by law in some jurisdictions but such an
offense is not related to forgery unless the tampered legal instrument was actually used in the
course of the crime to defraud another person or entity. Copies, studio replicas, and
reproductions are not considered forgeries, though they may later become forgeries through
knowing and willful misrepresentations.
Forging money or currency is more often called counterfeiting. But consumer goods may also
be counterfeits if they are not manufactured or produced by the designated manufacturer or
producer given on the label or flagged by the trademark symbol. When the object forged is a
record or document it is often called a false document.
This usage of "forgery" does not derive from metalwork done at a blacksmith's forge, but it
has a parallel history. A sense of "to counterfeit" is already in the Anglo-French verb forger,
meaning "falsify".
A forgery is essentially concerned with a produced or altered object. Where the prime
concern of a forgery is less focused on the object itself – what it is worth or what it "proves"
– than on a tacit statement of criticism that is revealed by the reactions the object provokes in
others, then the larger process is a hoax. In a hoax, a rumor or a genuine object planted in a
concocted situation, may substitute for a forged physical object.
The similar crime of fraud is the crime of deceiving another, including through the use of
objects obtained through forgery. Forgery is one of the techniques of fraud, including identity
theft. Forgery is one of the threats addressed by security engineering.

2. What is Reconnaissance in the world of hacking?

ANSWER-
Footprinting is a part of a larger process known as reconnaissance. Reconnaissance is the
information-gathering stage of ethical hacking, where you collect data about the target
system. This data can include anything from network infrastructure to employee contact
details. The goal of reconnaissance is to identify as many potential attack vectors as possible.
Data collected from reconnaissance may include:
 Security policies. Knowing an organization‘s security policies can help you find
weaknesses in their system.
 Network infrastructure. A hacker needs to know what type of network the target is using
(e.g., LAN, WAN, MAN), as well as the IP address range and subnet mask.
 Employee contact details. Email addresses, phone numbers, and social media accounts
can be used to launch social engineering attacks.
 Host information. Information about specific hosts, such as operating system type and
version, can be used to find vulnerabilities.

Page | 1
3. Explain the difference between active and passive attacks.

ANSWER-

Difference between Active Attack and Passive Attack

Let us now check the Difference between Active attack and Passive attack. We are
comparing both security attacks on the basis of some characteristics mentioned below:
On the basis Active Attacks Passive Attacks
of

Modification Modification of information occurs Modifying the information does not happen
during an active attack. during a passive attack.

Threat Active attack poses a threat to Confidentiality is at risk from passive

integrity and availability. attacks.

Focus During an active attack, the focus is During a passive attack, the focus is on
on detection. avoiding harm.

Harm The system is permanently harmed There is no harm to the system due to the
due to an active attack. passive attack.

Victim In an active attack, the victim is The victim is unaware of the attack while
notified of the attack. under passive attack.

System System resources can be modified System resources do not alter when in the
Resources during an active attack. passive attack.

Impact Active attacks have an impact on the Information and communications in the
system's services. system or network are collected during a
passive attack.

Information During the execution of active Passive attacks are carried out by gathering
attacks, information gathered from information such as passwords and
passive attacks is utilised. messages on their own.

Prevention An active attack is brutal to restrict In comparison to an active attack, the

from entering systems or networks. passive attack is much easier to prevent.

4. What is ID theft? What are the techniques of ID theft?

ANSWER- What Is Identity Theft?

Identity theft is the crime of obtaining the personal or financial information of another
person to use their identity to commit fraud, such as making unauthorized transactions or
purchases. Identity theft is committed in many different ways and its victims are typically
left with damage to their credit, finances, and reputation.

Types of Identity Theft

Page | 2
There are several types of identity theft including:

Financial Identity Theft

In financial identity theft, someone uses another person's identity or information to obtain
credit, goods, services, or benefits. This is the most common form of identity theft.2

Social Security Identity Theft

If identity thieves obtain your Social Security Number, they can use it to apply for credit
cards and loans and then not pay outstanding balances. Fraudsters can also use your number
to receive medical, disability, and other benefits.3

Medical Identity Theft

In medical identity theft, someone poses as another person to obtain free medical care. 1

Synthetic Identity Theft

Synthetic identity theft is a type of fraud in which a criminal combines real (usually stolen)
and fake information to create a new identity, which is used to open fraudulent accounts and
make fraudulent purchases. Synthetic identity theft allows the criminal to steal money from
any credit card companies or lenders who extend credit based on the fake identity.1

Child Identity Theft

In child identity theft, someone uses a child's identity for various forms of personal gain.
This is common, as children typically do not have information associated with them that
could pose obstacles for the perpetrator.

The fraudster may use the child's name and Social Security Number to obtain a residence,
find employment, obtain loans, or avoid arrest on outstanding warrants. Often, the victim is
a family member, the child of a friend, or someone else close to the perpetrator. Some
people even steal the personal information of deceased loved ones.1

Tax Identity Theft

Tax identity theft occurs when someone uses your personal information, including your
Social Security Number, to file a bogus state or federal tax return in your name and collect a
refund.1

Criminal Identity Theft

In criminal identity theft, a criminal poses as another person during an arrest to try to avoid a
summons, prevent the discovery of a warrant issued in their real name or avoid an arrest or
conviction record.

5. What are the steps to protect Dos/DDos attack?

ANSWER- DDoS Protection Techniques

Reduce Attack Surface Area

One of the first techniques to mitigate DDoS attacks is to minimize the surface area that can
be attacked thereby limiting the options for attackers and allowing you to build protections in
a single place. We want to ensure that we do not expose our application or resources to ports,

Page | 3
protocols or applications from where they do not expect any communication. Thus,
minimizing the possible points of attack and letting us concentrate our mitigation efforts. In
some cases, you can do this by placing your computation resources behind Content
Distribution Networks (CDNs) or Load Balancers and restricting direct Internet traffic to
certain parts of your infrastructure like your database servers. In other cases, you can use
firewalls or Access Control Lists (ACLs) to control what traffic reaches your applications.

Plan for Scale

The two key considerations for mitigating large scale volumetric DDoS attacks are bandwidth
(or transit) capacity and server capacity to absorb and mitigate attacks.

Transit capacity. When architecting your applications, make sure your hosting provider
provides ample redundant Internet connectivity that allows you to handle large volumes of
traffic. Since the ultimate objective of DDoS attacks is to affect the availability of your
resources/applications, you should locate them, not only close to your end users but also to
large Internet exchanges which will give your users easy access to your application even
during high volumes of traffic. Additionally, web applications can go a step further by
employing Content Distribution Networks (CDNs) and smart DNS resolution services which
provide an additional layer of network infrastructure for serving content and resolving DNS
queries from locations that are often closer to your end users.

Server capacity. Most DDoS attacks are volumetric attacks that use up a lot of resources; it is,
therefore, important that you can quickly scale up or down on your computation resources.
You can either do this by running on larger computation resources or those with features like
more extensive network interfaces or enhanced networking that support larger volumes.
Additionally, it is also common to use load balancers to continually monitor and shift loads
between resources to prevent overloading any one resource.

Know what is normal and abnormal traffic

Whenever we detect elevated levels of traffic hitting a host, the very baseline is to be able
only to accept as much traffic as our host can handle without affecting availability. This
concept is called rate limiting. More advanced protection techniques can go one step further
and intelligently only accept traffic that is legitimate by analyzing the individual packets
themselves. To do this, you need to understand the characteristics of good traffic that the
target usually receives and be able to compare each packet against this baseline.

Deploy Firewalls for Sophisticated Application attacks

Page | 4
A good practice is to use a Web Application Firewall (WAF) against attacks, such as SQL
injection or cross-site request forgery, that attempt to exploit a vulnerability in your
application itself. Additionally, due to the unique nature of these attacks, you should be able
to easily create customized mitigations against illegitimate requests which could have
characteristics like disguising as good traffic or coming from bad IPs, unexpected
geographies, etc. At times it might also be helpful in mitigating attacks as they happen to get
experienced support to study traffic patterns and create customized protections.
6. Write short note on the following: WAP kitting and WAP jacking.

ANSWER-

**WAP kitting-

WAP is a protocol that is introduced in 1999, which stands for Wireless application protocol.
It offers Internet communications over wireless devices, such as mobile phones. In the early
2000s, it accomplished some popularity and was mainly superseded by more recent standards
by the 2010s. Also, it offers a way of creating web applications for mobile devices, and it is
designed for micro-browsers.

Most of the wireless networks are supported by WAP, as well as TDMA, CDMA, and GSM.
Also, all operating systems can support a wireless application protocol. It enables access to
the internet in mobile devices and uses the mark-up language like WML, which stands for
Wireless Markup Language that is referred to as XML 1.0 application. WAP offers the
facility to connect interactive wireless devices (like mobile phones) to the internet and
enhances wireless specification interoperability.

WAP may be created on any kind of operating system, and it acts in an open application
environment. It is more beneficial for mobile users as it has the ability to deliver electronic
information efficiently. In 1998, Nokia, Motorola, Ericson, and Unwired Planet founded the
WAP Forum, whose objective was to standardize several wireless technologies with the help
of protocols.

The WAP CSS (cascading style sheet) makes capable of developers to format screen sizes in
order to mobile device adaptability. When the WAP CSS content is used, then reformatting is
not required. It controls page layout compatibility with different mobile device's display
screens.

The transport layer handles the physical network issues, by which wireless gateways can be
easily accessed by global wireless operations. A WAP gateway is a server, which provides
the facility to access the wireless network. The WAP Forum offers specification
development, WAP tool testing and also provides support for all mobile services. Now, the
WAP Forum is referred to as the Open Mobile Alliance.

**WAP jacking-
Illegally seeking control of a website by taking over a domain is known as Web Jacking.
In web jacking attack method hackers compromises with the domain name system
Page | 5
 (DNS) that resolves website URL to IP address but the actual website is never touched.
Web jacking attack method is another type of social engineering phishing attack where an
attacker create a fake web page of victim website and send it to the victim and when a
victim click on that link, a message display on the browser ―the site abc.com has move on
another address, click here to go to the new location‖ and if a victim does click on the link,
he/she will redirect on the fake website page where an attacker can ask for any sensitive
data such as credit card number, username, password etc. Web jacking attack method is one
kind of trap which is spread by the attacker to steal the sensitive data of any people, and
those people got trapped who are not aware about cyber security. Web Jacking Attack
Method:
1. The first step of web jacking attack method is to create a fake page of victim website for
example www.anywebsite.com/login.php.
2. The second step is to host it either on your local computer or shared hosting.
3. The third step is to send the link of a fake page to the victim.
4. The fourth step victim will open the link and enter their details and submit.
5. Last step, you will get all the details submitted by victim.

7. What is information? What information should you protect? What are the risks to
your information and how much risk can you accept?

ANSWER- What is information?

Abbreviated as info, information describes text that's informative to the individual reading it
or the computer processing it. For example, the Computer Hope website is full of information
relating to computers that anyone can read to learn more about computers and related topics.

What information should you protect-

1. Keep Your Software Up to Date
As we saw from the stats above, ransomware attacks were a major attack vector of 2017 for
both businesses and consumers. One of the most important cyber security tips to mitigate
ransomware is patching outdated software, both operating system, and applications. This
helps remove critical vulnerabilities that hackers use to access your devices. Here are a few
quick tips to get you started:
 Turn on automatic system updates for your device
 Make sure your desktop web browser uses automatic security updates
 Keep your web browser plugins like Flash, Java, etc. updated
Check out our blog on patch management best pratices!
2. Use Anti-Virus Protection & Firewall
Anti-virus (AV) protection software has been the most prevalent solution to fight malicious
attacks. AV software blocks malware and other malicious viruses from entering your device
and compromising your data. Use anti-virus software from trusted vendors and only run one
AV tool on your device.
Using a firewall is also important when defending your data against malicious attacks. A
firewall helps screen out hackers, viruses, and other malicious activity that occurs over the
Internet and determines what traffic is allowed to enter your device. Windows and Mac OS X
comes with their respective firewalls, aptly named Windows Firewall and Mac Firewall.
Your router should also have a firewall built in to prevent attacks on your network.

Page | 6
 3. Use Strong Passwords & Use a Password Management Tool
You‘ve probably heard that strong passwords are critical to online security. The truth is
passwords are important in keeping hackers out of your data! According to the National
Institute of Standards and Technology‘s (NIST) 2017 new password policy framework, you
should consider:
 Dropping the crazy, complex mixture of upper case letters, symbols, and numbers. Instead,
opt for something more user-friendly but with at least eight characters and a maximum length
of 64 characters.
 Don‘t use the same password twice.
 The password should contain at least one lowercase letter, one uppercase letter, one number,
and four symbols but not the following &%#@_.
 Choose something that is easy to remember and never leave a password hint out in the open
or make it publicly available for hackers to see
 Reset your password when you forget it. But, change it once per year as a general refresh.

If you want to make it easier to manage your passwords, try using a password management
tool or password account vault. LastPass FREE is a great tool for an individual. LastPass
offers a FREE account and has a $2/month membership with some great advanced password
features.
4. Use Two-Factor or Multi-Factor Authentication
Two-factor or multi-factor authentication is a service that adds additional layers of security to
the standard password method of online identification. Without two-factor authentication,
you would normally enter a username and password. But, with two-factor, you would be
prompted to enter one additional authentication method such as a Personal Identification
Code, another password or even fingerprint. With multi-factor authentication, you would be
prompted to enter more than two additional authentication methods after entering your
username and password.

According to NIST, an SMS delivery should not be used during two-factor authentication
because malware can be used to attack mobile phone networks and can compromise data
during the process.
5. Learn about Phishing Scams – be very suspicious of emails, phone calls, and flyers
We recently blogged that phishing scams are nastier than ever this year. In a phishing scheme
attempt, the attacker poses as someone or something the sender is not to trick the recipient
into divulging credentials, clicking a malicious link, or opening an attachment that infects the
user‘s system with malware, trojan, or zero-day vulnerability exploit. This often leads to a
ransomware attack. In fact, 90% of ransomware attacks originate from phishing attempts.
A few important cyber security tips to remember about phishing schemes include:
1. Bottom line – Don‘t open email from people you don‘t know
2. Know which links are safe and which are not – hover over a link to discover where it directs
to
3. Be suspicious of the emails sent to you in general – look and see where it came from and if
there are grammatical errors
4. Malicious links can come from friends who have been infected too. So, be extra careful!

Page | 7
**What are the risks to your information and how much risk can you accept.

Accepting risk, or risk acceptance, occurs when a business or individual acknowledges that
the potential loss from a risk is not great enough to warrant spending money to avoid it. Also
known as "risk retention," it is an aspect of risk management commonly found in the
business or investment fields.

Risk acceptance posits that infrequent and small risks—ones that do not have the ability to
be catastrophic or otherwise too expensive—are worth accepting with the acknowledgment
that any problems will be dealt with if and when they arise. Such a trade-off is a valuable
tool in the process of prioritization and budgeting.

Accepting Risk Explained

Many businesses use risk management techniques to identify, assess and prioritize risks for
the purpose of minimizing, monitoring, and controlling said risks. Most businesses and risk
management personnel will find that they have greater and more numerous risks than they
can manage, mitigate, or avoid given the resources they are allocated. As such, businesses
must find a balance between the potential costs of an issue resulting from a known risk and
the expense involved in avoiding or otherwise dealing with it. Types of risks include
uncertainty in financial markets, project failures, legal liabilities, credit risk, accidents,
natural causes and disasters, and overly aggressive competition.

Accepting risk can be seen as a form of self-insurance. Any and all risks that are not
accepted, transferred or avoided are said to be "retained." Most examples of a business
accepting a risk involve risks that are relatively small. But sometimes entities may accept a
risk that would be so catastrophic that insuring against it is not feasible due to cost. In
addition, any potential losses from a risk not covered by insurance or over the insured
amount is an example of accepting risk.

Some Alternatives to Accepting Risk

In addition to accepting risk, there are a few ways to approach and treat risk in risk
management. They include:

 Avoidance: This entails changing plans to eliminate a risk. This strategy is good for
risks that could potentially have a significant impact on a business or project.
 Transfer: Applicable to projects with multiple parties. Not frequently used. Often
includes insurance. Also known as "risk sharing," insurance policies effectively shift
risk from the insured to the insurer.
 Mitigation: Limiting the impact of a risk so that if a problem occurs it will be easier
to fix. This is the most common. Also known as "optimizing risk" or
"reduction," hedging strategies are common forms of risk mitigation.
 Exploitation: Some risks are good, such as if a product is so popular there are not
enough staff to keep up with sales. In such a case, the risk can be exploited by adding
more sales staff.

Page | 8
8. How can you ensure that you have the best possible understanding of the threat to
your business? How do you embed risk management within your computer?

ANSWER-

How can you ensure that you have the best possible understanding of the threat to your
business-

1. Back up your data

Backing up your business‘s data and website will help you recover any information you lose
if you experience a cyber incident or have computer issues. It‘s essential that you back up
your most important data and information regularly. Fortunately, backing up doesn‘t
generally cost much and is easy to do.

It‘s a good idea to use multiple back-up methods to help ensure the safety of your important
files. A good back up system typically includes:

 daily incremental back-ups to a portable device and/or cloud storage

 end-of-week server back-ups
 quarterly server back-ups
 yearly server back-ups

Regularly check and test that you can restore your data from your back up.

Make it a habit to back up your data to an external drive or portable device like a USB stick.
Store portable devices separately offsite, which will give your business a plan b if the office
site is robbed or damaged. Do not leave the devices connected to the computer as they can be
infected by a cyber-attack.

Alternatively, you can also back up your data through a cloud storage solution. An ideal
solution will use encryption when transferring and storing your data, and provides multi-
factor authentication for access.
2. Secure your devices and network

Make sure you update your software

Ensure you program your operating system and security software to update automatically.
Updates may contain important security upgrades for recent viruses and attacks. Most
updates allow you to schedule these updates after business hours, or another more convenient
time. Updates fix serious security flaws, so it is important to never ignore update prompts.

Install security software

Install security software on your business computers and devices to help prevent infection.
Make sure the software includes anti-virus, anti-spyware and anti-spam filters. Malware or
viruses can infect your computers, laptops and mobile devices.

Set up a firewall
A firewall is a piece of software or hardware that sits between your computer and the
internet. It acts as the gatekeeper for all incoming and outgoing traffic. Setting up a firewall

Page | 9
will protect your business‘s internal networks, but do need to be regularly patched in order to
do their job. Remember to install the firewall on all your portable business devices.

Turn on your spam filters

Use spam filters to reduce the amount of spam and phishing emails that your business
receives. Spam and phishing emails can be used to infect your computer with viruses or
malware or steal your confidential information. If you receive spam or phishing emails, the
best thing to do is delete them. Applying a spam filter will help reduce the chance of you or
your employees opening a spam or dishonest email by accident.
3. Encrypt important information

Make sure you turn on your network encryption and encrypt data when stored or sent online.
Encryption converts your data into a secret code before you send it over the internet. This
reduces the risk of theft, destruction or tampering. You can turn on network encryption
through your router settings or by installing a virtual private network (VPN) solution on your
device when using a public network.
4. Ensure you use multi-factor authentication (MFA)

Multi-factor authentication (MFA) is a verification security process that requires you to

provide two or more proofs of your identity before you can access your account. For
example, a system will require a password and a code sent to your mobile device before
access is granted. Multi-factor authentication adds an additional layer of security to make it
harder for attackers to gain access to your device or online accounts.
5. Manage passphrases

Use passphrases instead of passwords to protect access to your devices and networks that
hold important business information. Passphrases are passwords that is a phrase, or a
collection of different words. They are simple for humans to remember but difficult for
machines to crack.

A secure passphrase should be:

 long - aim for passphrases that are at least 14 characters long, or four or more random
words put together
 complex - include capital letters, lowercase letters, numbers and special characters in
your passphrase
 unpredictable - while a sentence can make a good passphrase, having a group of
unrelated words will make a stronger passphrase
 unique - don't reuse the same passphrase for all of your accounts

If you use the same passphrase for everything and someone gets hold of it, all your accounts
could be at risk. Consider using a password manager that securely stores and creates
passphrases for you.

**How do you embed risk management within your computer-

Risk management workshops often fail to motivate employees to truly reduce risk. The
process of embedding can make a real impact. Embedding facilitates changes throughout an
organization that improve risk management and improve the evidence of its operation and

Page | 10
effectiveness, through audit trails and performance reporting, and so reduce the overhead of
audit and control risk self certification.
Outside the financial services sector, formal corporate risk management activities usually
involve a pattern of behavior that will be familiar to most readers. Workshops are held at
which people think of "risks," rate them, and write down what they are doing or plan to do
about the ones that seem important. The results are written up as a "risk register." The same
behavior occurs in the public sector, where it has been adopted as good practice.
People in many organizations feel this activity adds little value. Their reaction has been to
involve the minimum number of people and do it no more often than is necessary for
compliance.
Knowing this, regulators and other providers of guidance typically say that risk management
should be "embedded" in an organization. It should not be something extra done to comply
with their regulations, but become part of normal management.
So what does "embedding" really mean, how do you do it, and does it work? This article
explains what the real issues are and what embedding has to mean if we are to see risk
management make the impact it should.
Embedding
Regulators advise "embedding" risk management to encourage organizations to do something
more effective than have an annual meeting at a senior level to produce some "shelfware."
They also advise it to argue that they are asking for something efficient that organizations
should already be doing.
One interpretation of "embedding" risk management is that you can do it by repeating the
workshops more frequently and at more levels in an organization. As it becomes a regular
event, doesn't that make it part of normal management?
The theory is that the thought process of the workshops (i.e., objectives—risks—controls)
can be applied usefully to anything at any level. Enterprise-wide risk management is
sometimes described in just these terms.
A more realistic view is that there are many different techniques and ways of thinking about
and managing risk and uncertainty. Embedded risk management is where the right techniques
are applied where appropriate, in the right strength, and in a way that generates evidence of
operation and effectiveness.
At its simplest, this can mean elementary internal controls, such as performing bank
reconciliations to combat various risks related to faulty accounting and theft. More
sophisticated examples of controls involve more risk thinking.
In effect, embedding risk management involves expanding the concept of an internal control
to include more sophisticated management processes which involve an element of risk
thinking. Here are some examples.
Credit Management. Though there are spectacular exceptions, most companies manage the
risk of not being paid by their customers. They have credit risk management embedded
already, though perhaps it could be done better.
They have established procedures and computerized controls that cover assessing the risk of
default, granting credit progressively, monitoring for possible default, and following up.
Sophisticated methods may be used to assess credit worthiness. These methods are often

Page | 11
reviewed, and attempts are made to improve them. Credit management procedures are
documented and generate evidence that they have been carried out, i.e., they leave an audit
trail. Typically there is monthly reporting of credit risk management performance.
These elements—multiple procedures, intelligent decisions, an audit trail, and frequent
measurement and reporting—characterize embedded risk management.
Strategic Marketing Planning. In contrast to credit risk management, risk and uncertainty
are rarely managed well in strategic marketing planning. This is a pity because these plans
involve huge uncertainties and are sometimes indistinguishable from the strategic plans of the
whole enterprise. They can get a company into the sort of deep trouble that leads to ruin and,
occasionally, false accounting.
An embedded risk management process here starts early, ideally before people tie their
personal credibility to particular ideas. Reviewing major areas of uncertainty frequently helps
guide the research and analysis that goes into creating these plans, as well as introducing risk
and uncertainty management into the plan itself. There are some very simple tools for
thinking about risks and risk factors, and more complicated analytical methods for estimating
results.
Project Risk Management. A large organization can easily have 100+ projects running at
any time. The risks are considerable. Workshops to try to identify specific risks and plan
responses are increasingly common but they are just a small part of project risk management.
Different organizations have different habits on projects but typical activities include:
tracking project risk factors, structuring projects to reduce the risk profile (e.g., incremental
deliveries or a portfolio structure), continuous monitoring of new information for emerging
risks, feasibility studies and other research, Monte Carlo simulation to support estimates, and
independent audits.
It is not necessary for a risk management approach to be standardized to be embedded. A
more efficient approach is to have a generic scheme which people are encouraged to flex as
appropriate to meet the specific needs of their project.
The Process of Embedding
If embedding is interpreted as holding the same type of workshop at more levels and more
frequently, then the process of embedding looks very simple: define the thought process and
way of documenting it, then train as many people as possible to do it. The difficult part is to
convince people that this is a good use of their time.
If you accept that embedding is more complicated than this, the process of embedding
becomes:
 Identify risk and uncertainty management activities (a.k.a. controls) already operating,
recognizing the wide range of different techniques and thought processes that can be
used.
 Improve and refine them where appropriate.
 Ensure the activities generate evidence of having operated and of their own effectiveness
(e.g., performance metrics, independent reports) to minimize the need for audit and
control risk self assessment.
At the top level it is helpful to have executive leadership (i.e., not normally the Audit
Committee) anticipate the need for work on controls and direct resources to it in good time.

Page | 12
9. What would happen to the business if one of your risks becomes a reality? Describe
CKC in details.

ANSWER- **What would happen to the business if one of your risks becomes a reality-

If and when a risk becomes a reality, a well-prepared business can minimize the impact on
earnings, lost time and productivity, and negative impact on customers. For startups and
established businesses, the ability to identify risks is a key part of strategic business
planning. Risks are identified through a number of ways. Strategies to identify these risks
rely on comprehensively analyzing a company's specific business activities. Most
organizations face preventable, strategic and external threats that can be managed through
acceptance, transfer, reduction, or elimination.

Physical Risks

Building risks are the most common type of physical risk. Think fires or explosions. To
manage building risk, and the risk to employees, it is important that organizations do the
following:

 Make sure all employees know the exact street address of the building to give to a
911 operator in case of emergency.
 Make sure all employees know the location of all exits.
 Install fire alarms and smoke detectors.
 Install a sprinkler system to provide additional protection to the physical plant,
equipment, documents and, of course, personnel.
 Inform all employees that in the event of emergency their personal safety takes
priority over everything else. Employees should be instructed to leave the building
and abandon all work-associated documents, equipment and/or products.

Hazardous material risk is present where spills or accidents are possible. The risk from
hazardous materials can include:

 Acid
 Gas
 Toxic fumes
 Toxic dust or filings
 Poisonous liquids or waste

Fire department hazardous material units are prepared to handle these types of disasters.
People who work with these materials, however, should be properly equipped and trained to
handle them safely.

Organizations should create a plan to handle the immediate effects of these risks.
Government agencies and local fire departments provide information to prevent these
accidents. Such agencies can also provide advice on how to control them and minimize their
damage if they occur.

Location Risks

Page | 13
Among the location hazards facing a business are nearby fires, storm damage, floods,
hurricanes or tornados, earthquakes, and other natural disasters. Employees should be
familiar with the streets leading in and out of the neighborhood on all sides of the place of
business. Individuals should keep sufficient fuel in their vehicles to drive out of and away
from the area. Liability or property and casualty insurance are often used to transfer the
financial burden of location risks to a third-party or a business insurance company.

There are other business risks associated with location that are not directly related to
hazards, such as city planning. For example, a gas station exists on a major road, and as a
result of its location, it receives plenty of business. City planning can eventually restructure
the area around the gas station. The city may close the road the gas station is on, build other
infrastructure that would make the gas station inaccessible, or overall just not take the gas
station into consideration with any redevelopment. This would leave the gas station with no
traffic to serve.

Human Risks

Alcohol and drug abuse are major risks to personnel in the workforce. Employees suffering
from alcohol or drug abuse should be urged to seek treatment, counseling, and rehabilitation
if necessary. Some insurance policies may provide partial coverage for the cost of treatment.

Protection against embezzlement, theft and fraud may be difficult, but these are common
crimes in the workplace. A system of double-signature requirements for checks, invoices,
and payables verification can help prevent embezzlement and fraud. Stringent accounting
procedures may discover embezzlement or fraud. A thorough background check before
hiring personnel can uncover previous offenses in an applicant's past. While this may not be
grounds for refusing to hire an applicant, it would help HR to avoid placing a new hire in a
critical position where the employee is open to temptation.

Illness or injury among the workforce is a potential problem. To prevent loss of

productivity, assign and train backup personnel to handle the work of critical employees
when they are absent due to a health-related concern.

Technology Risks

A power outage is perhaps the most common technology risk. Auxiliary gas-driven power
generators are a reliable back-up system to provide electricity for lighting and other
functions. Manufacturing plants use several large auxiliary generators to keep a factory
operational until utility power is restored.

Computers may be kept up and running with high-performance back-up batteries. Power
surges may occur during a lightning storm (or randomly), so organizations should furnish
critical business systems with surge-protection devices to avoid the loss of documents and
the destruction of equipment.

Cloud storage is another source of risks nowadays. The process involves backing up data
with Amazon Web Services, for example, using Azure, IBM, and Oracle, for instance. This
is a huge undertaking that should be considered given the reliance on cloud-based data to
run most businesses now. It is important to establish both offline and online data backup
systems to protect critical documents.

Page | 14
Although telephone and communications failure are relatively uncommon, risk managers
may consider providing emergency-use company cell phones to personnel whose use of the
phone or internet is critical to their business.

Strategic Risks

Strategy risks are not altogether undesirable. Financial institutions such as banks or credit
unions take on strategy risk when lending to consumers, while pharmaceutical companies
are exposed to strategy risk through research and development for a new drug. Each of these
strategy-related risks is inherent in an organization's business objectives. When structured
efficiently, the acceptance of strategy risks can create highly profitable operations.

Companies exposed to substantial strategy risk can mitigate the potential for negative
consequences by creating and maintaining infrastructures that support high-risk projects. A
system established to control the financial hardship that occurs when a risky venture fails
often includes diversification of current projects, healthy cash flow, or the ability to finance
new projects in an affordable way, and a comprehensive process to review and analyze
potential ventures based on future return on investment.

Making a Risk Assessment

After the risks have been identified, they must be prioritized in accordance with an
assessment of their probability.

Establish a probability scale for the purposes of risk assessment.

For example, risks may:

1. Be very likely to occur

2. Have some chance of occurring
3. Have a small chance of occurring
4. Have very little chance of occurring

Other risks must be prioritized and managed in accordance with their likelihood of
occurring. Actuarial tables—statistical analysis of the probability of any risk occurring and
the potential financial damage ensuing from the occurrence of those risks—may be accessed
online and can provide guidance in prioritizing risk.

Insuring Against Risks

Insurance is a principle safeguard in managing risk, and many risks are insurable. Fire
insurance is a necessity for any business that occupies a physical space, whether owned
outright or rented, and should be a top priority. Product liability insurance, as an obvious
example, is not necessary for a service business.

Some risks are an inarguably high priority, for example, the risk of fraud or embezzlement
where employees handle money or perform accounting duties in accounts payable and
receivable. Specialized insurance companies will underwrite a cash bond to provide
financial coverage in the event of embezzlement, theft or fraud.

Page | 15
When insuring against potential risks, never assume a best-case scenario. Even if employees
have worked for years with no problems and their service has been exemplary, insurance
against employee error may be a necessity. The extent of insurance coverage against injury
will depend on the nature of your business. A heavy manufacturing plant will, of course,
require more extensive coverage for employees. Product liability insurance is also a
necessity in this context.

If a business relies heavily on computerized data—customer lists and accounting data, for
example—exterior backup and insurance coverage is necessary. Finally, hiring a risk
management consultant may be a prudent step in the prevention and management of risks.

**Describe CKC in details.

The cyber kill chain (CKC) is a classic cybersecurity model developed by the computer
security incident response team (CSIRT) at Lockheed Martin. The purpose of the model is to
better understand the stages required to execute an attack, and to help security teams stop an
attack at each of its stages.

The CKC model describes an attack by an external attacker attempting to gain access to data
or assets inside the security perimeter. The attacker performs reconnaissance, intrusion of the
security perimeter, exploitation of vulnerabilities, gains and escalates privileges, moves
laterallyt to gain access to more valuable targets, attempts to obfuscate their activity, and
finally, exfiltrates data from the organization.

The cyber kill chain model mainly describes an advanced persistent threat (APT), a
sophisticated malicious actor waging an organized attack campaign against a specific
company.
1. Reconnaissance

At the reconnaissance stage, the attacker gathers information about the target organization.
They can use automated scanners to find vulnerabilities and weak points that may be able to
be penetrated. Attackers will try to identify and investigate security systems that are in place,
such as firewalls, intrusion prevention systems, and authentication mechanisms.

2. Intrusion

At the intrusion stage, attackers are attempting to get inside the security perimeter. Attackers
commonly inject malware into a system to get a foothold. Malware could be delivered by
social engineering emails, a compromised system or account, an ―open door‖ representing a
gap in security — such as an open port or unsecured endpoint — or an insider accomplice.

Page | 16
3. Exploitation

At the exploitation stage, attackers seek additional vulnerabilities or weak points they can
exploit inside the organization‘s systems. For example, from the outside, the attacker may
have no access to an organization‘s databases, but after the intrusion, they can see that a
database uses an old version and is exposed to a well-known vulnerability.

4. Privilege Escalation

In the privilege escalation stage, the goal of the attacker is to gain privileges to additional
systems or accounts. Attackers may attempt brute force attacks, look for unsecured
repositories of credentials, monitor unencrypted network traffic to identify credentials, or
change permissions on existing compromised accounts.

5. Lateral Movement

In the lateral movement stage, attackers connect to additional systems and attempt to find the
organization‘s most valuable assets. Attackers move laterally from one system to another to
gain access to privileged accounts, sensitive data, or critical assets. Lateral movement is a
coordinated effort that may span multiple user accounts and IT systems.

6. Obfuscation

At the obfuscation stage, the attacker tries to cover their tracks. They may try to delete or
modify logs, falsify timestamps, tamper with security systems, and take other actions to hide
previous stages in the CKC and make it appear that sensitive data or systems were not
touched.

10. Define depth of defence (DoD). What is criminal revenue?

ANSWER- Define depth of defence (DoD)-

Defense in Depth (DiD) is an approach to cybersecurity in which a series of defensive
mechanisms are layered in order to protect valuable data and information. If one mechanism
fails, another steps up immediately to thwart an attack. This multi-layered approach with
intentional redundancies increases the security of a system as a whole and addresses many
different attack vectors. Defense in Depth is commonly refered to as the "castle approach"

Page | 17
because it mirrors the layered defenses of a medieval castle. Before you can penetrate a castle
you are faced with the moat, ramparts, draw-bridge, towers, battlements and so on.

The digital world has revolutionized how we live, work and play. However, it's a digital
world that is constantly open to attack, and because there are so many potential attackers, we
need to ensure we have the right security in place to prevent systems and networks being
compromised. Unfortunately, there is no single method that can successfully protect against
every single type of attack. This is where a defense in depth architecture comes into play.

What is criminal revenue-

Cybercrime is any criminal activity that involves a computer, networked device or a network.

While most cybercrimes are carried out in order to generate profit for the cybercriminals,
some cybercrimes are carried out against computers or devices directly to damage or disable
them. Others use computers or networks to spread malware, illegal information, images or
other materials. Some cybercrimes do both -- i.e., target computers to infect them with a
computer virus, which is then spread to other machines and, sometimes, entire networks.

A primary effect of cybercrime is financial. Cybercrime can include many different types of
profit-driven criminal activity, including ransomware attacks, email and internet fraud, and
identity fraud, as well as attempts to steal financial account, credit card or other payment card
information.

Cybercriminals may target an individual's private information or corporate data for theft and
resale. As many workers settle into remote work routines due to the pandemic, cybercrimes
are expected to grow in frequency in 2021, making it especially important to protect backup
data.

11. How easy is it to exploit stolen IP? What are cyber-criminal targets? What are the
steps to protect your mobile phone from cybercrime?

ANSWER- How easy is it to exploit stolen IP-

our IP address is a unique string of numbers assigned to you by your ISP – like a delivery

address for online traffic. If you connect to a different Wi-Fi or move house, your IP address

will change along with your location.

Most ISPs use dynamic IP addresses, which aren‘t fixed to your device, but you can have

a static IP if you wish to (you can learn more about different types of IP addresses here). For

Page | 18
 example, if you want your computer IP address to always stay the same, you‘ll be able to

specify that through the device‘s settings. This can be useful when port-forwarding – if you

want certain data to be sent directly from your router to your computer IP address.

Since your IP address holds certain information about you, someone could use it for

malicious purposes. People can get hold of your IP address in plenty of ways. Here are just a

few:

1. By borrowing your device. If somebody borrows or uses your computer, they can find out

what your IP address is in seconds because countless free websites help you do that.

2. From an email. If you send an email to someone, they can check the header of the message,

which could contain your IP address. Yahoo! and Microsoft Outlook are known to include IP

addresses in the email header.

3. Clicking on a link. Any link you click on will need to provide your IP address for the server

at the other end to deliver the content provided by the link. Whoever owns that server will see

your IP address.

4. By hacking your router. If somebody has found out your router‘s password and logged in,

they can easily view your IP address.

5. From a web server. Every time you visit a website, your IP address is collected and stored on

a server. Anyone who owns that server can go and look up your IP.

6. Clicking on an ad. When you click on an ad, you‘re giving your IP to the service provider.

Some online ads can be created by malicious actors and put your security at risk.

Page | 19
7. Participating in online forums. If you like to participate in various discussions when you‘re

connected to the internet at home, forum admins can view your public IP address and sniff

out your location.

8. Connecting to a fake hotspot. Hackers can set a fake hotspot and view your IP address and

personal information or even infect your device with malware.

**What are cyber-criminal targets-?

Small businesses
In the previous two years, there has been a significant concern for small businesses about
cybercrime. After much observation, it‘s clear that while the enterprise level companies get
the most press when attacked, SMBs remain the prime target for hackers. In the United
States, for instance, about 14 million small businesses have been attacked. That is quite a
large number. Cybercriminals love SMBs because unlike their enterprise counterparts, they
have significantly less muscle to secure endpoints and stop an attack if they wanted to. Some
businesses think that by simply installing anti-virus software on all machines at the
workplace will keep them safe. However, in today‘s business environment, a lot more has to
be done. These include but not limited to:

 Mail security
 End-point advanced security which can be enforced by artificial intelligence.
 Online and hands-on training.
 Two-factor authentication practices and password management.
 Cloud secured internet gateways.

Healthcare
One of the most coveted targets by hackers is the healthcare industry. Being a billion-dollar
industry, it‘s one of the most data-rich sectors the world over. Hackers love the healthcare
industry because medical files have the most intimate details of a person‘s life and that is why
medical records are most confidential even by law. In 2018 however, hackers are getting way
smarter. The more recent activity, in this case, involves frequent attacks on the healthcare
web apps.
A report unveiled by TechRepublic showed that on average, web apps in the healthcare
industry get about 1500 unique attacks on a daily basis. Some of the more common attacks in
this regard involve local file inclusion and cross-site scripting which means that they are
more interested in planting malware downloaders that steal your personal information.
Without regular patches to the apps, the healthcare industry is open to exploitation.

Page | 20
Law firms
Lawyers are some of the smartest people on the planet. However, cybersecurity isn‘t usually
their strongest suits. For hackers and cybercriminals, law firms are prime targets mainly due
to the nature of data and information that they collect, store and use. Last year, DLA Piper,
one of the more prominent global law firms suffered a vicious hack. The Petya ransomware
left the firm unable to access their data for three days which means loss of business for those
days. DLA wasn‘t the only one. Nine more such firms, all large and powerful also suffered
similar attacks last year. From this information, it‘s safe to conclude that these hackers might
step up a notch higher in 2018.
Personal computers and phones
Digital currency has come a long way. From the time when it was only an idea to now where
some digital currencies such as bitcoin are more valuable than gold. Due to its immense
value, as it is, there is a considerable demand for the product. Enter crypto jacking.
Cryptojacking can be defined as the stealth use of a computing device to mine
cryptocurrency. Today‘s computers and cell phones have become increasingly powerful to
handle resource-thirsty applications seamlessly. As such, hackers had a way of unknowingly
installing a program that will mine the currency in the background without the user‘s consent.
However, that method was quickly replaced by in-browser crypto jacking. Since most
websites on the internet presently have JavaScript, the page will mine cryptocurrencies.

Financial institutions
Since financial institutions are literally dealing with dollars and cents, they are a prime target
for any malicious hackers. Businesses operating within the financial services sector should
always be prepared for an attack. Data from IBM X-Force suggests that more than 200
million records of financial services were breached in the previous year. This figure is
expected to rise by a huge margin in 2018.
Due to cryptocurrency being extremely valuable at the moment, hackers will also continue
targeting online wallets, affiliate sites, and exchanges. This kind of currency suits them best
because as commonly known, most cryptocurrencies are untraceable. So, when the hacker
manages to bypass security protocols in place and gets to the coins, there is no following the
money with hopes of recovery.
In today‘s world, it‘s not a question of ―if‖ you will be attacked. It‘s often a question of
―when‖ and whether you are prepared for the attack to either prevent it entirely or survive it.
Cyber-crime is on the rise the world over and hitting all industries with money to drain.
Today no company is immune from cybercrime. The advisable thing is to stay alert and
embrace the saying; ―prevention is better than cure.‖

**What are the steps to protect your mobile phone from cybercrime-?

Anyone using the internet should exercise some basic precautions. Here are 11 tips you can
use to help protect yourself against the range of cybercrimes out there.
1. Use a full-service internet security suite
It‘s a good idea to consider trusted security software like Norton 360 with LifeLock Select,
which provides all-in-one protection for your devices, online privacy, and identity, and helps
protect your private and financial information when you go online.
2. Use strong passwords

Page | 21
Don‘t repeat your passwords on different sites, and change your passwords regularly. Make
them complex. That means using a combination of at least 10 letters, numbers, and symbols.
A password management application can help you to keep your passwords locked down.
3. Keep your software updated
This is especially important with your operating systems and internet security software.
Cybercriminals frequently use known exploits, or flaws, in your software to gain access to
your system. Patching those exploits and flaws can make it less likely that you‘ll become a
cybercrime target.
4. Manage your social media settings
Keep your personal and private information locked down. Social engineering cybercriminals
can often get your personal information with just a few data points, so the less you share
publicly, the better. For instance, if you post your pet‘s name or reveal your mother‘s maiden
name, you might expose the answers to two common security questions.
5. Strengthen your home network
It‘s a good idea to start with a strong encryption password as well as a virtual private
network. A VPN will encrypt all traffic leaving your devices until it arrives at its destination.
If cybercriminals do manage to hack your communication line, they won‘t intercept anything
but encrypted data. It‘s a good idea to use a VPN whenever you a public Wi-Fi network,
whether it‘s in a library, café, hotel, or airport.
6. Talk to your children about the internet
You can teach your kids about acceptable use of the internet without shutting down
communication channels. Make sure they know that they can come to you if they‘re
experiencing any kind of online harassment, stalking, or bullying.
7. Keep up to date on major security breaches
If you do business with a merchant or have an account on a website that‘s been impacted by a
security breach, find out what information the hackers accessed and change your password
immediately.
8. Take measures to help protect yourself against identity theft
Identity theft occurs when someone wrongfully obtains your personal data in a way that
involves fraud or deception, typically for economic gain. How? You might be tricked into
giving personal information over the internet, for instance, or a thief might steal your mail to
access account information. That‘s why it‘s important to guard your personal data. A VPN —
short for virtual private network — can also help to protect the data you send and receive
online, especially when accessing the internet on public Wi-Fi.
9. Know that identity theft can happen anywhere
It‘s smart to know how to protect your identity even when traveling. There are a lot of things
you can do to help keep criminals from getting your private information on the road. These
include keeping your travel plans off social media and being using a VPN when accessing the
internet over your hotel‘s Wi-Fi network.
10. Keep an eye on the kids

Page | 22
Just like you‘ll want to talk to your kids about the internet, you‘ll also want to help protect
them against identity theft. Identity thieves often target children because their Social Security
number and credit histories frequently represent a clean slate. You can help guard against
identity theft by being careful when sharing your child‘s personal information. It‘s also smart
to know what to look for that might suggest your child‘s identity has been compromised.

12. Publication and transmission of containing sexually explicit act or conduct (3)
What is Cyber terrorism, (3)
Hacking with computer system (3)
Skimming means (2)
Disclosure of information in breach of contact (3)
Define the IT act 2000. Write down the positive aspects of the ITA2000.

ANSWER- . Publication and transmission of containing sexually explicit act or conduct-

Whoever publishes or transmits or causes to be published or transmitted in the electronic

form any material which contains sexually explicit act or conduct shall be punished on first
conviction with imprisonment of either description for a term which may extend to five years
and with fine which may extend to ten lakh rupees and in the event of second or subsequent
conviction with imprisonment of either description for a term which may extend to seven
years and also with fine which may extend to ten lakh rupees.

What is Cyber terrorism-

Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten,
the loss of life or significant bodily harm, in order to achieve political or ideological gains
through threat or intimidation. Acts of deliberate, large-scale disruption of computer
networks, especially of personal computers attached to the Internet by means of tools such
as computer viruses, computer worms, phishing, malicious software, hardware methods,
programming scripts can all be forms of internet terrorism.[1] Cyberterrorism is a
controversial term.[citation needed] Some authors opt for a very narrow definition, relating to
deployment by known terrorist organizations of disruption attacks against information
systems for the primary purpose of creating alarm, panic, or physical disruption. Other
authors prefer a broader definition, which includes cybercrime. Participating in a cyberattack
affects the terror threat perception, even if it isn't done with a violent approach.[2] By some
definitions, it might be difficult to distinguish which instances of online activities are
cyberterrorism or cybercrime.[3]
Cyberterrorism can be also defined as the intentional use of computers, networks, and public
internet to cause destruction and harm for personal objectives. Experienced cyberterrorists,
who are very skilled in terms of hacking can cause massive damage to government systems
and might leave a country in fear of further attacks.[4] The objectives of such terrorists may be
political or ideological since this can be considered a form of terror.[5]

Page | 23
There is much concern from government and media sources about potential damage that
could be caused by cyberterrorism, and this has prompted efforts by government agencies
such as the Federal Bureau of Investigation (FBI) and the Central Intelligence Agency (CIA)
to put an end to cyber attacks and cyberterrorism.[4]

**Hacking with computer system-

A commonly used hacking definition is the act of compromising digital devices and networks
through unauthorized access to an account or computer system. Hacking is not always a
malicious act, but it is most commonly associated with illegal activity and data theft by cyber
criminals.

But what is hacking in a cyber security context?

Hacking in cyber security refers to the misuse of devices like computers, smartphones,
tablets, and networks to cause damage to or corrupt systems, gather information on users,
steal data and documents, or disrupt data-related activity.

A traditional view of hackers is a lone rogue programmer who is highly skilled in coding and
modifying computer software and hardware systems. But this narrow view does not cover the
true technical nature of hacking. Hackers are increasingly growing in sophistication, using
stealthy attack methods designed to go completely unnoticed by cybersecurity software and
IT teams. They are also highly skilled in creating attack vectors that trick users into opening
malicious attachments or links and freely giving up their sensitive personal data.

As a result, modern-day hacking involves far more than just an angry kid in their bedroom. It
is a multibillion-dollar industry with extremely sophisticated and successful techniques.

** Skimming means-

As the word ―skim‖ means ―to read quickly‖, criminals use various devices, known as
skimmers, to steal data without the victim even realising it. This is usually carried out when
making transactions at an ATM or paying at a point-of-sale (POS) terminal that has been
tampered with beforehand.

** Disclosure of information in breach of contact

When information is disclosed to a third party without the data owner‘s consent it is called a
breach of confidentiality. The data owner is entitled to take legal action for the potential
losses or damages occurred as a result of such a breach of confidentiality.

Examples of breach of confidentiality

Page | 24
 1. Breach of confidentiality can happen when an employee discloses information that
is crucial for its owner‘s business or invention or discloses trade secrets to its rival
companies, which would cause losses to the company‘s business or reputation.
For example;

Mr A works under company X as associate manager, shifts to company Z where he gets high
increments, promotion and perks, disclose company X‘s client data, trade secrets and tries to
solicit his employees, thus putting the entire business of X at risk of being ruined.

1. Another example of a breach of confidentiality is when personal private

information is leaked or disclosed by a medical practitioner, which results in loss
of reputation or mental trauma to the patient.
2. The most classic example of breach of confidentiality is the Coca-Cola case, in
this case, the employee of Coca-Cola leaked the company‘s ―Coke‖ trade secrets
to PepsiCo. Coke‘s executive administrative assistant was found guilty of stealing
secrets, including a sample of a new drink being developed from Coca-Cola. The
court sentenced the executive administrative assistant for a period of 8 years and
other employees for 5 years, along with a fine of $40,000 for restitution.
In CMI Centre for Medical Innovation GMBH and Anr, Vs Phytopharm PLC (1999) FSR
235, the court has laid down the principles as to what the owner must address in breach of
confidence:

 Information or idea relied on by the infringer, in order to obtain an unfair

advantage, must be clearly identified;
 Information or idea must be handed over to the infringer as confidential
information;
 The information or idea must be classified as confidential; and
 Information or ideas must be used or threatened to be used without authorization.
Confidentiality is not absolute, there are exceptional conditions where disclosure of
confidential information would not amount to breach. Following are the exemption to breach
of confidentiality:

 Consent- Where the information is disclosed or lawfully obtained with the consent
of the authorized person, then such disclosure will not be considered as a breach.
 Court Order or in Compliance with the Law- Where the confidential information is
required to be disclosed or released upon receipt of an order of the court of
competent jurisdiction, or in compliance with the ruling of a government or
regulatory authority, or by mandatory Law.
 Continued Treatment- A medical practitioner may release confidential information
to other practitioners for further or continued treatment of the patient.
 Communicate a Threat- Confidential information can be disclosed where there is a
threat of violation or destruction which can cause injury or bodily harm to another
person.

Page | 25
  Already in Public- Where the information is already in public or possession of the
other person without an obligation to confidentiality prior receipt from the owner
of the information, it would not amount to breach.
 Unaware- Where the information is lawfully obtained by a third person, and that
person is not aware of any confidentiality relating to the information.

**Define the IT act 2000. Write down the positive aspects of the ITA2000.

IT Act, 2000
The Information Technology Act, 2000 was enacted by the Indian Parliament in 2000. It is
the primary law in India for matters related to cybercrime and e-commerce.

 The act was enacted to give legal sanction to electronic commerce and electronic
transactions, to enable e-governance, and also to prevent cybercrime.
 Under this law, for any crime involving a computer or a network located in India,
foreign nationals can also be charged.
 The law prescribes penalties for various cybercrimes and fraud through
digital/electronic format.
 It also gives legal recognition to digital signatures.
 The IT Act also amended certain provisions of the Indian Penal Code (IPC), the
Banker‘s Book Evidence Act, 1891, the Indian Evidence Act, 1872 and the Reserve
Bank of India Act, 1934 to modify these laws to make them compliant with new
digital technologies.
 In the wake of the recent Indo-China border clash, the Government of India banned
various Chinese apps under the Information Technology Act. Read more about this in
an RSTV titled, ‗TikTok, Other Chinese Apps Banned‘.
Features of the Information Technology Act, 2000

Here we will check out the features of the Information Technology Act. They are as follows:
 All electronic contracts created through secure electronic channels were legally valid.
 Legal recognition for digital signatures.
 Security measures for electronic records and conjointly digital signatures are in place.
A procedure for the appointment of adjudicating officers for holding inquiries
underneath the Act is finalized.
 Provision for establishing a Cyber restrictive Appellant judicature underneath the Act.
Further, this judicature can handle all appeals created against the order of the
Controller or Adjudicating Officer.
 It charms against the order of the Cyber Appellant judicature is feasible solely within
the court.
 Digital Signatures uses an uneven cryptosystem and conjointly a hash operate.

Page | 26
 Provision for the appointment of the Controller of Certifying Authorities (CCA) to
license and regulate the operating of Certifying Authorities. The Controller acts as a
repository of all digital signatures.
 The Act applies to offences or contraventions committed outside India.
 Senior law enforcement officials and alternative officers will enter any public place
and search and arrest while not warrant.
 Provisions for the constitution of a Cyber laws committee to advise the Central.

Page | 27