Subject: Cyber Security B.

Com Final Year

1. Define Cyber Security?

Answer: Cyber security is the application of technologies, processes and controls to protect
systems, networks, programs, devices and data from cyber-attacks.
It aims to reduce the risk of cyber-attacks and protect against the unauthorized exploitation of
systems,networks and technologies.
2. What is authorization and authentication?
Answer:
Authentication: The process of authentication in the context of computer systems means
assurance and confirmation of a user's identity.
Before a user attempts to access information stored on a network, he or she must prove their
identity and permission to access the data

Authorization: Once the system knows who users are, policies can be applied that control
where the users can go, what the users can do, and what resources they can access. This is
called authorization

3. Why Cyber Security is important?

Answer: Cybersecurity is crucial because it safeguards all types of data against theft and loss.
Sensitive data, protected health information (PHI), personally identifiable information (PII),
intellectual property, personal information, data, and government and business information
systems are all included. Many websites would be practically impossible to enjoy if cyber security
specialists did not work ceaselessly to prevent denial-of-service attacks.

4. What is incident Response.

Answer: Incident response (sometimes called cybersecurity incident response) refers to an
organization's processes and technologies for detecting and responding to cyberthreats, security
breaches or cyberattacks. A formal incident response plan enables cybersecurity teams to limit
or prevent damage.

5. Define white hat Hacking.

Answer: We look for bugs and ethically report it to the organization. We are authorized as a
user to test for bugs in a website or network and report it to them. White hat hackers generally
get all the needed information about theapplication or network to test for, from the organization
itself. They use their skills to test it before the website goes live or attacked by malicious hackers.
6. Define Audit.
Answer: A cyber security audit is a systematic and independent examination of an
organization’s cyber security. An audit ensures that the proper security controls, policies, and
procedures are in place and working effectively.
The objective of a cyber-security audit is to provide an organization’s management,
vendors, and customers, with an assessment of an organization’s security position.
7.Firewalls
Answer: A firewall is a network security device, either hardware or software-based, which
monitors all incoming and outgoing traffic and based on a defined set of security rules it accepts,
rejects or drops that specific traffic.
Accept- allow the traffic
Reject- block the traffic but reply with an “unreachable error”
Drop- block the traffic with no reply

A firewall establishes a barrier between secured internal networks

and outside untrusted network, such as the Internet.

II. Answer the Questions. 2x5=10 Marks

1.A. What is Internet Governance. What are the major challenges or constraints
will arise while managing the internet?
Answer: Internet governance is the development and application of shared principles, norms,
rules, decision- making procedures, and programs that shape the evolution and use of the
Internet.
It describes how the Internet was and is currently governed, some of the controversies that
occurred alongthe way, and the ongoing debates about how the Internet should or should not be
governed in the future.
Internet governance involves translation of ip address through the Domain Name System and
into domain name
The term “Internet governance” first started to be used in connection with the governance of
Internet identifiers such as domain names and IP addresses, which led to the formation of
ICANN (Internet Corporation for Assigned Names and Numbers). Since then, the economic,
political, social and military implications of Internet governance have expanded to embrace a
number of other areas of policy.

Challenges in Cyber Security

1. The pace and changing nature of the internet
The internet today is simply bigger and more diverse than it used to be. Its range of
services is far greater andcontinually growing. It’s been transformed by massive growth in the
capacity of networks and devices, mobility, the internet of things and cloud computing. All this
continues and accelerates.
Governance mechanisms aren’t always scalable. Ways of governing the internet that
worked when it was smaller and less complex won’t be sufficient now it’s larger and more
complex.
2. Language Challenge
The diversity of people in the context of languages is major challenge for the
implementation of internet based projects, since most of the internet applications are written in
English. Also English may not be understandable to most of the people. Therefore, it becomes
the big challenge for the governments to write internet applications to be implemented across
the nation in more than one language in order to be acceptable to the users of particular
language.
3. The concentration of digital power
Technologists stress the decentralizing force they see inherent in the internet’s packet-
switched technology and protocols. Power on the internet, they tend to say, lies with end-users;
there is no centre to it.
But economic logic differs from technology. Networks give powerful advantages to big
players that can maximize numbers of users, achieve economies of scope and scale, and leverage
data to maximize value toconsumers and themselves.
The result has been the concentration of online power in a few large companies with
global reach, that can act effectively unchecked by the majority of governments. These have
become the most powerful actors in internet governance today, and their decisions are decidedly
not subject to the principles of multi stakeholderism.
4. Digital geopolitics (and the environment)
At the same time, there have been shifts in global geopolitics. Three things.
First, those dominant online businesses that I’ve just mentioned are almost all located in two
countries. Twenty years ago, the fear in many countries was that the internet was dominated by
America. Now China is as important, and leads in some new digital technologies.
Second, the thirty years in which the internet’s evolved have seen the world divided much more
than it was. To a considerable degree, authoritarian nationalism has superseded liberal
internationalism.
Third, the biggest challenge of all facing international governance is climate change. Like
everything else, internet governance is going to evolve in a context redefined by climate change,
by the success or failure ofsteps to mitigate it (not least this week and next), and by the conflicts
that will follow likely failures.
5. Shaping the digital future
That means shaping the digital future in ways that work with other goals we have rather than
letting technology shape the future for us.
There are three things-

 preserving what we value

 promoting what we want
 and preventing what we fear.
There’ll be disagreements about what those mean. But achieving them requires governance that
is consistent with other goals the international community’s agreed. In particular, I’d cite the
international human rights regime, the sustainable development agenda and the need to reverse
climate change.
6. The future of regulation
The internet community – and businesses – have been keen to avoid regulation and
sought what they’ve called ‘permission less innovation’ as distinct from the ‘precautionary
principle’ that’s generally applied in other economic sectors.
That’s the principle that we should assess potential hazards before giving free rein to new
inventions. It’s the norm in industries like chemicals and pharmaceuticals and in other new
technologies such as genetics
7. Multilateralism and multi stakeholderism
Multi stakeholderism has been an important part of the way the internet’s been governed, from
its early days.
First, the standard stakeholder groupings are insufficiently disaggregated.
There are huge differences between government departments that manage communications and
those thatuse them to deliver public services.
Between businesses that supply the internet and those that uses it.
Between different groups of users, with different interests, different resources, different
capabilities, not to mention those who aren’t yet on the internet but whose lives are affected by
the way it’s changing their societies.
Representation in internet decision-making is skewed towards internet insiders; to the supply
side of the internet rather than to the demand side.
Second, the stakeholders themselves have changed, and so have their resources. Global
corporations can throw huge sums at influencing outcomes. Many decisions are made in
boardrooms or through negotiations between businesses and governments.
(OR)
B. What are vulnaranblities? Describe the main causes of Vulnerabilities?
Answer: A vulnerability in cyber security refers to with weakness in an information
system, system processes, or internal controls of an organized These vulnerabilities are targets
lurking cybercrimes and open toexploitation for through the points of vulnerability.

These hackers are able to gain illegal access to the systems and data and cause severe
damage Therefore, Cybersecurity vulnerabilities are extremely important to monitor for the
overall security posture as gaps in a network can result in a full-scale breach of systems in an
organization.

Examples of Vulnerabilities-
o A weakness in a firewall that can lead to malicious hackers getting into a computer
network
o Lack of security cameras.
o Unlocked doors at businesses
All of these are weaknesses that can be used by others to hurt a business or its assets.
There are many causes of Vulnerabilities like-
Complex Systems- Complex systems increase the probability of misconfigurations, flaws, or
unintended access.
Familiarity- Attackers may be familiar with common code, operating systems, hardware, and
software that lead to known vulnerabilities
Connectivity- Connected devices are more prone to have vulnerabilities
Poor Password Management- and reused passwords can lead from one data breach to several
OS Flaws- systems can have flaws too. Unsecured operating systems by default cangive users full
access and become a target for viruses and malware.
Internet- Internet is full of spyware and adware that can be installed automatically on computers.
Software Bugs- Programmers can sometimes accidentally, leave an exploitable bug in the
software.
Unchecked user input- Software or a website assumes that all input is safe, it may run unintended
SQL injection.
People- Social engineering is the biggest threat to the majority of organizations. So, humans can
be one of the biggest causes of vulnerability.

2. A. What is need of Comprehensive Cyber security policy? Discuss the need of

Nodal and International Agency?
Answer:

Need for a Comprehensive Cyber Security Policy

Security policies are a formal set of rules which is issued by an organization to ensure that
the user who are authorized to access company technology and information assets comply with
rules and guidelines related tothe security of information.
A security policy also considered to be a "living document" which means that the
document is neverfinished, but it is continuously updated as requirements of the technology and
employee changes.
We use security policies to manage our network security. Most types of security policies
are automatically created during the installation. We can also customize policies to suit our
specific environment.
Need of Security policies-
1. It increases efficiency.
2. It upholds discipline and accountability
3. It can make or break a business deal
4. It helps to educate employees on security literacy

There are some important cyber security policies recommendations describe below-
Virus and Spyware Protection policy-
 It helps to detect threads in files, to detect applications that exhibits suspicious behavior.
 Removes, and repairs the side effects of viruses and security risks by using signatures.
Firewall Policy-
 It blocks the unauthorized users from accessing the systems and networks that connect
to theInternet.
 It detects the attacks by cybercriminals and removes the unwanted sources of network
traffic.
Intrusion Prevention policy-
 This policy automatically detects and blocks the network attacks and browser attacks.
 It also protects applications from vulnerabilities and checks the contents of one or more
datapackages and detects malware which is coming through legal ways.
Application and Device Control-
 This policy protects a system's resources from applications and manages the peripheral
devices thatcan attach to a system.
 The device control policy applies to both Windows and Mac computers whereas
application control policy can be applied only to Windows clients.

Need for a Nodal Authority

CERT-In(Indian Computer Emergency Response Team ) is the national nodal agency for
responding to computer security incidents as and when they occur. CERT-In is operational since
January 2004.
CERT-In has been designated to serve as the national agency to perform the following functions
in the area of cyber security-
o Collection, analysis and dissemination of information on cyber incidents.
o Forecast and alerts of cyber security incidents.
o Emergency measures for handling cyber security incidents.
o Coordination of cyber incident response activities.
o Issue guidelines, advisories, vulnerability notes and whitepapers relating to information
securitypractices, procedures, prevention, response and reporting of cyber incidents.
o Such other functions relating to cyber security may be prescribed.

Need for an International convention on Cyberspace

The Convention is the first international treaty on crimes committed via the Internet and
other computer networks, dealing particularly with infringements of copyright, computer-related
fraud, child pornography, hate crimes, and violations of network security.
Its main objective, set out in the preamble (preface), is to pursue a common criminal policy
aimed at the protection of society against cybercrime, especially by adopting appropriate
legislation and fostering international cooperation.
The Convention aims principally at-
 Harmonizing the domestic criminal substantive law elements of offenses(crime) and
connected provisions in the area of cyber-crime
 Providing for domestic criminal procedural law powers necessary for the investigation
and prosecution of such offenses as well as other offenses committed by means of a
computer system orevidence in relation to which is in electronic form
 Setting up a fast and effective regime of international cooperation
(OR)
B. What is SOAP? SOAP Message? Explain SOAP for Web services and
applications?
Answer:

Basic Security for SOAP Services

 SOAP is an abbreviation that stands for Simple Object Access Protocol.
 SOAP is one such messaging protocol, and it is used because it offers neutrality,
independence, extensibility,and verbosity. The message format is in XML (eXtensible
Markup Language), and it uses application layer protocols for negotiation and transmission,
primarily HTTP, with some legacy systems using SMTP.
 Using SOAP, developers can invoke processes running on separate operating systems. They
use XML toauthenticate, authorize, and communicate.
SOAP Security
 SOAP security is the strategy (a plan of action) that prevents unauthorized access to
SOAP messages anduser information.
 WS Security is the set of principles/guidelines to regulate authent ication and
confidentiality procedures for SOAP Messaging.
 WSS-compliant measures include digital signatures, XML encryption and passwords,
among others. XMLencryption makes data unreadable when unauthorized users gain access.
SOAP Works
 SOAP messaging is a stateless protocol, but a developer can build session control
mechanisms into the header to build a state into the transaction. This SOAP specification allows
asynchronous communication.
 Web developers that know how to program in stateless environments can also build
SOAP states using moretraditional methods.
 For example, you can set the session attribute in the SOAP envelope header tag to
mimic HTTP session cookies. You can also explicitly use cookies if using HTTP on the Transport
Layer.
SOAP Security Risks
There are several kinds of cyber-attacks and vulnerabilities, and those uniquely targeting APIs
make the bulk ofSOAP security risks. Some of them include-
 Code Injections- in SOAP, XML code injections introduce malicious code into an
application or database. Careful access control prevents these attacks.
 Leaked/Breached Access- most attacks begin with breached or leaked access. You must
ensure SOAPmessages are shown to authorized users only.
 (Distributed) Denial of Service - DoS or DDoS attacks overwhelm web services with
overly many or long messages. Limiting message length and volume in SOAP security prevents
these attacks.
 Cross-Site Scripting - code injection, but happens from the web application side to the
website
Session Hijacking - an unauthorized user obtains session ID, and that user gains full access to
the applicationand/or another user’s account