TECHNO INDIA COLLEGE OF TECHNOLOGY

NAME : MD IQUBAL AHMAD

STREAM : BCA
ROLL : 31442723029
SECTION : A
SEMESTER : 3RD
YEAR: 2ND YEAR
PAPER NAME : cyber security
PAPER CODE : SEC381
SESSION : 2024 – 2025

Q1. what is cyber security ,what are the basis need of cyber security

ANS. Cybersecurity is the practice of protecting systems, networks, and data

from cyber threats such as hacking, malware, and unauthorized access. It
involves implementing technologies, processes, and policies to defend
against cyberattacks and ensure the confidentiality, integrity, and availability
of information.

Need for Cybersecurity:

• Protect Sensitive Data: Safeguards personal, financial, and business

information from theft or exposure.
• Prevent Cyberattacks: Blocks malicious activities like hacking,
phishing, ransomware, and malware.
 • Ensure Privacy: Protects individuals' private information and online
activities from unauthorized access.
• Maintain System Integrity: Prevents tampering with critical systems,
ensuring they run without interruption or compromise.
• Support Regulatory Compliance: Helps businesses comply with data
protection laws (e.g., GDPR, HIPAA) and avoid penalties.
• Mitigate Financial Losses: Prevents costly breaches, legal
consequences, and damage to an organization’s reputation.
• Secure National Security: Protects critical infrastructure and
government systems from cyber threats and espionage.

Q2. what are the goals of cyber security?

ANS. The goals of cybersecurity are:

1. Confidentiality: Protecting sensitive data from unauthorized access.

2. Integrity: Ensuring data is accurate and unaltered.
3. Availability: Ensuring systems and data are accessible when needed.
4. Authentication: Verifying the identity of users and devices.
5. Non-repudiation: Ensuring actions are traceable to their origin.
6. Accountability: Tracking user activities for audit and oversight.
7. Risk Management: Identifying and mitigating cyber threats and
vulnerabilities.

Q3. what is cyber attack , what are the difference type of cyber
attack?

ANS. A cyberattack is any deliberate attempt to breach or damage computer

systems, networks, or devices. These attacks can be used to steal data,
disrupt services, or cause financial or reputational harm.

Types of Cyberattacks:
 • Malware: Malicious software (like viruses, worms, Trojans) designed to
damage, disrupt, or gain unauthorized access to systems.
• Phishing: Fraudulent attempts (typically via email) to trick individuals
into revealing sensitive information, like passwords or credit card
numbers.
• Ransomware: A type of malware that encrypts a victim’s data and
demands payment (ransom) for its release.
• Denial-of-Service (DoS) / Distributed Denial-of-Service (DDoS):
Overloading a system or network with traffic, making it unavailable to
users.
• Man-in-the-Middle (MitM): Intercepting and altering communications between two
parties without their knowledge, often to steal data.
• SQL Injection: Exploiting vulnerabilities in a website’s database to insert malicious
code and gain access to sensitive data.
• Zero-Day Exploit: Attacking a software vulnerability that is unknown to the software
maker, before a patch or fix is available.
• Credential Stuffing: Using stolen usernames and passwords from previous
breaches to gain access to accounts on other platforms.
• Social Engineering: Manipulating people into divulging confidential information or
performing actions that compromise security.

Q4. WHAT is phising ? what are the advantage and disadvantage

of phising .

ANS. Phishing is a cyberattack where attackers impersonate legitimate entities (e.g.,

banks, websites) to deceive individuals into revealing sensitive information, such as
passwords, credit card numbers, or personal details, usually through fraudulent emails or
websites.

Advantages of Phishing (for attackers):

1. Low Cost: Easy to execute with minimal resources.

2. Wide Reach: Can target many people at once.
3. Anonymity: Difficult for victims to trace the attacker.
 4. Effective: Exploits human psychology (e.g., urgency, fear).

Disadvantages of Phishing:

1. Illegal: Phishing is a criminal activity with legal consequences.

2. Reputation Damage: Can harm the attacker’s or victim's reputation.
3. Victim Harm: Leads to financial loss or identity theft.
4. Detection: Security systems can block phishing attempts.
5. Ethical Issues: Highly deceptive and unethical.

Q5. WHAT is session hijacking . what are steps of session

hijacking ?

ANS. Session Hijacking is a cyberattack where an attacker takes control of a user’s active
session by stealing or predicting the session ID, allowing them to impersonate the user.

Steps of Session Hijacking:

1. Session Identification: The attacker identifies a valid session ID through methods

like sniffing network traffic.
2. Session Token Theft: The attacker steals the session ID via techniques like packet
sniffing or exploiting vulnerabilities.
3. Session Takeover: The attacker uses the stolen session ID to hijack the session
and gain unauthorized access.
4. Data Theft/Modification: The attacker can then access sensitive data or perform
actions as the legitimate user.

Mitigation:

• Use HTTPS for secure communication.

• Implement session timeouts and token rotation.
• Use two-factor authentication (2FA) for sensitive actions.

Q6. what is virus ? what is worm . what are the difference between virus and
worm.
ANS. Virus:

A virus is a type of malicious software (malware) that attaches itself to a legitimate

program or file. It spreads when the infected program or file is executed. A virus often
requires human intervention (like opening an infected file) to propagate.

Worm:

A worm is a self-replicating malware that spreads independently across networks and

systems without needing to attach itself to any host file. Worms exploit vulnerabilities in
software or operating systems to spread.

Difference Between Virus and Worm:

Feature Virus Worm

Propaga Spreads independently without needing
Requires a host file to spread.
tion a host file.
Spread Typically spread by human actions Automatically spreads through
Method (e.g., opening a file). networks or systems.
Activati Activated when the infected host Activates and spreads on its own once
on file is run. executed.
File
Needs to attach to a legitimate file
Attach Does not require attachment to a file.
or program.
ment
Can corrupt files, slow down Can overload networks, cause system
Impact
systems, and cause data loss. crashes, or create backdoors.

Q7. what is trojan horse ? what are the difference between backdoor and
trojan horse.

ANS. Trojan Horse:

• Definition: A type of malware that disguises itself as a legitimate program to trick

users into running or installing it.
• Key Traits:
o Appears harmless but contains malicious code.
 o Does not self-replicate like viruses or worms.
o Typically used to steal data, install other malware, or allow remote control.

Difference Between Trojan Horse and Backdoor:

Aspect Trojan Horse Backdoor

Nature Malicious software disguised as Hidden method for unauthorized access.
legitimate.
Function Executes harmful actions after Allows remote control or unauthorized
being run. access.
Self- Does not self-replicate. Can be part of a malware toolkit.
Replicati
on
Goal Deceptively installs malicious Maintains persistent access to a system.
code.
Example Fake software, email Hidden backdoor that allows an attacker
attachment with malware. to control a system.
Detectio Detected after execution (e.g., Harder to detect; operates stealthily in
n via behavior). the background.

Q8. what is threat ? how it is overcome.

ANS. What is a Threat?

A threat is any potential danger or event that can exploit vulnerabilities in a system,
network, or application to cause harm, damage, or unauthorized access.

How to Overcome Threats?

1. Risk Assessment: Identify, evaluate, and prioritize potential threats.

2. Security Measures:
a. Use firewalls, encryption, antivirus, and IDS/IPS to protect systems.
3. Access Control: Implement multi-factor authentication, least privilege, and user
training.
4. Regular Updates: Keep software and systems up to date with security patches.
5. Backup & Recovery: Regularly back up data and have an incident response plan.
6. Monitoring: Continuously monitor networks for suspicious activity.
7. Penetration Testing: Regularly test systems for vulnerabilities.
By using these strategies, threats can be mitigated or managed effectively.

Q9. WHAT are the advantage and disadvantage of antivirus . write down the
block diagram of antivirus ?

ANS. Advantages of Antivirus:

1. Malware Protection: Detects and prevents viruses, Trojans, ransomware, and

other malicious software.
2. Real-Time Scanning: Monitors files and processes continuously for threats.
3. Automatic Updates: Frequently updates virus definitions to combat new threats.
4. Safe Browsing: Alerts users about potentially harmful websites.
5. Email Scanning: Scans email attachments to prevent malware from being
delivered.

Disadvantages of Antivirus:

1. System Slowdown: Can reduce system performance during scans.

2. False Positives: May incorrectly flag safe files as threats.
3. Cost: Paid antivirus programs may require annual subscriptions.
4. Incomplete Protection: Some advanced threats can bypass detection.
5. Over-reliance: Users may neglect other important security practices.

Block Diagram of Antivirus:

+------------------------+
| User Interaction |
+------------------------+
|
v
+-------------------------+
| Real-Time Scanning | <--- Monitors files in real-time
+-------------------------+
|
+--------------------+------------------+
 | |
v v
+-------------------+ +------------------+
| Signature-Based | | Heuristic-Based | <--- Detects unknown threats
| Detection | | Detection |
+-------------------+ +------------------+
| |
v v
+-------------------+ +---------------------+
| File Scanning | | Behavior Monitoring | <--- Identifies suspicious actions
+-------------------+ +---------------------+
| |
v v
+------------------+ +---------------------+
| Quarantine Area | | User Alerts/Logs | <--- Notifies user of threats
+------------------+ +---------------------+
|
v
+---------------------+
| Malware Removal | <--- Removes detected malware
+---------------------+
|
v
+---------------------+
| Update Mechanism | <--- Keeps virus definitions up-to-date
+---------------------+

Q10. WHAT is penetration testing ? what is public key interface.

ANS. What is Penetration Testing?

Penetration testing (also known as pen testing) is the practice of simulating a cyberattack
on a system, network, or application to identify vulnerabilities that could be exploited by
attackers. The goal is to find weaknesses before malicious hackers can exploit them.

• Types: Black-box, White-box, and Grey-box testing.

 • Purpose: To evaluate security measures, discover vulnerabilities, and improve
defenses.

What is Public Key Infrastructure (PKI)?

Public Key Infrastructure (PKI) is a framework that uses cryptographic key pairs (public
and private keys) to enable secure communication and authentication.

• Public Key: Shared openly, used to encrypt data or verify a signature.

• Private Key: Kept secret, used to decrypt data or create a digital signature.
• Components: Includes certificates, certificate authorities (CAs), and digital
signatures to ensure secure, trusted communications over networks.

PKI is commonly used for SSL/TLS encryption, email encryption, and digital signatures.

Q11. WHAT Are the advantage of ecommerce ? what is fire wall.

ANS. Advantages of E-commerce:

1. Global Reach: Enables businesses to reach a global audience, expanding their

market beyond local boundaries.
2. Convenience: 24/7 access for customers to browse, shop, and make payments
anytime, anywhere.
3. Lower Operational Costs: Reduces the need for physical stores and staff, leading
to cost savings.
4. Personalized Experience: Uses customer data to offer personalized product
recommendations and promotions.
5. Wider Product Range: Allows businesses to offer a broader selection of products
compared to physical stores.
6. Easy Payment Options: Multiple secure payment methods (credit cards, digital
wallets) make transactions easier.
7. Scalability: Easier to scale operations without the need for significant physical
infrastructure.
What is a Firewall?

A firewall is a security system designed to monitor and control incoming and outgoing
network traffic based on predefined security rules. It acts as a barrier between a trusted
internal network and untrusted external networks (like the internet).

• Types: Hardware firewall, software firewall, and cloud-based firewall.

• Functions:
o Traffic Filtering: Blocks unauthorized access.
o Monitoring: Tracks network traffic for suspicious activities.
o Protection: Prevents cyberattacks like hacking, malware, and viruses from
infiltrating a network.

Q12. WHAT is digital signature ? how its protects our information.

ANS. What is a Digital Signature?

A digital signature is a cryptographic technique used to verify the authenticity and integrity
of a digital message or document. It ensures that the message has not been altered and
confirms the identity of the sender.

• Created using: A private key, part of a public-private key pair.

• Verified using: The corresponding public key.

How It Protects Information:

1. Authentication: Confirms the identity of the sender, ensuring the message came
from the claimed source.
2. Integrity: Ensures that the message or document has not been altered in transit.
Any change would invalidate the signature.
3. Non-repudiation: Prevents the sender from denying their signature on the
document, providing legal proof of origin.

By using digital signatures, information is protected from tampering, impersonation, and

unauthorized access.

Q13. WHAT is hacking ? What are the difference type of hackers.

ANS. What is Hacking?

Hacking is the act of gaining unauthorized access to computer systems, networks, or

devices, often to exploit vulnerabilities, steal data, or cause damage.

Different Types of Hackers:

1. White Hat Hackers (Ethical Hackers):

a. Purpose: Perform authorized security tests to identify and fix vulnerabilities.
b. Role: Work for organizations to improve security.
2. Black Hat Hackers (Crackers):
a. Purpose: Engage in illegal activities for personal gain, such as stealing data
or causing harm.
b. Role: Typically involved in cybercrime.
3. Grey Hat Hackers:
a. Purpose: Operate between ethical and malicious hacking. They may
discover vulnerabilities without permission but report them.
b. Role: Sometimes act without authorization but with no malicious intent.
4. Red Hat Hackers:
a. Purpose: Similar to white hats but take a more aggressive approach to stop
black hats, often using offensive methods.
b. Role: Typically work outside the law but for the public good.
5. Hacktivists:
a. Purpose: Use hacking for political or social activism, often to make a
statement or protest.
b. Role: Typically target government, corporate, or institutional sites.
6. Script Kiddies:
a. Purpose: Inexperienced hackers who use pre-written scripts or tools to carry
out attacks, often without fully understanding the techniques.
b. Role: Typically engage in cyberattacks for fun or to cause disruption.

Each type of hacker differs in intent, methods, and legality, ranging from ethical
professionals to malicious criminals.