Question Bank & Solutions

(1st/2nd Semester 2024-25)

Introduction to IT Systems
UNIT-5: Information Security Best Practice(SET-1)
Short Questions With Answers(02 Marks Each)
1. What is the difference between Data & Information ?
Ans: Data refers to collection of basic facts and figures. It is generally raw information
that simply includes name, basic numbers or texts. In computers, it may be in the form
of different types of files, such as images, text, graphics, and videos.
Information is data that has been processed and organized in order to provide a
meaningful output from raw data.
Example. The Name, Date of birth, contact number of a student are data, but if we have
to find out the list of students whose age is more than 18 years that is known as
information.

2. What do you mean by Information Security ?

Ans: Information security is defined as the process or techniques used to protect our
sensitive information from unauthorized access. It aims to ensure the confidentiality,
integrity, and availability of data, whether it is stored or during transmission over
internet.

3. Define Virus, how it is different from worms ?

Ans:
 A computer virus is a software program that has been intentionally created to
make harm to a computer system.
 It can corrupt data, delete data, copy & destroy data on an individual computer.
 It has the ability to replicate (making its duplicate copy automatically) itself.
 It can be spared from one computer to another through internet, network,
storage devices and affects all the programs, memory of computer.

Worms: A worm is technically not a virus but a program very similar to a virus. It has
the ability to self-replicate causes harm to a system. It can be executed without the
help of any other program.

4. Write various steps to be followed in order to prevent your system

from virus ?
Ans:
 Don’t allow CD & pen drive without scanning.
 Always install suitable antivirus software.
 Don’t visit website which are not reputed.
 Don’t open unknown mail or links.
  Always download files from trusted websites.
 Make a habit to keep backup of your important files.

5. What are the symptoms to know the presence of virus in your system ?
Ans:
 Your system becomes very slow.
 System terminates abnormally.
 Showing problem while booting.
 Showing insufficient memory or memory full even you have fewer amounts of
data.
 Showing unexpected performance while working.

6. Write the name of some popular Antivirus software ?

Ans:
Ex. Norton, MacAfee, Kaspersky, e-trust, PC-clean, Microsoft security essential, Quick
heal etc.

7. What is Firewall ?
A firewall is a network security system that monitors and controls incoming and
outgoing network traffic based on predetermined security rules. It acts as a barrier
between a trusted network (like your home or office network) and an untrusted
network (like the internet).
Benefits of using a firewall:
 Protection against unauthorized access:
 Blocking malicious traffic:
 Protecting sensitive data:
 Enhancing network security

8. What is VPN ?
Ans: VPN stands for Virtual Private Network, it is a technology that creates a secure,
encrypted connection over a less secure network, such as the internet. It works by
creating a private tunnel between your device and a VPN server, masking your IP
address and encrypting your internet traffic.

9. What is IP spoofing ?
Ans:IP spoofing is a technique where an attacker disguises the source IP address of a
network packet to trick a target system into believing the packet originated from a
legitimate source. This allows the attacker to bypass security measures and potentially
launch malicious attacks.

10. What is Phishing and how it works?

Ans:
 Phishing is a type of cyberattack where attackers use fraudulent emails, text messages,
phone calls, or websites to trick individuals into revealing sensitive information, such as
passwords, credit card numbers, or social security numbers.
Common Phishing Techniques:
Email Phishing: The most common type, where attackers send fraudulent emails.
Smishing: Phishing attacks via SMS messages.
Vishing: Phishing attacks through voice calls.
Spear Phishing: Targeted attacks aimed at specific individuals or organizations.
Whaling: High-profile phishing attacks targeting executives or celebrities.
11. Difference between data encryption and decryption ?
 Encryption and Decryption are two fundamental processes in cybersecurity, used
to protect sensitive information from unauthorized access.
 Encryption is the process of converting plain text (readable data) into ciphertext
(unreadable data) using a specific algorithm and a key. This scrambled ciphertext
can only be understood by someone who possesses the correct decryption key.
 Decryption is the reverse process of encryption. It involves using the decryption
key to convert the ciphertext back into its original plaintext form.

12. What are the safety measures to be taken while doing online
transaction?
Ans:
Here are some safety measures to take while doing online transactions:
 Official Website: Always access your bank's official website directly from your
browser's address bar. Avoid clicking on links in emails or texts. Always check
(https://).
 Beware of Phishing Attempts: Be wary of emails or calls requesting personal
information. Your bank will never ask for sensitive details via email or phone.
 Secure Wi-Fi: Avoid using public Wi-Fi networks for online transactions. If you
must, use a VPN to encrypt your connection.
 Strong Passwords: Create strong, unique passwords for each online account.
Avoid using easily guessable information.
 Use Two-Factor Authentication (2FA): Enable 2FA whenever possible to add an
extra layer of security.

13.what are the safety measures to be taken while doing online shopping ?
Ans:
Here are some safety measures to take while doing online shopping:
 Secure Websites: Only shop from trusted website or on websites with a secure
connection (https://). Look for the padlock symbol in the address bar.
 Trusted Sellers: Choose reputable online retailers with good reviews and
customer feedback.
 Payment Security: Use trusted payment methods. In case of any doubt, always
purchase products on cash on delivery.
  Secure Wi-Fi: Avoid using public Wi-Fi networks for online transactions. If you
must, use a VPN to encrypt your connection.
 Keep Software Updated: Regularly update your operating system and security
software to protect against vulnerabilities.
 Beware of Phishing: Be cautious of suspicious emails, texts, or calls. Never share
personal information with unsolicited requests.

14.what are the safety measures to be followed while using public

computer.
Here are some safety measures that should be followed:
 Avoid Financial Transaction: Always avoid financial transactions while using
public computers.
 Avoid Sensitive Information: Never enter sensitive information like passwords,
credit card numbers, or social security numbers on a public computer.
 Log Out of Accounts: Always log out of all accounts, including email, social media,
and online banking, before leaving the computer.
 Clear Your Tracks: After using the computer, clear your browsing history, cookies,
and temporary internet files.
 Proper scanning of removable devices: After completion of your works eject your
storage devices and scan properly before using again in another computer.

15. What are different tools and techniques used to protect your
computer from information threats.
The tools and techniques used to protect your computer from information
threats are Firewall, Antivirus software, VPN, Backup, Cryptography, Digital
signature, Authorization, Authentication etc.

16. Write down different ways through which malware can approach your
system?
Ans:
Malwares can approach your system any one of the following ways.
 When we download directly from some untrusted link/ website.
 By email from unknown link
 Corrupted storage/ removable devices
 Unsecure WIFI
 By Network propagation etc.

17.What is Cookies in Internet browsing?

Ans: Cookies are used to store a website information about the user internet
browsing on computer. It is a small text file which will remember the details about
your preferences, login information, website visited and other information and helps
the user in subsequent browsing.
18.What are information security goal?
 Ans: Confidentiality, Integrity, Availability.

19.What is Malware?
Ans: Malware is short for malicious software and is used as a single term to refer to
viruses; Trojans, horses, worms, Spywares etc.

20.What is digital foot print?

Ans: All the information online about a person that is stored online.
21.What is instant messaging?
Ans: Instant messaging network provides the ability to not only transfer text messages
but also the transfer of files. Instant Message can transfer malware & other programs.

22.what is USB and write the name of two USB storage media ?
Ans: USB (Universal Serial Bus) is a standard for connecting and transferring data
between computers and electronic devices. It also provides a power supply to devices.
USB ports are widely used for connecting peripherals such as keyboards, mice, printers,
and storage devices.

Two examples of USB storage media are: Pen Drive, Media card

23.Write down four removable information storage media?

Ans: CD-RW, DVD-RW,Digital Camera,MP3 player, Pen drive, Blue Ray Disk etc.

24.How to make strong password ?

Ans: Create a strong password with minimum length of ideally 10 characters and
comprising of a mix of alphabets, numbers and special characters/Symbol.
25:What is ATM?
Ans: ATM stands for automated teller machine and it is an electro-mechanical machines
adopted by the international community for banking transactions in the present digital
era.
 Long Questions & Answers(05 Marks Each)
1. Write down details about different Information Security Goals?
Ans:There are three main goals protected by information security, collectively known as
CIA triads.
Confidentiality: This feature indicates that authorized users should be allowed to access
data or computer systems, it prevents unauthorized users from the disclosure of data
hence protect the privacy of information. Confidentiality is maintained through access
control mechanisms.
Integrity: Integrity means data in a computer system should not be modified without
authorization. It ensures the authenticity and accuracy of information. Integrity is
achieved by imposing restrictions to modify the data. Users having permission to edit
can only make changes.
Availability: It ensures that information should be available, whenever required. A
legitimate user reliably accesses demanded information with this attribute of
information. For an ideal information system, it should avoid any kind of service
disruption like power failure, hardware failure, etc. Continuity of access procedures,
scheduled backups, regular maintenance is useful to achieve this attribute.
In addition to the above, there are two more principles, authenticity and non-
repudiation.
Authenticity ensures that only legitimate users can have access to the system resources.
It is done via confirming their identities before granting any system resources to them.
User name, password, email, biometrics, etc. is used to achieve authenticity.
Non-repudiation principle ensures that the sender of data is provided with proof of
delivery and the recipient is provided with proof of the sender's identity, so neither
party can deny sending, receiving, or accessing the data.

2. What is Malware, write different forms of malware?

Ans:These are the software created intentionally to fulfil different malicious activities
like corrupt data, delete data, copy & destroy user data on an individual computer. Some
malware is as under:
Virus: It is a computer program that replicates and attaches itself to another computer
program to infect the computer system. Viruses can affect the working of CPU, personal
files, computer systems, etc.
Ex. MyDoom, ILOVEYOU, Slammer, Stuxnet etc.
Worm: It is a software program capable of spread itself orom one system to another
oner network and internet to create harm on a computer system. It is capable of infects
many more computers in a very short period.
Ex. ILOVEYOU, Code Red, Explorer.zip, Love Bug, W32.Nimda, and W32.
 Ransomware: It prevents the user to access their operating system, or certain
applications, or any data by encrypting their data. Hackers demand money from victims
to decrypt their files. The motive behind ransomware attacks is monetary.
Ex. Crypto Locker, Conti, WannaCry etc.
Trojan: It is a malware that appears to have normal functionality but in reality, its
malicious activity creates backdoors entry into the target computer.
Ex. Flame, Banker, Downloader, Zeus, and Beast are an example of some popular trojans.

Spyware: A malware that spy the user's information with the aim to harm them.
E.g., cookies on webpages and keyloggers can log everything including your credentials.
Adware: It is malware that is designed to create revenue for its developers. It is also
termed advertising-supported software. It tracks user's behaviour and sells out that
information to interested third parties. To avoid adware, use an adblocker.
Keyloggers: A spyware that is designed for stealing the data via recording the keystrokes
pressed by the user on their keyboard. An attacker may track your typing in a real-time
manner or afterward via a file used to store the keystrokes.
Ex. Computer Spy, Kidlogger, syprix are some examples of keyloggers.
Sweepers: These are programs to wipe out data from the targeted machines.
Backdoor: If malicious users gain access to the system, they can install a program, used
to create another way (backdoor) to enter into the system. The purpose is to gain
unauthorized access to the system.
Ex. Deep Throat, Portal of Doom, Subseven, NetBus are some popular backdoors.

3. Explain different types of Social Engineering Attacks?

Ans:The people can be tricked or psychologically manipulated with help of technology to
take some actions or divulge confidential information. Some popular attack is as under:
Phishing: It is one of the common types of social engineering scams. The hacker typically
sends an email or text to the target, seeking information that might help with a more
significant crime. For example, a hacker might send emails that appear to come from a
source trusted by the victim. That source might be a bank, for instance, asking email
recipients to click on a link to log in to their accounts. Those who click on the link,
though, are taken to a fake website that, like the email, appears to be legitimate. If they
log in at that fake site, they are essentially handing over their login credentials and giving
the crook access to their bank accounts
Vishing: It is the voice version of phishing. “V” stands for voice, but otherwise, the scam
attempt is the same. The hacker uses the phone to trick a victim into handing over
valuable information. For example, a hacker might call an officer, posing as a
government officer. The hacker might prevail upon the victim to provide login
credentials or other information that could be used to target the Organization.
 Smishing: It is the text version of phishing which is an acronym for SMS phishing. Here
the hacker sends some link via SMS to the targeted users.
Baiting: In such a scam a USB drive or other electronic media is preloaded with malware
and supplied to users. When a user plugs this device into their system, malware will
enable hackers to hack your computer.
Quid pro quo scam: It is another type of social engineering attack that involves an
exchange as I give you this, and you give me that. Hackers make the victim believe as a
fair exchange, but that's far from the case, as the cheat always comes out on top.
For example, a hacker may call a target, pretending to be an IT support technician. The
victim might hand over the login credentials to their computer, thinking they are
receiving technical support in return. Instead, the hacker can now take control of the
victim's computer, loading it with malware or, perhaps, stealing personal information
from the computer to commit identity theft.

4. Explain different types of Network Threats?

Ans:
Sniffers: Sniffers are programs to monitor network traffic via tracing network packets.
These can be used to gather important information which will be helpful in the attack.
Windump, tcpdum, wireshark are some examples of sniffers.
Botnet: A infected device is termed as the compromised device. When a group of such
compromised devices (zombies) are under the control of some malicious user then the
user can use this network of zombies to attack other systems. Such a zombie network is
termed a botnet.
Pharming: Pharming is a process of illegal installation of malware on a computer or a
network. Man-in-the-middle (MitM) attack: Such an attack happens due to insecure
communication. In such a cyberattack an attacker relay or possibly alter the ongoing
communication between sender and receiver without their knowledge. An attacker can
intercept requests and responses and hence become able to read the contents between
the sender and receiver. There are various types of MitM attacks as under:
IP spoofing: IP spoofing is the creation of Internet Protocol (IP) packets that have a
modified source address to either hide the identity of the sender, impersonate another
computer system or both. It is a technique often used by bad actors to invoke DDoS
attacks against a target device or the surrounding infrastructure.
Session hijacking: A session between the user and the server can be hijacked by the
attacker. Some of the methods used in this regard are session fixing and session
prediction. Here, usually, a valid session between the user and server is taken over by
the attacker.
Distributed denial of service (DDoS): DDoS attacks occur when attackers overload
servers or resources with requests. Attackers can perform these attacks manually or
through botnets, networks of compromised devices used to distribute request sources.
The purpose of a DDoS attack is to prevent users from accessing services or to distract
security teams while other attacks occur.
5. Explain different Techniques used for Combating Information Security
Threats ?
Ans:These are the following technologies used to protect our information from hacker.
Firewall:
A firewall is a dedicated device, or a computer, that monitors network traffic
passing through it and allows routes to be rejected or approved based on rules. It is
software or hardware that is usually placed between a secure network and an
unsecured network, and it acts as a gateway that ensures that nothing private and
malicious things can go out. is not coming in.
Data Backup:
Data backup is the process of creating copies or duplicating the data. Data
backup strategy is very common and useful in case of loss, deletion, or corruption of
our data. It restores us work till last taken backup. Data backup keeps us capable of
maintaining the integrity and availability goal of information security. Backup can be
taken in three ways: incremental backup, differential backup, and full back up.
Virtual Private Network (VPN):
The virtual private network is a network that is constructed by using public wires
(usually the Internet) to connect to a private network, such as a company's internal
network. Many systems enable the creation of networks using the Internet as the
medium for transporting data. These systems use encryption and other security
mechanisms to ensure that only authorized users can access the network and that the
data cannot be intercepted.
Encryption:
Plain data can be converted into a nonreadable format by applying some
techniques. Encryption is such technique that disguises plain text to hide the actual
data for the sake of achieving security. Cryptographic encryption techniques are used to
protect the data and enforce confidentiality during its transmission and storage.
Anti-Virus Software:
Anti-virus software not only protects & clean user from malware infection but it
provides safety from several other attacks and keeps our information safe.
Some popular anti-virus software are Symantec Norton Anti-Virus, MacAfee
Anti-Virus, Kaspersky Anti-Virus, Bitdefender Anti-Virus Plus, Avg Anti-Virus, Quick Heal,
etc.
Intrusion Detection System (IDS):
 IDS contains various tools for real-time monitoring of inbound and outbound
traffic in suspect of threats. IDS system alerts the user in case of any fraudulent traffic
approaches to our system.
Intrusion Prevention System (IPS):
IPS security solutions are advanced systems, these not only detect the
fraudulent traffic source but prevent our system from their attack by blocking requests
or ending user sessions. Mostly IDS and IPS are often used together. In IPS various rules
and policies are created for incoming and outgoing packets. Policies check the packet
information and depending on the traffic rule action to allow or deny is issued.

6. What is Phishing and how it works?

Ans:Phishing is a type of cyberattack where attackers use fraudulent emails, text
messages, phone calls, or websites to trick individuals into revealing sensitive
information, such as passwords, credit card numbers, or social security numbers.

How Phishing Works:

Impersonation: Attackers pose as legitimate organizations like banks, social media

platforms, or government agencies.
Deceptive Messages: They send messages that create a sense of urgency or fear, urging
recipients to take immediate action.
Malicious Links or Attachments: The messages often contain malicious links or
attachments that, when clicked or downloaded, can infect devices with malware.
Data Theft: Once victims fall for the deception, they may unknowingly provide their
personal information to the attackers.

Common Phishing Techniques:

Email Phishing: The most common type, where attackers send fraudulent emails.
Smishing: Phishing attacks via SMS messages.
Vishing: Phishing attacks through voice calls.
Spear Phishing: Targeted attacks aimed at specific individuals or organizations.
Whaling: High-profile phishing attacks targeting executives or celebrities.

How to Protect Yourself from Phishing:

Be Skeptical: Always be cautious of unsolicited emails, texts, or calls.

Verify the Sender: Double-check the sender's email address and look for any spelling
errors or suspicious domains.
Avoid Clicking Suspicious Links: Hover over links to see the actual URL before clicking.
Use Strong Passwords: Create unique, strong passwords for each account.
Enable Two-Factor Authentication: Add an extra layer of security to your accounts.
Keep Software Updated: Install security updates promptly to protect against
vulnerabilities.
Use Phishing Detection Tools: Employ tools that can identify and block phishing
attempts.
7. Write down some Information security best practice techniques?
Ans: In order to save our valuable Information, we have to careful ourselves by doing
some best practices as per the guideline issued by Govt. of India as follows.
General Computer Usage
1. All the work should be strictly carried out only on a personal computer/ Laptop that is
not connected to the internet.
2. Create strong passwords for login and the computer lock automatically when it will be
ideal for more than 2 minutes.
3. Computers should be protected using trusted Antivirus software.
4. Always Install and purchase software from trusted agencies.
5. Always scan and take care while using removable devices like USB drives, external
hard drives, and even smartphones.
6. Back up your important files at regular intervals to avoid unexpected loss.
General Internet Browsing
1. Always be careful when clicking on links or downloading, download only from secured
site that starts with "https" sign with a green padlock icon in the browser address bar to
verify that site is secure.
2. Use a web browser that has been permitted by your organization.
3. Always use an updated web browser for browsing.
4. The "Save password" option prompted by the browser should not be selected. Don't
save account information, such as passwords or credit card information in web browsers,
5. Enable multi-factor authentication (MFA) to all possible online accounts and services.
It is used to verify your identity via a separate channel.
6. Make a habit of clearing history from the browser after each logout session.
Password Management
1. Create a strong password with a minimum length of ideally 10 characters and
comprising of a mix of alphabets, numbers, and characters.
2. All passwords (e.g., email, computer, etc.) should be changed at least once every three
months. 3. Don't reuse old passwords.
Email Communication
1. Avoid downloading email attachments or clicking on suspicious links received in
emails from unknown or untrusted sources.
2. Avoid accessing official email accounts from public Wi-Fi connections,
3. Auto save of password for email accounts should not be enabled.
4. Logout from mail accounts after your work is done.
 Home Wi-Fi Network
1. Turn on WPA2 or higher encryption feature in wireless routers.
2. Change the default network device name & Password : Unauthorized users may be
familiar with the default Device name & passwords, so it is important to change the
router device's password.
3. Turn off your wireless router when not needed for any extended period.
Avoiding Social Engineering Attacks
1. Be careful to unsolicited phone calls, visits, or email messages from individuals asking
about personal or other Government information. If an unknown individual claim to be
from a legitimate organization, try to verify his or her identity directly with the company.
2. Avoid online conversations to strangers to be safe from Quid pro quo scams.
Smart Device (Smart Phone, Tabs, etc.)
1. Smart devices must not be used for sensitive telephonic conversation. The Wi-Fi and
blue- tooth should be kept in turned-off mode.
2. No free Apps should be loaded in the Smart device.
3. Turn off the applications which are not needed.
4. Be cautious with public Wi-Fi. To be safe, avoid logging into accounts, especially
financial accounts when using public wireless networks.
Online transaction
1. Official Website: Always access your bank's official website directly from your
browser's address bar. Avoid clicking on links in emails or texts. Always check (https://).
2. Use Two-Factor Authentication (2FA): Enable 2FA whenever possible to add an extra
layer of security.
3. Payment Security: Use trusted payment methods. In case of any doubt, always
purchase products on cash on delivery.
4. Beware of Phishing: Be cautious of suspicious emails, texts, or calls. Never share
personal information with unsolicited requests.