Cyber security Q&A by NovaSkillHub

"All Q&A banks and important updates related to NovaSkillHub will be shared directly on
our Instagram and Telegram!
Follow our Instagram page
https://www.instagram.com/novaskillhub60?igsh=aDF5ZnJtc2p6d3k=
Join our Telegram channel https://t.me/novaskillhub
Stay connected and don’t miss any update — everything will be available there!

UNIT 1: Information Security

2 Marks Questions

Q1. What is an Information System?

Ans:
An Information System (IS) is a combination of hardware, software, people, and processes
that collects, processes, stores, and distributes information to support decision-making and
control in an organization.

Q2. Name any two types of Information Systems.

Ans:

1. Transaction Processing Systems (TPS)

2. Management Information Systems (MIS)

Q3. Define Information Security.

Ans:
Information Security refers to protecting information and information systems from
unauthorized access, use, disclosure, disruption, modification, or destruction.

Q4. What is Information Assurance?

Ans:
Information Assurance is the practice of managing risks related to the use, processing,
storage, and transmission of information to ensure availability, integrity, authentication,
confidentiality, and non-repudiation.

Q5. What do you mean by Cyber Security?

Ans:
Cyber Security is the practice of protecting computers, servers, mobile devices, electronic
systems, networks, and data from malicious attacks.
Q6. What is Security Risk Analysis?
Ans:
Security Risk Analysis is the process of identifying and assessing security risks to protect
information systems from potential threats.

4 Marks Questions

Q1. Explain any four types of Information Systems.

Ans:
The main types of Information Systems are:

1. Transaction Processing Systems (TPS): Handle routine transactions efficiently and

accurately, like sales processing and payroll systems.

2. Management Information Systems (MIS): Provide reports and summaries to support

middle management decisions.

3. Decision Support Systems (DSS): Help managers in making complex decisions by

analyzing large data.

4. Executive Information Systems (EIS): Provide top-level executives with easy access to
internal and external information for strategic decisions.

Q2. What are the major threats to Information Systems?

Ans:
Threats include:

• Malware attacks: Viruses, worms, ransomware.

• Phishing attacks: Deceptive attempts to obtain sensitive information.

• Hacking: Unauthorized access to systems.

• Natural disasters: Earthquakes, floods damaging infrastructure.

• Insider threats: Employees misusing access rights.

Q3. Describe the Need for Information Security.

Ans:

• To protect sensitive and confidential data.

• To ensure the smooth functioning of businesses.

 • To comply with legal and regulatory requirements.

• To maintain customer trust and business reputation.

• To prevent financial loss due to cyber attacks.

Q4. What is the Development Life Cycle of Information Systems?

Ans:

• Planning: Identifying the need for a new system.

• Analysis: Understanding user requirements.

• Design: Structuring the system layout and components.

• Implementation: Building and deploying the system.

• Maintenance: Regular updates and fixes post-deployment.

5 Marks Questions

Q1. Explain in detail the Introduction and Types of Information Systems.

Ans:
An Information System (IS) is an integrated set of components for collecting, storing, and
processing data and delivering information, knowledge, and digital products. Businesses rely
on information systems to carry out and manage their operations, interact with customers
and suppliers, and compete in the marketplace.

Types of Information Systems:

1. Transaction Processing Systems (TPS):

o Designed to handle large amounts of routine transactions.

o Example: Order processing, payroll systems.

2. Management Information Systems (MIS):

o Help middle managers monitor and control the business by providing regular
reports on operations.

o Example: Sales management systems, inventory control.

3. Decision Support Systems (DSS):

o Assist in decision-making by providing interactive information support.

o Example: Budget planning tools, marketing analysis systems.

4. Executive Information Systems (EIS):

 o Provide top executives with immediate and easy access to internal and
external information to assist in strategic decision-making.

o Example: Dashboard reports showing performance indicators.

5. Office Automation Systems (OAS):

o Improve the productivity of office workers by supporting daily work activities.

o Example: Microsoft Office, email, scheduling tools.

These systems are essential for organizations to function efficiently and to gain a competitive
advantage.

Q2. Explain Threats to Information Systems and Security Risk Analysis.

Ans:
Information Systems are vulnerable to various threats that can cause serious damage to
businesses, individuals, and governments.

Common Threats to Information Systems:

• Malware: Software designed to harm or exploit devices, services, or networks.

• Phishing: Attempt to acquire sensitive information by impersonating trustworthy

entities.

• Hacking: Unauthorized access to data and systems.

• Natural Disasters: Floods, earthquakes causing loss of infrastructure.

• Insider Threats: Employees misusing or leaking confidential information.

Security Risk Analysis:

Security Risk Analysis is a method of identifying, assessing, and mitigating risks to
information assets. It involves:

1. Identifying critical assets and their value.

2. Recognizing threats and vulnerabilities.

3. Assessing the potential impact of different threats.

4. Prioritizing risks based on likelihood and impact.

5. Implementing controls to reduce risks.

Effective risk analysis helps in better security planning and ensures that the organization's
information assets are well protected.

Q3. Discuss the Need for Information Security and the Role of Cyber Security.
Ans:
The growing dependence on technology has made organizations and individuals more
vulnerable to cyber threats. Therefore, information security has become crucial to:

• Protect Sensitive Data: Avoid unauthorized access and breaches.

• Ensure Privacy: Safeguard personal and corporate information.

• Support Business Continuity: Prevent business interruptions due to attacks.

• Maintain Reputation: Protect the organization's image and customer trust.

• Meet Legal Requirements: Compliance with laws like GDPR, HIPAA, etc.

Cyber Security acts as a shield against attacks on information systems. It involves

technologies, processes, and practices that defend networks, devices, and data from attack,
damage, or unauthorized access. Cyber security measures include:

• Installing firewalls and antivirus software.

• Using strong passwords and encryption.

• Conducting regular security audits.

• Training employees about cyber threats.

Without cyber security, organizations risk not just financial loss but also legal penalties and
brand damage.

UNIT 2: Systems Vulnerability Scanning

2 Marks Questions

Q1. What is vulnerability scanning?

Ans:
Vulnerability scanning is the process of identifying security weaknesses and vulnerabilities in
a system, network, or application.

Q2. What is an open port?

Ans:
An open port is a network port that is actively accepting connections or data, which can
potentially be exploited by attackers.

Q3. What is Banner Grabbing?

Ans:
Banner grabbing is a technique used to gather information about a service running on an
open port, such as the software version and operating system.

Q4. Name two network reconnaissance tools.

Ans:

• Nmap

• Netcat

Q5. What is Wireshark used for?

Ans:
Wireshark is a network sniffer tool used to capture and analyze network traffic in real-time.

4 Marks Questions

Q1. What are the steps involved in vulnerability scanning?

Ans:
The steps include:

• Identifying active devices on the network.

• Detecting open ports and services.

• Gathering service banners and version information.

• Probing for known vulnerabilities.

• Generating a report of discovered vulnerabilities for mitigation.

Q2. Explain open port/service identification and banner/version check.

Ans:

• Open Port/Service Identification: Involves scanning devices to find network ports

that are open and listening for incoming connections. Open ports can indicate which
services are running and their potential vulnerabilities.

• Banner/Version Check: After identifying open ports, banner grabbing is used to

collect information about the software version and type running on that port. This
helps in matching with known vulnerabilities.

Q3. Write a short note on Netcat and its uses.

Ans:
Netcat is a powerful networking utility used for reading from and writing to network
connections.
Uses:

• Creating TCP or UDP connections.

• Port scanning.

• Banner grabbing.

• Setting up a simple server or backdoor for penetration testing.

Q4. What is network reconnaissance and why is it important?

Ans:
Network reconnaissance is the process of gathering information about network systems,
services, and devices to find potential entry points. It is important because it helps attackers
(or security testers) understand the network structure and identify vulnerabilities before
launching an attack.

5 Marks Questions

Q1. Explain the Overview of Vulnerability Scanning and its Key Techniques.

Ans:
Vulnerability scanning is a key security technique used to identify weaknesses in systems,
networks, or applications that could be exploited by attackers. It is an automated process
that continuously monitors the environment to detect vulnerabilities such as unpatched
software, misconfigurations, and open ports.

Key Techniques involved:

1. Open Port/Service Identification:

o Scanning the system to find ports that are open and listening for connections.

o Open ports reveal running services that can be entry points for attackers.

2. Banner/Version Check:

o Gathering detailed information about the software version running on a

service.

o Older versions often have known vulnerabilities which can be exploited.

3. Traffic Probe:
 o Sending specially crafted packets to the target system to study how it
responds.

o Helps identify anomalies that could hint at vulnerabilities.

4. Vulnerability Probe:

o Actively attempting to exploit known vulnerabilities to confirm their

existence.

o Careful handling is required to avoid system crashes.

Importance of Vulnerability Scanning:

• Prevents cyber attacks by identifying weaknesses early.

• Helps in regulatory compliance like PCI-DSS, HIPAA.

• Improves overall system resilience.

Thus, vulnerability scanning plays a critical role in maintaining a strong security posture.

Q2. Discuss Network Vulnerability Scanning with Netcat, Port, and Service Tools.

Ans:
Network vulnerability scanning focuses on finding weaknesses in network devices, servers,
and services. Specialized tools like Netcat are used to detect and analyze open ports and
services.

Netcat (nc):

• Often called the "Swiss army knife" of networking tools.

• Allows users to connect to or listen on network ports.

• Helps in port scanning, data transfer, banner grabbing, and setting up simple servers.

Understanding Ports and Services Tools:

• Ports are endpoints for communication; each service listens on a specific port.

• Tools like Netcat and Nmap help to:

o Identify which ports are open.

o Find which services are running on those ports.

o Discover potential security holes like outdated services.

Example:
Using Netcat, a security analyst can scan a target IP to find open ports and then grab
banners to check the software version, helping identify vulnerable services.

Thus, network vulnerability scanning is an essential task for maintaining network security.

Q3. Explain Network Reconnaissance using Nmap and the Role of Network Sniffers like
Wireshark.

Ans:
Network Reconnaissance:
Network reconnaissance is the process of gathering detailed information about the
structure, devices, and services of a network to plan potential attacks or defensive
strategies.

Nmap (Network Mapper):

• Nmap is a powerful open-source tool used for network discovery and security
auditing.

• It can detect live hosts, open ports, running services, and operating systems.

• Features like OS fingerprinting, version detection, and scriptable interaction with the
target make it highly useful for reconnaissance.

Network Sniffers like Wireshark:

• Wireshark is a popular tool used to capture and analyze network traffic.

• It helps in:

o Identifying abnormal network behavior.

o Detecting sensitive information being transmitted unencrypted.

o Troubleshooting network problems.

Use Case:

• A penetration tester uses Nmap to discover all devices on a network and open ports.

• Then, uses Wireshark to analyze the traffic and detect weaknesses like unencrypted
credentials being transmitted.

Thus, combining reconnaissance tools like Nmap and Wireshark provides a complete view of
the network’s vulnerabilities and strengthens the overall security posture.
UNIT 3: Network Defense Tools
2 Marks Questions

Q1. What is a firewall?

Ans:
A firewall is a network security device that monitors and controls incoming and outgoing
network traffic based on predefined security rules.

Q2. What is the difference between a packet filter and a firewall?

Ans:
A packet filter inspects individual packets without keeping track of the connection state,
whereas a firewall can monitor entire sessions and enforce complex security policies.

Q3. Define Network Address Translation (NAT).

Ans:
NAT is the process of modifying IP address information in IP packet headers while in transit,
allowing multiple devices to share a single public IP address.

Q4. What is Port Forwarding?

Ans:
Port Forwarding is a technique used to redirect network traffic from one address and port
number combination to another while packets are traversing a network gateway.

Q5. What is Snort?

Ans:
Snort is an open-source Intrusion Detection System (IDS) capable of real-time traffic analysis
and packet logging to detect network intrusions.

4 Marks Questions

Q1. Explain Firewall Basics.

Ans:
A firewall acts as a barrier between trusted internal networks and untrusted external
networks like the Internet. It follows predefined rules to permit or block traffic. Firewalls can
be hardware-based, software-based, or a combination of both. They are critical for
maintaining a secure network perimeter and preventing unauthorized access.
Q2. Differentiate between Stateless and Stateful Firewalls.
Ans:

• Stateless Firewalls:

o Inspect each packet individually.

o Do not remember past traffic.

o Faster but less secure.

• Stateful Firewalls:

o Keep track of active connections.

o Understand the state of traffic (start, ongoing, or end).

o Provide more robust security but are slower.

Q3. Write a short note on Virtual Private Networks (VPNs).

Ans:
A VPN creates a secure, encrypted connection over a less secure network, like the internet.
It ensures that sensitive data is safely transmitted, hides the user's IP address, and provides
privacy and anonymity online. VPNs are widely used for secure remote access to
organizational resources.

Q4. What is the role of Linux and Windows Firewalls?

Ans:

• Linux Firewall (iptables/firewalld):

o Provides powerful and flexible packet filtering and NAT features.

o Commonly used in enterprise-grade servers.

• Windows Firewall:

o A built-in firewall for Microsoft Windows operating systems.

o Offers user-friendly configuration and protection against unauthorized

network access.

5 Marks Questions
Q1. Explain Firewall Basics and How Firewalls Protect a Network.

Ans:
A firewall is a crucial security device designed to prevent unauthorized access to or from a
private network. Firewalls can be hardware-based, software-based, or a combination of
both. They enforce security policies by filtering traffic based on IP addresses, domain names,
protocols, ports, and specific keywords.

How Firewalls Protect a Network:

• Traffic Monitoring: Analyze incoming and outgoing traffic to detect anomalies.

• Access Control: Allow or deny traffic based on security rules.

• Threat Prevention: Block access to malicious websites and prevent malware

communication.

• Segmentation: Separate different parts of a network to contain breaches.

• Logging and Reporting: Provide logs of suspicious activity to help in incident

response.

Firewalls are the first line of defense and critical in securing network infrastructure against
both internal and external threats.

Q2. Differentiate between Packet Filter vs Firewall and Explain Packet Characteristics to
Filter.

Ans:
Packet Filter vs Firewall:

• Packet Filter:

o Works at the network layer.

o Inspects each packet individually.

o No awareness of the session or connection.

o Faster but less intelligent.

• Firewall:

o Works at multiple layers (network, transport, application).

o Can inspect session state and track ongoing communications.

o More complex rules and deeper inspection capabilities.

Packet Characteristics to Filter:

When filtering packets, the following characteristics are considered:

• Source IP Address: Where the packet is coming from.

• Destination IP Address: Where the packet is going.

• Source Port: Port on the sending device.

• Destination Port: Port on the receiving device.

• Protocol Type: TCP, UDP, ICMP, etc.

• Packet Flags: Information about session management (e.g., SYN, ACK).

By analyzing these packet characteristics, firewalls and packet filters can accurately
determine whether to allow or deny network traffic.

Q3. Explain NAT, Port Forwarding, and the Basics of Virtual Private Networks (VPNs).

Ans:
Network Address Translation (NAT):
NAT is a method used to remap one IP address space into another by modifying the network
address information in IP packet headers. It allows multiple devices in a private network to
access the Internet using a single public IP address, enhancing security by hiding internal
network structures.

Port Forwarding:
Port Forwarding is a feature of NAT that forwards external traffic coming to a specific port to
a designated device inside the private network. It is commonly used to allow external
devices to access services such as web servers or gaming servers located within the internal
network.

Basics of Virtual Private Networks (VPNs):

VPNs create a secure "tunnel" between the user's device and the destination server. Data
transmitted through this tunnel is encrypted, ensuring confidentiality and security. VPNs
provide:

• Secure remote access.

• Protection against data interception.

• Anonymity by masking the user's IP address.

By combining NAT, Port Forwarding, and VPNs, organizations can secure their network
communications and provide access control effectively.
Q4. Discuss the Functionality of Linux Firewall, Windows Firewall, and Introduction to
Snort IDS.

Ans:
Linux Firewall:
Linux systems primarily use iptables or firewalld to manage network traffic. They provide
powerful control over:

• Allowing or blocking packets.

• Setting up NAT.

• Protecting Linux servers from unauthorized access. Firewall rules can be customized
extensively based on ports, IP addresses, and protocols.

Windows Firewall:
Windows Firewall is integrated into Windows operating systems. It offers:

• Simple graphical interface for configuration.

• Protection from external attacks.

• Ability to block inbound and outbound connections based on rules.

Snort (Intrusion Detection System):

Snort is a widely used open-source network intrusion detection system (NIDS). It can:

• Perform real-time traffic analysis.

• Detect and prevent network intrusions.

• Be used as an intrusion prevention system (IPS) by blocking detected threats. Snort

uses signature-based detection to recognize known threats and can also detect
anomalies.

Together, firewalls and IDS tools like Snort provide a layered security approach to defend
networks against various types of cyber threats.

UNIT 4: Introduction to Cyber Crime and Law

2 Marks Questions

Q1. Define Cyber Crime.

Ans:
Cyber crime refers to illegal activities carried out using computers, networks, or the Internet
as the primary tool for committing a crime.
Q2. What is Hacking?
Ans:
Hacking is the unauthorized access or manipulation of computer systems, networks, or data,
often violating security measures.

Q3. What are Attack Vectors?

Ans:
Attack vectors are the paths or methods hackers use to gain unauthorized access to
computers or networks, such as phishing, malware, and exploiting vulnerabilities.

Q4. Mention two types of Cyber Crimes.

Ans:

• Identity theft

• Cyberstalking

Q5. What is Digital Forensics?

Ans:
Digital forensics is the process of identifying, preserving, analyzing, and presenting digital
evidence in a legal context.

4 Marks Questions

Q1. Write a short note on Types of Cyber Crime.

Ans:
Types of cyber crime include:

• Hacking: Unauthorized access to computer systems.

• Identity Theft: Stealing personal information for fraudulent activities.

• Cyberstalking: Harassing individuals using electronic means.

• Phishing: Tricking individuals to disclose sensitive information via fake emails or

websites.

• Malware attacks: Using malicious software to disrupt or damage systems.

Q2. Explain Cyberspace and Criminal Behavior.
Ans:
Cyberspace is the virtual environment created by interconnected computers and networks.
Criminal behavior in cyberspace often mirrors traditional crimes but can be more
anonymous, faster, and borderless, making detection and prosecution difficult. Criminals
exploit the anonymity, speed, and reach provided by the Internet to commit offenses like
fraud, theft, and harassment.

Q3. What are Traditional Problems Associated with Computer Crime?

Ans:

• Jurisdiction issues: Crimes often cross national boundaries.

• Anonymity: Difficulty identifying criminals.

• Lack of physical evidence: Crimes are committed digitally, with limited physical
traces.

• Rapid technological change: Laws struggle to keep pace with advancements.

Q4. Briefly explain Incident Response.

Ans:
Incident Response is the organized approach to handling and managing the aftermath of a
security breach or cyber attack.
Steps include:

• Preparation

• Identification

• Containment

• Eradication

• Recovery

• Lessons learned

The aim is to limit damage and reduce recovery time and costs.

5 Marks Questions

Q1. Explain Cyber Crime, Types of Cyber Crime, and Hacking.

Ans:
Cyber Crime:
Cyber crime involves criminal activities that target computers, networks, or use them as a
tool to commit illegal acts. It ranges from financial fraud, data theft, cyberstalking, to hacking
and identity theft.

Types of Cyber Crime:

• Hacking: Unauthorized access to computer systems or networks.

• Identity Theft: Stealing personal information like credit card numbers for fraud.

• Phishing: Sending fake emails or websites to steal sensitive data.

• Malware attacks: Distribution of viruses, worms, ransomware, etc.

• Cyberstalking: Harassment or threatening behavior online.

Hacking:
Hacking is the process where cyber criminals exploit vulnerabilities in systems to gain
unauthorized access to data or control. Hackers may alter, steal, or destroy information.
Hacking can be ethical (for security testing) or malicious (for personal gain).

Cyber crime is a growing threat, requiring strong cyber laws and digital literacy among users
to combat it effectively.

Q2. What are Attack Vectors? Explain Clarification of Terms Related to Cyber Crime.

Ans:
Attack Vectors:
Attack vectors are techniques or pathways used by cyber criminals to infiltrate computer
systems or networks. Common attack vectors include:

• Phishing: Email scams tricking users into giving up credentials.

• Malware: Software designed to harm or exploit systems.

• Social Engineering: Manipulating individuals to disclose confidential information.

• Exploiting vulnerabilities: Taking advantage of software flaws.

Clarification of Terms:

• Hacker: Person who breaks into computers.

• Phishing: Deceptive method to collect personal info.

• Malware: Malicious software like viruses or spyware.

 • Trojan Horse: A program that appears legitimate but performs harmful actions.

Understanding these terms helps in recognizing and preventing cyber threats.

Q3. Discuss Traditional Problems Associated with Computer Crime and Incident Response.

Ans:
Traditional Problems:

• Anonymity: Cyber criminals can mask their identity, making it difficult to trace them.

• Jurisdiction: Cyber crimes often cross multiple legal regions, creating complications
in prosecution.

• Evidence Handling: Digital evidence can be easily destroyed or altered.

• Lack of Awareness: Victims often do not realize they have been attacked until
significant damage is done.

Incident Response: Incident Response is crucial for minimizing the damage of cyber attacks.
It involves:

• Preparation: Establishing policies and tools beforehand.

• Identification: Detecting a breach as early as possible.

• Containment: Limiting the spread of the breach.

• Eradication: Removing the threat from the system.

• Recovery: Restoring systems to normal operations.

• Post-Incident Analysis: Learning from the incident to improve defenses.

A proper incident response plan ensures that organizations can respond quickly and
effectively to cyber attacks.

Q4. Define Digital Forensics, Realms of the Cyber World, and History of the Internet.

Ans:
Digital Forensics:
Digital forensics involves the investigation of digital devices to find evidence related to cyber
crimes. It includes collecting, preserving, and analyzing data from computers, mobile
devices, and networks for use in court.

Realms of the Cyber World:

The cyber world is made up of:
 • Surface Web: Regular websites accessible to everyone.

• Deep Web: Private websites and data not indexed by search engines.

• Dark Web: Hidden part of the internet used often for illegal activities.

Brief History of the Internet:

• 1960s: ARPANET, the first network created by the U.S. Department of Defense.

• 1980s: Development of TCP/IP protocols.

• 1990s: The World Wide Web (WWW) was introduced, leading to a boom in internet
usage.

• Today: Internet is a global network connecting billions of devices.

Understanding these concepts helps in comprehending how cyber crime has evolved with
technology.

Q5. Recognize and Define Computer Crime, Contemporary Crimes, and the Indian IT Act
2000.

Ans:
Recognizing and Defining Computer Crime:
Computer crime refers to any illegal act that involves a computer as a tool, target, or both.
Crimes include hacking, spreading malware, cyberbullying, and financial theft.

Contemporary Crimes:

• Ransomware Attacks: Encrypting user files and demanding payment for decryption.

• Data Breaches: Unauthorized access to sensitive information.

• Online Fraud: Scams conducted over the internet.

Computers as Targets:
Cyber attacks often specifically target computers to steal, alter, or destroy data. Examples
include:

• Virus Attacks: Destroying data files.

• Denial of Service (DoS) Attacks: Making services unavailable.

Contaminants and Destruction of Data:

Data contamination involves inserting harmful code (viruses, worms) that corrupts or
destroys data, causing significant financial and operational loss.
Indian IT Act 2000:
The Information Technology Act, 2000 was passed to provide legal recognition to electronic
transactions and to curb cyber crimes. Key features:

• Legally recognizing digital signatures.

• Enabling e-commerce and online contracts.

• Defining cyber crimes and prescribing penalties.

The Act is the backbone of cyber law enforcement in India.

UNIT 5: Introduction to Cyber Crime Investigation

2 Marks Questions

Q1. What is Password Cracking?

Ans:
Password cracking is the process of recovering passwords from data stored or transmitted by
a computer system, often by guessing or using automated tools.

Q2. Define Keyloggers.

Ans:
Keyloggers are malicious programs or hardware devices that record every keystroke made by
a user to steal confidential information like passwords or credit card numbers.

Q3. What is Steganography?

Ans:
Steganography is the practice of hiding messages, files, or data within other harmless-
looking files like images, audio, or videos to avoid detection.

Q4. What is a DDoS attack?

Ans:
A Distributed Denial of Service (DDoS) attack floods a targeted server or network with
massive traffic from multiple systems, overwhelming it and disrupting normal operations.

Q5. What is a Trojan Horse?

Ans:
A Trojan horse is a type of malware disguised as legitimate software, which when executed,
gives unauthorized access or causes harm to the user's system.
4 Marks Questions

Q1. Explain Virus and Worms with examples.

Ans:

• Virus:
A virus is a malicious program that attaches itself to a legitimate file or program and
spreads when the file or program is executed. Example: ILOVEYOU virus.

• Worm:
A worm is a standalone malware that replicates itself to spread to other computers
without human intervention. Example: Mydoom worm.

Both cause data loss, system slowdowns, and can open the door for other attacks.

Q2. Differentiate between DOS and DDOS attacks.

Ans:

• DOS (Denial of Service):

o Attack from a single system targeting a server or network.

o Aim is to make services unavailable.

• DDOS (Distributed Denial of Service):

o Attack from multiple systems simultaneously.

o Much more difficult to defend against.

Both attacks overwhelm systems, disrupt services, and cause financial loss.

Q3. What is SQL Injection?

Ans:
SQL Injection is a web security vulnerability that allows an attacker to interfere with the
queries that an application makes to its database. By inserting malicious SQL code, attackers
can:

• Retrieve unauthorized data

• Modify or delete data

• Execute administrative operations

• Bypass application security measures

Q4. Write a short note on Attack on Wireless Networks.
Ans:
Wireless networks are prone to attacks due to the open nature of radio waves.
Common wireless attacks include:

• Eavesdropping: Intercepting communication.

• Rogue Access Points: Unauthorized APs set up by attackers.

• Man-in-the-Middle Attacks: Intercepting communication between two devices.

• Wi-Fi Phishing: Creating fake hotspots to steal user data.

Proper encryption (WPA3) and strong passwords can mitigate these risks.

5 Marks Questions

Q1. Explain Password Cracking, Keyloggers, and Spyware.

Ans:
Password Cracking:
Password cracking refers to the methods used to discover passwords by brute force,
dictionary attacks, or exploiting weaknesses in password storage. Tools like John the Ripper
and Hydra are commonly used. Attackers aim to gain unauthorized access to systems or
accounts.

Keyloggers:
Keyloggers record every keystroke typed on a computer. They can be software or hardware-
based. Once installed, they collect usernames, passwords, and confidential data without the
user's knowledge.

Spyware:
Spyware secretly gathers user information and transmits it to external parties without
consent. It monitors browsing habits, collects sensitive data, and may slow down the system.
Spyware often comes bundled with free software or downloads.

Together, these techniques are major threats to cybersecurity and personal privacy.

Q2. Describe Virus, Worms, Trojans, and Backdoors.

Ans:
Virus:
A virus is a malicious code that attaches itself to a host program and spreads when the
program is executed. It can corrupt data, reformat hard drives, or crash systems.
Worms:
Unlike viruses, worms are standalone programs that replicate themselves and spread
independently. They often cause network congestion and resource depletion.

Trojans:
A Trojan horse appears as a useful program but carries malicious code inside. Trojans can
create backdoors, enabling attackers to control infected systems remotely.

Backdoors:
Backdoors are hidden entry points into software or systems, bypassing normal
authentication. Hackers use backdoors to maintain unauthorized access long after the
system is compromised.

These malware types form the core arsenal for cyber attackers and must be defended
against with strong antivirus measures and vigilant system monitoring.

Q3. What is Steganography? Explain DOS and DDOS Attacks.

Ans:
Steganography:
Steganography is the art of hiding secret information within an ordinary, non-secret file or
message. Examples include embedding messages in image pixels or audio files. It differs
from encryption, as the existence of the hidden message is concealed, not just its contents.

DOS Attack:
In a Denial of Service (DoS) attack, the attacker floods the target server with overwhelming
traffic from a single source, making the service unavailable to legitimate users.

DDOS Attack:
Distributed Denial of Service (DDoS) attacks involve multiple compromised computers
attacking a target, greatly increasing the scale of the attack. DDoS attacks are coordinated
and harder to stop because they originate from different locations.

These attacks are intended to paralyze services, damage reputation, and cause significant
financial loss.

Q4. Explain SQL Injection, Buffer Overflow, and Wireless Network Attacks.

Ans:
SQL Injection:
In SQL Injection, attackers insert malicious SQL commands into input fields of websites to
manipulate the database.
Consequences include:
 • Unauthorized data access

• Data modification or deletion

• Complete system compromise

Preventive measures include input validation and using prepared statements.

Buffer Overflow:
A buffer overflow occurs when more data is written to a buffer than it can hold. Attackers
exploit this by injecting malicious code into the memory space, potentially gaining control
over the system.

Buffer overflow attacks are dangerous because they can allow remote execution of arbitrary
code.

Wireless Network Attacks:

Wireless networks can be attacked easily due to open signals.
Common wireless attacks:

• Eavesdropping

• Rogue Access Points

• Deauthentication attacks

• Fake hotspots

Using strong encryption (WPA3), disabling SSID broadcasts, and MAC address filtering can
reduce the risk of wireless attacks.

CYBER SECURITY – FULL UNIT WISE SUMMARY

UNIT 1: Information Security

Information System

• A combination of technology, people, and processes to manage information.

• Types: TPS, MIS, DSS, EIS.

Development of Information Systems

• Steps: Planning → Analysis → Design → Implementation → Maintenance.

 Introduction to Information Security

• Protecting information from unauthorized access, disclosure, alteration, and

destruction.

Need for Information Security

• Protect privacy, ensure data integrity, and maintain availability.

Threats to Information Systems

• Malware, phishing, insider threats, natural disasters.

Information Assurance

• Ensuring information is trustworthy and available when needed.

Cyber Security

• Techniques to protect systems, networks, and programs from cyber attacks.

Security Risk Analysis

• Identifying risks, evaluating vulnerabilities, and planning defenses.

UNIT 2: Systems Vulnerability Scanning

Vulnerability Scanning

• Identifying weaknesses in systems before attackers do.

Open Port/Service Identification

• Finding active services and open ports using tools.

Banner/Version Check

• Identifying software versions to detect known vulnerabilities.

Traffic Probe and Vulnerability Probe

• Analyzing network traffic to find weak points.

Examples of Vulnerabilities

• Outdated software, weak passwords, open ports.

Network Vulnerability Tools

• Netcat: For scanning ports and sending data.

 • Nmap: Network mapping and reconnaissance.

Sniffers and Injection Tools

• Wireshark: Captures and analyzes network packets to detect intrusions.

UNIT 3: Network Defense Tools

Firewalls and Packet Filters

• Firewalls block unauthorized access; Packet filters control network packet flow.

Packet Filter vs Firewall

• Packet filters are basic; firewalls are more intelligent.

Firewall Protection

• Blocks harmful traffic, logs events, and manages network access.

Stateless vs Stateful Firewalls

• Stateless: Check packets individually.

• Stateful: Track active connections for better security.

Network Address Translation (NAT) and Port Forwarding

• NAT hides private IP addresses; Port forwarding routes traffic correctly.

Virtual Private Networks (VPN)

• Encrypts internet traffic, providing secure communication.

Linux and Windows Firewalls

• Built-in firewall features for server and PC protection.

Snort - Intrusion Detection System (IDS)

• Detects and alerts about suspicious network activities.

UNIT 4: Introduction to Cyber Crime and Law

Cyber Crimes

• Illegal activities involving computers and networks.

Types of Cyber Crimes

 • Hacking, identity theft, cyberstalking, phishing, ransomware attacks.

Hacking and Attack Vectors

• Techniques to exploit vulnerabilities, like malware, phishing, SQL injection.

Criminal Behavior in Cyberspace

• Anonymous, quick, borderless — harder to track and punish.

Traditional Problems with Computer Crime

• Jurisdiction issues, evidence challenges, rapid tech changes.

Incident Response

• Steps after a cyber attack: detect → contain → eradicate → recover → learn.

Digital Forensics

• Collecting and analyzing digital evidence for legal action.

Cyber World Realms

• Surface web, deep web, dark web.

Brief History of the Internet

• From ARPANET to the modern internet.

Indian IT Act 2000

• Law to combat cyber crimes and enable digital transactions legally.

UNIT 5: Introduction to Cyber Crime Investigation

Password Cracking

• Recovering passwords using brute force, dictionary attacks, etc.

Keyloggers and Spyware

• Tools that secretly record keystrokes and gather personal information.

Viruses, Worms, Trojans, Backdoors

• Malware types that destroy, steal, or give unauthorized access.

Steganography

• Hiding secret information inside other files like images or audio.

 DOS and DDOS Attacks

• Overloading a network to disrupt services.

SQL Injection

• Injecting malicious SQL code to control databases.

Buffer Overflow

• Exploiting software bugs to run malicious code.

Wireless Network Attacks

• Exploiting Wi-Fi vulnerabilities like eavesdropping or fake access points.

FINAL QUICK MEMORY TIP:

UNIT MEMORY KEYWORD

Unit 1 Protect Data

Unit 2 Find Weakness

Unit 3 Defend Network

Unit 4 Understand Cyber Crime

Unit 5 Investigate & Stop Attacks

"All Q&A banks and important updates related to NovaSkillHub will be shared directly on
our Instagram and Telegram!
Follow our Instagram page
https://www.instagram.com/novaskillhub60?igsh=aDF5ZnJtc2p6d3k=
Join our Telegram channel https://t.me/novaskillhub
Stay connected and don’t miss any update — everything will be available there!

Best Regards, Ch Anil Kumar Founder, NovaSkillHub

Together, let’s build a future with "Career Growth with Technology and Real Education.