15. Previous Question Papers Code No: CS6230E R16 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD B.Tech II Year II Semester Examinations, April - 2019 CYBER SECURITY (Open Flective) Tin : Shours Max. Marks: 75 Note: This question paper contains two parts A and B. Part A is compulsory which carries 25 marks, Answer all questions in Part A. Part B consists of 5 Units, Answer any one full question from each unit Fach question carries 10 marks and may have a, b, ¢ as sub-questions, PART-A (25 Marks) 1a) — Define iWeb Jacking ii Software Piracy? [2] b) What is the importance of Cyber Security?Explain it with an example? BI c) List the types of services provided by cloud computing? [2] d) Define Ports and List a few Well-Known port numbers? BI ¢) _ List the Security Strategies to be followed by Mobile Device Users? 2) £) Define Trojan Horse and write an cxample for it? BI g) List the importance of AntiKeyloggers along with an example? 2 h) Define Triangulation and list the steps followed by criminals for eredit B] card frauds? i) Define i. Bandwidth ii Security Patches? 2) j) _ List the different types of social media tools? BI PART -B (60 Marks) 2a) — Explain Denial of Service (DOS) Attack with an example? a2b) 4a) b) 6a) b) Ta) 8 9. 10. a) 1 b) “” b) b) Explain global perspective on Cybercrime? OR Explain Hacking and List out the different types of Hackers along with examples? Explain the impact of Cybercrime on cloud computing? Explain Attack Vectors along with an example? OR Define Social Engineering and explain the impact of Cybercrime on it? Explain in detail about Mobile Viruses along with an example? What is Credit Card Fraud? Mention the tips to prevent credit eard frauds? OR Define Smishing and explain it’s working along with safety measures? Explain Registry Settings for Mobile Devices? Define SQL Injection? Mention the steps for SQL Injection Attack? What are the steps to be followed for protection against Trojan Horse and Backdoors? OR Explain in detail the types of Buffer Overflow and steps to be considered for minimizing them? Explain the impact of a security breach on an organization? Define an insider attack? Explain it with an example? oR Explain about Social Media Marketing? 43 [10] [5+5] {19} [5+5] [s+5] [5+5] L10) [5+5] [10]Code No: CS6230E R16 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD B.Tech III Year IT Semester Examinations, May - 2019 CYBER SECURITY (Open Elective—Model Paper) Time: 3 hours Max. Marks: 75 Note: This question paper contains two parts A and B. Part A is compulsory which carries 25 marks. Answer all questions in Part A. Part B consists of 5 Units. Answer any one full question from cach unit. Fach question carries 10 marks and may have a, b, ¢ as sub-questions, PART-A (25 Marks) la) Whats Social Engineering? 22) 'b) List the steps involved in launching the attacks? BI ©) Define i, Email Bomb ii,DOS Attack? 2 d) Write about Indian IT Act 2000? BI c) Define i Smishing ii Mishing? [2] f) Define Mobile Virus and write an example for it? BI g) Write about IP-based Cloaking? 2 h) Define Buffer Overflow and mention its types? Bl i) Define i.Bandwidth Attack ii,Protocol Attack? 2 i) List the intemal costs associated with cyber security incidents? BI PART -B (50 Marks) 2. Whoare Cyber Criminals?Bxplain the different categories of Cyber [10] Criminals? 446a) b) b) 9a) b) 10. Ila) b) OR Explain the following: a)Email Spoofing b)Phishing c)Online Frauds d)Sofiware Piracy e)Computer Network Intrusions Define Attack and Explain it in detail along with an example oR What is Cyber Stalking? Mention it’s types along with its working procedure? Explain the popular types of attack against 3G mobile networks? Explain the importance of security policies related to mobile computing devices? OR Explain about Bluetooth Hacking in detail? Define Steganography? Explain it’s working in detail? What is Worm?Meation different types of worms in detail? OR Explain about virus in detail? Explain Distributed Denial of Serviee(DDOS) Attack in detail? Explain the web threats for organizations in detail? OR What are the security and privacy implications from cloud computing? Explain the Organizational implications of software piracy? 4s [10] U0) [10] [s+5] [5+5] [10]16. Assignment Topics weepe 2 MID I Explain the classification of Cybercrimes in detail? Explain Hacking and List out the different types of Hackers along with examples? ‘xplain E-mail Spoofing with an example? Define Social Engineering and explain the impact of Cybererime on it? Define CloudComputing and explain the types of services provided by it along with an example? Explain Cyberstalking in detail? ‘What is Credit Card Fraud? Mention the tips to prevent credit card frauds? MID IL Explain about password cracking mechanism in detail? Explain ebout Bluetooth Hacking mechanism in detail? Explain in detail about Mobile Viruses along with an example? What kinds of attacks are possible on mobile/cell phones? Explain with examples? What are the steps to be followed for protection against Trojan Horse and Backdoors? Explain the impact of a security breach on an organization? 4617. Unit wise Question Bank Short Answer Questions: Q.No Ques ons. UNIT1 What is Cyber Security? What is Cyber Crime? ald 4 What is the need for Cyber Security? Define Cyberspace and Cybersquatting ? Define Cyberpunk and Cyberwarfare? Define Cyberterrorism? List the different types of Cybercriminals? Give a few examples of Cybercrime in India? What is a CyberAttack? TO What is Cyber defamation? TT What isSalami Attack? Define 1 Spamming wi, Forgery? 3 Define i, Web Jacking Software Piracy? 7 Define Credit Card Frauds? Define Techno-crime and Techno-vandalism? 15 Define 1, Adware i Spyware? UNITZ Define Cybercafe and Cybercrimes? What is Passive Attack? What is Active Attack? What are the different types of sialkers and write an example for each? Tist the different Real Life incidents of CyberStalking? Tist the cases reported on CyberStalking? List the different categories of Cybererimes? Define Shoulder surfing and Dumpster diving? Define Cloud Computing? TO List the types of services provided by cloud computing! TT List the risks associated with cloud computing environment? Distinguish between Hacker and Cracker TS Define 1 Brute Toree Hacking ii, Phreaking? 7 List any Five tools used during passive attacks’ List any Tive tools used during active attacks’ 16 Define Ports and Lista few Well-Known port numbers? | Define Cyberbullying List the different types of Cloud computing service providers’ a7UNIT 3 Define i, Mobile Theft ii, Mobile Viruses? Define i Mishing i, Vishing? 3” | Define Smishing? 4 | List the drawbacks of wireless processing? List the Security Challenges posed by Mobile Devices? 6 Mention the Unconventional/Stealth Storage Devices? What are the Threats through Lost and Stolen Devices? List the Security Strategies to be followed by Mobile Device Users? 9 [Define Triangulation and list the steps followed by criminals for credit card frauds? TO [Define Bluejacking and Bluesnarfing? UNITS T | Define Proxy Servers and Anonymizers? Define Phishing? 3 What are Random Passwords? 4 | Define Keyloggers and Spywares? Define i, Virus ii, Worms? © | Define Trojan Horse and write an example for it? Define Backdoors with respect to computer? Define Steganography? 9__ [Define Distributed Denial of Service(DDOS) Attack? TO | Tist the different types of Denial of Service Attacks? TT | Define i. SQL Injection ii. Buffer Overflow? TZ |Tist the importance of AntiKeyloggers along with an example? T3_ | Tist the tools used to Taunch Dos Attack? UNITS T What is a security breach? What is meant by insider threat? 3 | List the four dimensions of privacy? 4 | List the cost of Cyber Crime and IPR issues? Define Cookies 1i.Access Control? [Define i. Bandwidth ii Security Patches? What is Indusirial Espionage? ‘What is IP based blocking? | What is a security policy? TO | List the different types of social media tools? Long Answer Questions: Que: UNIT L List the Cybererimes in India during 2007? 48Explain E-mail Spoofing with an example? 3 Illustrate Password Sniffing with an example? 4 ___| Explain the classification of Cybererimes in detail? Explain Hacking and List out the different types of Hackers along with examples? 6 ‘Define Botnet and Explain BotnetMenace? Explain Denial of Service (DOS) Attack with an example? Explain global perspective on Cybercrime? o Write in detail about Cybercrime an Indian perspective? 10 Explain CyberCrime and Indian Act 2000? UNIT2 T [Define Attack and Explain it in detail along with an example? Define Social Engineering and explain the impact of Cybercrime on it? 3__| Explain why Boinets are the fuel for Cybercrime? a Define CloudComputing and explain the types of services provided by it along with an example? 3__ [Explain the impact of Cybercrime on cloud computing? 6 ‘Explain Attack Vectors along with an cxample? 7__| Describe the process of planning attacks by criminals? 3 | Distinguish between Human-Based Social Engincering and Computer-Based Social Engineering? 9 ‘Explain the process of Port Scanning? 10 Give the tips for safety and security measures to be followed in a cybercafé? i Explain Cyberstalking in detail? UNIT3 T__] Faplain Registry Settings for Mobile Devices? Explain Cryptographic Security for Mobile Devices? 3__| Explain LDAP Security for Hand-Held Mobile Computing Devices? a Explain RAS Security for Mobile Devices? 3__| Explain Networking API Security for Mobile Computing Applications? 6 Explain BlueTooth Hacking in detail? Define Fneryption? Write short notes on Enerypting Organizational databases? Explain Organizational policies for the use of Mobile Hand Held Devices? o That is Credit Card Fraud? Mention the tips to prevent credit card frauds TO __| Explain the types and techniques of Credit Card Frauds? TT__[ Explain in detail about Mobile Viruses along with an example? T Define Vishing and explain it's working along with safety measures? T3__| Define Smishing and explain it's working along with safety measures? 1 __| Explain the various measures for the protection of laptops through physical measures and logical access control measures? UNIT 4 T Explain Password Cracking in detail? 2___| Define Keylogger and mention it’s types along with an example for each? 3” | Define Spyware and Illustrate it impacts on Mobile Devices? F ‘What are the steps to be followed for protection against Trojan Horse and 49Backdoors? 5 Explain Steganography in detail? © __| Define SQL Injection? Mention the steps for SQL Injection Attack? Write the preventive measures for SQL Injection Attacks? Explain in detail the types of Buffer Overflow and steps to be considered for minimizing them? a What are the Traditional Techniques of Attacks on Wireless Networks? 10 ‘Explain the concept of Wifi based Fraud along with an example? UNIT 5 T Explain the impact of a security breach on an organization? ‘Define an insider attack” Explain it with an example’ 3 Differentiate between Security and Privacy? Explain i's implications on Cloud Computing? 4__[ Explain about Social Media Marketing? > What is Proactive and Reactive Approach to Security? 6 Explain about Blue Cross Blue Shield Data Breach? Explain organizational implications of software privacy? ‘Explain the intemal costs associated with cybersecurity incidents? a Explain the web threats for organizations? Define Social Computing and explain the associated challenges for organizations? 50UNIT-1 Short Answer Questions for 2 Marks What is Cyber Security? Cyber security or information technology security are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation 2. What is Cyber Crim “cybercrime (computer crime) is any illegal behavior, directed by means of electronic operations, that targets the security of computer systems and the data processed by them.” Note that in a wider sense, “computer-related crime” can be any illegal behavior committed by means of, or in relation to, a computer system or network; however, this is not cybercrime. What is the need for Cyber Security? Cyber-attack is now an intemational concer, as high-profile breaches have given many concerns that hacks and other sceurity attacks could endanger the global economy. A cyberattack is deliberate exploitation of computer systems, technology-dependent enterprises and networks Cybersecurity should be thorough end seamless, regardless of business size or organisational standing. Having the right level of preparation and specialist assistance is vital to minimise and control damage, and recover from a cyber breach and its consequences. 4, Define Cyberterrorism? Cyberterrorism is the premeditated, politically motivated attack against information, computer systems, computer programs and data which result in violence against honcombatant targets by sub national groups or clandestine agents. 5. What is a CyberAttack? 51Attack is a threat or danger that involves an attempt to obtain, alter,destroy, remove or reveal information without authorized access. Criminals use many methods and tools to locate the vulnerabilities of their target. ‘The target can be an individual or an organization 6. What is Salami Attack? ‘These attacks are used for committing financial crimes. Th ¢ idea here is to make the alteration so insignificant that in a single case it would go completely unnoticed; for example a bank employee inserts a program, into the bank’s servers, that deducts a small amount of money (say * 2/- or a few cents in a month) from the account of every customer. No account holder will probably notice this unauthorized debit, but the bank employee will makea sizable amount every month. 7. Define Credit Card Frauds? Credit card fraud is the unauthorized use of another person’s credit card or card information to make purchases or access funds through cash advances using the vietim’s account. 8. Define i.Adware ii. Spyware? Adware is unwanted software designed to throw advertisements up on your screen, most often within a web browser. Some security professionals view it as the forerunner of the modern-day PUP (potentially unwanted program). ‘Typically, it uses an undethanded method to cither disguise itself as legitimate, or piggyback on another program to trick you into installing it on your PC, tablet, or mobile device Short Answer Questions for 3 Marks: 9. Define Cyberspace and Cybersquatting ? Cyberspace This is a term coined by William Gibson, a science fiction writer, in his Si-finovel Neuromancer (published in 1984) — he suggested it as a “consensual hallucination.” According to his vision about nearfuture computer network (as at the time when he coined the term in 1984), “cyberspace” is where users mentally travel through matrices of data. Conceptually, “cyberspace” is the “nebulous place” where 5210, " humans interact over computer networks. ‘The term “cyberspace” is now used to describe the Internet and other computer networks. In terms of computer science, “cyberspace” is a worldwide network of computer networks that uses the Transmission Control Protocol/Internet Protocol (TCP/IP) for communication to facilitate transmission and exchange of dala. A common factor in almost all definitions of cyberspace is the sense of place that they convey ~ cyberspace is most definitely a place where you chat, explore, research and play. The term is derived from “squatting” which is the act of occupying an abandoned/unoccupied space/ building that the squatter does not own, rent or otherwise have permission to use. Cydersquatting, however, is a bit different in that the domain names that are being squatted are (sometimes but not always) being paid for by the cybersquatters through the registration process Define Cyberpunk and Cyberwarfare? ‘The term “cyberpunk” could mean something like “anarchy via machines” or “machine/computer rebel movemeat.” This word first appeared as the title of a short story “Cyberpunk” by Bruce Bethke, published in science fiction stories magazine Cyberwarfare, for many people, means information warriors unleashing vicious attacks against an unsuspecting opponent's computer networks, wreaking havoc and paralyzing nations. This perception seems to be correct as the terms cyberwarfare and cyberterrorism have got historical connection in the context of attacks against infrastructure. The term “information infrastructure” refers to information resources, including communication systems that support an industry, institution or population. List the different types of Cybereriminals? 1. Type I: Cybercriminals — hungry for recognition * Hobby hackers; + IT professionals (social engineering is one of the biggest threat); + politically motivated hackers; + terrorist organizations. 2. Type II: Cybercriminals — not interested in recognition * Psychological perverts; + financially motivated hackers (corporate espionage); + state-sponsored hacking (national espionage, sabotage); + organized criminals. 3. Type Ill: Cybereriminals ~ the insiders + Disgruntled or former employees seeking revenge; + 53