Keeping any personal information to yourself in a manner that any adversary shall not be able to identify and use it, is known as
- Confidentiality
- Integrity
- Availability
- Authentication
Answer
Confidentiality
Reason — Confidentiality means keeping personal information to oneself so that an adversary is not able to identify or use it.
An illegal act where sensitive information such as passwords and credit card details of a person is acquired while masquerading as a trustworthy person in an official electronic communication (say, e-mail), is known as
- Virus
- Malware
- Pharming
- Phishing
Answer
Phishing
Reason — Phishing is an illegal act in which sensitive information, such as passwords and credit card details, is acquired by pretending to be a trustworthy person in an official electronic communication system, such as e-mail.
A malicious program, which has the ability to replicate and execute itself is known as
- Virus
- Malware
- Man-in-the-Middle attack
- Social Engineering
Answer
Virus
Reason — A virus is a malicious program which has the ability to replicate and execute itself. It is man-made, destructive in nature, and usually attaches itself to other programs and spreads across the system.
Which of the following is a branch of Cyber Security responsible for safeguarding information systems?
- Information Security
- Data Security
- Network Security
- Cryptography
Answer
Information Security
Reason — Information Security deals with protecting sensitive data and information systems from malicious and unauthorised parties. It helps ensure the confidentiality, integrity and availability of data.
Convincing a person being attacked that the attacker is authorised to receive the information is known as ............... .
- Social Engineering
- Pharming
- DoS attack
- Man-in-the-Middle attack
Answer
Social Engineering
Reason — Social Engineering attack is a method in which the person being attacked is convinced that the attacker is authorised to receive the information.
Fill in the blanks:
- ................ means making sure that the data is not manipulated by an unauthorised person.
- ................ attack refers to capturing the messages as they travel from a source to a destination and replacing them with alternative messages to compromise the data.
- The balance between ................ and Availability determines the safety and security of data and information stored in our systems.
- ................ attack takes place when the hacker has hacked and taken the control of multiple systems.
- ................ is a scamming practice where a malicious code is installed on the computer system or server.
Answer
- Integrity means making sure that the data is not manipulated by an unauthorised person.
- Man-in-the-Middle attack refers to capturing the messages as they travel from a source to a destination and replacing them with alternative messages to compromise the data.
- The balance between Confidentiality and Availability determines the safety and security of data and information stored in our systems.
- Distributed Denial of Service (DDoS) attack takes place when the hacker has hacked and taken the control of multiple systems.
- Pharming is a scamming practice where a malicious code is installed on the computer system or server.
Write down the full forms of the following:
- OTP
- DOD
- DDoS
- FIR
Answer
- OTP – One Time Password
- DOD – Department of Defence
- DDoS – Distributed Denial of Service
- FIR – First Investigation Report
Assertion (A): Shreya uses her laptop to do her history project. Recently, she notices that her laptop has become slow.
Reason (R): Viruses are programs created by a hacker who runs his own application in the background to steal the user's information. The background processing of the program slows down the PC.
Based on the above discussion, choose an appropriate statement from the options given below:
- Both A and R are true and R is the correct explanation of A.
- Both A and R are true and R is not the correct explanation of A.
- A is true but R is false.
- A is false but R is true.
- Both A and R are false.
Answer
Both A and R are true and R is the correct explanation of A.
Reason — Viruses are malicious programs that run on a computer system without the user's knowledge and can execute in the background, consuming system resources. This background processing can slow down the PC, which explains why Shreya's laptop has become slow.
Richa is a sincere girl and has recently been taught Cyber Security in school. One of her friend asked her for the password of her PC.
Now, answer the following questions based on the given scenario:
- Should Richa tell the password of her PC to her friend?
- What best Cyber Security practices should Richa teach her friend?
Answer
No, Richa should not tell the password of her PC to her friend. A password should never be disclosed to anyone because it can lead to unauthorised access to the system and misuse of personal data.
Richa should teach her friend the following Cyber Security practices:
- Never disclose passwords for social media, internet banking or any other account to anyone.
- Frequently change passwords and keep them strong so that they cannot be guessed easily.
- Never write and store passwords where they can be found by other people.
- Never save passwords on any web page when asked by it.
- Never share OTP (One Time Password) with others.
- Never disclose personal or sensitive information over phone calls or messages.
- Always open e-mails from trusted sources only.
- Use updated Antivirus software and enable the firewall on the computer.
Write short notes on Pharming.
Answer
Pharming is a scamming practice where a malicious code is installed on the computer system or server. It misguides the users to fraud websites without their knowledge. It is a hidden threat because the user never comes to know whether the website is hijacked or not before handing over personal information. The primary goal of pharming is to steal personal information such as login details, financial information and other sensitive data.
Write short notes on Virus.
Answer
A virus is a computer program which runs on any computer system without the user’s knowledge. Once it is loaded into a computer system, it starts damaging the system automatically. As a result, the system may come to a halt or even crash. A virus is a specific type of malware and is a malicious program which has the ability to replicate and execute itself. It is a man-made program, destructive in nature, which usually attaches itself to other programs and spreads across the system.
Write short notes on Malware.
Answer
Malware is a specific type of code which replicates itself by inserting the code into other programs. It is a piece of software written with the intent of causing harm to the data and the devices. Malware is the primary name for different types of viruses such as Trojan, Spyware, Adware and Worms. It is often used to damage computer systems, tablets, phones and other digital devices.
Write short notes on Phishing.
Answer
Phishing is an illegal act where sensitive information such as passwords and credit card details of a person is acquired while masquerading as a trustworthy person in an official electronic communication system (say, e-mail). In phishing, the attacker sends fake messages or e-mails that appear to be genuine, which tricks users into sharing their personal or financial information.
Write short notes on Ransomware.
Answer
Ransomware is a type of malicious software (malware) used by cybercriminals to block access to a computer system or encrypt the files on it, making them inaccessible to the primary user. The cybercriminals then demand a ransom (usually in cryptocurrency) from the victim in exchange for restoring access to the system or decrypting the files.
Write short notes on Brute Force attack.
Answer
A Brute Force attack is an attack technique used by an adversary to steal data from a system by hacking the password. In this attack, the adversary tries different combinations of characters (alphabets, digits and special characters) based on whatever information they have about the user. Often, a program is written to guess the password in a quick span of time, which may result in unauthorised access to the system.
What is meant by Cyber Security?
Answer
Cyber Security refers to the practice of protecting systems, networks and data from digital threats. It deals with the protection of sensitive data from malicious and unauthorised parties. The main objective of Cyber Security is to ensure that data and devices are available only to authorised owners and are protected from cyber-attacks, data breaches and other online dangers.
Mention the various cyber attacks which can take place to a computer system.
Answer
The various cyber attacks which can take place on a computer system are:
- Virus
- Worm
- Malware
- Ransomware
- Phishing
- Brute Force Attacks
- Distributed Denial of Service (DDoS) Attacks
- Man-in-the-Middle Attack
- Social Engineering Attacks
- Pharming
- Zero Day Attacks
Explain the three components of CIA triad.
Answer
The three components of the CIA Triad are as follows:
Confidentiality: Confidentiality means keeping any personal information to yourself in a manner that any adversary is not able to identify or use it.
Integrity: Integrity means making sure that the data is not manipulated by any unauthorised person.
Availability: Availability means ensuring that data is always available to authorised users whenever required.
Mention various ways to safeguard yourself from a cyber attack.
Answer
Various ways to safeguard ourselves from a cyber attack are:
- Never disclose passwords for social media, internet banking or any other account to anyone.
- Frequently change passwords and keep them complicated so that they cannot be guessed easily.
- Never share OTP (One Time Password) for online transactions with others.
- Never disclose any PII details over phone calls.
- Open e-mails from trusted sources only.
- Use updated Antivirus software and scan external drives before using them.
- Enable the firewall on the computer.
- Keep all software and the operating system up to date.
- Avoid using computers of cyber cafés as they may already be infected.
- In case of cyber fraud, immediately call the Cyber Cell of the police and lodge a complaint/FIR.
Under what situation do Zero Day Attack happen? Explain in brief.
Answer
Zero Day Attacks happen when an attack emerges out of a vulnerability which has not been discovered yet. This vulnerability is not known to anyone, including the software developers, and therefore no defensive mechanism is available to protect the users. Such attacks occur before the developer releases a fix or update, making it the best way for attackers to target users.
Enlist some best practices to Cyber Security.
Answer
Some best practices of Cyber Security are:
- Never disclose passwords to anyone.
- Never save passwords on any web page when asked by it.
- Frequently change passwords and keep them strong.
- Never write and store passwords where other people can find them.
- Never share OTP for online transactions.
- Never disclose any PII details over phone.
- Open e-mails from trusted sources only.
- Enable Multifactor Authentication when signing up for any account.
- Use updated Antivirus software and enable the firewall.
- Keep the software and operating system updated.
- Avoid using computers of cyber cafés.
- Immediately report cyber fraud to the Cyber Cell of the police.
What are the requirements to become a Cyber Security professional?
Answer
To become a Cyber Security professional, one needs to complete a Bachelor's degree in Computer Science or any related field and have an inclination towards security. Many colleges also offer advanced degree programmes such as Master's or PhD in Cyber Security. Cyber Security professionals should also act ethically and help protect society and individuals from cyber attacks.
What advise will you give to others to become Cyber Safe?
Answer
To become Cyber Safe, I would advise others to follow these practices:
- Never share passwords, OTPs, bank details or other sensitive information with anyone.
- Use strong passwords and change them frequently.
- Open e-mails only from trusted sources.
- Use updated Antivirus software and keep the firewall enabled.
- Keep the operating system and software updated.
- Avoid using unsafe websites and prefer websites starting with
https. - Report cyber fraud immediately to the Cyber Cell of the police.