SECTION B

Q1:
Input-processing-output controls are what make up processing integrity. Input controls should
keep the machine from storing incorrect data.
1. A well-designed form will reduce the likelihood of mistakes and getting prenumbered
records in the right order helps to see if an operation is incomplete. For this we will have
to check and see whether the purchase orders have been debited; if they haven't, you'd
check to see whether the goods have dispatched or if they're on backorder.
2. Turnaround documents are an effective input control (for example, when paying a credit
card bill, you tear off a part of the front page that already contains your account number)
because they expedite delivery and eliminate potential input errors.
Controls for data processing ensure the data is interpreted properly. Output controls are
additional checks on the integrity of the processing.
Q2:
1. The type of theft is password cracking caused due to unauthorized exposure of
confidential data.
2. Following are the measures that could be taken to mitigate the type of risk. As the type of
risk involves in unauthorized use of confidential data. The following controls can be
taken:
 Plan for information security and privacy
 Entry to computer facilities should be restricted physically.
 Authentication and authorization controls are used to restrict logical access to the
device.
 Controls over data storage and transmission
 Firewalls and anti-virus security
 Procedures for backing up and recovering files
 Device specification for fault tolerance
 Plan for Recovery in Case of Disaster
 Maintenance that prevents problems from occurring
 Firewalls are a type of security system that protects
 Business interruption and casualty insurance.
Q#3

1. The type of attach is Trojan Horse. A Trojan, or Trojan horse, is a form of malware that
disguises its exact content to inspire a handler to believe it is innocuous.
2. As in shielding against the most common threats to cyber security, efficient cyber
security tools must be the first mark of defense. An effective internet safety solution can run
quickly and frequently and alert you when you detect a Trojan horse. In order to remain harmless
from these sorts of attacks in the future, in addition to downloading cybersecurity software there
are a few finest does to help keep you safe:
 Do not download or install software from a platform you do not completely trust
 At no time open an attachment or run a Programme that you don't know about via e-mail.
 Keep all apps up-to-date with the latest updates on your computer
 Make certain that your device has a Trojan antivirus installed and running
Q4:
1. The type of threat is keylogging. A keylogger threatens your personal data. It exposes the
author of the keylogger to your username, passwords and other confidential details. This
leads to illegal purchases and ID theft.
2. Any file you obtain can be embedded in keylogger Programme on any digital computer.
Pay attention to the address of the sender and only open files from those you can trust.
Before you open a good antivirus software, all virus files should be scanned to avoid
keyloggers and other malware. Using a 2-step authentication, in which a telephone
notification helps the user to check that he is the intended recipient. Equip antivirus
firewall for desktops, tablets, smartphones and other digital devices. The firewall should
be able to warn the user, provide strong authentication checks and help encrypt and
access authorizations to protect the data.
 SECTION C
Q1:
1. The first email received is a phishing email in which the sender is posing to be the
company and urges Allan to login with the account credentials. The email received a week later
is also a phishing email as many of the less experienced phishing operators continue to make
simple grammatical and spelling mistakes in their texts. Any official message from a major
organization is unlikely to contain errors in spelling or grammar, particularly not in multiple
places. A sloppy message can serve as an instant red flag that the contact isn't genuine. Attackers
often use Google Translate to translate text from their native language, but despite their
widespread use, these services still fail to make messages sound natural.
Both the emails are phishing attack. Allan must communicate with the company via a valid
telephone number or website that Allan knows is actual and not the material in the electronic
mail. Attachments and links can put in destructive malware. He further can report the email as
spam and delete afterwards.
2. The city bank has been made aware of a phishing scheme in which fraudsters pose as
bank employees. Customers should be informed as soon as possible by the bank. Customers
should be notified about the scam through electronic message or letter. The key idea is to remind
clienteles that genuine companies, such as City Bank, will never ask for confidential private
information over doubtful channels such as email or text messages. Bank should also concern the
law enforcement agencies to report the fraudulent activities going on.
3. Phishing is when someone sends an electronic message posing as a valid company,
normally a monetarist organization, and asks for info or proof of information, every so often with
a threat of undesirable consequences if the information is not given. The addressee is given the
option of responding to the fake request or visiting a website and submitting information. A
linking to an apparently genuine web page is often included in the post. Brand symbols,
accustomed illustrations, phone numbers, and Internet connections tend to be those of the
maltreated business on the web page. It also has a form that asks for information such as a home
address and the PIN for an ATM card.
Typo squatting, also known as URL hijacking, is the practice of producing websites with
indistinguishable terms so that users who type in a website name inaccurately are directed to an
invalid location. Keying www.antifraudbigbank.
com as an alternative of www.antifraudbigbank.com, may lead to a cyber-squatter site that:
deceives the user into believing she is visiting the real site by using a copied or identical logo,
website layout, or material. Advertisements that cater to people searching for the real domain
name are often found on these pages. It's possible that the typo squatter is a rival. Viruses,
spyware, and adware are all distributed through this site.
Q2:
1. Disrupting a botnet attack necessitates a high level of complexity. It's not easy to stop a
botnet attack from spreading. Removing the server or removing the server's internet connection
may bring the entire network down. For botnets that use peer-to-peer networking or other
decentralized control mechanisms, tracing communications to investigate the source is more
difficult. It can also be taken down by attempting to detect and delete botnet malware from
source computers, as well as replicating the botnet's communication methods in order to disrupt
them and disrupting the monetization efforts. While anti-malware and antivirus software and
Programme are successful at detecting and removing certain types of malicious software from
individual computers, they do not prevent the botnet from running. The IT department may also
set up a honeypot, which is a computer device that serves as a decoy to attract cybercriminals.
The hospital that set up the honeypot would be able to track, deflect, and investigate how hackers
tried to gain access to the device in this way.

2. Botnet, short for "robot network," is a large network of hacked computers known as
"zombies" that are used to target networks or spread malware. Bot herders install malware on
unsuspecting computers that responds to the hacker's electronic commands. Bot software can be
distributed through Trojans, e-mails, instant messages, Tweets, or an infected website, among
other methods. Bot herders take advantage of the combined strength of the hacked computers to
launch a variety of Internet attacks. A botnet is a collection of bots connected by a network or
cluster of computers (or other devices) that have been infected with malware and are now under
the control of the malware owner. Botnets are computers and devices that are used to target (and
infect) other computers and devices. Typically, hackers will do everything possible to keep the
victims unaware of the infection, allowing them to continue exploiting the botnet for as long as
possible.

3. Following are the ways to stop the attack and contain the damage in case of a botnet
attack:
The firewall serves as the first line of protection and is the most basic cybersecurity tool
available to hospital IT workers. Despite being a must-have, it will not be able to prevent a
botnet attack on its own. As a result, the hospital must continue to incorporate additional layers
of security. Not giving everybody in the hospital administrative privileges reduces the chance of
an insider attack, but it also improves protection against external threats. For access controls, use
multi-factor and risk-based authentication, as well as least privilege and other best practices.
Botnets spread by exploiting credentials after infecting a single computer. Botnets can be
contained in one area, where they can do less harm and be more easily eradicated, by restricting
access.