Scribd Logo
Upload

Welcome to Scribd!

  • Submitted To: - Submitted By:-: Cyber Security

    Uploaded by

    Nisharg gupta
    15 views4 pages
    This document contains answers to 5 questions related to cyber security. It discusses different types of web server attacks like website defacement, directory traversal, misconfiguration attacks, and phishing attacks. It defines the differences between cybercrime and cyberterrorism. It describes active and passive intrusion detection systems as well as network-based, host-based, signature-based, and anomaly-based intrusion detection systems. It explains what web jacking is and the steps involved. It provides tips for preventing cybercrime such as backing up data, using anti-malware software, reviewing data for protection, training staff, and obtaining security certifications.

    Original Description:

    Original Title

    nisharg ass2 cy

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document contains answers to 5 questions related to cyber security. It discusses different types of web server attacks like website defacement, directory traversal, misconfiguration attacks, and phishing attacks. It defines the differences between cybercrime and cyberterrorism. It describes active and passive intrusion detection systems as well as network-based, host-based, signature-based, and anomaly-based intrusion detection systems. It explains what web jacking is and the steps involved. It provides tips for preventing cybercrime such as backing up data, using anti-malware software, reviewing data for protection, training staff, and obtaining security certifications.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    15 views4 pages

    Submitted To: - Submitted By:-: Cyber Security

    Uploaded by

    Nisharg gupta
    This document contains answers to 5 questions related to cyber security. It discusses different types of web server attacks like website defacement, directory traversal, misconfiguration attacks, and phishing attacks. It defines the differences between cybercrime and cyberterrorism. It describes active and passive intrusion detection systems as well as network-based, host-based, signature-based, and anomaly-based intrusion detection systems. It explains what web jacking is and the steps involved. It provides tips for preventing cybercrime such as backing up data, using anti-malware software, reviewing data for protection, training staff, and obtaining security certifications.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 4

    CYBER SECURITY

    Assignment 2

    5th Semester

    SESSION 2019/23

    Submitted To: - Submitted By :-


    Ms. Charu Jain Nisharg Gupta
    Asst.Pro AIST Semester 5
    Branch CS
    0612CS191033

    Q1. Explain Different types of Attacks against Web Servers?


    Website Defacement:
    SQL injection attacks are used to deface the website. When an attacker finds out that input fields
    are not sanitized properly, he can add SQL strings to maliciously craft a query which is executed
    by the web browser. He may store malicious/unrelated data in the database; when the website is
    requested, it will show irrelevant data on the website, thus displaying a defaced website.

    Directory Traversal:
    This is vulnerability where an attacker is able to access beyond the web root directory from the
    application. If he is able to access beyond web root directory, he might execute OS commands
    and get sensitive information or access restricted directories.
    Misconfiguration attacks:

    If unnecessary services are enabled or default configuration files are used, verbose/error
    information is not masked; an attacker can compromise the web server through various attacks
    like password cracking, Error-based SQL injection, Command Injection, etc.

    Phishing Attack:

    An attacker may redirect the victim to malicious websites by sending him/her a malicious link by
    email which looks authentic, but redirects him/her to malicious web page thereby stealing their
    data. There are a lot of other web application attacks which can lead to a web server attack-
    Parameter form tampering, Cookie tampering, unvalidated inputs, SQL injection, Buffer overflow
    attacks.

    Q2. Difference Between Cyber Crime & cyber terrorism?


    Cyberterrorism
    A cyberterrorist is someone who uses the Internet or network to destroy or damage computers
    for political reasons. The cyberterrorist might target the nation’s air traffic control system,
    electricity-generating companies, or a telecommunications infrastructure. Cyberterrorism usually
    requires a team of highly skilled individuals, millions of dollars, and several years of planning.

    Cybercrime
    Today, people rely on computers to create, store, and manage critical information. Thus, it is
    crucial that users take measures to protect their computers and data from loss, damage, and
    misuse. A computer security risk is any event or action that could cause a loss of or damage to
    computer hardware, software, data, information, or processing capability. While some breaches
    to computer security are accidental, many are intentional. Some intruders do no damage; they
    merely access data, information, or programs on the computer. Other intruders indicate some
    evidence of their presence either by leaving a message or by deliberately altering or damaging
    data. An intentional breach of computer security often involves a deliberate act that is against
    the law. Any illegal act involving a computer generally is referred to as a computer crime.

    Q3. Describe Different types of Intrusion Detection System?


    Active and passive IDS
    An active Intrusion Detection Systems (IDS) is also known as Intrusion Detection and Prevention
    System (IDPS). Intrusion Detection and Prevention System (IDPS) is configured to automatically
    block suspected attacks without any intervention required by an operator. Intrusion Detection
    and Prevention System (IDPS) has the advantage of providing real-time corrective action in
    response to an attack.

    A passive IDS is a system that’s configured to only monitor and analyse network traffic activity
    and alert an operator to potential vulnerabilities and attacks. A passive IDS is not capable of
    performing any protective or corrective functions on its own.

    Network Intrusion detection systems (NIDS)


    Host Intrusion detection systems (HIDS)
    Network Intrusion Detection Systems (NIDS) usually consists of a network appliance (or sensor)
    with a Network Interface Card (NIC) operating in promiscuous mode and a separate
    management interface. The IDS is placed along a network segment or boundary and monitors
    all traffic on that segment.

    Knowledge-based (Signature-based) IDS


    behaviour-based (Anomaly-based) IDS
    A knowledge-based (Signature-based) Intrusion Detection Systems (IDS) references a database
    of previous attack signatures and known system vulnerabilities. The meaning of word signature,
    when we talk about Intrusion Detection Systems (IDS) is recorded evidence of an intrusion or
    attack. Each intrusion leaves a footprint behind (e.g., nature of data packets, failed attempt to
    run an application, failed logins, file and folder access etc.). These footprints are called
    signatures and can be used to identify and prevent the same attacks in the future. Based on
    these signatures Knowledge-based (Signature-based) IDS identify intrusion attempts.

    Q4. What is Web Jacking?


    Illegally seeking control of a website by taking over a domain is known as Web Jacking. In web
    jacking attack method hackers compromises with the domain name system (DNS) that
    resolves website URL to IP address but the actual website is never touched.
    Web jacking attack method is another type of social engineering phishing attack where an
    attacker create a fake web page of victim website and send it to the victim and when a victim
    click on that link, a message display on the browser “the site abc.com has move on another
    address, click here to go to the new location” and if a victim does click on the link, he/she will
    redirect on the fake website page where an attacker can ask for any sensitive data such as
    credit card number, username, password etc.
    Web jacking attack method is one kind of trap which is spread by the attacker to steal the
    sensitive data of any people, and those people got trapped who are not aware about cyber
    security.
    Web Jacking Attack Method:
    1. The first step of web jacking attack method is to create a fake page of victim website
    for example www.anywebsite.com/login.php.
    2. The second step is to host it either on your local computer or shared hosting.
    3. The third step is to send the link of a fake page to the victim.
    4. The fourth step victim will open the link and enter their details and submit.
    5. Last step, you will get all the details submitted by victim

    Q5. How to Prevent Cyber Crime?


    1. Back up data Always backup your data. Loss of any data can be very critical to your business,
    and if there happens to be a breach of cybersecurity that results in a huge loss of vital data, a lot
    can be at stake during such times. Backing up the data is actually a very logical and preferred
    practice. This is because many times, data is lost due to hardware issues and other software
    failures. Make sure that you choose a decent and well-reputed company that supplies you with
    data backup options. Try to back up your data daily. There are plenty of companies that
    offer automatic secure backup facilities at the end of every day.
    2. Get protection against malware There are hundreds of malwares released on the internet
    every day. While some of this malware is not that big a threat to your business, a few of these
    can be. The best way to tackle this virus is with the help of anti-virus software. Anti-virus
    software is designed to protect your device and data.
    3. Review your data Before going for an IT security solution, review all your data once. List down
    every information about your business, that if jeopardized, can cause a huge loss to you. List
    things that could be cyber-attacked, like monetary accounts, IT equipment, pricing information,
    and product designs.

    4. Train your staff: Inform your staff about all the potential cyberattacks that can happen in your
    workplace. Encourage them to report all cyberattacks that occur. Once your staff has the basic
    knowledge to handle any cyberattack, managing recovery would not be so hard. Get a
    professional team to train your staff about the potential problems with cybersecurity and how it
    can affect the office.

    5. Get certified: The international standard of cybersecurity is the ISO/IEC 27032:2012. This is a
    set of rules and guidelines that cover information security, network security, internet security,
    and the protection of information infrastructure. Getting a certificate would make your business
    comply with these standards, leaving your security details better. Certification is also good for
    business; customers and clients tend to trust your business more if it has any certification
    relating to security and cybersecurity.

    You might also like