Q. Diff. between Attack and Threat.

S.NO THREAT ATTACK

Can be intentional or
1 unintentional Is intentional

2 May or may not be malicious Is malicious

Circumstance that has ability to

3 cause damage Objective is to cause damage

Information may or may not be Chance for information alteration

4 altered or damaged and damage is very high

5 Comparatively hard to detect Comparatively easy to detect

Q. Diff. between Fabrication and Modification with respect to computer

attacks.
Fabrication: An unauthorized party inserts counterfeit objects into the system and
basically attacks the authenticity of the system.
Modification: An unauthorized party modifies the assets of the system and basically
attacks the integrity of the system.

Q. Severity of Passive attacks.

The first type of attack is passive attack. A passive attack can monitor, observe or build
use of the system’s data for sure functions. However, it doesn’t have any impact on the
system resources, and also, the data can stay unchanged. The victim is difficult to note
passive attacks as this sort of attack is conducted in secret. Passive attack aims to
achieve data or scan open ports and vulnerabilities of the network.

An eavesdropping attack is taken into account as a kind of passive attack. An

eavesdropping attack is to steal data transmitted among two devices that area unit
connected to the net.
Q. Conceptual Diff. between Cryptography and Steganography.

Q. What is Cybercrime and Cyberstalking?

Cybercrime may be defined as “Any unlawful act where computer or
communication device or computer network is used to commit or facilitate
the commission of a crime”.
Cyberstalking is the use of electronic communication by a person to follow
a person, or attempts to contact a person to foster personal interaction
repeatedly despite a clear indication of disinterest by such person; or
monitors the internet, email or any other form of electronic communication
commits the offence of stalking.
Q. Different types of Cybercriminals? Explain each one.
1. Hacktivists
Hacktivists are a group of cybercriminals who unite to carry out cyberattacks
based on a shared ideology. This ideology could be political, regional, social,
religious, anarchist, or even personal. It’s a combination of hacking and
activism.
2. Script Kiddies
Script kiddies, also referred to as skids or skiddies, are less experienced
individuals who use existing software or scripts to launch attacks on computers
and networks. These hackers solely depend on other skilled hackers' software
or programs to attack and have zero knowledge of modifying or upgrading the
software or scripts.
3. State Actors
State actors are cybercriminals backed by the government to forcefully target
another government, individual, or organization. They have the license to hack
into any network as requested by the government to unlawfully gain, create,
or influence their targets' data.
4. Insider Threats
A security attack within a targeted organization is called an insider threat.
Here, the cybercriminal could be an ex-employee or business associate who
still has access or login details to the company database. It could also be a
current employee or an associate of the company abusing the access they
have.
5. Scammers
Scammers are individuals who use deceptive schemes to trick money or
valuable items from their victims. They target less tech-savvy victims who can’t
differentiate between real and fake.
6. Cybercrime Groups
Also known as hackers groups, cybercrime groups work together anonymously
to build tools, software, access, information, and scripts for hacking. They also
organize tutorials and form communities for people interested in hacking.
Q. Diff. between white-hat hacking vs black-hat hacking.

Q. What is virus hoax?

A virus hoax is a false warning about a computer virus. Typically, the warning
arrives in an email note or is distributed through a note in a company's
internal network.

These notes are usually forwarded using distribution lists, and they will
typically suggest that the recipient forward the note to other distribution
lists.

If someone gets a message warning about a new virus, they can check it
out by going to one of the leading websites that keep up with viruses and
computer virus hoaxes. If someone sends them a note about a virus that
they learn is a virus hoax, they should reply to the sender that the virus
warning is a hoax.
Q. What are computer worms?
A computer worm is a type of malware that spreads copies of itself from computer to
computer. A worm can replicate itself without any human interaction, and it does not need to
attach itself to a software program in order to cause damage. Worms can be transmitted via
software vulnerabilities. Or computer worms could arrive as attachments in spam emails or
instant messages (IMs). Once opened, these files could provide a link to a malicious website
or automatically download the computer worm. Once it’s installed, the worm silently goes to
work and infects the machine without the user’s knowledge.

Q. What is Cyberlaw? Importance?

Cyberlaw is the area of law that deals with the Internet's relationship to
technological and electronic elements, including computers, software,
hardware and information systems (IS). Cyberlaw is also known as Cyber
Law or Internet Law.

Cyberlaws prevent or reduce large scale damage from cybercriminal

activities by protecting information access, privacy, communications,
intellectual property (IP) and freedom of speech related to the use of the
Internet, websites, email, computers, cell phones, software and
hardware, such as data storage devices.