Unit – 2 Cyber Security

MCQs:

1) Use many methods and tools to Locate weakness of their target.

a) Active attacks b) Passive attacks c) Criminals d) Hacking

2) Addition to active and passive categories, attacks can be categorized as either inside or
outside.
a) True b) False

3) Reconnaissance phase begin with “”.

a) foot printing b) Preattack c) passive d) active

4) Computer security, attempt to serial information stored in a system by electronic or

similar means.

a) contrast b) active c) wiretapping d) criminals

5) Active attacks involve gathering information about a target without his/her knowledge.
information can be gathered from.
a) True b) False

6) Blogs, newsgroups, press releases, etc. are generally used as the mediums to gain
information about the or employee.

a) website watcher b) email c) company d) employee

7) After scanning and scrutinizing, the attack is launch using the following.
a) Crack the password b) WHOIS c) NsLookup d) emailtrackerspro

8) Cyberstalking is a type ---- of that uses the internet and technology to harass or stalk a
person.
a) Passive attack b) active attack c) cybercrime d) criminals
9) This category of crime came under the purview of Section of the Indian Penal Code.
a) 354D b)112H c)351 d)358D

10) Tracking all online movements of the victim through tracking devices
A) True b) False

11) Cloud computing is the delivery of hosted services, including software, hardware, and
storage, over the Internet.
a) Cybercrime b) Cloud computing c) Virtually d) Cloud security

Short Questions :

1) How the criminals plan the attacks.

Ans. Criminals use many methods and tools to Locate weakness of their target. Criminals plan
passive and active attacks. Active attacks are usually used to alter the System whereas passive
attacks attempt to gain information about the target. In addition to active and passive categories,
attacks can be categorized as either inside or outside.

2) Explain Passive attacks.

Ans.

Passive attacks are cyberattacks where hackers secretly monitor or intercept data without
altering it. The goal is to gather sensitive information without being detected.

Examples of Passive Attacks:

 Eavesdropping – Hackers listen to private communications.

 Traffic Analysis – Monitoring data flow to gather insights.

 Password Sniffing – Capturing login credentials.

Since passive attacks do not modify data, they are harder to detect but can lead to serious
security breaches. Encryption and secure communication channels help prevent such attacks.

3) Explain Active attacks.

Ans.

Active attacks are cyberattacks where hackers modify, disrupt, or destroy data and system
operations. Unlike passive attacks, active attacks cause direct harm and are easier to detect.

Examples of Active Attacks:

 Phishing – Trick users into revealing sensitive information.

 Denial-of-Service (DoS) Attack – Overload a system to make it unavailable.

 Malware Infections – Insert viruses, worms, or ransomware into a system.

 Man-in-the-Middle Attack – Intercept and alter communication between two parties.

Since active attacks directly affect data and system functionality, organizations must use strong
security measures like firewalls, intrusion detection systems, and regular updates to prevent
them.

4) List out Types of Stalkers.

Ans.

Types of Stalkers:

Impersonation – Pretending to be someone else to damage their reputation or relationships.

Financial Stalker – Stealing financial information online for personal gain.

Hacker Stalker – Hacking into someone’s personal computer to gather personal or financial
details.

Visual Intruder – Using binoculars, telescopes, hidden cameras, or night vision goggles to invade
privacy.

Website Stalker – Collecting personal details like home address, workplace, or school from
websites.
Phone Stalker – Monitoring calls through mobile or landline tapping to listen to private
conversations.

5) List out Types of cloud computing.

Ans.

Types of Cloud Computing:

Public Cloud – Services are provided over the internet and shared among multiple users (e.g.,
Google Drive, AWS, Microsoft Azure).
Private Cloud – Exclusive cloud services used by a single organization for security and control
(e.g., banking or corporate clouds).

Hybrid Cloud – Combination of public and private clouds, allowing data sharing between them
(e.g., sensitive data on a private cloud, other services on a public cloud).

Community Cloud – Shared infrastructure among organizations with similar interests or needs
(e.g., government agencies, healthcare sectors).

6) Write down SaaS and Faas.

Ans.
 SaaS (Software as a Service)

 SaaS provides software applications over the internet on a subscription basis.

 Users don’t need to install software; they can access it via a web browser.

 Examples: Google Docs, Microsoft Office 365, Dropbox.

FaaS (Function as a Service)

 FaaS is a cloud computing service that allows developers to run individual functions or pieces
of code in response to events, without managing servers.

 It is also known as Serverless Computing.

 Examples: AWS Lambda, Google Cloud Functions, Azure Functions.

7) Define Reconnaissance.

Ans.

Reconnaissance is the process of gathering information about a target system, network, or

organization to identify vulnerabilities before launching a cyberattack.

Example: A hacker uses Nmap to scan a company’s network and find open ports, which can be
exploited for unauthorized access.

8) Define Cyber offenses.

Ans.

Cyber offenses are illegal activities committed using computers, networks, or the internet, targeting
individuals, organizations, or governments. These include hacking, identity theft, cyberstalking,
phishing, and data breaches.

9) Define the term Cyberstalking with its types.

Ans.

Cyberstalking is the use of the internet, social media, or electronic communication to harass,
threaten, or monitor an individual repeatedly. It involves stalking behaviors such as sending threats,
spreading false information, or tracking someone's online activities.

Types of Cyberstalking:

Email Stalking – Sending threatening or abusive emails to a victim.

Social Media Stalking – Monitoring and harassing someone through platforms like Facebook or
Instagram.
GPS and Online Tracking – Using GPS, spyware, or hacking techniques to track a person’s location.
Identity Theft Stalking – Impersonating someone online to damage their reputation or commit fraud.
Website Stalking – Creating websites or forums to spread false information or defame someone.
10) Define Cloud Computing.
Ans.

Cloud computing is a technology that allows users to store, manage, and process data over the
internet instead of using local computers or servers. It provides on-demand access to computing
resources such as servers, storage, databases, and applications.

Example: Services like Google Drive, AWS, and Microsoft Azure allow users to store and access data
remotely.

12) Types of Could Computing Services.

Ans.

Types of Cloud Computing Services:

IaaS (Infrastructure as a Service) – Provides virtualized computing resources like servers, storage,
and networking.
Example: Amazon Web Services (AWS), Microsoft Azure.

PaaS (Platform as a Service) – Offers a platform for developers to build, test, and deploy applications
without managing infrastructure.
Example: Google App Engine, Heroku.

SaaS (Software as a Service) – Delivers software applications over the internet on a subscription
basis.
Example: Google Docs, Microsoft Office 365.

FaaS (Function as a Service) – A serverless computing model where code runs in response to events
without managing servers.
Example: AWS Lambda, Google Cloud Functions.

13) Define Cybercrime and Cloud Computing.

Ans.

Cybercrime

Cybercrime refers to illegal activities carried out using computers, networks, or the internet to harm
individuals, organizations, or governments. Examples include hacking, identity theft, phishing, and
cyberstalking.

Cloud Computing

Cloud computing is a technology that enables users to store, manage, and process data over the
internet instead of using local computers or servers. Examples include Google Drive, AWS, and
Microsoft Azure.
Long Questions:

1) Explain Cyberstalking: Types of stalkers and how stalking works.

Ans.

Cyberstalking

Cyberstalking is the use of the internet, social media, or electronic communication to harass,
threaten, or monitor an individual repeatedly. It includes behaviors like sending threats, spreading
false information, or tracking online activities.

Types of Stalkers:

Impersonators – Pretend to be someone else to damage their reputation.

Financial Stalkers – Steal financial data for personal gain.
Hackers – Gain unauthorized access to personal information.
Visual Intruders – Use cameras, binoculars, or spyware to invade privacy.
Website Stalkers – Collect personal details from online platforms.
Phone Stalkers – Tap or monitor calls using various methods.

How Stalking Works:

🔹 Stalkers collect personal data from social media, emails, or websites.

🔹 They may send unwanted messages, threats, or manipulate online content.
🔹 Some use malware, spyware, or GPS tracking to monitor victims.
🔹 The goal is often harassment, intimidation, or financial fraud.

2) Explain Active and Passive attacks.

Ans.

Active and Passive Attacks

Cyberattacks are broadly classified into two types: Active Attacks and Passive Attacks. Both types
involve unauthorized access to data, but they differ in how they affect the system.

Active Attacks

In an active attack, the attacker modifies, disrupts, or damages the system or network. These attacks
directly interfere with data and operations.

Characteristics:

 The attacker tries to alter or destroy data.

 It can cause system downtime or data loss.

 The victim is usually aware of the attack.

Examples:

 Denial-of-Service (DoS) Attack: Overloading a website with fake traffic to make it crash.

 Man-in-the-Middle Attack: Intercepting and altering communication between two users.

 Trojan Horse: Injecting malicious software that appears legitimate but steals information.

 SQL Injection: Injecting malicious code into a database to manipulate or steal data.

Passive Attacks

In a passive attack, the attacker secretly monitors or gathers information without altering the
system. The goal is to steal confidential data without detection.

Characteristics:

 The attacker does not modify the data.

 It is difficult to detect because the system remains operational.

 The victim is usually unaware of the attack.

Examples:

 Eavesdropping (Sniffing): Listening to private communications like emails or phone calls.

 Phishing: Tricking users into revealing sensitive information through fake emails or websites.

 Traffic Analysis: Monitoring network activity to analyze data patterns.

 Keylogging: Recording keystrokes to steal passwords and personal data.

3) Explain Types of Stalkers.

Ans.

Types of Stalkers

Cyberstalking involves different types of stalkers who use various methods to monitor, harass, or
exploit individuals online. Here’s a detailed explanation of each type:

Impersonators

 These stalkers pretend to be someone else online, often by creating fake profiles on social
media or email.

 Their goal is to damage the victim’s reputation, spread false information, or manipulate
relationships.
 Example: A stalker creates a fake Facebook account using someone’s name and posts
harmful content to ruin their image.
Financial Stalkers

 These criminals focus on stealing financial information such as credit card details, banking
passwords, or online payment credentials.

 They often use phishing emails, fake websites, or hacking techniques to access financial data.

 Example: A stalker tricks someone into entering their credit card details on a fraudulent
website.

Hackers

 Hackers gain unauthorized access to a person’s computer, email, or online accounts.

 They steal private information, monitor online activity, or even lock users out of their
accounts.

 Example: A hacker installs malware on a victim’s device to record keystrokes and steal
passwords.

Visual Intruders

 These stalkers use technology like hidden cameras, high-tech binoculars, or night vision
goggles to spy on victims.

 They may also hack webcams or security cameras to monitor someone’s private life.

 Example: A stalker remotely accesses a victim’s laptop webcam without their knowledge.

Website Stalkers

 These stalkers use online sources to gather detailed personal information, including home
addresses, workplace details, and family information.
 They exploit publicly available data from social media, online directories, or hacked
databases.
 Example: A stalker finds a victim’s home address through a social media profile and starts
sending them unwanted messages.

Phone Stalkers

 These stalkers use mobile or landline phones to harass victims.

 They may tap phone lines, listen to conversations, send threatening messages, or repeatedly
call to intimidate the victim.

 Example: A stalker installs spyware on a victim’s phone to track their location and read their
messages.
4) Explain cloud computing & Types of services.

Ans.

Cloud computing is the delivery of computing services (such as storage, processing, and networking)
over the internet instead of a local computer or server. It allows users to access data and applications
from anywhere, reducing the need for physical hardware.

Types of Cloud Computing Services

Cloud computing services are classified into four main types:

Infrastructure as a Service (IaaS)

 Provides virtualized computing resources like servers, storage, and networking.

 Users can manage applications and operating systems while the provider handles
infrastructure.

 Example: Amazon Web Services (AWS), Microsoft Azure, Google Cloud.

Platform as a Service (PaaS)

 Offers a platform for developers to build, test, and deploy applications without managing
infrastructure.

 Helps in software development by providing databases, development tools, and runtime

environments.

 Example: Google App Engine, Microsoft Azure App Services, Heroku.

Software as a Service (SaaS)

 Delivers software applications over the internet on a subscription basis.

 Users don’t need to install or maintain software; it runs on the provider’s servers.

 Example: Gmail, Google Drive, Dropbox, Microsoft Office 365.

Function as a Service (FaaS) (Serverless Computing)

 Allows users to run code in response to events without managing servers.

 The cloud provider automatically scales resources as needed.

 Example: AWS Lambda, Google Cloud Functions, Azure Functions.

5) Explain How criminals plan the attacks. 1)Reconnaissance 2) Active attacks 3) Passive attacks

Ans.

Cybercriminals follow a structured approach to launch attacks, which generally includes the following
stages:

1) Reconnaissance

 Reconnaissance is the first stage of a cyberattack, where attackers gather information about
the target.
 They use tools like Google searches, social media, network scanning, and phishing emails to
 collect sensitive data.
 Example: A hacker scans a company’s network to find weak points before launching an
attack.

2) Active Attacks

 In an active attack, the attacker directly interacts with the target system to modify or
disrupt operations.

 These attacks often cause data theft, damage, or unauthorized access.

 Example: Denial of Service (DoS) attacks, where attackers overload a website to make it
unavailable.

3) Passive Attacks

 A passive attack occurs when the attacker monitors and gathers data without altering the
system.

 The goal is to steal sensitive information without being detected.

 Example: Eavesdropping on network communication to capture login credentials.

6) Explain Cybercrime and Cloud Computing.

Ans.

Cybercrime

 Cybercrime refers to criminal activities conducted using computers or the internet.

 It includes hacking, identity theft, online fraud, cyberstalking, and ransomware attacks.

 Example: A hacker stealing credit card details through phishing websites.

Cloud Computing

 Cloud computing is the delivery of computing services (such as storage, servers, databases,
and software) over the internet.

 It enables businesses and individuals to store, access, and process data remotely without
needing physical hardware.

 Example: Google Drive allows users to store and access files from anywhere.