SlideShare a Scribd company logo

Information security questions

Download as DOCX, PDF
G
gamemaker762

Download DOC Word file from below links Link 1: http://gestyy.com/eiT4zZ Link 2: http://fumacrom.com/RQRL Disclaimer: Above doc file is only for education purpose only Contains some important questions on information security/cyber security Q1) When you want to authenticate yourself to your computer, most likely you type in your username and password. The username is considered public knowledge, so it is the password that authenticates you. Your password is something you know. 1.1 It is also possible to authenticate based on something you are, that is, a physical characteristic. Such a characteristic is known as a biometric. Give an example of biometric-based authentication. 1.2 It is also possible to authenticate based on something you have, that is, something in your possession. Give an example of authentication based on something you have. 1.3 Two-factor authentication requires that two of the three authentication methods (something you know, something you have, something you are) be used. Give an example from everyday life where two-factor authentication is used. Which two of the three are used? Q2) Malware is software that is intentionally malicious, in the sense that it is designed to do damage or break the security of a system. Malware comes in many familiar varieties, including viruses, worms, and Trojans. 2.1 Has your computer ever been infected with malware? If so, what did the malware do and how did you get rid of the problem? If not, why have you been so lucky? 2.2 In the past, most malware was designed to annoy users. Today, it is often claimed that most malware is written for profit. How could malware possibly be profitable? Q3) What is war dialling and war driving? Q4) Suppose that we have a computer that can test 240 keys each second. 4.1 What is the expected time (in years) to find a key by exhaustive search if the key space is of size 288? 4.2 What is the expected time (in years) to find a key by exhaustive search if the key space is of size 2112? 4.3 What is the expected time (in years) to find a key by exhaustive search if the key space is of size 2256? Q5) What kind of attacks are possible on mobile/cell phones? Explain with example. Q6) Explain the countermeasures to be practiced for possible attacks on mobile/cell phones.

Education
1 of 5
Assignment Q1) When you want to authenticate yourself to your computer, most likely you type in your username and password. The username is considered public knowledge, so it is the password that authenticates you. Your password is something you know. 1.1 It is also possible to authenticate based on something you are, that is, a physical characteristic. Such a characteristic is known as a biometric. Give an example of biometric-based authentication. 1.2 It is also possible to authenticate based on something you have, that is, something in your possession. Give an example of authentication based on something you have. 1.3 Two-factor authentication requires that two of the three authentication methods (something you know, something you have, something you are) be used. Give an example from everyday life where two-factor authentication is used. Which two of the three are used? Ans: 1.1. Iris recognition is an automated method of biometric identification that uses mathematical pattern-recognition techniques on video images of one or both of the irises of an individual's eyes, whose complex patterns are unique, stable, and can be seen from some distance. The iris authentication matches the complex mathematical patterns of the irises which are significantly unique for each. A comprehensive study on biometric authentication found that the false rejection rate of iris authentication is only 1.8% which is the lowest. 1.2. Aadhaar Card, we can authenticate using our Aadhaar Card. Our Phone Number can also be used to authenticate with the help of OTP. 1.3. It can be our SIM card number. It is something we know, and we have. When we authenticate using phone number, OTP is sent to our mobile. This acts as two factor authentication. Q2) Malware is software that is intentionally malicious, in the sense that it is designed to do damage or break the securityof a system. Malware comes in many familiar varieties, including viruses, worms, and Trojans. 2.1 Has your computer ever been infected with malware? If so, what did the malware do and how did you get rid of the problem? If not, why have you been so lucky? 2.2 In the past, most malware was designedto annoy users. Today, itisoften claimed that most malware is written for profit. How could malware possibly be profitable?
Ans: 2.1. My system has not been affected with malware because: • I have antivirus system installed and up to date. • Always keep the Windows updated. • Do not have used external removable devices from unauthorised sources. • Not opened any malicious websites on browser. • Always performed scanning before executing a new file. • Always downloaded files from secured sources. 2.2. Malware can be profitable for many attackers. They can steal and sell information of users. They can also encrypt the system files in a running PC and can be accessible only when a certain given amount of money is paid to the attacker. There are called Ransomwares. Spamming, phishing can also lead to loss of your account money. With your account details they can use money. Q3) What is war dialling and war driving? War dialling uses a software program to automatically call large numbers of telephone numbers in a defined range to search for ones that have a modem attached. The hacker simply enters an area code and the three-digit exchange of a phone number. The war dialler will then call all numbers having that area code and starting with that exchange. Corporations are particularly vulnerable to this type of attack because each of their locations is typically assigned phone. Wardriving may be as simple as searching for free Wi-Fi using a smartphone inside an automobile. However, the definition usually applies to a hardware and software configuration specifically designed for locating and recording Wi-Fi networks. Wardriving is the act of searching for Wi-Fi networks from a moving vehicle. It involves slowly driving around an area with the goal of locating Wi-Fi signals. This may be accomplished by an individual or by two or more people, with one person driving and others searching for wireless networks. Q4) Suppose that we have a computer that can test 240 keys each second. 4.1 What is the expected time (in years) to find a key by exhaustive search if the key space is of size 288? 4.2 What is the expected time (in years) to find a key by exhaustive search if the key space is of size 2112? 4.3 What is the expected time (in years) to find a key by exhaustive search if the key space is of size 2256? Ans: 4.1. In 1 second = 240 keys computed
Size of given key space = 288 keys So, 288 240 = 248 seconds required In years, 248 365𝑥24𝑥60𝑥60 = 8925510.528 years 4.2. In 1 second = 240 keys computed Size of given key space = 2112 keys So, 2112 240 = 272 seconds required In years, 272 365𝑥24𝑥60𝑥60 = 1.49 x 1014 years 4.3. In 1 second = 240 keys computed Size of given key space = 2256 keys So, 2256 240 = 2216 seconds required In years, 2216 365𝑥24𝑥60𝑥60 = 3.33 x 1057 years Q5) What kind of attacks are possible on mobile/cell phones? Explain with example. 1. Malicious apps When a user visits Google Play or the App Store to download apps that look innocent enough, the apps ask for a list of permissions before people can download them. This led to a serious threat when ignored. 2. Weak Passwords Having weak password is easy to be cracked. Weak passwords can be opened using brute force technique and can be exploited. 3. Public Wi-Fi Instead of connecting directly to a network, people are tricked into accessing a network that looks authentic, but it is actually controlled by a hacker 4. Wi-Fi Hijacking Some attackers try to get access of your Wi-Fi systems. They try to find poorly secured wireless connections using War Driving.
5. Bluetooth snooping and Fuzzing Attackers can also use Bluetoothnetwork to steal information for victim’s device. Some Bluetooth devices can automatically connect without the need of Passwords. This creates vulnerability. Q6) Explain the countermeasures to be practiced for possible attacks on mobile/cell phones. Malicious apps Do not give extra permissions for certainapps which is not required forits functionality. Do not download apps from unknown sources. Weak Passwords Always try to use all alphanumeric characters along with special symbols like ‘@’,’#’,’- ‘, etc. Public Wi-Fi Try to avoid accessing public Wi-Fi or try to avoid doing using services which requires details of the user. Do not enter your important details in a public Wi-Fi environment. Wi-Fi Hijacking Always keep your admin password confidential and use strong password and do not share with other non- authorized users. Bluetooth snooping and Fuzzing Always keep off your Bluetooth when there is no need. Try to avoid using Bluetooth devices in public places or try to secure it by setting password. Q7) What kind of cyber securitymeasures an organization should have to take in case of portable storage devices? Prepare security guidelines which can be implemented in an organization.  Set up surveillance in all places using intrusion systems, cameras and detection systems. A video surveillance camera placed in a location that makes it difficult to tamper with or disable (or even to find) but gives a good view of persons entering and leaving.  Backing up important data is an essential element in disaster recovery, but don't forget that the information on those backup tapes, disks, can be stolen and used by someone outside the company  Laptops and handheld computers pose special physical security risks. A thief can easily steal the entire computer, including any data stored on its disk as well as network logon passwords that may be saved.
 If you don't want employees copying company information to removable media, you can disable or remove floppy drives, USB ports, and other means of connecting external drives.  Even before you lockdown the servers, in fact, before you even turn them on for the first time, you should ensure that there are good locks on the server room door. Q8) Explain the various measures for protectionof laptops through physical and logical control measure. Physical security  Try to use cables and hard-wired locks  Laptop safes can also be used.  Motion sensors and alarms can be used  Can be protected using warning labels and stamps  Setup an intrusion detection system  Proper handling of removable drives Logical Security  Avoid installing malicious programs/softwares  Use strong password with more randomness  Install antivirus softwares  Always keep the Firewall updated  Regularly install security patches and updates  Locking down unwanted ports and devices

Recommended

Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Stepsgamemaker762
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsVidoushi B-Somrah
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsVidoushi B-Somrah
 
The Future of Digital Forensics
The Future of Digital ForensicsThe Future of Digital Forensics
The Future of Digital Forensics00heights
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensiknewbie2019
 
Chapter 3 cmp forensic
Chapter 3 cmp forensicChapter 3 cmp forensic
Chapter 3 cmp forensicshahhardik27
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 

Recommended

Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Stepsgamemaker762
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsVidoushi B-Somrah
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsVidoushi B-Somrah
 
The Future of Digital Forensics
The Future of Digital ForensicsThe Future of Digital Forensics
The Future of Digital Forensics00heights
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensiknewbie2019
 
Chapter 3 cmp forensic
Chapter 3 cmp forensicChapter 3 cmp forensic
Chapter 3 cmp forensicshahhardik27
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Computer forensic
Computer forensicComputer forensic
Computer forensicSinggih Prasetya
 
Digital Forensic
Digital ForensicDigital Forensic
Digital ForensicCleverence Kombe
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic toolsParsons Corporation
 
Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating proceduresSoumen Debgupta
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emamahmad abdelhafeez
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Sagar Rahurkar
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsRoberto Ellis
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
Brief introduction to digital forensics
Brief introduction to digital forensicsBrief introduction to digital forensics
Brief introduction to digital forensicsMarco Alamanni
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
Role of a Forensic Investigator
Role of a Forensic InvestigatorRole of a Forensic Investigator
Role of a Forensic InvestigatorAgape Inc
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsVikas Jain
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowDigital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowPankaj Choudhary
 
Digital Forensics Projects Assistance
Digital Forensics Projects Assistance Digital Forensics Projects Assistance
Digital Forensics Projects Assistance Network Simulation Tools
 
DF Process Models
DF Process ModelsDF Process Models
DF Process ModelsCostas Katsavounidis
 
[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...
[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...
[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...AngelinaJacobs2
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsZyxware Technologies
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsAnyck Turgeon, CFE/GRCP/CEFI/CCIP/C|CISO/CBA
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptxCheck-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptxkris harden
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacyeiramespi07
 

More Related Content

What's hot

Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating proceduresSoumen Debgupta
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emamahmad abdelhafeez
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Sagar Rahurkar
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
Brief introduction to digital forensics
Brief introduction to digital forensicsBrief introduction to digital forensics
Brief introduction to digital forensicsMarco Alamanni
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
Role of a Forensic Investigator
Role of a Forensic InvestigatorRole of a Forensic Investigator
Role of a Forensic InvestigatorAgape Inc
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsVikas Jain
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowDigital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowPankaj Choudhary
 
[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...
[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...
[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...AngelinaJacobs2
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsZyxware Technologies
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 

What's hot (20)

Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
 
Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating procedures
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emam
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedure
 
Brief introduction to digital forensics
Brief introduction to digital forensicsBrief introduction to digital forensics
Brief introduction to digital forensics
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)
 
Role of a Forensic Investigator
Role of a Forensic InvestigatorRole of a Forensic Investigator
Role of a Forensic Investigator
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowDigital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
 
Digital Forensics Projects Assistance
Digital Forensics Projects Assistance Digital Forensics Projects Assistance
Digital Forensics Projects Assistance
 
DF Process Models
DF Process ModelsDF Process Models
DF Process Models
 
[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...
[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...
[❤PDF❤] The Basics of Digital Forensics The Primer for Getting Started in Dig...
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensics
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital Forensics
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 

Similar to Information security questions

Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptxCheck-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptxkris harden
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacyeiramespi07
 
TheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxTheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxHAYDEECAYDA
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of thingsMonika Keerthi
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsMuhammadRobeel3
 
Computer security and_privacy_2010-2011
Computer security and_privacy_2010-2011Computer security and_privacy_2010-2011
Computer security and_privacy_2010-2011lbcollins18
 
455845434-Chapter-2-Cyber-Security-pptx.pptx
455845434-Chapter-2-Cyber-Security-pptx.pptx455845434-Chapter-2-Cyber-Security-pptx.pptx
455845434-Chapter-2-Cyber-Security-pptx.pptxDrVPadmavathiAssocia
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and youArt Ocain
 
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Qazi Anwar
 
The Safest Way To Interact Online
The Safest Way To Interact OnlineThe Safest Way To Interact Online
The Safest Way To Interact Onlinepcsafe
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Cengage Learning
 
Computing safety ryr
Computing safety ryrComputing safety ryr
Computing safety ryrryrsyd
 
Computer security
Computer securityComputer security
Computer securityDhani Ahmad
 

Similar to Information security questions (20)

Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptxCheck-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacy
 
TheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxTheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptx
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0
 
Cn35499502
Cn35499502Cn35499502
Cn35499502
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of things
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guards
 
Computer security and_privacy_2010-2011
Computer security and_privacy_2010-2011Computer security and_privacy_2010-2011
Computer security and_privacy_2010-2011
 
Cyber security for journalists
Cyber security for journalistsCyber security for journalists
Cyber security for journalists
 
455845434-Chapter-2-Cyber-Security-pptx.pptx
455845434-Chapter-2-Cyber-Security-pptx.pptx455845434-Chapter-2-Cyber-Security-pptx.pptx
455845434-Chapter-2-Cyber-Security-pptx.pptx
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and you
 
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
 
BYOD and Your Business
BYOD and Your BusinessBYOD and Your Business
BYOD and Your Business
 
Chapter 5.pptx
Chapter 5.pptxChapter 5.pptx
Chapter 5.pptx
 
The Safest Way To Interact Online
The Safest Way To Interact OnlineThe Safest Way To Interact Online
The Safest Way To Interact Online
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
It ppt new
It ppt newIt ppt new
It ppt new
 
Computing safety ryr
Computing safety ryrComputing safety ryr
Computing safety ryr
 
Computer security
Computer securityComputer security
Computer security
 

Recently uploaded

Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxShobhayan Kirtania
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...anjaliyadav012327
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 

Recently uploaded (20)

Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptx
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 

Information security questions

  • 1. Assignment Q1) When you want to authenticate yourself to your computer, most likely you type in your username and password. The username is considered public knowledge, so it is the password that authenticates you. Your password is something you know. 1.1 It is also possible to authenticate based on something you are, that is, a physical characteristic. Such a characteristic is known as a biometric. Give an example of biometric-based authentication. 1.2 It is also possible to authenticate based on something you have, that is, something in your possession. Give an example of authentication based on something you have. 1.3 Two-factor authentication requires that two of the three authentication methods (something you know, something you have, something you are) be used. Give an example from everyday life where two-factor authentication is used. Which two of the three are used? Ans: 1.1. Iris recognition is an automated method of biometric identification that uses mathematical pattern-recognition techniques on video images of one or both of the irises of an individual's eyes, whose complex patterns are unique, stable, and can be seen from some distance. The iris authentication matches the complex mathematical patterns of the irises which are significantly unique for each. A comprehensive study on biometric authentication found that the false rejection rate of iris authentication is only 1.8% which is the lowest. 1.2. Aadhaar Card, we can authenticate using our Aadhaar Card. Our Phone Number can also be used to authenticate with the help of OTP. 1.3. It can be our SIM card number. It is something we know, and we have. When we authenticate using phone number, OTP is sent to our mobile. This acts as two factor authentication. Q2) Malware is software that is intentionally malicious, in the sense that it is designed to do damage or break the securityof a system. Malware comes in many familiar varieties, including viruses, worms, and Trojans. 2.1 Has your computer ever been infected with malware? If so, what did the malware do and how did you get rid of the problem? If not, why have you been so lucky? 2.2 In the past, most malware was designedto annoy users. Today, itisoften claimed that most malware is written for profit. How could malware possibly be profitable?
  • 2. Ans: 2.1. My system has not been affected with malware because: • I have antivirus system installed and up to date. • Always keep the Windows updated. • Do not have used external removable devices from unauthorised sources. • Not opened any malicious websites on browser. • Always performed scanning before executing a new file. • Always downloaded files from secured sources. 2.2. Malware can be profitable for many attackers. They can steal and sell information of users. They can also encrypt the system files in a running PC and can be accessible only when a certain given amount of money is paid to the attacker. There are called Ransomwares. Spamming, phishing can also lead to loss of your account money. With your account details they can use money. Q3) What is war dialling and war driving? War dialling uses a software program to automatically call large numbers of telephone numbers in a defined range to search for ones that have a modem attached. The hacker simply enters an area code and the three-digit exchange of a phone number. The war dialler will then call all numbers having that area code and starting with that exchange. Corporations are particularly vulnerable to this type of attack because each of their locations is typically assigned phone. Wardriving may be as simple as searching for free Wi-Fi using a smartphone inside an automobile. However, the definition usually applies to a hardware and software configuration specifically designed for locating and recording Wi-Fi networks. Wardriving is the act of searching for Wi-Fi networks from a moving vehicle. It involves slowly driving around an area with the goal of locating Wi-Fi signals. This may be accomplished by an individual or by two or more people, with one person driving and others searching for wireless networks. Q4) Suppose that we have a computer that can test 240 keys each second. 4.1 What is the expected time (in years) to find a key by exhaustive search if the key space is of size 288? 4.2 What is the expected time (in years) to find a key by exhaustive search if the key space is of size 2112? 4.3 What is the expected time (in years) to find a key by exhaustive search if the key space is of size 2256? Ans: 4.1. In 1 second = 240 keys computed
  • 3. Size of given key space = 288 keys So, 288 240 = 248 seconds required In years, 248 365𝑥24𝑥60𝑥60 = 8925510.528 years 4.2. In 1 second = 240 keys computed Size of given key space = 2112 keys So, 2112 240 = 272 seconds required In years, 272 365𝑥24𝑥60𝑥60 = 1.49 x 1014 years 4.3. In 1 second = 240 keys computed Size of given key space = 2256 keys So, 2256 240 = 2216 seconds required In years, 2216 365𝑥24𝑥60𝑥60 = 3.33 x 1057 years Q5) What kind of attacks are possible on mobile/cell phones? Explain with example. 1. Malicious apps When a user visits Google Play or the App Store to download apps that look innocent enough, the apps ask for a list of permissions before people can download them. This led to a serious threat when ignored. 2. Weak Passwords Having weak password is easy to be cracked. Weak passwords can be opened using brute force technique and can be exploited. 3. Public Wi-Fi Instead of connecting directly to a network, people are tricked into accessing a network that looks authentic, but it is actually controlled by a hacker 4. Wi-Fi Hijacking Some attackers try to get access of your Wi-Fi systems. They try to find poorly secured wireless connections using War Driving.
  • 4. 5. Bluetooth snooping and Fuzzing Attackers can also use Bluetoothnetwork to steal information for victim’s device. Some Bluetooth devices can automatically connect without the need of Passwords. This creates vulnerability. Q6) Explain the countermeasures to be practiced for possible attacks on mobile/cell phones. Malicious apps Do not give extra permissions for certainapps which is not required forits functionality. Do not download apps from unknown sources. Weak Passwords Always try to use all alphanumeric characters along with special symbols like ‘@’,’#’,’- ‘, etc. Public Wi-Fi Try to avoid accessing public Wi-Fi or try to avoid doing using services which requires details of the user. Do not enter your important details in a public Wi-Fi environment. Wi-Fi Hijacking Always keep your admin password confidential and use strong password and do not share with other non- authorized users. Bluetooth snooping and Fuzzing Always keep off your Bluetooth when there is no need. Try to avoid using Bluetooth devices in public places or try to secure it by setting password. Q7) What kind of cyber securitymeasures an organization should have to take in case of portable storage devices? Prepare security guidelines which can be implemented in an organization.  Set up surveillance in all places using intrusion systems, cameras and detection systems. A video surveillance camera placed in a location that makes it difficult to tamper with or disable (or even to find) but gives a good view of persons entering and leaving.  Backing up important data is an essential element in disaster recovery, but don't forget that the information on those backup tapes, disks, can be stolen and used by someone outside the company  Laptops and handheld computers pose special physical security risks. A thief can easily steal the entire computer, including any data stored on its disk as well as network logon passwords that may be saved.
  • 5.  If you don't want employees copying company information to removable media, you can disable or remove floppy drives, USB ports, and other means of connecting external drives.  Even before you lockdown the servers, in fact, before you even turn them on for the first time, you should ensure that there are good locks on the server room door. Q8) Explain the various measures for protectionof laptops through physical and logical control measure. Physical security  Try to use cables and hard-wired locks  Laptop safes can also be used.  Motion sensors and alarms can be used  Can be protected using warning labels and stamps  Setup an intrusion detection system  Proper handling of removable drives Logical Security  Avoid installing malicious programs/softwares  Use strong password with more randomness  Install antivirus softwares  Always keep the Firewall updated  Regularly install security patches and updates  Locking down unwanted ports and devices