Introduction to Cyber Crime

Questions and Answers

Which of the following best describes a Distributed Denial of Service (DDoS) attack?

• Using malware to create backdoors in a system.
• Intercepting and altering email communications.
• Overwhelming a server with traffic from multiple sources. (correct)
• Gaining unauthorized access to a computer system.

Which type of cybercrime commonly involves the theft of sensitive information, such as credit card details, through deceptive emails or websites?

• E-mail Bombing
• Industrial Espionage
• Phishing (correct)
• Software Piracy

Which of the following cybercrimes targets organizations through unauthorized access to computer systems?

• Password Sniffing
• Unauthorized access of computer (correct)
• Spamming
• Cyberstalking

What is the primary goal of 'Industrial Espionage' as a type of cybercrime?

Stealing proprietary information from a competitor to gain a market advantage. (A)

Which cyberattack type involves malicious code secretly inserted into software to bypass security and gain unauthorized access?

Backdoors (B)

Which of the following best describes the CIA triad in the context of information security?

Confidentiality, Integrity, Availability (D)

Which security measure ensures that information is accessible to authorized users when needed?

Availability (C)

What is the primary purpose of 'Information Asset Classification' in information security?

To categorize information based on its sensitivity and criticality. (B)

Which of the following roles is typically responsible for the day-to-day protection and maintenance of information assets?

Custodian (A)

In the context of cryptography, what is the key difference between symmetric and asymmetric encryption techniques?

Symmetric encryption uses one key for both encryption and decryption, while asymmetric encryption uses a pair of keys. (B)

Which cryptography technique involves substituting each letter or character in the plaintext with another to create ciphertext?

Substitution Techniques (C)

What distinguishes 'Steganography' from 'Cryptography'?

Steganography conceals the existence of a message, whereas cryptography makes the message unreadable. (C)

In digital forensics, what does 'volatile digital evidence' refer to?

Data that is easily altered or lost when a system is powered off. (B)

In the context of digital forensics, what is the role of a 'first responder'?

To secure the scene and preserve digital evidence in its original state. (D)

Which activity is a key focus when searching for and seizing digital evidence?

Ensuring the chain of custody is maintained to preserve the evidence integrity. (A)

What is the focus of 'Mobile Forensics'?

Investigating crimes committed using mobile devices. (A)

What is Computer hardware?

The physical components of the system (C)

What is Networking?

Connecting computers to share resources (B)

What is the role of the Operating System (OS)?

Manage hardware resources (D)

Within networking, what is a network topology?

All of the above (D)

Flashcards

Cyber Crime

Overview, internal and external attacks, online and offline attacks.

Cybercrimes against Individuals

E-mail spoofing, phishing, spamming, cyber defamation, cyberstalking and harassment, computer sabotage, pornographic offenses, password sniffing.

Cybercrime against organization

Unauthorized access, denial-of-service (DOS) attacks, distributed denial-of-service (DDOS) attack, backdoors, malware (virus, Trojan horse, worms), e-mail bombing, salami attack, software piracy, industrial espionage.

Cyber Security Policy

Security policies violations, crimes related to social media, ATM, phishing/vishing frauds, online and banking frauds, intellectual property frauds, cyber crimes against women and children, phases of cyber-attack.

Computer Hardware

Various components of a computer, Motherboard, Micro-Processor, Memory, Data Storage Devices and Networking components. Understanding Computer Operating Systems (OS), Booting process of computers. Introduction to File Systems and its types.

Networking

Digital and Analog Signaling Methods, Network Types and Topologies, Different types of IP Addresses, Network Hardware Devices and Client/Server Computing.

Information Security

Overview of Information security, CIA Triad, Threats and Vulnerabilities and Risk, Policy, Standards, Procedures, Guidelines and Baselines.

Information Asset Classification

Information Assets: Owner, Custodian, User. Access control, Authentication and Authorization. Information assurance and defensive measures. Digital Document Security.

Cryptography

Definitions and Concepts, Symmetric and Asymmetric Cryptosystems, Classical Encryption Techniques – Substitution Techniques, Transposition Techniques, Block Ciphers and Stream Ciphers, Hybrid Encryption Techniques, One-Time Pad, E-mail security, Internet and Web Security, Steganography and Steganalysis.

Digital Forensics

Introduction, Objective and Methodology, Rules of Digital Forensics, First responder – role, toolkit, do’s & don’ts; Search and Seizure of Volatile and Non-volatile Digital Evidence. Imaging and Hashing Digital Evidence, Introduction to deleted file Recovery. Overview of types of Network Forensics, Mobile Forensics, Social Media

Study Notes

Unit I – Introduction to Cyber Crime

• Cyber crime encompasses an overview of internal, external, online and offline attacks.
• Cybercrimes against individuals include e-mail spoofing, phishing, spamming, cyber defamation, cyberstalking and harassment, computer sabotage, pornographic offenses, and password sniffing.
• Cybercrimes against organizations involve unauthorized computer access, Denial-of-Service (DoS) attacks, Distributed Denial of Service (DDoS) attacks, backdoors and malware (viruses, Trojan horses, worms), e-mail bombing, salami attacks, software piracy, and industrial espionage.
• Cyber security policies include security policy violations, crimes related to social media, ATM/phishing/vishing frauds, online and banking frauds, and intellectual property frauds, along with cyber crimes against women and children and phases of cyber-attack.

Unit II – Introduction to Computers and Networking

• Computer hardware consists of various components such as a computer motherboard, micro-processor, and memory.
• Networking components include data storage devices and networking components.
• Understanding computer operating systems (OS), the booting process of computers and introduction to file systems and its types are covered.
• An introduction to networking, digital and analog signaling methods, network types and topologies, and different types of IP Addresses, Network Hardware Devices and Client/Server Computing.

Unit III – Basics of Information Security

• Information Security involves overviews of information security, CIA Triad, Threats and Vulnerabilities and Risk, Policy, Standards, Procedures, Guidelines and Baselines.
• Information Asset Classification covers the classification of information assets, including owner, custodian, user, access control, authentication and authorization, alongside information assurance and defensive measures in Digital Document Security.

Unit IV – Introduction to Digital Forensics

• Cryptography covers definitions and concepts for Symmetric and Asymmetric Cryptosystems, Classical Encryption Techniques, Substitution Techniques, Transposition Techniques, Block Ciphers and Stream Ciphers, Hybrid Encryption Techniques, One-Time Pad, E-mail security, Internet and Web Security, Steganography and Steganalysis.
• Digital Forensics introduces objective and methodology, rules of digital forensics, first responder role, toolkit do's & don'ts; Search and Seizure of Volatile and Non-Volatile Digital Evidence, and Imaging and Hashing of Digital Evidence. Introduction to deleted file Recovery, overview of types of Computer Forensics – Network Forensics, Mobile Forensics, Social Media Forensics.