Explain the basic terminologies(Cryptography, cryptology, cryptanalysis, plain text,

Cipher text encryption, decryption, Secret key, public key, symmetric key, Asymmetric
key ,phishing, Spyware, Ransomware, Malware, Adware, Exploit, Firewall, DDos
Attack, Data breach, Authentication, Brute Force attack)
 Cryptography: The practice of hiding information so that only the intended
recipient can read it.
o It is a way of protecting information by converting it into a form that
cannot be read without the proper key.
o Cryptography is used in a variety of applications, such as secure
communication, data storage, and digital signatures.
 Cryptology: The study of cryptography and cryptanalysis.
o It is the science of secure communication in the presence of third
parties.
o Cryptology includes the study of algorithms, protocols, and
mathematical techniques used to protect information.
 Cryptanalysis: The study of methods for breaking cryptographic systems.
o It is the art of trying to decrypt ciphertext without knowing the key.
o Cryptanalysis is used by governments, businesses, and individuals to
protect their information from unauthorized access.
 Plaintext: The original, unencrypted message or data.
o It is the message or data that is to be encrypted.
o Plaintext is often referred to as "cleartext".
 Ciphertext: The encrypted message or data.
o It is the message or data that has been encrypted using a
cryptographic algorithm.
o Ciphertext is often referred to as "code".
 Encryption: The process of converting plaintext into ciphertext.
o It is the process of scrambling the message or data so that it cannot be
read without the key.
o Encryption is used to protect information from unauthorized access.
 Decryption: The process of converting ciphertext into plaintext.
o It is the process of unscrambling the message or data so that it can be
read.
o Decryption is used to recover the original plaintext from the ciphertext.
 Secret key: A shared key that is used to encrypt and decrypt messages.
o It is a key that is known only to the sender and receiver of the
message.
o Secret keys are often used in symmetric encryption algorithms.
 Public key: A key pair that is used to encrypt and decrypt messages.
o It is a key pair that is made up of a public key and a private key.
o The public key is known to everyone, while the private key is known
only to the owner of the key pair.
o Public keys are often used in asymmetric encryption algorithms.
 Symmetric key cryptography: A cryptographic system that uses the same key
for encryption and decryption.
 o It is a simpler and more efficient type of cryptography than asymmetric
cryptography.
o Symmetric key cryptography is often used for applications where speed
is important, such as secure communication over a network.
 Asymmetric key cryptography: A cryptographic system that uses two different
keys for encryption and decryption.
o It is a more secure type of cryptography than symmetric key
cryptography.
o Asymmetric key cryptography is often used for applications where
security is important, such as digital signatures and secure file
transfers.
 Phishing: A type of social engineering attack that involves sending fraudulent
emails that appear to be from a legitimate source.
o The goal of phishing is to trick the recipient into clicking on a malicious
link or opening an infected attachment, which can then be used to steal
their personal information or infect their computer with malware.
 Spyware: A type of malware that is designed to steal personal information
from a computer user.
o Spyware can track a user's web browsing activity, record their
keystrokes, or even steal their passwords.
 Ransomware: A type of malware that encrypts a victim's files and demands a
ransom payment in order to decrypt them.
o Ransomware is often spread through phishing emails or drive-by
downloads.
 Malware: A general term for software that is designed to harm a computer
system.
o Malware can include viruses, worms, trojan horses, and ransomware.
 Adware: A type of software that displays unwanted ads on a user's computer.
o Adware can be installed on a computer through a variety of ways, such
as clicking on a malicious link or downloading a file from an untrusted
source.
 Exploit: A piece of software that takes advantage of a vulnerability in a
computer system.
o Exploits can be used to gain unauthorized access to a computer
system or to install malware.
 Firewall:
o A network security device that monitors and controls incoming and
outgoing network traffic.
o Firewalls can be used to block malicious traffic from reaching a
computer system.
 DDoS attack:
o A type of attack that involves flooding a computer system with so much
traffic that it becomes unavailable.
o DDoS attacks can be used

Explain the need of security principles.

1. The need of developing a set of rules to improve consumer internet security while
lowering a rise in cyberattacks.
2. To achieve these objectives, cybersecurity includes an entire strategy involving the
physical, technological, and human domains to safeguard important data, systems, and
processes that are linked to or stored online.
3. In order to help, inform, and protect Internet service provider (ISP) clients against online
crime, these basic principles were developed as a solution to this issue.
4. The following are some of the key cybersecurity principles:
 Economy of mechanism: This principle states that security mechanisms should be as
simple as possible. The more complex a mechanism is, the more difficult it is to
design, implement, and maintain securely.
 Fail-safe defaults: This principle states that systems should be configured in a secure
state by default. This means that users should not have to take any special action to
secure the system.
 Least privilege: This principle states that users should only be given the privileges
they need to do their job. This helps to protect the system from unauthorized access
and misuse.
 Open design: This principle states that security mechanisms should be open to
inspection and review. This helps to identify and fix security flaws before they can be
exploited.
 Complete mediation: This principle states that all access to resources should be
mediated by a security mechanism. This helps to ensure that all access is authorized
and accounted for.
 Separation of privilege: This principle states that critical operations should require
multiple privileges to be held by different users. This helps to prevent unauthorized
users from gaining control of the system.
 Least common mechanism: This principle states that security mechanisms should be
shared by as few users as possible. This helps to minimize the damage that can be
caused if a security mechanism is compromised.
 Psychological acceptability: This principle states that security mechanisms should be
easy to use and understand. This helps to ensure that users will actually use them.
 Work factor: This principle states that security mechanisms should be designed to
make it difficult for attackers to break them. This can be done by using strong
algorithms and making it difficult to guess passwords.
 Compromise recording: This principle states that systems should be able to record
security incidents. This information can be used to investigate and prevent future
incidents.
 These principles are important because they help to protect systems and data from
unauthorized access, modification, or destruction. By following these principles,
organizations can reduce their risk of a security breach.

Explain different types of cyber attacks

Cyber-attacks can be classified into the following categories:

1. Web- based attack

2. System based attack

Web-based attacks
These are the attacks which occur on a website or web applications. Some of the important
web-based attacks are as follows

 Injection attacks: These attacks involve injecting malicious code into a web
application. This can be done by entering malicious code into a form field or by
exploiting a vulnerability in the web application.
 DNS spoofing: This attack involves changing the DNS records for a website so
that traffic is directed to a malicious website instead of the legitimate website.
 Session hijacking: This attack involves stealing the session ID of a legitimate
user. This can be done by exploiting a vulnerability in the web application or by
tricking the user into clicking on a malicious link.
 Phishing: This attack involves sending fraudulent emails or text messages that
appear to be from a legitimate source. The goal of phishing is to trick the recipient
into clicking on a malicious link or providing personal information.
 Brute force: This attack involves trying every possible combination of characters
to guess a password or other secret. Brute-force attacks can be very time-
consuming, but they can be successful if the password is not very strong.
 Denial of service (DoS): This attack involves flooding a website or server with so
much traffic that it becomes unavailable. DoS attacks can be launched using a
variety of methods, such as botnets and hijacked computers.
 Volume-based attacks: These attacks involve flooding a website or server with a
large amount of traffic. Volume-based attacks can be used to overwhelm the
website or server and make it unavailable.
 Protocol attacks: These attacks exploit vulnerabilities in network protocols.
Protocol attacks can be used to steal data, inject malicious code, or disrupt
network traffic.
 Application layer attacks: These attacks exploit vulnerabilities in web applications.
Application layer attacks can be used to steal data, inject malicious code, or
disrupt the functionality of a web application.
 Dictionary attacks: These attacks use a dictionary of common passwords to try to
guess a password. Dictionary attacks are less likely to be successful than brute-
force attacks, but they can be much faster.
 URL interpretation: This attack involves exploiting vulnerabilities in the way that a
web browser interprets URLs. URL interpretation attacks can be used to steal
data, inject malicious code, or disrupt the functionality of a web browser.
 File inclusion attacks: These attacks involve including malicious code in a file that
is served by a web server. File inclusion attacks can be used to steal data, inject
malicious code, or disrupt the functionality of a web server.
 Man in the middle (MITM) attacks: These attacks involve intercepting
communication between two parties. MITM attacks can be used to steal data,
inject malicious code, or disrupt the communication between the two parties.

System-based attacks

These are the attacks which are intended to compromise a computer or a computer
network. Some of the important system-based attacks are as follows-
  Virus: A virus is a type of malware that can replicate itself and spread from
one computer to another. It can damage files, steal data, or even take control
of a computer.
 Worm: A worm is a type of malware that can spread through a network
without the need for human interaction. It can also damage files and steal
data.
 Trojan horse: A Trojan horse is a malicious program that is disguised as a
legitimate program. Once it is installed on a computer, it can steal data, install
other malware, or take control of the computer.
 Backdoor: A backdoor is a way for an attacker to gain unauthorized access to
a computer system. It can be used to install malware, steal data, or disrupt
operations.
 Bot: A bot is a software program that is controlled by a remote attacker. Bots
can be used to launch denial-of-service attacks, spread malware, or collect
data.

Explain what are different security policies

Security policies are a formal collection of rules that an organization issues to make sure that
users who have been granted access to commercial technology and information assets follow
by the rules and standards related to the safety of that information.
 Increases efficiency: Security policies help to protect the organization's assets, such as
data and systems. This can free up employees to focus on their work and avoid having
to worry about security.
 Upholds discipline and accountability: Security policies help to create a culture of
discipline and accountability in the organization. This can help to deter employees
from engaging in risky behavior, such as clicking on malicious links or opening
attachments from unknown senders.
 Can make or break a business deal: Security policies can help to protect the
organization's reputation and bottom line. If a security breach occurs, it can damage
the organization's reputation and make it difficult to do business with customers and
partners.
 Helps to educate employees on security literacy: Security policies can help to educate
employees about security risks and how to protect themselves. This can help to
prevent employees from making mistakes that could lead to a security breach.
 Virus and Spyware Protection policy: This policy controls the scanning of files and
emails for viruses and other malware. It can also be used to quarantine infected files
and to remove malware from infected systems.
 Firewall Policy: This policy controls the traffic that is allowed to enter and leave a
system. It can be used to block malicious traffic, such as spam and phishing emails,
and to protect systems from unauthorized access.
 Intrusion Prevention policy: This policy monitors network traffic for malicious
activity and blocks attacks before they can cause damage. It can also be used to detect
and respond to suspicious activity, such as unauthorized login attempts.
 LiveUpdate policy: This policy controls the automatic download and installation of
security updates. This helps to ensure that systems are always up-to-date with the
latest security patches.
  Application and Device Control policy: This policy controls the installation and use of
applications and devices on a system. It can be used to prevent users from installing
unauthorized applications or from connecting unauthorized devices to the system.
 Exceptions policy: This policy allows users to specify exceptions to the other security
policies. For example, a user might want to allow a specific application to run even
though it is blocked by the Application and Device Control policy.
 Host Integrity policy: This policy monitors the system for changes that could indicate
a security compromise. It can be used to detect malware infections and to restore
systems to a known good state.
Explain the difference between Symmetric and Asymmetric key cryptography
Characteristi Symmetric Key Cryptography Asymmetric Key Cryptography
c
Number of One key is used for both encryption Two keys are used, one for
keys and decryption. encryption and one for decryption.
Key length The key length is typically shorter The key length is typically longer than
than in asymmetric key cryptography. in symmetric key cryptography.
Speed Symmetric key cryptography is Asymmetric key cryptography is
typically faster than asymmetric key typically slower than symmetric key
cryptography. cryptography.
Applications Symmetric key cryptography is often Asymmetric key cryptography is often
used for bulk encryption, such as used for digital signatures and key
encrypting large files. exchange.
Security Symmetric key cryptography is Asymmetric key cryptography is
considered to be just as secure as considered to be more secure than
asymmetric key cryptography if the symmetric key cryptography if the key
key length is long enough. length is long enough.
Complexity Symmetric key cryptography is Asymmetric key cryptography is
typically simpler to implement than typically more complex to implement
asymmetric key cryptography. than symmetric key cryptography.
Distribution Symmetric keys can be easily Asymmetric keys are more difficult to
distributed to the parties that need to distribute to the parties that need to
use them. use them.
Scalability Symmetric key cryptography is more Asymmetric key cryptography is less
scalable than asymmetric key scalable than symmetric key
cryptography. cryptography.
Efficiency Symmetric key cryptography is more Asymmetric key cryptography is less
efficient than asymmetric key efficient than symmetric key
cryptography. cryptography.
Versatility Symmetric key cryptography is more Asymmetric key cryptography is less
versatile than asymmetric key versatile than symmetric key
cryptography. cryptography.

 Playfair cipher is a symmetric cipher that was invented by Charles Wheatstone in

1854. It is a substitution cipher that uses a 5x5 grid of letters to encrypt and decrypt
messages.
 Playfair cipher is a relatively simple cipher to implement and can be used to encrypt
text messages, emails, and other types of data.
 Playfair cipher is not as secure as some other ciphers, such as the Advanced
Encryption Standard (AES), but it can be effective for encrypting messages that do
not need to be highly secure.
 To encrypt a message using Playfair cipher, the message is first divided into pairs of
letters. If the message ends with an odd number of letters, a filler letter is added.
 The pairs of letters are then looked up in the Playfair grid. If the two letters are in the
same row or column, they are replaced with the letter that is diagonally opposite
them.
 If the two letters are not in the same row or column, they are replaced with the letter
that is directly below the first letter and to the right of the second letter.
 To decrypt a message that has been encrypted using Playfair cipher, the same
process is used in reverse.

Here are some of the advantages of Playfair cipher:

 It is a relatively simple cipher to implement.

 It is relatively easy to learn how to use.
 It can be used to encrypt text messages, emails, and other types of data.

Here are some of the disadvantages of Playfair cipher:

 It is not as secure as some other ciphers, such as AES.

 It can be susceptible to attacks if the key is not strong enough.
 It can be difficult to implement in some applications.

 The Vernam cipher is a stream cipher that was invented by Gilbert Vernam in 1917.
 It is a very simple cipher that uses a one-time pad to encrypt and decrypt text.
 The one-time pad is a random key that is the same length as the plaintext.
 Each bit of plaintext is XORed with the corresponding bit of the one-time pad to
produce the ciphertext.
 The Vernam cipher is considered to be unbreakable if the one-time pad is truly
random and never reused.
 However, it is impractical to use a one-time pad for long messages, so it is not widely
used today.

Here are some of the advantages of the Vernam cipher:

 It is unbreakable if the one-time pad is truly random and never reused.

 It is relatively easy to implement.
  It is relatively efficient, meaning that it does not add a significant amount of
overhead to the data.

Here are some of the disadvantages of the Vernam cipher:

 It is impractical to use a one-time pad for long messages.

 It can be difficult to generate truly random keys.
 It can be difficult to distribute the one-time pads securely.