Documente Academic
Documente Profesional
Documente Cultură
[CO 1 &2
Blooms Level 6] Marks 4
Q 2.Discuss the countermeasures to be practiced for possible attacks on mobile/cell phones?
[CO 3 Blooms Level 6] Marks 4
Q 3. Explain Blind SQL injection attack? Discuss about the preventive measure of this ? [CO 4
Blooms Level 5] Marks 4
Q 4.Discuss about the different techniques of ID theft? [CO 5 Blooms Level 5] Marks 4
Q 5. Create a overview on punishment for cyber criminals? Is it possible to punish them? If not,
Predict what are the differing factors in India as well as globally? [CO 6 Blooms Level 6]
Marks 4
ANSWERS
1. A botnet is a collection of internet
connected devices, which may include PCs,
mobile devices that are infected and controlled
by a common type of malware. Users are often
unaware of a botnet infecting their system.
Infected devices are remotely
controlled by cybercriminals and are used for
specific functions, so the malicious operations
stay hidden to the user. Botnets are commonly
used to send email spam, click fraud and
generate malicious traffic for Distributed
(DDoS) attacks.
The botnet malware typically looks for
vulnerable devices across the internet, rather
than targeting specific individuals, companies.
The objective of creating a botnet is to infect as
many connected devices as possible.
2. Countermeasures for possible attacks on mobile/cell phones:-
i) Security Software:- An antivirus software can be installed in a device to verify that it is
not infected by threats.
ii) Biometric Authentication:- By using biometric user can avoid to remember a
password to authenticate and prevent malicious users from accessing their device.
iii) Battery:- Some malware is aimed at exhausting the battery of a mobile phone.
Monitoring the energy consumption of a device is a way to detect malware applications.
iv)Memory:- If a substantial portion of memory is used by an application it can be a
malicious application.
Preventive Measures:-
i) Input Validation:- Using data input validation is the best way to spot incorrect
characteristics in the database. A string can be defined to sanitize by filtering user data
according to the context.
ii) Use a web Application Firewall:- By filtering potentially dangerous web requests,
web application firewalls can catch and prevent SQL injections.
iii) Use Stored Procedures:- Stored procedures make it much more difficult for
attackers to execute their SQL , as it is unable to be dynamically inserted within queries.
iv) Pretexting:- Thieves use false pretenses to get our personal information from financial
institution or companies.
v) Skimming:- By the use of skimmers thieves can get our debit and credit card information.