DEPARTMENT OF CSE (CYBER SECURITY)

CCS340 – CYBER SECURITY

QUESTION BANK

R-2021

Prepared by
Ms. R. Senega Page 1
J. J. College of Engineering and Technology
 DEPARTMENT OF CSE (CYBER SECURITY)

III YEAR / VI SEMESTER

REGULATION 2021

CCS340 – CYBER SECURITY

Faculty In Charge Head of the Department

R. Senega, B.Tech., M.E., Dr. M. P. Revathi, M.E., Ph.D.,
Assistant Professor Professor
Department of CSE (Cyber Security) Department of CSE (Cyber Security)

Prepared by
Ms. R. Senega Page 2
J. J. College of Engineering and Technology
 INSTITUTION VISION & MISSION

VISION:
To become a globally recognized ‘Centre of Academic Excellence’ providing Quality
Education to all students.

MISSION:
To provide Quality Education in the fields of Engineering, Management, Information
Technology and other Engineering areas.

DEPARTMENT VISION & MISSION

VISION:
To develop eminent engineers, researchers and entrepreneurs in the areas of Computer
Science & Engineering and Cyber Security with exceptional technical expertise, skills and ethical
values, capable of providing innovative solutions to national and global needs.

MISSION:
M1: To create a study environment where all academicians, entrepreneurs, researchers are
brought together.
M2: To create perpetual learning environment for students and faculty members establish
research centre and conduct researches in emerging areas.
M3: To create a platform for socially relevant technical and domain researches through funded
projects.

Prepared by
Ms. R. Senega Page 3
J. J. College of Engineering and Technology
 PROGRAM EDUCATIONAL OBJECTIVES (PEOs)

Apply their technical competence in computer science to solve real world problems,
PEO1
with technical and people leadership.

PEO2 Conduct cutting edge research and develop solutions on problems of social relevance.

Work in a business environment, exhibiting team skills, work ethics, adaptability and
PEO3
lifelong learning.

PROGRAM OUTCOMES (POs)

Engineering knowledge: Apply the knowledge of mathematics, science, engineering

fundamentals and an engineering specialization to the solution of complex engineering
PO1
problems.
Problem analysis: Identify, formulate, review research literature, and analyze complex
engineering problems reaching substantiated conclusions Using first principles of
PO2
mathematics, natural sciences, and engineering sciences.
Design/development of solutions: Design solutions for complex engineering problems and
design system components or processes that meet the specified needs with appropriate
PO3
consideration for public health and safety, and the cultural, societal, and environmental
considerations.
Conduct investigations of complex problems: Use research-based knowledge and research
PO4 methods including the design of experiments, Analysis and interpretation of data, and
synthesis of the information to provide valid conclusions.
Modern tool usage: Create, select and apply appropriate techniques, resources, and
PO5 modern engineering and IT tools including prediction and modeling to complex
Engineering activities with an understanding of the limitations.
The engineer and society: Apply to reason in formed by the contextual Knowledge
PO6 to assess societal, health, safety, legal and cultural issues and the Consequent responsibilities
relevant to the professional engineering practice.
Environment and sustainability: Understand the impact of the professional engineering
PO7 solutions in societal and environmental contexts and demonstrate the knowledge of, and need
for sustainable development.

Ethics: Apply ethical principles and commit to professional ethics and Responsibilities and
PO8
norms of the engineering practice.

Prepared by
Ms. R. Senega Page 4
J. J. College of Engineering and Technology
 Individual and team work: Function effectively as an individual, and as a member or leader
PO9
in Diverse teams, and in multidisciplinary settings.

Communication: Communicate effectively on complex engineering activities with the

engineering community and with society at large, such as, being able to comprehend and
PO10
write effective reports and design documentation, make effective presentations, and give and
receive clear instructions.

Project management and finance: Demonstrate knowledge and understanding of the

PO11 engineering and management principles and apply These to one’s own work, as a member
and leader in a team, to manage projects and in multidisciplinary environments.

Life-long learning: Recognize the need for, and have the preparation and ability to Engage
PO12 in independent and life-long learning in the broadest context of technological change.

PROGRAM SPECIFIC OUTCOMES (PSOs):

Exhibit design and programming skills to build and automate business solutions using
PSO1
cutting edge technologies.

Strong theoretical foundation leading to excellence and excitement towards research,

PSO2
to provide elegant solutions to complex problems.

Prepared by
Ms. R. Senega Page 5
J. J. College of Engineering and Technology
CCS340 CYBER SECURITY L T P C
2 0 2 3

COURSE OBJECTIVES:
• To learn cybercrime and cyberlaw.
• To understand the cyberattacks and tools for mitigating them.
• To understand information gathering.
• To learn how to detect a cyberattack.
• To learn how to prevent a cyberattack.

UNIT I INTRODUCTION 6
Cyber Security – History of Internet – Impact of Internet – CIA Triad; Reason for Cyber Crime – Need for
Cyber Security – History of Cyber Crime; Cybercriminals – Classification of Cybercrimes – A Global
Perspective on Cyber Crimes; Cyber Laws – The Indian IT Act – Cybercrime and Punishment.

UNIT II ATTACKS AND COUNTERMEASURES 6

OSWAP; Malicious Attack Threats and Vulnerabilities: Scope of Cyber-Attacks – Security Breach –
Types of Malicious Attacks – Malicious Software – Common Attack Vectors – Social engineering Attack
– Wireless Network Attack – Web Application Attack – Attack Tools – Countermeasures.

UNIT III RECONNAISSANCE 6

Harvester – Whois – Netcraft – Host – Extracting Information from DNS – Extracting Information from
E-mail Servers – Social Engineering Reconnaissance; Scanning – Port Scanning – Network Scanning and
Vulnerability Scanning – Scanning Methodology – Ping Sweer Techniques – Nmap Command Switches
– SYN – Stealth – XMAS – NULL – IDLE – FIN Scans – Banner Grabbing and OS Finger printing
Techniques.

UNIT IV INTRUSION DETECTION 6

Host -Based Intrusion Detection – Network -Based Intrusion Detection – Distributed or Hybrid Intrusion
Detection – Intrusion Detection Exchange Format – Honeypots – Example System Snort

UNIT V INTRUSION PREVENTION 6

Firewalls and Intrusion Prevention Systems: Need for Firewalls – Firewall Characteristics and Access
Policy – Types of Firewalls – Firewall Basing – Firewall Location and Configurations – Intrusion Prevention
Systems – Example Unified Threat Management Products.

TOTAL: 30 PERIODS

Prepared by
Ms. R. Senega Page 6
J. J. College of Engineering and Technology
 COURSE OUTCOMES

On successful completion of this course, the student will be able to

CO1 Explain the basics of cyber security, cybercrime and cyber law.

CO2 Classify various types of attacks and learn the tools to launch the attacks.

CO3 Apply various tools to perform information gathering.

CO4 Apply intrusion techniques to detect intrusion.

CO5 Apply intrusion prevention techniques to prevent intrusion.

CO’s – PO’s & PSO’s MAPPING

PO’s PSO’s
CO’s
1 2 3 4 5 6 7 8 9 10 11 12 1 2

1 1 1 1 1 - 1 - - - - 1 - 2 2

2 1 3 1 3 2 1 - - - - - - 2 2

3 2 1 1 1 - 1 - - - - 1 - 2 2

4 3 3 2 2 2 1 - - - - - - 2 2

5 3 2 1 1 1 1 - 1 - - 1 - 2 2

AVg. 2 2 1.2 1.6 1 1 0 0.2 0 0 0.6 0 2 2

1 – Low; 2 – Medium; 3 – High; ‘-' - No Correlation

Prepared by
Ms. R. Senega Page 7
J. J. College of Engineering and Technology
TEXT BOOKS
1. Anand Shinde, “Introduction to Cyber Security Guide to the World of Cyber Security”, Notion
Press, 2021 (Unit 1)
2. Nina Godbole, Sunit Belapure, “Cyber Security: Understanding Cyber Crimes, Computer Forensics
and Legal Perspectives”, Wiley Publishers, 2011 (Unit 1)
3. https://owasp.org/www-project-top-ten/

REFERENCE BOOKS
1. David Kim, Michael G. Solomon, “Fundamentals of Information Systems Security”, Jones & Bartlett
Learning Publishers, 2013 (Unit 2)
2. Patrick Engebretson, “The Basics of Hacking and Penetration Testing: Ethical Hacking and
Penetration Testing Made easy”, Elsevier, 2011 (Unit 3)
3. Kimberly Graves, “CEH Official Certified Ethical hacker Review Guide”, Wiley Publishers, 2007
(Unit 3)
4. William Stallings, Lawrie Brown, “Computer Security Principles and Practice”, Third Edition,
Pearson Education, 2015 (Units 4 and 5)
5. Georgia Weidman, “Penetration Testing: A Hands-On Introduction to Hacking”, No Starch Press,
2014 (Lab)

Prepared by
Ms. R. Senega Page 8
J. J. College of Engineering and Technology
 UNIT– I
INTRODUCTION

PART–A
CO
Q. No Questions BT Level Complexity
Mapping
1 What is Phishing? CO1 Understand Low

2 What is the CIA triangle? CO1 Understand Low

3 What is a DDoS Attack? CO1 Understand Low

4 How to prevent MITM? CO1 Understand Low

5 How does Cybercrime affect businesses? CO1 Understand Medium

6 List out the Application of Cyber Security. CO1 Remember Low

7 Define Availability. CO1 Remember Low

8 What are the needs for Cyber Security? CO1 Understand Low

9 List the elements of Cyber Crime. CO1 Remember Low

10 What is meant by Network Security? CO1 Understand Low

Why do Cyber Criminals commit Identity

11 CO1 Understand Low
Theft?

12 How do Cyber Criminals use the Dark Web? CO1 Understand Low

13 Mention the deepfake tools. CO1 Remember Low

How does Cyber Law deal with Cyber

14 CO1 Understand Medium
Espionage or Cyber Warfare?

Prepared by
Ms. R. Senega Page 9
J. J. College of Engineering and Technology
 PART–B
CO
Q. No Questions BT Level Complexity
Mapping

Discuss the provisions of the Indian IT Act 2000.

1 How does the IT Act address cybercrimes such as CO1 Understand High
hacking, identity theft, and cyber terrorism?

Explain the Classification of Cyber Crime with an

2 CO1 Understand Medium
example.

Describe the common ways to protect yourself

3 CO1 Understand Medium
from cybercrime while using the internet.

How do cybercrimes affect businesses? Give real-

4 CO1 Understand Medium
world examples.
Discuss the cybercrime and punishment according
5 CO1 Understand High
to Indian Act.
Explain the importance of regular software
6 CO1 Understand High
updates in preventing Cyber Attacks.
Explain the cybercrime can affect national
7 security, particularly in the context of cyber CO1 Understand Medium
terrorism.
How do cybercriminals use botnets to launch
8 CO1 Understand High
large-scale cyberattacks?
Differentiate between public and private key
9 CO1 Understand Medium
encryption.

10 Elaborate the need for cyber security. CO1 Understand Medium

Describe the Global Perspective on Cyber Crime

11 CO1 Understand High
with suitable example.

12 Explain the different types of Cyber Criminals. CO1 Understand Medium

Prepared by
Ms. R. Senega Page 10
J. J. College of Engineering and Technology
 UNIT – II
ATTACKS AND COUNTERMEASURES

PART–A
CO
Q. No Questions BT Level Complexity
Mapping

1 What is OSWAP and list their roles? CO2 Understand Low

2 Mention the scope of cyber-attacks. CO2 Remember Low

3 What is a security breach? CO2 Understand Low

4 List and briefly explain two types of malicious CO2 Remember Low
attacks.

5 What is malicious software? CO2 Understand Medium

6 Define attack vector in cybersecurity. CO2 Remember Low

7 What is a social engineering attack? CO2 Understand Low

8 Define wireless network attack. CO2 Remember Low

9 What is a web application attack? Give an CO2 Understand Low

example.
10 Name a few attack tools. CO2 Remember Low

11 What are the importance of countermeasures? CO2 Understand Medium

Mention some examples of countermeasures.

12 How can phishing be classified as a type of CO2 Understand Medium

social engineering attack?

13 Define a vulnerability and give a few CO2 Remember Low

examples.

14 What is a Distributed Denial-of-Service CO2 Understand Medium

(DDoS) attack?

Prepared by
Ms. R. Senega Page 11
J. J. College of Engineering and Technology
 PART–B
CO
Q. No Questions BT Level Complexity
Mapping

1 Explain the OSWAP and its role in detail. CO2 Understand Medium

Discuss the different types of malicious attacks

2 CO2 Understand Medium
and their impact with suitable example.

Explain the common causes of security breaches,

3 CO2 Understand Medium
and how can they be prevented.

4 Elaborate the malicious software and its types. CO2 Understand Medium

Discuss about the common attack vectors with

5 CO2 Understand Medium
suitable example.

Explain in detailed notes on social engineering

6 CO2 Understand Medium
attack with real world example.

Write detailed notes on the wireless network

7 CO2 Understand Medium
attacks with real time example.
Discuss the web application attacks with suitable
8 CO2 Understand Medium
example.

9 Analyze the attack tools with an example. CO2 Analyze Medium

Elaborate the countermeasures and its types

10 CO2 Understand Medium
applications merits and demerits.

Prepared by
Ms. R. Senega Page 12
J. J. College of Engineering and Technology
 UNIT – III
RECONNAISSANCE

PART–A

CO
Q. No Questions BT Level Complexity
Mapping

1 Define harvester. CO3 Remember Low

2 Define Whois. CO3 Remember Low

3 State the Netcraft. CO3 Remember Low
Mention the purpose of using the Host command
4 CO3 Remember Low
in network reconnaissance.
How can the information be extracted from
5 CO3 Understand Medium
DNS?
What is the process of extracting information
6 from email servers during a reconnaissance CO3 Understand Low
attack?
7 Define IDLE scan. CO3 Remember Low

8 What is the purpose of port scanning? CO3 Understand Low

9 Mention the scanning methodology. CO3 Remember Low

10 List out the Ping Sweep technique. CO3 Remember Low

11 Mention a few Nmap command switches. CO3 Remember Low

12 State the Banner Grabbing. CO3 Remember Low

13 List the purpose of OS finger printing technique. CO3 Remember Low

Prepared by
Ms. R. Senega Page 13
J. J. College of Engineering and Technology
 PART–B
CO
Q. No Questions BT Level Complexity
Mapping
Distinguish between extracting information from
1 CO3 Analyze High
DNS with email servers.
Analyze the different types of scanning and explain
2 CO3 Analyze High
in detail.
Elaborate the Nmap command switches with an
3 CO3 Understand Medium
example.
Write detailed notes on OS finger printing
4 CO3 Understand Medium
techniques with real time example.

5 Elaborate the ping sweer techniques with examples. CO3 Understand Medium

Write short notes on scanning methodology and

6 CO3 Understand Medium
their types.

Prepared by
Ms. R. Senega Page 14
J. J. College of Engineering and Technology
 UNIT – IV
INTRUSION DETECTION

PART–A
Q. No CO
Questions Mapping BT Level Complexity

1 What is a host-based intrusion detection system? CO4 Understand Low

Define a network-based intrusion detection

2 CO4 Remember Medium
system.

3 What is a distributed intrusion detection? CO4 Understand Low

4 Draw the Intrusion Detection Exchange Format. CO4 Create High

5 Define honeypots. CO4 Remember Low

6 List out the system snorts. CO4 Remember Low

What is Snort? How is it used as an intrusion

7 CO4 Understand Low
detection system?
What are the advantages of using a hybrid
8 intrusion detection system over a single type of CO4 Understand Low
IDS?

How does a network-based intrusion detection

9
system (NIDS) monitors network traffic? CO4 Understand Low

10 How does Snort detect intrusions in a network? CO4 Understand Low

11 Define Hybrid intrusion detection. CO4 Remember Low

PART–B
CO
Q. No Questions BT Level Complexity
Mapping

1 Distinguish between the HBID and NBID. CO4 Analyze High

Prepared by
Ms. R. Senega Page 15
J. J. College of Engineering and Technology
 2 Discuss the Hybrid Intrusion detection. CO4 Understand Medium

Write short notes on Host Based Intrusion

3 CO4 Understand Medium
Detection.

4 Discuss in detail about the NBID. CO4 Understand Medium

Explain the Intrusion Detection exchange format

5
with suitable example. CO4 Understand Medium

Describe Snort as an intrusion detection system.

6 How does it help in identifying and preventing
CO4 Understand Medium
security threats in a network?

Explain the different types of Honeypots and

7
their roles in cybersecurity. CO4 Understand Medium

How does Snort detect intrusions? Explain how

8 Snort uses signatures and rules to identify
CO4 Understand Medium
malicious activities?

Explain the difference between Host-Based and

Network-Based Intrusion Detection Systems?
9
Explain how each of them helps protect systems CO4 Understand Medium
and networks.

Explain IDXF role in sharing threat intelligence

10 CO4 Understand Medium
across different systems.

Prepared by
Ms. R. Senega Page 16
J. J. College of Engineering and Technology
 UNIT – V
INTRUSION PREVENTION

PART–A
CO
Q. No Questions BT Level Complexity
Mapping
1 State the need of firewalls. CO5 Remember Low

2 Define firewall. CO5 Remember Low

3 What is an access policy in firewalls? CO5 Understand Low

4 List the types of firewalls. CO5 Remember Low

5 State the concept of Firewall Basing. CO5 Remember Low

What are the different locations where a
6 CO5 Understand Low
firewall can be configured in a network?
What is an Intrusion Prevention System (IPS)?
7 CO5 Understand Low
Give example.
8 What is the Unified Threat Management? CO5 Understand Low
How do firewalls help in preventing
9 Understand Low
unauthorized access to a network? CO5
What is the role of a firewall in managing
10 CO5 Understand Low
traffic flow within a network?
What are the difference between a network
11 CO5 Understand Medium
firewall and a host firewall?
12 Mention the firewall characteristics. CO5 Remember Low
How does a stateful firewall differ from a
13 CO5 Understand Medium
stateless firewall?

PART–B

Q. No Questions CO
BT Level Complexity
Mapping

1 Analyze the importance of firewall. CO5 Analyze High

Describe the different types of firewalls with an

2 CO5 Understand Medium
example and write their advantages.

Prepared by
Ms. R. Senega Page 17
J. J. College of Engineering and Technology
 Explain the key characteristics of firewalls in
3 CO5 Understand High
detail.
Explain the concept of an access policy in a
4 firewall. Why is it important to define access CO5 Understand Medium
policies in cyber security?

5 Elaborate the firewall location and configure it. CO5 Understand Medium

Analyze the importance of Intrusion Prevention

6 CO5 Analyze High
Systems (IPS) with an example.
Describe in detail about the unified threat
7 CO5 Understand Medium
management products.

Prepared by
Ms. R. Senega Page 18
J. J. College of Engineering and Technology
 THANK YOU

ALL THE BEST

Prepared by
Ms. R. Senega Page 19
J. J. College of Engineering and Technology