From MCA553 (Principles of Cryptography and Cyber Security) syllabus.
---
Cyber Laws
Cyber Laws are laws that govern activities on computers, networks, and the internet.
Objectives
Prevent cyber crimes
Protect user privacy
Secure digital transactions
Punish cyber criminals
Examples of Cyber Crimes
Hacking
Identity theft
Phishing
Online fraud
Cyber stalking
Data theft
---
Cyber Security Regulations
These are rules and standards organizations follow to protect information.
Benefits:
Protect sensitive data
Reduce cyber attacks
Ensure legal compliance
Improve trust
Examples:
ISO 27001
GDPR
IT Act 2000 (India)
---
Role of International Law in Cyberspace
Since the internet connects countries, international cooperation is necessary.
Functions:
Prevent cyber warfare
Control cyber terrorism
Handle cross-border cyber crimes
Protect critical infrastructure
Organizations:
United Nations (UN)
INTERPOL
International Telecommunication Union (ITU)
---
Role of the State
Governments are responsible for:
Creating cyber laws
Protecting citizens
Developing cyber security policies
Investigating cyber crimes
Example: The Government of India established CERT-In.
CERT-In
CERT-In handles cyber security incidents in India.
---
Role of Private Sector
Private companies:
Secure their networks
Protect customer data
Report breaches
Follow security standards
Examples: Banks, IT companies, e-commerce websites.
---
National Cyber Security Policy 2013
India launched this policy to improve cyber security.
Objectives:
Create secure cyber ecosystem
Protect critical infrastructure
Increase cyber awareness
Develop skilled professionals
---
Introduction to Cyber Forensics
Cyber Forensics (Digital Forensics) is the process of collecting, preserving, analyzing, and presenting digital evidence.
Purpose:
Investigate cyber crimes
Recover deleted data
Identify attackers
Support legal cases
---
Need for Cyber Forensics
Why is it needed?
Rising cyber crimes
Digital evidence in courts
Data recovery
Tracking attackers
---
Cyber Evidence
Information stored digitally that can be used in investigations.
Examples:
Emails
Photos
Videos
Chat messages
System logs
Browser history
---
Documentation and Management of Crime Scene
During investigation:
Step 1
Secure the crime scene.
Step 2
Document everything.
Step 3
Collect evidence carefully.
Step 4
Maintain chain of custody.
Step 5
Analyze evidence.
Step 6
Prepare investigation report.
---
Chain of Custody
A record showing:
Who collected evidence
When it was collected
Who handled it later
Importance:
Prevents evidence tampering
Makes evidence acceptable in court
---
Image Capturing
Creating an exact copy of storage devices.
Example: Making a forensic copy of a hard disk.
Advantages:
Original data remains untouched.
Investigation can be repeated.
---
Partial Volume Image
Instead of copying the entire disk, only important sections are copied.
Benefits:
Faster analysis
Less storage required
---
Web Attack Investigation
Investigates attacks against websites.
Examples:
SQL Injection
Cross Site Scripting (XSS)
Website defacement
Evidence:
Server logs
Database logs
Firewall logs
---
Denial of Service (DoS) Investigation
DoS attack: An attacker floods a server with traffic.
Effects:
Website becomes unavailable
Slow performance
Investigators examine:
Traffic logs
IP addresses
Firewall records
---
Internet Crime Investigation
Investigates crimes committed online.
Examples:
Online fraud
Social media crimes
Fake websites
Cyber harassment
---
Internet Forensics
Analysis of internet activities.
Sources:
Browsing history
Cookies
Emails
Chat records
Server logs
---
Steps in Investigating Internet Crime
1. Identify incident
2. Collect evidence
3. Preserve evidence
4. Analyze evidence
5. Identify suspect
6. Prepare report
7. Present findings
---
Email Crime Investigation
Email-related crimes include:
Phishing
Email spoofing
Threat emails
Fraudulent emails
Investigators analyze:
Email headers
Sender IP
Attachments
Mail server logs
---
Important Exam Questions
Short Questions
1. What is Cyber Law?
2. Define Cyber Forensics.
3. What is Cyber Evidence?
4. Explain Chain of Custody.
5. What is Email Forensics?
6. What is CERT-In?
7. What is a DoS attack?
8. Define Image Capturing.
---
Long Questions (6–10 Marks)
1. Explain Cyber Forensics and its importance.
2. Discuss National Cyber Security Policy 2013.
3. Explain the steps of Internet Crime Investigation.
4. Describe Email Crime Investigation.
5. Explain Cyber Evidence and Chain of Custody.
6. Discuss the role of Government and Private Sector in Cyber Security.
---
Quick Revision
Cyber Law = Laws related to computers and internet.
Cyber Forensics = Investigation of digital crimes.
Cyber Evidence = Digital proof.
Chain of Custody = Evidence handling record.
Image Capturing = Exact copy of storage media.
DoS = Denial of Service attack.
CERT-In = India's cyber incident response team.
Email Forensics = Investigation of email crimes.
Next Unit 3:
Cryptography, Symmetric & Asymmetric Encryption, Diffie-Hellman Key Exchange, RSA Algorithm, DES, Block Ciphers — one of the most important units for exams and interviews.
No comments:
Post a Comment