(SEM III) THEORY EXAMINATION 2024-25 CYBER SECURITY

This is a 3-hour Theory Examination for B.Tech (Semester III) subject BCC301 – Cyber Security, carrying a total of 70 marks.
The question paper is divided into three sections – A, B, and C, and students must attempt questions as instructed.
The paper evaluates understanding of information security, cyber laws, cyberattacks, forensics, privacy, intellectual property rights, and organizational security policies.

SECTION A – Short Answer Questions (14 Marks)

This section contains 7 short questions, each of 2 marks, and all must be attempted.
These questions check basic understanding, definitions, and introductory concepts such as:

difference between security and privacy                          meaning of information security

scope of cyber law                                                            importance of data privacy

definition and example of phishing                                 meaning of chain of custody in cyber forensics

difference between copyright and patent

This section mainly tests fundamentals and clarity of key terms.

SECTION B – Descriptive Questions (21 Marks)

Students must attempt any three out of five questions, each carrying 7 marks.
These questions require explanations, steps, and conceptual understanding.
Topics include:

how cybercriminals plan cyberattacks                   types of security policies organizations should adopt working of DoS and DDoS attacks                        importance of chain of custody in digital forensic investigations                                                         need for an information security policy

This section evaluates application of concepts and understanding of security mechanisms.

SECTION C – Long/Applied Questions (35 Marks)

Section C has five sets, each containing two choices, and the student must answer one question from each set, each worth 7 marks.
These are scenario-based or advanced concept questions related to:

Set 1:

social engineering techniques used by cybercriminals

impact of botnets on cybercrime and online security

Set 2:

challenges in enforcing cyber laws globally

importance of intellectual property rights in the digital age

Set 3:

methods used to exploit buffer overflows

use of proxy servers and anonymizers in cybercrime

Set 4:

stages of the digital forensics life cycle

methods used in network forensics

Set 5:

types of cyber security policies in an organization

process of developing and implementing a complete cyber security policy

This section tests deep understanding, real-world application, and analytical skills in cybersecurity.

Overall Summary

The question paper assesses a student’s understanding of:

fundamentals of cybersecurity                           cyber laws and privacy

cyberattacks and crimes                                     information security policies

digital and network forensics                             social engineering, botnets, and buffer overflow attacks

intellectual property rights                                 organizational cyber security frameworks

Section A checks basic knowledge,
Section B checks conceptual clarity,
Section C checks practical application and analytical thinking.