(SEM IV) THEORY EXAMINATION 2023-24 CYBER SECURITY

The uploaded file is the B.Tech Semester IV Theory Examination Paper (2023–24) for the subject BCC401 – Cyber Security. It is an official university examination paper aimed at assessing a student’s conceptual understanding and practical awareness of cybercrime, cyber laws, digital forensics, system vulnerabilities, network security, intellectual property rights, and modern cyber-attack mechanisms. The paper carries a total of 70 marks, is structured into Section A, Section B, and Section C, and must be completed within 3 hours. All questions are presented clearly in English, as visible on Page 1 of the document.
 

The paper begins with Section A, which consists of seven compulsory short-answer questions, each worth 2 marks. These questions test core conceptual clarity. The section requires students to differentiate between traditional crime and cybercrime, analyze differences between Android and iOS registries, and explain the concept of mobile credit card fraud. Students are also asked to define keyloggers and describe their use in cyber-attacks, demonstrating awareness of spyware and credential-theft tools. Another question asks students to differentiate between patent and trademark, ensuring familiarity with intellectual-property fundamentals. The section also includes questions on cyber forensics investigations and asks for the names of any two cybersecurity tools, testing students’ basic literacy in forensic procedures and defensive technologies. Overall, Section A ensures that the examinee possesses foundational knowledge of cyber threats, digital systems, and legal concepts before proceeding to larger descriptive questions.
 

Section B includes five descriptive questions, out of which students must attempt any three, each worth 7 marks. These questions demand detailed explanations, definitions, examples, and practical reasoning. One of the questions asks students to describe the different types of cybercriminals, such as organized attackers, hacktivists, state-sponsored groups, insiders, and lone-wolf cyber offenders. Another question requires an explanation of the challenges faced during digital forensic investigations, including handling volatile evidence, dealing with encryption, chain-of-custody issues, anti-forensic techniques, and the increasing complexity of digital devices. A key question in Section B asks students to define Multi-Factor Authentication (MFA) and illustrate its workflow using a diagram, highlighting authentication layers such as passwords, OTPs, biometrics, and device-based verification. Students are also required to define and compare digital signatures and steganography, analyzing their differences in terms of purpose, use-cases, integrity verification, and covert communication. The section concludes with a question about trademark protection, requiring students to explain how trademarks preserve brand identity and how violations or misuse can lead to legal consequences. This section tests a deeper, structured understanding of both technical and legal aspects of cybersecurity.
 

Section C, the analytical and long-answer section, contains five subsections (Q3 to Q7), each with two optional questions, and students must answer one question from each subsection, with each question carrying 7 marks. These questions are designed to measure higher-order conceptual understanding, real-world application, and technical reasoning. One question asks students to describe the complete sequence of a cyber-attack—from reconnaissance and scanning to exploitation, privilege escalation, maintaining access, and covering tracks. This demonstrates their understanding of how attackers plan and execute intrusions. The alternative question requires defining DoS and DDoS attacks and explaining their differences, alongside appropriate mitigation techniques such as traffic filtering, rate limiting, CDNs, and anomaly detection systems.

Another subsection includes a question asking students to explain the lifecycle of digital forensic investigation, covering evidence acquisition, preservation, examination, analysis, documentation, and presentation in court. The alternate question requires students to describe any five cybersecurity tools, explaining their purpose in penetration testing, malware analysis, vulnerability scanning, or intrusion prevention.

The next subsection addresses botnets, requiring an explanation of how they are formed, how command-and-control (C2) servers operate, and why botnets are used for large-scale cyber-attacks. The alternative question asks students to explain SQL Injection attacks, their mechanism, and preventive measures such as prepared statements, input validation, and parameterized queries.

In another subsection, students must describe mobile security policies used by organizations to protect smartphones, tablets, and handheld devices. These include device encryption, MDM (Mobile Device Management), application whitelisting, remote wiping, and secure app distribution. The alternate question focuses on phishing attacks, explaining indicators of phishing, social-engineering techniques, and defensive measures.

The final subsection of Section C contains questions on cyber laws and digital evidence. One question requires defining cybercrime and discussing browser and internet-based evidence, such as cookies, history files, cache data, IP logs, and timestamps. The alternative question asks students to explain punishment for cybercrimes under Indian law, referring to provisions of the IT Act 2000, including penalties for identity theft, cheating by personation, unauthorized access, data theft, and publication of obscene material.

Overall, the Cyber Security exam paper is a well-structured and comprehensive evaluation of both theoretical and practical dimensions of cybersecurity. It examines core cybercrime categories, attack mechanics, digital evidence handling, security tools, cyber laws, authentication methods, and organizational security policies. The balanced mix of short questions, descriptive answers, and analytical long-form questions ensures that students demonstrate basic understanding, technical reasoning, and real-world application skills. The paper reflects a holistic approach to cybersecurity education, bridging technology, investigation, and legal frameworks.