INTERNSHIP SUMMARY REPORT

A report submitted in partial fulfilment of the requirements of the Award of Degree of

BACHELOR OF TECHNOLOGY
in

ELECTRICAL ENGINEERING
By

NITISH KUMAR
Roll NO: D21368
REG:21103108901
Under Supervision of
UDEMY MASTER MATLAB THROUGH GUIDED
PROBLEM SOLVING
(Duration: 01 May 2022 to 31 MAY 2022)

DEPARTMENT OF ELECTRICAL ENGINEERING

BHAGALPUR COLLEGE OF ENGINEERING
BHAGALPUR, BIHAR-813210
2020-24
I I Page
DEPARTMENT OF ELECTRICAL ENGINEERING
BHAGALPUR COLLEGE OF ENGINEERING
BHAGALPUR, BIHAR-813210

CERTIFICATE

This is to certify that the "Internship Report" submitted by NITISH KUMAR

(Reg. No.-21103108901) is work done by him and submitted during
2022-23 academic year, in partial fulfilment of the requirements for the award of
the degree of BACHELOR OF TECHNOLOGY in ELECTRICAL ENGINEERING, at Udemy
Academy.

Prof. Amitesh Kumar Internship

Coordinator
Assistant Professor, EE
Prof. Sunil Kumar Suman Prof. Raj Anvit
Internship Coordinator Assistant Professor, ECE
Assistant Professor, CSE
Head - Department of ECE

I hereby declare that the Industrial Internship report entitled "MATLAB" submitted
by me to Bhagalpur College of Engineering,
Bhagalpur in partial fulfilment of the requirement for the award of the degree of
Bachelor of Technology in Electrical Engineering under the supervision of Udemy
Academy, Prof. Sunil Kumar Suman & Prof. Govind Kumar Jha Internship
Coordinator, Department of CSE, BCE Bhagalpur.

I further declare that the work reported in this report has not been submitted and
will not be submitted, either in part or in full, for the award of any other degree or
diploma in this institute or any other institute or university.

Signature Of the Student

Nitish Kumar
(21103108901)

ACKNOWLEGDEMENT
First I would like to thank as UDEMY ACADEMY & AICTE for giving me the
opportunity to do an internship within the organisation.

I would also like to thanks all the people who worked along with me and helped me
in the learning of Master of Matlab through guided problem solving at Udemy
Academy in a learning and working Environment.

It is indeed with a great sense of pleasure and immense sense of gratitude that I
acknowledge the help of these individuals and Faculty members.

I am highly indebted to Principal Dr. Pushpalata, for the facilities provided to

accomplish this internship.

I would like to thank my Head of the Department Prof. Raj Anvit Sir for his
constructive criticism throughout my internship.

I would like to thank Prof. Govind Kumar Jha & Prof. Sunil Kumar Suman Sir
Internship Coordinator Department of CSE for their support and advices to get and
complete internship in above said organization.

I am extremely great full to my department staff members and friends who helped
me in successful completion of this internship.

Nitish Kumar
(21103108901)
 Cisco Networking Academy grants this recognition to

VINEET KUMAR

Bhagalpur College of Engineering

for successfully completing the Virtual Internship Program in
Cyber Security from May-Jun' 22

(Y)an06 beef

Marcella O' Shea Prof. Anil D. Sahasrabudhe Manas Deep Regional Manager APJ, Chairman, AICTE Director, EdCreate Foundation
Corporate Affairs, Cisco

Student ID- STU60ced3b55d7b71624167349

Corporate
Social Cisco Networking Academy

I Responsibility
Certificate of Course Completion

Cybersecurity Essentials
For completing the Cisco Networking Academy@ Cybersecurity Essentials course, and demonstrating the following abilities:
• Describe the tactics, techniques and procedures used by cyber criminals. • Explain how cybersecurity professionals use technologies, processes
 • Describe the principles of confidentiality, integrity, and availability as and procedures to defend all components of the network.
they relate to data states and cybersecurity countermeasures. • Explain the purpose of laws related to cybersecurity.
• Describe technologies, products and procedures used to protect
confidentiality, ensure integrity and provide high availability.
Vineet Kumar

Student

Bhagalpur College of Engineering

Academy Name

India 8 Jun 2022

Location Date

Laura Quintana
VP & General Manager, Cisco Networking Academy

ABSTRACT
The Company:

Cisco Networking Academy is a global IT and cybersecurity education program

that provides best-in-class courses, tools, and resources to help people from all
backgrounds participate in the digital economy.
We lead with our strength in technology and we innovate with our
instructors and education partners, who share our commitment to powering
an inclusive future for all. A powerful skills-to-jobs program, Networking
Academy helps students develop in-demand industry skills and connects
them with peers, mentors, and real jobs.
Cisco Networking Academy is an IT skills and career building program for
learning institutions and individuals worldwide. Self-paced courses are designed
to take at your own pace, at any point in your career journey. For over 20 years,
Cisco Networking Academy has changed the lives of 15.1 million students in
180 countries by providing education, technical training, and career mentorship.

Programmes and opportunities:

Cisco Networking Academy transforms the lives of learners, educators and
communities through the power of technology, education and career
opportunities. Available to anyone, anywhere. We're currently providing
assistance for you to teach and learn remotely.
 Methodology:
Networking Academy courses can be taken in person at over 10,400 learning
institutions around the world. Some of our courses can be taken online, right
here through netacad.com. Click "learn more" on a course above to see which
options are available.

Cisco Networking Academy courses are designed to prepare you for Cisco
Certification and other industry recognized certification exams. Cisco
Certifications are highly valued by employers globally, as they demonstrate
your exceptional skills, relevant to many industries, including medical, legal,
food and beverage and more.

Learn the Basics Needed to Fight Cybercrime :A single breach can have huge
consequences for a company, hurting the bottom line and causing disruption in
the daily lives of millions of people. That is why the demand for security

71

Page
professionals continues to grow. Get onboard—and develop an understanding
of cybercrime, security principles, technologies, and procedures used to defend
networks. Then decide whether you want to pursue an entry-level networking or
security professional role. Recommended if you plan to study for CCNA or
CyberOps Associate Certifications. Prerequisite Introduction to Cybersecurity
or equivalent knowledge recommended.

INTERNSHIP OBJECTIVES-

Internships are generally thought of to be reserved for college

students looking to gain experience in a particular field. However, a
wide array of people can benefit from Training Internships in order to
receive real world experience and develop their skills.

An objective for this position should emphasize the skills you

already possess in the area and your interest in learning more.

Internships are utilized in a number of different career fields,

including architecture, engineering, healthcare, economics,
advertising and many more.

Some internship is used to allow individuals to perform scientific

research while others are specifically designed to allow people to gain
first-hand experience working.

Utilizing internships is a great way to build your resume and

develop skills that can be emphasized in your resume for future jobs.
When you are applying for a Training Internship, make sure to
highlight any special skills or talents that can make you stand apart
from the rest of the applicants so that you have an improved chance of
landing the position.

Page
 81

LEARNING OBJECTIVES-

By the end of this course, will be able to:

Describe the characteristics of criminals and heroes in the cybersecurity

realm.
Describe the principles of confidentiality, integrity, and availability as they
relate to data states and cybersecurity countermeasures.
Describe the tactics, techniques and procedures used by cyber criminals.
Describe how technologies, products, and procedures are used to protect
confidentiality.
Describe how technologies, products, and procedures are used to ensure
integrity.
Describe how technologies, products, and procedures provide high
availability.
Explain how cybersecurity professionals use technologies, processes, and
procedures to defend all components of the network. Explain the purpose
of laws related to cybersecurity.

Will Learn These Core Skills:

Understand security controls for networks, servers and applications.

Learn valuable security principals and how to develop compliant policies.
Implement proper procedures for data confidentiality and availability.

Develop critical thinking and problem-solving skills using real equipment and
Cisco Packet Tracer.

Page
91

INDEX

S.no. Contents Pg. no.

1. Introduction 11-20
2. System Requirements Specifications 21
3. Technologies 22-24
4. Screenshots 25-27
5. Conclusion 28
6. Bibliography & References 29

10 | Page
 I.INTRODUCTION
Portions of the course language on the cybersecurity world and its actors was
adapted as a result of a partnership between the Cisco Networking Academy
and The open University, STEM Faculty School of Computing and
Communication. Contributors include Andrew Smith, Amel Bennaceur and
Arosha Bandara.

Contents Included-

Chapter 1: Cybersecurity - A World of Experts and Criminals

Chapter 2: The Cybersecurity Cube
Chapter 3: Cybersecurity Threats, Vulnerabilities, and Attacks
Chapter 4: The Art of Protecting Secrets Chapter 5: The Art of Ensuring
Integrity
Chapter 6: The Five Nines Concept
Chapter 7: Protecting a Cybersecurity Domain
Chapter 8: Becoming a Cybersecurity Specialist

Many of the world's original hackers were computer hobbyists, programmers

and students during the 60's. Originally, the term hacker described individuals
with advanced programming skills. Hackers used these programming skills to
test the limits and capabilities of early systems. These early hackers were also
involved in the development of early computer games. Many of these games
included wizards and wizardry.
As the hacking culture evolved, it incorporated the lexicon of these games into
the culture itself. Even the outside world began to project the image of powerful
wizards upon this misunderstood hacking culture. Books such as Where
Wizards Stay up Late: The Origins of The Internet published in 1996 added to
the mystique of the hacking culture. The image and lexicon stuck. Many
hacking groups today embrace this imagery. One of the most infamous hacker
groups goes by the name Legion of Doom. It is important to understand the
cyber culture in order to understand the criminals of the cyber world and their
motivations.
Cybersecurity professionals are best described as experts charged with the
protection of cyberspace. John McCumber is one of the early cybersecurity
experts, developing a commonly used framework called the McCumber Cube or

11 | Page
the Cybersecurity Cube. This is used as tool when managing the protection of
networks, domains and the Internet. The Cybersecurity Cube looks somewhat
like a Rubik's Cube.
The first dimension of the Cybersecurity Cube includes the three principles of
information security. Cybersecurity professionals refer to the three principles as
the CIA Triad. The second dimension identifies the three states of information
or data. The third dimension of the cube identifies the expertise required to
provide protection. These are often called the three categories of cybersecurity
safeguards.
Discusses the ISO cybersecurity model. The model represents an international
framework to standardize the management of information systems.
Threats, vulnerabilities, and attacks are the central focus of cybersecurity
professionals. A threat is the possibility that a harmful event, such as an attack,
will occur. A vulnerability is a weakness that makes a target susceptible to an
attack. An attack is a deliberate exploitation of a discovered weakness in
computer information systems, either as specific targets or merely as targets of
opportunity. Cyber criminals may have different motivations for selecting a
target of an attack. Cyber criminals succeed by continuously searching for and
identifying systems with clear vulnerabilities. Common victims include
unpatched systems or systems missing virus and spam detection.
Chapter examines the most common cybersecurity attacks. Cybersecurity
professionals must understand how each attack works, what it exploits, and how
it affects the victim. The chapter begins by explaining the threat of malware and
malicious code and then goes into explaining the types of deception involved
with social engineering. A cyberattack is any type of offensive maneuver used
by cyber criminals to target computer information systems, computer networks,
or other computer devices. Cyber criminals launch offensive maneuvers against
both wired and wireless networks.
The principles of cryptology explain how modern day protocols and algorithms
secure communications. Cryptology is the science of making and breaking
secret codes. The development and use of codes is cryptography. Studying and
breaking codes is cryptanalysis. Society has used cryptography for centuries to
protect secret documents. For example, Julius Caesar used a simple alphabetic
cipher to encrypt messages to his generals in the field. His generals would have
knowledge of the cipher key required to decrypt the messages. Today, modern
day cryptographic methods ensure secure communications.

12 | Page
Access control is, as its name suggests, a way of controlling access to a
building, a room, a system, a database, a file, and information. Organizations
employ a variety of access control techniques to protect confidentiality. This
chapter will examine the four steps in the access control process: 1)
identification, 2) authentication, 3) authorization, and 4) accountability. In
addition, the chapter describes the different access control models and access
control types.
It concludes by discussing the various ways users mask data. Data obfuscation
and steganography are two techniques used to accomplish data masking.
Integrity ensures that data remains unchanged and trustworthy by anyone or
anything over its entire life cycle. Data integrity is a critical component to the
design, implementation and usage of any system that stores, processes, or
transmits data. This chapter begins by discussing the types of data integrity
controls used such as hashing algorithms, salting, and keyed-hash message
authentication code (HMAC). The use of digital signatures and certificates
incorporates the data integrity controls to provide users a way of verifying the
authenticity of messages and documents. The chapter concludes with a
discussion of database integrity enforcement. Having a well-controlled and
well-defined data integrity system increases the stability, performance, and
maintainability of a database system.
Organizations that want to maximize the availability of their systems and data
may take extraordinary measures to minimize or eliminate data loss. The goal is
to minimize the downtime of mission critical processes. If employees cannot
perform their regular duties, the organization is in jeopardy of losing revenue.
Organizations measure availability by percentage of uptime. This chapter
begins by explaining the concept of five nines. Many industries must maintain
the highest availability standards because downtime might literally mean a
difference between life and death.
The chapter discusses various approaches that organizations can take to help
meet their availability goals. Redundancy provides backup and includes extra
components for computers or network systems to ensure the systems remain
available. Redundant components can include hardware such as disk drives,
servers, switches, and routers or software such as operating systems,
applications, and databases. The chapter also discusses resiliency, the ability of
a server, network, or data center to recover quickly and continue operation.
Organizations must be prepared to respond to an incident by establishing
procedures that they follow after an event occurs. The chapter concludes with a

13 | Page
discussion of disaster recovery and business continuity planning which are both
critical in maintaining availability to an organization's resources.
Protecting your domain is an on-going process to secure an organization's
network infrastructure. It requires that individuals remain constantly vigilant to
threats and take action to prevent any compromises. This chapter discusses the

14 | Page
technologies, processes and procedures that cybersecurity professionals use to
defend the systems, devices, and data that make up the network infrastructure.
A secure network is only as strong as its weakest link. It is important to secure
the end devices that reside on the network. Endpoint security includes securing
the network infrastructure devices on the local-area network (LAN) and end
systems, such as workstations, servers, IP phones, and access points.
Device hardening is a critical task when securing the network. It involves
implementing proven methods of physically securing network devices. Some of
these methods involve securing administrative access, maintaining passwords,
and implementing secure communications.
The advancement of technology provided a number of devices used in society
on a daily basis that interconnects the world. This increased connectivity,
though, results in increased risk of theft, fraud, and abuse throughout the
technology infrastructure. This chapter categorizes the information technology
infrastructure into seven domains. Each domain requires the proper security
controls to meet the requirements of the CIA triad.
The chapter discusses the laws that affect technology and cybersecurity
requirements. Many of these laws focus on different types of data found in
various industries and contain privacy and information security concepts.
Several agencies within the U.S. government regulate an organization's
compliance with these types of laws. The cybersecurity specialist needs to
understand how the law and the organization's interests help to guide ethical
decisions. Cyber ethics looks at the effect of the use of computers and
technology on individuals and society.
Organizations employ cybersecurity specialists in many different positions,
such as penetration testers, security analysts, and other network security
professionals. Cybersecurity specialists help protect personal data and the
ability to use network based services. The chapter discusses the pathway to
becoming a cybersecurity specialist. Finally, the chapter discusses several tools
available to cybersecurity specialists.
Viruses, Worms, and Trojan Horses
Cyber criminals target user's end devices through the installation of malware.
Click Play to view an animation of the three most common types of malware.
Viruses
A virus is malicious executable code attached to another executable file, such as
a legitimate program. Most viruses require end-user initiation, and can activate
at a specific time or date. Computer viruses usually spread in one of three ways:
15 P age
from removable media; from downloads off the Internet; and from email
attachments. Viruses can be harmless and simply display a picture or they can
be destructive, such as those that modify or delete data. In order to avoid
detection, a virus mutates. The simple act of opening a file can trigger a virus. A
boot sector, or file system virus, infects USB flash drives and can spread to the
system's hard disk. Executing a specific program can activate a program virus.
Once the program virus is active, it will usually infect other programs on the
computer or other computers on the network. The Melissa Virus was an
example of a virus spread via email. Melissa affected tens of thousands of users
and caused an estimated $1.2 billion in damage. Click here to read more about
viruses.
Worms
Worms are malicious code that replicates by independently exploiting
vulnerabilities in networks. Worms usually slow down networks. Whereas a
virus requires a host program to run, worms can run by themselves. Other than
the initial infection, worms no longer require user participation. After a worm
affects a host, it is able to spread very quickly over the network. Worms share
similar patterns. They all have an enabling vulnerability, a way to propagate
themselves, and they all contain a payload.
Worms are responsible for some of the most devastating attacks on the Internet.
For example, in 2001, the Code Red worm infected 658 servers. Within 19
hours, the worm infected over 300,000 servers.
Trojan horse
A Trojan horse is malware that carries out malicious operations under the guise
of a desired operation such as playing an online game. This malicious code
exploits the privileges of the user that runs it. A Trojan horse differs from a
virus because the Trojan binds itself to non-executable files, such as image files,
audio files, or games.
Defending Against Malware
A few simple steps can help defend against all forms of malware:
Antivirus Program - The majority of antivirus suites catch most widespread
forms of malware. However, cyber criminals develop and deploy new threats on
a daily basis. Therefore, the key to an effective antivirus solution is to keep the
signatures updated. A signature is like a fingerprint. It identifies the
characteristics of a piece of malicious code.

16 | Page
Up-to-Date Software - Many forms of malware achieve their objectives through
exploitation of vulnerabilities in software, both in the operating system and
applications. Although operating system vulnerabilities were the main source of
problems, today's application-level vulnerabilities pose the greatest risk.
Unfortunately, while operating system vendors are becoming more and more
responsive to patching, most application vendors are not.
Spam
Email is a universal service used by billions worldwide. As one of the most
popular services, email has become a major vulnerability to users and
organizations. Spam, also known as junk mail, is unsolicited email. In most
cases, spam is a method of advertising. However, spam can send harmful links,
malware, or deceptive content. The end goal is to obtain sensitive information
such as a social security number or bank account information. Most spam
comes from multiple computers on networks infected by a virus or worm. These
compromised computers send out as much bulk email as possible.
Even with these security features implemented, some spam might still get
through. Watch for some of the more common indicators of spam:
An email has no subject line.
An email is requesting an update to an account.
The email text has misspelled words or strange punctuation.
Links within the email are long and/or cryptic.
An email looks like correspondence from a legitimate business.
The email requests that the user open an attachment.
If a user receives an email that contains one or more of these indicators, he or
she should not open the email or any attachments. It is very common for an
organization's email policy to require a user receiving this type of email to
report it to the cyber security staff. Almost all email providers filter spam.
Unfortunately, spam still consumes bandwidth, and the recipient's server still
has to process the message.
Spyware, Adware, and Scareware
Spyware is software that enables a criminal to obtain information about a user's
computer activities. Spyware often includes activity trackers, keystroke
collection, and data capture. In an attempt to overcome security measures,
spyware often modifies security settings. Spyware often bundles itself with

17 | Page
legitimate software or with Trojan horses. Many shareware websites are full of
spyware.
Adware typically displays annoying pop-ups to generate revenue for its authors.
The malware may analyze user interests by tracking the websites visited. It can
then send pop-up advertising pertinent to those sites. Some versions of software
automatically install Adware. Some adware only delivers advertisements, but it
is also common for adware to come with spyware.
Scareware persuades the user to take a specific action based on fear. Scareware
forges pop-up windows that resemble operating system dialogue windows.
These windows convey forged messages stating that the system is at risk or
needs the execution of a specific program to return to normal operation. In
reality, no problems exist, and if the user agrees and allows the mentioned
program to execute, malware infects his or her system.
Phishing is a form of fraud. Cyber criminals use email, instant messaging, or
other social media to try to gather information such as login credentials or
account information by masquerading as a reputable entity or person. Phishing
occurs when a malicious party sends a fraudulent email disguised as being from
a legitimate, trusted source. The message intent is to trick the recipient into
installing malware on his or her device or into sharing personal or financial
information. An example of phishing is an email forged to look like it came
from a retail store asking the user to click a link to claim a prize. The link may
go to a fake site asking for personal information, or it may install a virus.
Spear phishing is a highly targeted phishing attack. While phishing and spear
phishing both use emails to reach the victims, spear phishing sends customized
emails to a specific person. The criminal researches the target's interests before
sending the email. For example, a criminal learns that the target is interested in
cars and has been looking to buy a specific model of car. The criminal joins the
same car discussion forum where the target is a member, forges a car sale
offering, and sends an email to the target. The email contains a link for pictures
of the car. When the target clicks on the link, he or she unknowingly installs
malware on the computer. Click here to learn more about email frauds.
Vishing is phishing using voice communication technology. Criminals can
spoof calls from legitimate sources using voice over IP (VolP) technology.
Victims may also receive a recorded message that appears legitimate. Criminals
want to obtain credit card numbers or other information to steal the victim's
identity. Vishing takes advantage of the fact that people trust the telephone
network.

18 | Page
Smishing (Short Message Service phishing) is phishing using text messaging on
mobile phones. Criminals impersonate a legitimate source in an attempt to gain
the trust of the victim. For example, a smishing attack might send the victim a
website link. When the victim visits the website, malware is installed on the
mobile phone.
Pharming is the impersonation of a legitimate website in an effort to deceive
users into entering their credentials. Pharming misdirects users to a fake website
that appears to be official. Victims then enter their personal information
thinking that they connected to a legitimate site.
Whaling is a phishing attack that targets high profile targets within an
organization such as senior executives. Additional targets include politicians
or celebrities.
Browser Plugins and Browser Poisoning
Security breaches can affect web browsers by displaying pop-up advertising,
collecting personally identifiable information, or installing adware, viruses,
or spyware. A criminal can hack a browser's executable file, a browser's
components, or its plugins.
Plugins
The Flash and Shockwave plugins from Adobe enable the development of
interesting graphic and cartoon animations that greatly enhance the look and
feel of a web page. Plugins display the content developed using the
appropriate software.
Until recently, plugins had a remarkable safety record. As Flash-based content
grew and became more popular, criminals examined the Flash plugins and
software, determined vulnerabilities, and exploited Flash Player. Successful
exploitation could cause a system crash or allow a criminal to take control of the
affected system. Expect increased data losses to occur as criminals continue to
investigate the more popular plugins and protocols for vulnerabilities.
SEO Poisoning
Search engines such as Google work by ranking pages and presenting relevant
results based on users' search queries. Depending on the relevancy of web site
content, it may appear higher or lower in the search result list. SEO, short for
Search Engine Optimization, is a set of techniques used to improve a website's
ranking by a search engine. While many legitimate companies specialize in

19 | Page
optimizing websites to better position them, SEO poisoning uses SEO to make a
malicious website appear higher in search results.
The most common goal of SEO poisoning is to increase traffic to malicious
sites that may host malware or perform social engineering. To force a
malicious site to rank higher in search results, attackers take advantage of
popular search terms.
Browser Hij acker
A browser hijacker is malware that alters a computer's browser settings to
redirect the user to websites paid for by the cyber criminals' customers. Browser
hijackers usually install without the user's permission and are usually part of a
drive-by download. A drive-by download is a program that automatically
downloads to the computer when a user visits a web site or views an HTML
email message. Always read user agreements carefully when downloading
programs to avoid this type of malware.
Hashing Algorithms
Hash functions are helpful to ensure that a user or communication error does not
change the data accidentally. For instance, a sender may want to make sure that
no one alters a message on its way to the recipient. The sending device inputs
the message into a hashing algorithm and computes its fixed-length digest or
fingerprint.
Simple Hash Algorithm (8-bit Checksum)
The 8-bit checksum is one of the first hashing algorithms, and it is the simplest
form of a hash function. An 8-bit checksum calculates the hash by converting
the message into binary numbers and then organizing the string of binary
numbers into 8-bit chucks. The algorithm adds up the 8-bit values. The final
step is to convert the result using a process called 2 's complement. The 2's
complement converts a binary to its opposite value, and then it adds one. This
means that zero converts to a one, and a one converts to a zero. The final step is
to add 1 resulting in an 8-bit hash value.
1. Convert BOB to binary using the ASCII code, as shown in Figure 1.
2. Convert the binary numbers to hexadecimal, as shown in Figure 2.
3. Enter the hexadecimal numbers into the calculator (42 4F 42).
4. Click the Calculate button. The result is the hash value 2D.
Try the following examples:

20 | Page
SECRET =
HASH VALUE = 3A

21 | Page
8/9/22, 3:13 AM Grades: View

Home / I'm Learning / Cybersecurity Essentials / Grades / Grade administration / User report

Course Cybersecurity Essentials: View: User report

Home

Grades User report - Vineet

Kumar
Messages Overview report User report

Grade item Percentage Feedback

Calendar

CybersecurityEssentials

Quizzes

QChapter 1 Quiz

eChapter 2 Quiz

QIChapter 3 Quiz

QChapter 4 Quiz

VChapter 5 Quiz

VChapter 6 Quiz

7 Quiz
QChapter 8 Quiz 100.00
%
Quizzes total 100.00
Mean of grades. %

Final Assessment
VFinal Quiz 74.00 %
Final Assessment total 74.00 %
Mean of grades.

Student Completion

'*End of Course Feedback 100.00

%
Student Completion total 100.00
Mean of grades. %

Course total
Weighted mean of grades.
NetAcad, a Cisco Corporate Social Responsibility program, is an IT skills and career building program available to learning institutions and individuals worldwide.

Terms and Conditions

Privacy Statement

Cookie Policy

Data Protection

Trademarks
 Data Protection

Accessibility

https://lms.netacad.com/grade/report/user/index.php?id=1304032&userid=21281627&group 1/2

2. SYSTEM REQUIREMENTS SPECIFICATIONS

System configurations:

The software requirement specification can produce at the culmination of the

analysis task. The function and performance allocated to software as part of
system engineering is refined by established a complete information description,
a detailed functional description, a representation of system behaviour, and
indication of performance and design constrain, appropriate validate criteria,
and other information pertinent to requirements.

Software requirements:

Operating System: Windows

Software Required- Cisco Packet Tracer
Packet Tracer Resources
Packet Tracer simulates the internal workings of a network. Download and install
the latest version of Packet Tracer.

Hardware Requirements:

Processor : Intel core i5

Memory : 8GB RAM
Hard Disk : ITB
3. TECHNOLOGY
Behavioral Analytics
Behavioral analytics looks at data to understand how people behave on websites, mobile
applications, systems, and networks. Cybersecurity professionals can use behavioral analytics
platforms to find potential threats and vulnerabilities.
Analyzing patterns of behavior can lead to identifying unusual events and actions that may
indicate cybersecurity threats.
For example, behavioral analytics may find that unusually large amounts of data are coming
from one device. This may mean a cyberattack is looming or actively happening. Other
indicators of malicious activity include odd timing of events and actions that happen in an
unusual sequence.
Benefits of using behavioral analytics include early detection of potential attacks and the
ability to predict future attacks. Organizations can automate detection and response using
behavioral analytics.
Blockchain

23 | Page
Blockchain is a type of database that securely stores data in blocks. It connects the blocks
through cryptography. Blockchain allows information to be collected, but not edited or
deleted.
Cybersecurity professionals can use blockchain to secure systems or devices, create standard
security protocols, and make it almost impossible for hackers to penetrate databases.
Benefits of blockchain include better user privacy, reduction of human error, greater
transparency, and cost savings by removing the need for third-party verification.
Blockchain also eliminates the security problem of storing data in one place. Instead, data
gets stored across networks, resulting in a decentralized system that is less vulnerable to
hackers.
Challenges of using blockchain include the cost and inefficiency of the technology.
Cloud Encryption
Cloud services improve efficiency, help organizations offer improved remote services, and
save money. However, storing data remotely in the cloud can increase data vulnerabilities.
Cloud encryption technology changes data from understandable information into an
unreadable code before it goes into the cloud.
Cybersecurity professionals use a mathematical algorithm to complete cloud encryption. Only
authorized users with an encryption key can unlock the code, making data readable again.
This restricted access minimizes the chance of data breaches by unauthorized attackers.
Experts agree that cloud encryption is an excellent cybersecurity technology for securing
data. Cloud encryption can prevent unauthorized users from gaining access to usable data.
Cloud encryption can also foster customer trust in cloud services and make it easier for
companies to comply with government regulations.

Context-Aware Security
Context-aware security is a type of cybersecurity technology that helps businesses make
better security decisions in real time.
Traditional cybersecurity technologies assess whether or not to allow someone access to a
system or data by asking yes/no questions. This simple process can cause some legitimate
users to be denied, slowing productivity.
Context-aware security reduces the chance of denying entry to an authorized user. Instead of
relying on answers to static yes/no questions, context-aware security uses various supportive
information like time, location, and URL reputation to assess whether a user is legitimate or not.
Context-aware security streamlines data-accessing processes and makes it easier for
legitimate users to do their work. However, end-user privacy concerns pose a challenge.
Defensive Artificial Intelligence (Al)
Cybersecurity professionals can use defensive artificial intelligence (Al) to detect or stop
cyberattacks. Savvy cybercriminals use technologies like offensive Al and adversarial
machine learning because they are more difficult for traditional cybersecurity tools to detect.
Offensive Al includes deep fakes, false images, personas, and videos that convincingly depict
people or things that never happened or do not exist. Malicious actors can use adversarial
machine learning to trick machines into malfunctioning by giving them incorrect data.

24 | Page
Cybersecurity professionals can use defensive Al to detect and stop offensive Al from
measuring, testing, and learning how the system or network functions.
Defensive Al can strengthen algorithms, making them more difficult to break. Cybersecurity
researchers can conduct harsher vulnerability tests on machine learning models.
Extended Detection and Response (XDR)
Extended detection and response (XDR) is a type of advanced cybersecurity technology that
detects and responds to security threats and incidents. XDR responds across endpoints, the
cloud, and networks. It evolved from the simpler traditional endpoint detection and response.
XDR provides a more holistic picture, making connections between data in different places.
This technology allows cybersecurity professionals to detect and analyse threats from a
higher, automated level. This can help prevent or minimize current and future data breaches
across an organization's entire ecosystem of assets.
Cybersecurity professionals can use XDR to respond to and detect targeted attacks,
automatically confirm and correlate alerts, and create comprehensive analytics. Benefits of
XDR include automation of repetitive tasks, strong automated detection, and reducing the
number of incidents that need investigation.
Manufacturer Usage Description (MUD)
Manufacturer usage description (MUD) is a standard created by the Internet Engineering
Task Force to strengthen security for 10T devices in small business and home networks.
10T devices are vulnerable to network-based attacks. These attacks can lead to loss of private
data or cause a machine to stop working properly. 10T devices need to be secure without
costing too much or being too complicated.
Benefits of using MUD include simply, affordable improved security for 10T devices.
Cybersecurity professionals can use MUD to make devices more secure against distributed
denial of service attacks. MUD can help reduce the amount of damage and data loss in the
event of a successful attack.
Zero Trust
Traditional network security followed the motto "trust but verify," assuming that users within
an organization's network perimeter were not malicious threats. Zero Trust, on the other hand,
aligns itself with the motto, "never trust, always verify."
A framework for approaching network security, Zero Trust makes all users authenticate
themselves before they get access to an organization's data or applications.
Zero Trust does not assume that users inside the network are more trustworthy than anyone
else. This stricter scrutiny on all users can result in greater overall information security for the
organization.
Cybersecurity professionals can use Zero Trust to deal more safely with remote workers and
challenges like ransomware threats. A Zero Trust framework may combine various tools,
including multi-factor authentication, data encryption, and endpoint security.
Regulation
As the frequency of cyberattacks continues to grow significantly each year, governments are
beginning to use and promote best practice regulations. In the past, the governments did not
often get involved in cybersecurity issues.

25 | Page
Security Magazine, an industry publication for cybersecurity professionals, predicts that 2022
will be the year that governments start to play a bigger role in regulating how organizations
ensure user information security.
Potential regulatory changes include executive orders regarding cybersecurity standards for
government suppliers, penalties for companies that do not engage in best practices, increased
demand for cyberinsurance, and ransomware disclosure laws. Greater regulation will likely
lead to improved security standards.

4. SCREENSHOTS

26 | Page
 ASCII Code · Character to Binary
00 罒
00 罒
00
002
00
00
00
0100
00
0101
5

00 01

020

020 021
020 0n0

27 |
 Page

28 | Page
29 | Page
 5.CONCLUSION

After completing this Course, I concluded that this Course was the good
opportunity to implement my information that I have learnt during my
internship program. This project is more informative and more helpful for
understanding the concept of the android app development. This Course is
enough to implement the concepts of Cybersecurity.
Threats, vulnerabilities, and attacks are the central focus of cybersecurity
professionals. I have learnt the various cybersecurity attacks that cyber criminal
's launch. The chapter explained the threat of malware and malicious code. The
chapter discussed the types of deception involved with social engineering. It
also covered the types of attacks that both wired and wireless networks
experience. Finally, the chapter discussed the vulnerabilities presented by
application attacks.
Understanding the types of possible threats allows an organization to identify
the vulnerabilities that make it a target. The organization can then learn how to
defend itself against cybersecurity deception and maneuvering.

30 | Page
 6. BIBLIOGRAPHY & REFERENCES

References:
o Hacking: A Beginners' Guide to Computer Hacking, Basic Security, And
Penetration Testing o Hacking: The Art Of Exploitation o
Metasploit: The Penetration Tester's Guide o Penetration
Testing: A Hands-On Introduction to Hacking o The Hacker
Playbook 3: Practical Guide To Penetration Testing.

Weblinks:

3. For learning the Cybersecurity https://lms.netacad.com/ https

://contenthub.netacad.com/legacy/CyberEss/1.1/en/index.html#6.2.1.I
1. To learn about the software required to use, we used,
www.wikipidea.org

2. For more examples for learning, I referred, www.tutorialpoint.com

31 | Page