CISCO - Cyber Security Virtual Internship Program 2021

An Internship report submitted by

J GIFTSON JEBA SELVA RAJA – URK19CS1097

in partial fulfillment for the award of the degree of

BACHELOR OF TECHNOLOGY
in
COMPUTER SCIENCE AND ENGINEERING

under the supervision of

Dr. G. JASPHER W KATHRINE

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

KARUNYA INSTITUTE OF TECHNOLOGY AND SCIENCES

(Declared as Deemed to be University under Sec-3 of the UGC Act, 1956)
Karunya Nagar, Coimbatore - 641 114. INDIA

August 2021

1|3Page Internship2021-2022
 DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

BONAFIDE CERTIFICATE

This is to certify that the report entitled, “Cyber Security Virtual Internship Program”
is a bonafide record of Internship work done at CISCO Networking Academy during the
academic year 2021-2022 by

J GIFTSON JEBA SELVA RAJA (Reg. No: URK19CS1097)

in partial fulfillment of the requirements for the award of the degree of Bachelor of Technology
in Computer Science and Engineering of Karunya Institute of Technology and Sciences.

Guide Signature

Dr. G. JASPHER W KATHRINE

Associate Professor

2|3Page Internship2021-2022
 ACKNOWLEDGEMENT

First and foremost, I praise and thank ALMIGTHY GOD whose blessings have

bestowed in me the will power and confidence to carry out my Internship.

I am grateful to our beloved founders Late. Dr. D.G.S. Dhinakaran, C.A.I.I.B, Ph.D

and Dr. Paul Dhinakaran, M.B.A, Ph.D, for their love and always remembering us in their

prayers.

I extend my thanks to our Vice Chancellor Dr. P. Mannar Jawahar, Ph.D and our

Registrar Dr. Elijah Blessing, M.E., Ph.D, for giving me this opportunity to do the internship.

I would like to thank Dr. Prince Arulraj, M.E., Ph.D., Dean, School of Engineering

and Technology for his direction and invaluable support to complete the same.

I would like to place my heart-felt thanks and gratitude to Dr. J. Immanuel John Raja,

M.E., Ph.D., Head of the Department, Computer Science and Engineering for his

encouragement and guidance.

I feel it a pleasure to be indebted to, Mr. J. Andrew, M.E, (Ph.D.), Assistant Professor,

Department of Computer Sciences Technology, Dr. G. Jaspher W. Kathrine and Dr. Getzi

Jeba Leelipushpam for their invaluable support, advice and encouragement.

I also thank all the staff members of the Department for extending their helping hands

to make this in Internship a successful one.

I would also like to thank all my friends and my parents who have prayed and helped

me during the Internship.

3|3Page Internship2021-2022
 J GIFTSON JEBA SELVA RAJA
Karunya Institute Of Technology and Sciences

STU608a53d60422d1619678166
 Corporate
Social Cisco Networking Academy
Responsibility
Certificate of Course Completion

Introduction to Cybersecurity
For completing the Cisco Networking Academy® Introduction to Cybersecurity course, and demonstrating the ability to explain the
following:

Global implications of cyber threats Cisco’s approach to threat detection and defense
Ways in which networks are vulnerable to attack Why cybersecurity is a growing profession
Impact of cyber-attacks on industries Opportunities available for pursuing network security certifications

J giftson jeba Selva raja

Student

Karunya Institute of Technology and Sciences

Academy Name

India 2 Jun 2021

Location Date

GETZI JEBA LEELIPUSHPAM

Instructor Instructor Signature

 Corporate
Social Cisco Networking Academy
Responsibility
Certificate of Course Completion

Cybersecurity Essentials
For completing the Cisco Networking Academy® Cybersecurity Essentials course, and demonstrating the following abilities:

Describe the tactics, techniques and procedures used by cyber Explain how cybersecurity professionals use technologies, processes
criminals. and procedures to defend all components of the network.
Describe the principles of confidentiality, integrity, and availability as Explain the purpose of laws related to cybersecurity.
they relate to data states and cybersecurity countermeasures.
Describe technologies, products and procedures used to protect
confidentiality, ensure integrity and provide high availability.

J giftson jeba Selva raja

Student

Karunya Institute of Technology and Sciences

Academy Name

India 28 May 2021

Location Date

Deva Priya I

Instructor Instructor Signature

 Corporate
Social Cisco Networking Academy
Responsibility
Certificate of Course Completion

Introduction to Packet Tracer

For completing the Cisco Networking Academy® Introduction to Packet Tracer course.

J giftson jeba Selva raja

Student

Karunya Institute of Technology and Sciences

Academy Name

India 28 May 2021

Location Date

Deva Priya I

Instructor Instructor Signature

Design secure
network for your
institution
PRESENTED BY,
URK19CS1097
GIFT SON JEBA SELVA RAJA
Security threads

 1) Insider Attacks.
 2) Missed Security Patches.
 3) Configuration Mistakes.
 4) A Lack of Deep Packet Inspection.
 5) DDoS Attacks.
Security threads

1. Lax Password
2. Outdated Firewall Software
3. Failure to Activate Controls
4. Firewall Access May Be Too Lax
5. Lack of Documentation
6. Vulnerability to Insider Attacks
7. Inspection Protocols Are Too Basic
Devices used

 Switch
 Router
 Computer
 Laptop
 Access point
 Smart phone
 Printer
 Tablet
Devices used

 Cross over cable

 Copper straight cable
 IOT devices
 Stripper
 Fire wall
 Server
 Multi layer switch
Mitigate the attacks

 1.Train employees in basic cybersecurity principles

 2.Require
all employees to regularly change
passwords
 3.Controlphysical access to your computers and
network components
 4.Limit employee access to data
 5.Limit employee authorization to install software
Mitigate the attacks

 6.Backup and safeguard all important business data and

information
 7.Install and update firewalls and antivirus protection on every
computer used in your business
 8.Install software updates for your operating systems and
applications as soon as they become available
 9.Secure your Wi-Fi networks
 10.Require individual user accounts for each employee
Futuristic plan

 Anti-Spam – Firewalls do have the ability to filter emails, based on some

fairly basic policies, however we see most people using an email spam
solution prior to the traffic hitting the Firewall, or in the case of Office365,
the Firewall won’t see it at all.
 Anti-Virus – Another feature that we might term “traditional”. This is
mostly done away from the Firewall, but there are a number of security
teams that prefer that this defence can take place at the perimeter as
well as on the host.
 IDS/IPS – An essential feature of protecting any network with a Firewall.
It enables the prevention of known attacks (signature based) that
would usually be passed by an allow rule on the Firewall but contain
malicious traffic to target resources on the network.

Future plans

 SSL Decryption – Up to 70% of network traffic can be typically

encrypted using SSL. Firewalls have been able to decrypt SSL for years
but it is seen as invasive (technically as well as privacy concerns) and
has historically had low adoption. But with such a large percentage of
traffic going uninspected, users without this feature are missing a lot of
traffic.
 Sandboxing – Designed to stop threats that have not been seen before
“Zero Day Threats”, no signature is available for the IDS/IPS to recognise
them. Anything that the Firewall classes as an unknown attachment or
URL will be passed to an environment within the vendors Cloud. This
environment “Sandbox” can then execute or open the URL and
analyse the outcome for Indicators of Compromise which will result in a
“good” or “bad” outcome and then can either block or inform the user
of the analysis.
Future plans

 Application and User control – Allowing a whole network access to

the “Internet” to browse the web is how it used to be but now all
Firewalls should be configured with more granularity. So, for
example users in the “IT Group” can use a larger set of applications
(IT, Email, Blogs, Collaboration etc) than the “Call Centre” users
(Email only). Application control should also be capable of
identifying malicious traffic such as Command and Control (C2)
outbound or threats via DNS, again these would usually be blocked
by default.
 Document Protection – Firewalls can now inspect Office and other
documents for macros, with options to strip out anything suspicious
and give the user options as to whether they continue to download
or not based on policy control.
Thanking you…..
Lab exercise:
MD5: cfe6769a57d46400194410035375b315
MD5: 0bcbc95226855f48c295b4e3552ed96e

YES
A larger bit hash can provide more security because there are more possible combinations.
Remember that one of the important functions of a cryptographic hashing algorithm is that is
produces unique hashes
Lab 2.1.1.2 deploying devices
Lab 2.1.1.2 deploying and cabling devices
Packet tracer activities: