1.

What are the roles and responsibilities of

system administrator?Write the steps for creating the
User account, setting permissions and protecting your files
With password.

Roles and Responsibilities of a System Administrator:

1. System Maintenance: Regularly updating and maintaining system software and

hardware to ensure optimal performance and security.

2. User Management: Creating, modifying, and deleting user accounts as needed.

This involves managing permissions and access levels for various users.

3. Security Management: Implementing security measures such as firewalls,

antivirus software, and intrusion detection systems to protect the system from
threats.

4. Backup and Recovery: Performing regular backups of critical data and

implementing recovery procedures in case of data loss or system failure.

Steps for Creating a User Account, Setting Permissions, and Protecting Files with
Password:

1. Creating a User Account:

- Access the system with administrative privileges.
- Open the user management tool, such as the "User Accounts" section in Control
Panel (for Windows) or the "useradd" command (for Linux).
- Choose the option to add a new user.
- Enter the user's details, including username and password.
- Set any additional properties or restrictions as needed.
- Save the changes to create the user account.

2. Setting Permissions:
- Determine the files or directories that the user should have access to.
- Open the properties or permissions settings for those files or directories.
- Adjust the permissions to grant the appropriate level of access to the user. This
typically involves setting read, write, and execute permissions.
- Save the changes to apply the new permissions.
3. Protecting Files with Password:
- Encrypt sensitive files or directories using encryption tools or built-in encryption
features of the operating system.
- Set a strong password for accessing encrypted files or directories.
- Regularly update the password to maintain security.
- Consider implementing additional security measures such as multi-factor
authentication for accessing sensitive files.
 2. Write the steps for disk partitioning and perform
operations like shrinking, Extending, deleting and
formatting.
The steps for disk partitioning and performing operations like shrinking,
extending, deleting, and formatting are as follows:

1. Disk Partitioning:
- Launch disk management utility:
- For Windows: Use Disk Management (diskmgmt.msc).
- For Linux: Utilize tools like GParted or command-line utilities like fdisk or
parted.
- Identify the disk you want to partition (be cautious to select the correct
disk).
- Select the unallocated space on the disk.
- Choose to create a new partition.
- Specify the size for the partition.
- Assign a drive letter (for Windows) or mount point (for Linux) to the
partition.
- Choose a file system (NTFS for Windows, ext4 for Linux).
- Complete the partition creation process.

2. Shrinking a Partition:
- Open the disk management utility.
- Locate the partition you want to shrink.
- Right-click on the partition and choose "Shrink Volume" (in Windows) or
use resize/move options in Linux tools like GParted.
- Specify the amount of space to shrink.
- Confirm the operation.
- Wait for the process to complete.

3. Extending a Partition:
- Open the disk management utility.
 - Identify the adjacent unallocated space next to the partition you want to
extend.
- Right-click on the partition you want to extend.
- Choose "Extend Volume" (in Windows) or use resize/move options in
Linux tools like GParted.
- Specify the amount of space to add.
- Confirm the operation.
- Wait for the process to complete.

4. Deleting a Partition:
- Open the disk management utility.
- Identify the partition you want to delete.
- Right-click on the partition.
- Choose "Delete Volume" (in Windows) or use delete options in Linux
tools like GParted.
- Confirm the deletion.
- Note: Deleting a partition will erase all data on it, so ensure you have
backed up any important data beforehand.

5. Formatting a Partition:
- Open the disk management utility.
- Identify the partition you want to format.
- Right-click on the partition.
- Choose "Format" (in Windows) or use format options in Linux tools like
GParted.
- Select the file system you want to format the partition with.
- Optionally, provide a volume label.
- Confirm the formatting operation.
- Wait for the process to complete.
 3.Prepare a Case study on Ransomware attacks. (Ex: Media
Markt)

Title: Ransomware Attack on Media Markt: A Case Study

Introduction:
In recent years, ransomware attacks have emerged as a significant cybersecurity
threat, targeting organizations across various industries worldwide. One notable
case is the ransomware attack on Media Markt, a leading European retailer
specializing in consumer electronics.

Background:
Media Markt operates a vast network of stores across Europe, offering a wide range
of products, including smartphones, laptops, TVs, and home appliances. With a
strong online presence and a large customer base, Media Markt relies heavily on its
IT infrastructure to manage operations, sales, and customer data.

Incident Overview:
In early 2023, Media Markt fell victim to a sophisticated ransomware attack that
infiltrated its systems, causing widespread disruption and chaos. The attack began
when employees across multiple departments received suspicious emails containing
malicious attachments disguised as legitimate documents or invoices. Unsuspecting
employees who opened these attachments inadvertently triggered the ransomware
infection, allowing it to spread rapidly throughout Media Markt's network.

Attack Execution:
Once inside the network, the ransomware encrypted critical files and systems,
rendering them inaccessible to employees. This included customer databases,
inventory management systems, and point-of-sale terminals, severely impacting
Media Markt's ability to process transactions and serve customers effectively. The
attackers, identified as a notorious cybercrime group known for targeting large
corporations, demanded a hefty ransom payment in exchange for providing
decryption keys to unlock the encrypted data.

Response and Impact:

Media Markt's IT security team immediately initiated incident response protocols to
contain the attack and minimize its impact. They disconnected infected systems
from the network, shut down affected servers, and deployed endpoint security
solutions to prevent further spread of the ransomware. Additionally, Media Markt
notified law enforcement authorities and engaged with cybersecurity experts to
investigate the incident and negotiate with the attackers.

However, despite their efforts, the ransomware attack had already caused
significant financial losses, operational disruptions, and reputational damage to
Media Markt. The retailer was forced to temporarily close several stores, resulting
in lost revenue and customer dissatisfaction. Moreover, the incident raised
concerns among customers regarding the security of their personal information
stored in Media Markt's systems, leading to a decline in trust and brand loyalty.

Lessons Learned:
The ransomware attack on Media Markt serves as a stark reminder of the evolving
cybersecurity threats faced by organizations in today's digital age. Several key
lessons can be drawn from this incident:

1. Employee Training
2. Robust Security Measures
3.Incident Response Preparedness
4. Regular Backups
5. Transparency and Communication

In conclusion, the ransomware attack on Media Markt underscores the importance

of proactive cybersecurity measures and preparedness in mitigating the risks posed
by cyber threats. By learning from such incidents and implementing preventive
measures, organizations can better protect themselves and their stakeholders from
the devastating consequences of ransomware attacks.

4.Write the steps for installation of software from Open source

Mode and Paid subscription mode
The steps for installing software from both Open Source Mode and Paid
Subscription Mode:

Installation of Software from Open Source Mode:

1. Research and Selection:

- Identify the open-source software you wish to install. Research its
features, compatibility, and user reviews to ensure it meets your
requirements.

2. Download the Software:

- Visit the official website or trusted repositories of the open-source
software.
- Locate the download section and choose the appropriate version for
your operating system (Windows, macOS, Linux, etc.).

3. Verify Authenticity:
- Verify the authenticity of the software download by checking digital
signatures or checksums provided by the software developers.

4. Installation:
- Once downloaded, locate the installer file (e.g., .exe for
Windows, .dmg for macOS, or package manager for Linux).
- Double-click the installer file to begin the installation process.
- Follow the on-screen instructions provided by the installer wizard.
- Choose installation options such as destination folder, shortcuts, and
additional components if applicable.
- Wait for the installation process to complete.

5. Configuration and Setup:

- After installation, launch the software.
- Follow any setup or configuration prompts to customize the software
according to your preferences.
- Configure any required settings, such as user accounts, preferences,
or integrations.

**Installation of Software from Paid Subscription Mode:**

1. Subscription Purchase:
 - Select the desired software product or service from the vendor's
website.
- Choose the appropriate subscription plan based on your
requirements (e.g., monthly, annual).
- Proceed to checkout and make the payment using the provided
payment methods.

2. Account Creation:
- If you're a new user, create an account on the vendor's website.
- Provide necessary information such as name, email address, and
payment details.
- Verify your email address and set up account credentials
(username/password).

3. Accessing Installation Files:

- Upon successful subscription, access the download section or
subscription management dashboard on the vendor's website.
- Locate the installation files or setup instructions provided for the
subscribed software.

4. Installation:
- Download the installation files or follow the setup instructions
provided by the vendor.
- Run the installer executable or follow the deployment guidelines
provided for cloud-based services.
- Follow the on-screen instructions to complete the installation
process.

5. Activation and License Key:

- If required, enter the license key or activation code provided with
your subscription.
- Activate the software using the provided credentials or activation
process.

6. Configuration and Setup:

- Configure the software settings and preferences according to your
requirements.
- Set up user accounts, permissions, and any integrations with other
systems if necessary.
7. Subscription Management:
- Keep track of your subscription renewal dates.
- Manage your subscription settings, such as upgrading/downgrading
plans or adding/removing users, as needed.
- Stay informed about any updates, new features, or service
enhancements provided by the vendor.

5.Write the steps to make Microsoft Chrome as a default

browser, Add Active X Controls and Add–on to the
Browser.

To make Microsoft Edge your default browser, add ActiveX controls, and install add-
ons, follow these steps:

1. Making Microsoft Edge your Default Browser:

 - Open Microsoft Edge.
- Click on the three-dot menu icon in the top-right corner.
- Select "Settings" from the dropdown menu.
- In the Settings menu, scroll down and click on "Default browser" in the left
sidebar.
- Click on the option "Make default" under the "Default browser" section.
- Confirm the action if prompted.
- Microsoft Edge is now set as your default browser.

2. Adding ActiveX Controls:

- Open Microsoft Edge.

- Click on the three-dot menu icon in the top-right corner.
- Select "Extensions" from the dropdown menu.
- In the Extensions menu, click on "Get extensions from Microsoft Store."
- Search for "ActiveX" in the Microsoft Store search bar.
- Browse the available ActiveX controls and select the one you need.
- Click on "Get" or "Install" to add the ActiveX control to Microsoft Edge.
- Follow any on-screen instructions to complete the installation process.
- Once installed, the ActiveX control should be available for use in Microsoft Edge.

3. Adding Add-ons to Microsoft Edge:

- Open Microsoft Edge.

- Click on the three-dot menu icon in the top-right corner.
- Select "Extensions" from the dropdown menu.
- In the Extensions menu, click on "Get extensions from Microsoft Store."
- Search for the desired add-on in the Microsoft Store search bar.
- Browse the available add-ons and select the one you want to install.
- Click on "Get" or "Install" to add the add-on to Microsoft Edge.
- Follow any on-screen instructions to complete the installation process.
- Once installed, the add-on should be available for use in Microsoft Edge.

6. Write the steps to establish peer to peer network connection

using two systems in a LAN

The steps to set up a peer-to-peer network connection:

1. Prepare the Systems:

 - Ensure that both systems are powered on and connected to the same
LAN (via Ethernet cable or Wi-Fi).

2. Configure Network Settings:

- Assign IP addresses to both systems within the same subnet. For
example:
- System 1: IP address - 192.168.1.100
- System 2: IP address - 192.168.1.101
- Subnet mask: 255.255.255.0
- Default gateway: (Leave blank or specify router's IP if needed)
- To set IP addresses in Windows:
- Go to Control Panel > Network and Sharing Center > Change adapter
settings.
- Right-click on the network adapter (Ethernet or Wi-Fi) and select
Properties.
- Select "Internet Protocol Version 4 (TCP/IPv4)" and click on
Properties.
- Choose "Use the following IP address" and enter the IP address,
subnet mask, and default gateway.
- Click OK to save the settings.

3. Workgroup Configuration:
- Ensure both systems are part of the same workgroup.
- To change workgroup settings in Windows:
- Go to Control Panel > System and Security > System.
- Click on "Change settings" next to "Computer name, domain, and
workgroup settings."
- Click on the "Change" button under "Member of" and enter the
same workgroup name for both systems.
- Click OK and restart the system if prompted.

4. Enable File and Printer Sharing:

- Turn on file and printer sharing on both systems.
- To enable file and printer sharing in Windows:
- Go to Control Panel > Network and Sharing Center > Change
advanced sharing settings.
- Turn on network discovery, file and printer sharing, and public folder
sharing.
- Click Save changes.
5. Share Files and Folders:
- Choose which files or folders you want to share on each system.
- Right-click on the file or folder, select Properties, go to the Sharing
tab, and click on Share.
- Choose the users or groups you want to share with and set their
permissions.
- Click on Share to confirm.

6. Access Shared Files:

- On each system, open File Explorer (Windows) or Finder (Mac).
- Navigate to Network or Shared and locate the other system.
- Double-click on the system to view the shared files and folders.
- Access the shared files by double-clicking on them.

7. Test the Connection:

- Ensure that both systems can access shared files and folders.
- Try copying files between systems to verify the network connection.

7. What is WiFi? How do you configure the Wifi on Windows

operating system

Wi-Fi, short for "Wireless Fidelity," is a technology that allows electronic devices to
connect to a wireless local area network (WLAN), typically using the 802.11
standards. It enables devices such as computers, smartphones, tablets, and other
devices to connect to the internet and communicate with each other without the
need for physical wired connections.

Configuring Wi-Fi on a Windows operating system involves several steps:

1. Open Network Settings:

- Click on the Wi-Fi icon in the system tray located at the bottom-right corner of
the taskbar.

2. View Available Networks:

- In the Wi-Fi menu, you will see a list of available wireless networks in your
vicinity.
- Click on the network you want to connect to.

3. Connect to a Network:
- If the network is secured, you will be prompted to enter the network security
key (password).
- Enter the security key and click "Next" or "Connect."
- If the network is open (unsecured), you may be connected automatically.

4. Network Authentication:
- Some Wi-Fi networks may require additional authentication methods, such as
WPA2-Enterprise or 802.1X.
- If prompted, enter your username and password for network authentication.

5. Configure Network Settings:

- Once connected, you can configure additional network settings if necessary.
- To do this, right-click on the Wi-Fi icon in the system tray and select "Open
Network & Internet settings."
- Click on "Wi-Fi" in the left sidebar, then click on "Change adapter options."
- Right-click on your Wi-Fi network connection and select "Properties."
- Here, you can configure settings such as IP address, DNS server, and proxy
settings if needed.

6. Manage Known Networks:

- Windows maintains a list of known networks that you have connected to in the
past.
- To manage these networks, go to "Settings" > "Network & Internet" > "Wi-Fi."
 - Under "Manage known networks," you can view and remove networks from
the list.

7. Troubleshooting:
- If you encounter issues connecting to a Wi-Fi network, Windows offers built-in
troubleshooting tools.
- Right-click on the Wi-Fi icon in the system tray and select "Troubleshoot
problems" to diagnose and fix network connectivity issues.

8. Write the steps to Install and configure Network Components

like switches, Hub and Modem and how do you connect to
Dial-Up networking

Installing and configuring network components such as switches, hubs,

modems, and connecting to dial-up networking involves specific steps for each
device. Below are the general steps for installing and configuring these network
components:

**1. Switches:**

Installation:
- Place the switch in a central location within the network.
- Connect the power adapter to a power source and the switch's power
input.
- Connect Ethernet cables from the switch to the devices you want to
connect (e.g., computers, printers, servers).

Configuration:
- Access the switch's management interface using a web browser or
dedicated management software.
- Configure VLANs (Virtual Local Area Networks) if necessary.
- Set up port settings, such as speed, duplex mode, and port mirroring.
- Configure security settings, including MAC address filtering and port
security.
- Save and apply the configuration changes.

**2. Hubs:**

Installation:
- Place the hub in a central location within the network.
- Connect the power adapter to a power source and the hub's power input.
- Connect Ethernet cables from the hub to the devices you want to connect.

Configuration:
- Hubs are typically plug-and-play devices and do not require configuration.

**3. Modems:**

Installation:
- Connect the modem to a power source and turn it on.
- Connect the modem's Ethernet port to the WAN (Wide Area Network) port
on the router or directly to a computer.
- Connect the telephone line to the modem's phone jack if using a DSL
(Digital Subscriber Line) connection.
 Configuration:
- Access the modem's configuration interface using a web browser.
- Enter the ISP (Internet Service Provider) credentials, such as username and
password, for PPPoE (Point-to-Point Protocol over Ethernet) connections.
- Configure other settings provided by the ISP, such as DNS servers and
connection type (static IP, dynamic IP, or PPPoE).

**4. Dial-Up Networking:**

Installation:
- Connect the modem to the computer's serial port or USB port.
- Install any necessary drivers for the modem provided by the manufacturer.

Configuration:
- Open the Control Panel on the computer.
- Navigate to Network and Internet > Network and Sharing Center.
- Click on "Set up a new connection or network."
- Choose "Set up a dial-up connection" and click Next.
- Enter the dial-up phone number, username, and password provided by the
ISP.
- Click Connect to establish the dial-up connection.

Connecting:
- To connect to the internet using dial-up networking, open the dial-up
connection created earlier.
- Enter the username and password if prompted.
- Click Connect to establish the dial-up connection.

9. What are the features of firewall? Write the steps in providing

network security and to set Firewall Security in windows.

Firewalls are essential network security devices that monitor and control
incoming and outgoing network traffic based on predetermined security
rules. They act as a barrier between a trusted internal network and
untrusted external networks, such as the internet.
Some key features of firewalls include:

1. Packet Filtering
2. Stateful Inspection
3. Application Layer Filtering
4. Intrusion Detection and Prevention
5. Virtual Private Network (VPN) Support
6. Logging and Reporting
7. Traffic Shaping and Bandwidth Management

The steps to set up firewall security in Windows:

1. Access Windows Firewall Settings:

- Open the Control Panel from the Start menu.
- Go to "System and Security" and then click on "Windows Defender
Firewall."

2. Configure Firewall Settings:

- In the Windows Defender Firewall window, click on "Turn Windows
Defender Firewall on or off" from the left sidebar.
- Choose whether you want to turn on the firewall for private networks,
public networks, or both.
- You can also customize settings for individual network profiles by clicking
on "Advanced settings" from the left sidebar.

3. Create Firewall Rules:

- In the "Advanced settings" window, click on "Inbound Rules" or
"Outbound Rules" from the left sidebar, depending on whether you want to
create rules for incoming or outgoing traffic.
- Click on "New Rule" from the right sidebar to open the New Inbound Rule
Wizard or New Outbound Rule Wizard.
- Follow the wizard to define the rule parameters, such as the type of
traffic (program, port, predefined), action (allow or block), and scope
(specific IP addresses or range).
- Give the rule a name and description for easy identification.
- Repeat the process to create additional rules as needed.

4. Monitor Firewall Activity:

 - You can monitor firewall activity and view logs by clicking on
"Monitoring" from the left sidebar in the Windows Defender Firewall
window.
- Here, you can see firewall settings, active connections, and security log
details.

10. Write the steps for installation of System Software,

Application software and Antivirus.

the general steps for installing system software, application software,

and antivirus software are:

1. Installation of System Software:

System software includes operating systems (e.g., Windows, macOS,

Linux) and utility programs necessary for the computer's operation.

Obtain Installation Media:

 - Obtain the installation media (e.g., DVD, USB drive) or download the
system software from the official website.

Boot from Installation Media:

- Insert the installation media into the computer's optical drive or USB
port.
- Restart the computer and boot from the installation media. You may
need to access the BIOS or UEFI settings to change the boot order.

Follow Installation Wizard:

- Follow the on-screen instructions provided by the installation wizard.
- Choose the installation language, edition, and partition or disk where
you want to install the system software.
- Agree to the license terms and select any additional features or options
you want to install.
- Wait for the installation process to complete.

Configure Settings:
- After installation, configure system settings such as user accounts, time
zone, network settings, and security preferences.

2. Installation of Application Software:

Application software includes programs designed to perform specific

tasks or functions, such as productivity software, multimedia applications,
and games.

Download or Obtain Installation File:

- Download the installation file from the official website or obtain it from
physical media (e.g., DVD, USB drive).

Run Installation Wizard:

- Double-click on the installation file to run the installation wizard.
- Follow the on-screen instructions provided by the wizard.
- Choose the installation language, destination folder, and any additional
options or components you want to install.
- Agree to the license agreement and click "Install" to begin the
installation process.

Complete Installation:
 - Wait for the installation process to complete.
- Depending on the software, you may need to restart the computer to
finalize the installation.

Configure Settings:
- After installation, configure the software settings according to your
preferences.
- Activate the software if required by entering the product key or license
information.

3. Installation of Antivirus Software:

Antivirus software is essential for protecting your computer from

malware, viruses, and other security threats.

Download or Obtain Installation File:

- Download the antivirus software installation file from the official
website or obtain it from physical media (e.g., DVD, USB drive).

Run Installation Wizard:

- Double-click on the installation file to run the installation wizard.
- Follow the on-screen instructions provided by the wizard.
- Choose the installation language, destination folder, and any additional
options or components you want to install.

Complete Installation:
- Wait for the installation process to complete.
- After installation, the antivirus software may perform an initial scan of
your computer to check for any existing threats.
- Configure the antivirus software settings, such as scheduled scans, real-
time protection, and threat detection options.

Update Definitions:
- After installation, update the antivirus software definitions to ensure it
can detect the latest threats.
- Configure automatic updates to keep the antivirus software up-to-date
with the latest security definitions.
11.What do you mean by Spooling printers? Write the steps for spooling
printer.

Spooling (Simultaneous Peripheral Operations On-line) is a process used in

computing to manage multiple print jobs by placing them into a queue, allowing
them to be processed in the order they were received. Spooling is particularly useful
in scenarios where multiple users need to access a single printer or when a single
user has multiple print jobs to submit.

Here are the steps involved in spooling a printer:

1. Submitting a Print Job: The user initiates a print job from their computer by
sending it to the printer. Instead of sending the job directly to the printer, the print
job is sent to the spooler software on the user's computer.

2. Spooling: The spooler software then holds the print job temporarily in a queue,
typically in a designated area on the computer's storage device (such as a hard drive
or SSD). This allows the user to continue working on their computer without having
to wait for the print job to complete.

3. Queue Management: The spooler manages the print queue, ensuring that print
jobs are processed in the order they were received. It also handles tasks such as
prioritizing print jobs, managing printer resources, and handling any errors or
interruptions that may occur during printing.

4. Transferring to Printer: Once the printer becomes available (i.e., it is no longer

busy with another print job), the spooler software transfers the next print job from
the queue to the printer's buffer or memory. This process continues until all print
jobs in the queue have been processed.

5. Printing: The printer then retrieves the print job from its buffer or memory and
prints it onto paper or other media as specified by the print job.

6. Completion and Removal: After the print job has been successfully printed, the
spooler software removes it from the queue and frees up any resources associated
with it. The user can then either submit another print job or continue with other
tasks.

12.Write a Program to identify the category of IP address for a given IP

address

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#define MAX_LEN 15

// Function to identify the category of an IP address

char* ip_category(char ip_address[]) {
// Split the IP address into octets
char *token;
token = strtok(ip_address, ".");
int first_octet = atoi(token);

// Classify the IP address based on the first octet range

if (first_octet >= 1 && first_octet <= 126)
return "Class A";
else if (first_octet >= 128 && first_octet <= 191)
return "Class B";
else if (first_octet >= 192 && first_octet <= 223)
return "Class C";
else if (first_octet >= 224 && first_octet <= 239)
return "Class D (Multicast)";
else if (first_octet >= 240 && first_octet <= 255)
return "Class E (Reserved)";
else
return "Invalid IP Address";
}

int main() {
char ip[MAX_LEN];
printf("Enter an IP address: ");
scanf("%s", ip);

char *category = ip_category(ip);

printf("The category of the IP address %s is: %s\n", ip, category);

return 0;
}
13.Write a Program to check the strength of the password.
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>

#define MIN_LENGTH 8
#define MAX_LENGTH 20
// Function to check the strength of a password
int password_strength(char password[]) {
int length = strlen(password);

// Check length
if (length < MIN_LENGTH)
return 0; // Weak password

// Check if the password contains at least one uppercase letter, one lowercase letter, and one
digit
int has_upper = 0, has_lower = 0, has_digit = 0;
for (int i = 0; i < length; i++) {
if (isupper(password[i]))
has_upper = 1;
else if (islower(password[i]))
has_lower = 1;
else if (isdigit(password[i]))
has_digit = 1;
}

// Check if the password contains special characters

int has_special = 0;
for (int i = 0; i < length; i++) {
if (!isalnum(password[i])) {
has_special = 1;
break;
}
}

// Determine password strength based on conditions

if (has_upper && has_lower && has_digit && has_special)
return 4; // Strong password
else if ((has_upper && has_lower && has_digit) || (has_upper && has_lower && has_special)
|| (has_upper && has_digit && has_special) || (has_lower && has_digit && has_special))
return 3; // Medium password
 else if ((has_upper && has_lower) || (has_upper && has_digit) || (has_upper && has_special) ||
(has_lower && has_digit) || (has_lower && has_special) || (has_digit && has_special))
return 2; // Weak password
else
return 1; // Very weak password
}

int main() {
char password[MAX_LENGTH + 1];
printf("Enter your password (between 8 and 20 characters): ");
scanf("%s", password);

int strength = password_strength(password);

switch(strength) {
case 1:
printf("Your password is very weak.\n");
break;
case 2:
printf("Your password is weak.\n");
break;
case 3:
printf("Your password is medium.\n");
break;
case 4:
printf("Your password is strong.\n");
break;
default:
printf("Invalid password.\n");
}

return 0;
}
14.Write the steps to transfer files between Wireless
communication using Bluetooth and FTP
Transferring files between wireless devices using Bluetooth and FTP (File Transfer Protocol)
involves a few steps. Below are the general steps to accomplish this:
Using Bluetooth:
1. Pairing Devices: Ensure that both devices (the sender and the receiver) have Bluetooth enabled
and are discoverable. Pair the devices by searching for nearby Bluetooth devices and selecting the
appropriate device to pair with.
2. Enable File Transfer: Once paired, ensure that both devices support the necessary Bluetooth
profiles for file transfer. Most modern devices support the Object Push Profile (OPP) or File
Transfer Profile (FTP) for file transfer over Bluetooth.
3. Select Files to Transfer: On the device that contains the files to be transferred, navigate to the
file manager or file browser app and select the files or folders you want to transfer.
4. Send Files: Choose the option to share or send the selected files via Bluetooth. Select the paired
device to which you want to send the files. The recipient device will likely prompt for permission to
accept the incoming files.
5. Receive Files: On the receiving device, accept the incoming file transfer request. The files will be
transferred over Bluetooth from the sender to the receiver.
Using FTP:
1. Set up FTP Server: On the device from which you want to transfer files (usually a computer or a
smartphone), set up an FTP server. You can use third-party FTP server software or apps available
for your operating system.
2. Connect to Wi-Fi Network: Ensure that both the sender and the receiver devices are connected
to the same Wi-Fi network. This is necessary for them to communicate with each other over FTP.
3. Access FTP Server: On the device to which you want to transfer files, open an FTP client
application. Enter the IP address or hostname of the FTP server (which is the device from which
you want to transfer files) and the appropriate login credentials (username and password) if
required.
4. Navigate and Transfer Files: Once connected to the FTP server, navigate through the directory
structure to find the files you want to transfer. You can then download or upload files between the
FTP server and the FTP client application on the other device.
5. Disconnect: After transferring the files, properly disconnect from the FTP server to ensure
security and release any resources being used for the FTP connection.

15.Prepare a case study on Cosmos Bank Cyber attack in Pune

Title: Cosmos Bank Cyber Attack: A Case Study
Introduction:
The Cosmos Cooperative Bank, headquartered in Pune, India, became a victim of a sophisticated
cyber attack in August 2018. This case study delves into the details of the attack, its impact on the
bank, the methods employed by the attackers, and the aftermath.
Background:
Cosmos Bank is one of the oldest cooperative banks in India, with a significant presence in
Maharashtra. It offers a range of banking services to its customers, including retail and corporate
banking. Like many financial institutions, Cosmos Bank relies heavily on its IT infrastructure for
daily operations, customer transactions, and data management.
The Attack:
The cyber attack on Cosmos Bank occurred on August 11 and 13, 2018. The attackers employed a
combination of tactics, including hacking into the bank's systems and initiating a series of
fraudulent transactions. The attack involved the use of malware to compromise the bank's ATM
switch application server and the SWIFT messaging system.
Key Points of the Attack:
1. Malware Infiltration
2. ATM Cash Withdrawals
3. SWIFT Transactions
4. Lack of Detection
Impact:
The cyber attack had significant repercussions for Cosmos Bank, its customers, and the banking
industry as a whole:
1. Financial Losses
2. Reputation Damage
3. Regulatory Scrutiny
Response and Recovery:
In response to the cyber attack, Cosmos Bank took several measures to mitigate the impact and
strengthen its cybersecurity posture:

1. Investigation
2. Incident Response
3.Security Enhancements
4. Customer Communication

Lessons Learned:
The cyber attack on Cosmos Bank underscores the importance of robust cybersecurity measures
for financial institutions:

1. Proactive Security
2. Continuous Monitoring
3.Collaboration and Information Sharing
4. Regulatory Compliance
Conclusion:
The cyber attack on Cosmos Bank serves as a wake-up call for the banking industry, highlighting
the evolving nature of cyber threats and the critical importance of cybersecurity preparedness. By
learning from this incident, financial institutions can strengthen their defenses, enhance resilience,
and safeguard against future cyber attacks.

16.Write a Program to search the given pattern using optimized algorithm

#include <stdio.h>
#include <string.h>
#define NO_OF_CHARS 256
// Function to fill the bad character shift table
void badCharHeuristic(char *str, int size, int badchar[NO_OF_CHARS]) {
int i;
 for (i = 0; i < NO_OF_CHARS; i++)
badchar[i] = -1;
for (i = 0; i < size; i++)
badchar[(int)str[i]] = i;
}
// Function to search for the pattern using Boyer-Moore algorithm
void search(char *txt, char *pat) {
int m = strlen(pat);
int n = strlen(txt);
int badchar[NO_OF_CHARS];
badCharHeuristic(pat, m, badchar);
int s = 0; // s is shift of the pattern with respect to text
while (s <= (n - m)) {
int j = m - 1;
while (j >= 0 && pat[j] == txt[s + j])
j--;
if (j < 0) {
printf("Pattern occurs at index %d \n", s);
s += (s + m < n) ? m - badchar[txt[s + m]] : 1;
} else {
s += max(1, j - badchar[txt[s + j]]);
}
}
}

// Test the program

int main() {
char txt[] = "ABAAABCD";
char pat[] = "ABC";
search(txt, pat);
return 0;
}
17.Prepare a case study on Social Media Crime that occurred in Pune 2021.
Title: Social Media Crime: A Case Study of an Incident in Pune, 2021
Introduction:
In 2021, Pune, a bustling city in Maharashtra, India, witnessed a significant social media crime that
underscored the risks associated with online platforms. This case study examines the incident, its
impact on the individuals involved, the role of social media, and the measures taken to address the
issue.
Background:
Social media platforms have become integral parts of modern communication, enabling people to
connect, share information, and express opinions. However, the anonymity and wide reach of
these platforms also make them susceptible to misuse, including cyberbullying, harassment,
defamation, and identity theft.
The Incident:
In Pune, 2021, a prominent individual (let's refer to them as "X") became the target of a
coordinated online harassment campaign on social media platforms. The perpetrators, who
remained anonymous, posted defamatory content, false accusations, and derogatory remarks
about X across various social media channels.
Key Points of the Incident:
1. Targeted Harassment
2. Viral Spread
3. Psychological Impact
4. Legal Action
Impact:
The social media crime in Pune had far-reaching consequences, affecting not only the victim (X)
but also the broader community and online ecosystem:
1. Personal and Professional Repercussions
2. Public Awareness
3. Legal Precedent
4. Community Support
Response and Resolution:
In response to the social media crime in Pune, several actions were taken to address the issue and
support the victim:
1. Law Enforcement.
2. Legal Proceedings
3. Victim Support
4. Policy Advocacy

Conclusion:
The social media crime that occurred in Pune in 2021 serves as a cautionary tale about the dangers
of online harassment, cyberbullying, and defamation. It underscores the need for proactive
measures to combat social media crimes, protect individuals' digital rights, and promote a safe and
inclusive online environment. By raising awareness, strengthening legal frameworks, and fostering
digital literacy, communities can work together to prevent and address social media crimes
effectively.
18.Prepare a case study on Japanese Bank for Key logger Scam
Title: Japanese Bank Keylogger Scam: A Case Study
Introduction:
In recent years, cybersecurity threats have become increasingly sophisticated, posing significant
risks to financial institutions worldwide. This case study examines a keylogger scam that targeted a
Japanese bank, highlighting the methods used by cybercriminals, the impact on the bank and its
customers, and the measures taken to mitigate the attack.
Background:
Keyloggers are malicious software programs designed to covertly monitor and record keystrokes
on a user's computer. Cybercriminals use keyloggers to steal sensitive information such as login
credentials, credit card numbers, and personal data, which can then be exploited for financial gain
or identity theft.
The Incident:
In this case, a Japanese bank (let's refer to it as "XYZ Bank") fell victim to a sophisticated keylogger
scam that compromised the security of its online banking system. The perpetrators, believed to be
part of an organized cybercrime group, deployed keylogger malware to infect the computers of
unsuspecting bank customers.
Key Points of the Incident:
1. Malware Distribution
2. Unauthorized Access
3. Data Theft
4. Financial Losses
Impact:
The keylogger scam had profound consequences for XYZ Bank, its customers, and the broader
financial ecosystem:
1. Customer Trust
2. Reputation Damage
3. Regulatory Scrutiny
4. Legal Liability
Response and Resolution:
In response to the keylogger scam, XYZ Bank took several proactive measures to address the
security breach and mitigate its impact:
1. Incident Response
2. Customer Communication
3. Security Enhancements
4. Regulatory Compliance

Conclusion:
The keylogger scam targeting XYZ Bank serves as a stark reminder of the evolving cybersecurity
threats facing financial institutions globally. By investing in robust cybersecurity measures,
fostering a culture of vigilance and resilience, and collaborating with stakeholders, banks can
mitigate the risk of cyberattacks and protect their customers' assets and trust in the digital age.
19.Write the steps to prevent the denial of Service attacks.
Preventing Denial of Service (DoS) attacks requires a multi-layered approach that involves both
proactive measures and reactive responses. Below are steps that organizations can take to prevent
DoS attacks:

1. Network Security Measures

2. Bandwidth Management
3. Distributed Denial of Service (DDoS) Protection
 4. Server Hardening
5. Application Security
6. Monitoring and Alerting
7. Incident Response Planning
8. Employee Training and Awareness
By implementing these preventive measures and adopting a proactive approach to security,
organizations can reduce the risk of DoS attacks and minimize their impact on network and
application availability.

20.Write the steps to demonstrate intrusion detection

system (ids) using the tool SNORT
To demonstrate an Intrusion Detection System (IDS) using the tool
Snort, you can follow these steps:
1. Install Snort
2. Configure Snort
3. Download and Update Rules
4.Start Snort
 Use the following command to start Snort in packet sniffing
mode:
```
sudo snort -A console -q -u snort -g snort -c
/etc/snort/snort.conf -i <interface>
```
Replace `<interface>` with the network interface you want
Snort to listen on (e.g., eth0).

5. Generate Traffic
6. Monitor Alerts
7. Analyze Alerts
8. Respond to Alerts
9. Fine-tune Configuration
10. Document Findings

21.What is Malware? Write the steps to remove the malware from

your PC.

Malware, short for "malicious software," refers to any type of software designed to infiltrate,
damage, or otherwise interfere with a computer system, without the owner's consent. Malware
can take many forms, including viruses, worms, trojans, ransomware, spyware, adware, and
more. Its purposes can range from stealing sensitive information, disrupting normal computer
operations, to causing financial harm or gaining unauthorized access to a system.
Here are steps to remove malware from your PC:
1.Disconnect from the Internet
2. Enter Safe Mode
3. Update Antivirus Software
4. Scan Your System
5. Use Malware Removal Tools
6. Manually Remove Malicious Files
7. Restore from Backup
8. Reset Your Browsers
9. Reconnect to the Internet and Update Software
10. Monitor Your System

22.What are the various types of Vulnerabilities for hacking the web
applications.
Web applications are prone to various vulnerabilities that can be exploited by hackers. Some of the
most common vulnerabilities include:
1. Injection Attacks
2. Broken Authentication
3. Sensitive Data Exposure
4. XML External Entity (XXE)
5. Security Misconfigurations
6. Cross-Site Request Forgery (CSRF)
7. Broken Access Control
8. Security Headers Misconfiguration
9. Insecure Deserialization
10. Insecure File Uploads
These are just a few examples of the many vulnerabilities that hackers can exploit in web
applications. It's essential for developers and security professionals to be aware of these
vulnerabilities and take proactive measures to mitigate them during the development and
maintenance of web applications. Regular security assessments, code reviews, and implementing
best practices can help reduce the risk of exploitation and enhance the overall security posture of
web applications.

23.Write steps for sharing files and printer remotely between two
system
Sharing files and printers remotely between two systems involves setting up appropriate
permissions and network configurations. Here are the steps to achieve this:

Step 1: Connect the Systems

Step 2: Enable File and Printer Sharing

Step 3: Share the Printer

Step 4: Share Files and Folders

Step 5: Access Shared Printer and Files

Step 6: Test the Setup

24.List out the various Mobile security apps . Write the steps to install
and use ,one of the mobile security app

There are several mobile security apps available for both Android and iOS devices. Some
popular ones include:

1. Avast Mobile Security

2. McAfee Mobile Security
3. Norton Mobile Security
4. Bitdefender Mobile Security
5. Kaspersky Mobile Antivirus
6. Trend Micro Mobile Security
7. Lookout Security & Antivirus
8. Sophos Intercept X for Mobile
9. AVG AntiVirus for Android
10. ESET Mobile Security & Antivirus

Here are the general steps to install and use a mobile security app, using Avast Mobile
Security as an example:

Steps to Install and Use Avast Mobile Security:

1. Download and Install the App

2. Set Up Account
3. Enable Necessary Permissions
4. Run a Scan
5. Review Scan Results
6. Enable Security Features
7. Schedule Scans (Optional)
8. Update Definitions and Software
9. Monitor and Manage Security Alerts
10. Regularly Review Settings

25.Write the algorithm for encoding and decoding the Hash-Based

Message Authentication Code(HMAC)
Hash-Based Message Authentication Code (HMAC) is a mechanism for generating a message
authentication code involving a cryptographic hash function in combination with a secret key.
Here's a simplified algorithm for encoding and decoding HMAC:

Encoding Algorithm (HMAC):

Input:
- Message (M)
- Secret Key (K)
- Hash Function (H)

Steps:
1. If the length of the secret key (K) is greater than the block size of the hash function (H), hash
the key (K) using the hash function (H) and set the result as the new key (K).
2. If the length of the secret key (K) is less than the block size of the hash function (H), pad the
key (K) with zeros until it matches the block size.
3. Create two blocks:
- Inner Block (Inner_pad): XOR the key (K) with the constant 0x36 repeated to match the
block size.
- Outer Block (Outer_pad): XOR the key (K) with the constant 0x5C repeated to match the
block size.
4. Calculate the HMAC:
- Inner_Hash = HashFunction(Inner_pad || M)
- HMAC = HashFunction(Outer_pad || Inner_Hash)
5. Output the HMAC as the authentication code.

Decoding Algorithm (HMAC Verification):

Input:
- Message (M)
- Received HMAC (HMAC_recv)
- Secret Key (K)
- Hash Function (H)

Steps:
1. Calculate the HMAC using the same process as the encoding algorithm with the received
message (M), secret key (K), and hash function (H).
2. Compare the calculated HMAC with the received HMAC (HMAC_recv).
3. If the calculated HMAC matches the received HMAC, the message (M) is considered
authentic; otherwise, it may have been tampered with.

26.Prepare a case study on Mahesh Bank cyber attack.

Title: Mahesh Bank Cyber Attack: Safeguarding Financial Institutions in the Digital Age
Introduction:
Mahesh Bank, a prominent financial institution known for its commitment to customer service and
technological innovation, found itself at the center of a cybersecurity crisis in October 2023. This
case study delves into the details of the cyber attack that targeted Mahesh Bank, the impact it had
on the bank and its customers, and the strategies employed to mitigate the damage and prevent
future incidents.

Background:
Mahesh Bank, headquartered in a bustling metropolis, boasted a vast network of branches and a
substantial customer base. Recognizing the importance of embracing digital transformation, the
bank had invested heavily in advanced technology to enhance its operations, streamline customer
experiences, and ensure robust cybersecurity measures.

Incident:
In early October 2023, Mahesh Bank's cybersecurity team detected unusual activity within the
bank's network. Investigation revealed that the bank had fallen victim to a sophisticated cyber
attack orchestrated by a group of highly skilled hackers. The attackers exploited vulnerabilities in
the bank's systems to gain unauthorized access to sensitive data, including customer information
and financial records.

The cyber attack targeted multiple facets of the bank's operations, including:

1. Breach of Customer Data

2. Disruption of Services
3.Financial Losses
4.Response and Mitigation Efforts
The response efforts encompassed the following measures:

1. Incident Response Team Activation

2. Containment and Remediation

3. Communication and Transparency

4. Enhanced Security Measures
5. Customer Support and Compensation
Lessons Learned and Future Preparedness:
1. Continuous Vigilance
2. Investment in Cybersecurity
3. Collaboration and Information Sharing
4. Cybersecurity Awareness and Training
Conclusion:
The cyber attack on Mahesh Bank underscored the critical importance of cybersecurity in the
banking sector and served as a catalyst for heightened vigilance, resilience, and collaboration in
the face of evolving cyber threats.

27.Prepare a case study of cyber attack through Facebook Account

Title: Unveiling the Risks: A Case Study of a Cyber Attack Through a Compromised Facebook
Account
Introduction:
In the digital age, social media platforms like Facebook have become integral parts of our daily
lives, facilitating communication, networking, and sharing of information. However, these
platforms also pose significant cybersecurity risks, as demonstrated by a cyber attack perpetrated
through a compromised Facebook account. This case study explores the details of the attack, its
impact on the victim and their network, and the measures taken to mitigate the damage and
enhance security.
Background:
Facebook, one of the world's largest social media platforms, boasts billions of active users
worldwide. Its vast user base and interconnected nature make it an attractive target for
cybercriminals seeking to exploit vulnerabilities for various malicious purposes, including identity
theft, phishing, malware distribution, and financial fraud.
Incident:
In this case, a user named Sarah, an avid Facebook user with a large network of friends and
followers, fell victim to a cyber attack through her compromised Facebook account. The incident
unfolded as follows:
1. Unauthorized Access
2. Account Takeover
3. Impact
Response and Mitigation Efforts:
Upon discovering the unauthorized activity on her Facebook account, Sarah took immediate steps
to mitigate the damage and regain control:

1. Account Recovery
2. Communication
3. Reporting
4. Education and Awareness
Lessons Learned and Future Preparedness:
The cyber attack through Sarah's compromised Facebook account served as a wake-up call,
highlighting the following key lessons and best practices:

1. Vigilance Against Phishing

2. Strong Authentication Measures
3. Regular Security Audits
4. Cybersecurity Education
Conclusion:
The cyber attack through a compromised Facebook account underscores the pervasive nature of
cyber threats in the digital ecosystem and the importance of proactive cybersecurity measures.

29.Write a Program to download a file from HTTP server

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <arpa/inet.h>
#include <sys/socket.h>

#define BUFFER_SIZE 1024

void error(const char *msg) {

perror(msg);
exit(1);
}

int main(int argc, char *argv[]) {

if (argc != 4) {
fprintf(stderr, "Usage: %s <server_address> <port> <file_path>\n", argv[0]);
exit(1);
}

const char *server_address = argv[1];

 int port = atoi(argv[2]);
const char *file_path = argv[3];

// Create socket
int sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) {
error("ERROR opening socket");
}

struct sockaddr_in server_addr;

server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(port);
server_addr.sin_addr.s_addr = inet_addr(server_address);

// Connect to server
if (connect(sockfd, (struct sockaddr *)&server_addr, sizeof(server_addr)) < 0) {
error("ERROR connecting");
}

// Send HTTP GET request

char request[BUFFER_SIZE];
snprintf(request, BUFFER_SIZE, "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n", file_path,
server_address);
if (send(sockfd, request, strlen(request), 0) < 0) {
error("ERROR sending request");
}

// Receive response and save to file

FILE *file = fopen("downloaded_file", "wb");
if (!file) {
error("ERROR opening file");
}

char buffer[BUFFER_SIZE];
 int bytes_received;
while ((bytes_received = recv(sockfd, buffer, BUFFER_SIZE, 0)) > 0) {
fwrite(buffer, 1, bytes_received, file);
}

if (bytes_received < 0) {
error("ERROR receiving data");
}

fclose(file);
close(sockfd);
printf("File downloaded successfully.\n");
return 0;
}

31.Write the steps to detect the number of devices connected to wifi and
block unauthorized devices
Detecting the number of devices connected to a Wi-Fi network and blocking unauthorized devices
involves several steps. Below are the general steps you can follow:
1. Access Router Settings
2. Navigate to Connected Devices
3. Identify Authorized Devices
4. Identify Unauthorized Devices
5. Block Unauthorized Devices
6. Verify Block
7. Regular Monitoring and Maintenance

32.Prepare a case study on Crypto currency Cyber attack. (Ex: Grim

Fina
Title: Grim Finance: Unraveling the Cyber Attack on a Cryptocurrency Platform

Introduction:
The emergence of cryptocurrencies has transformed the landscape of finance, offering
decentralized and secure alternatives to traditional banking systems. However, this revolutionary
technology also presents new challenges, including cybersecurity threats. This case study delves
into the Grim Finance cyber attack, a notable incident that rocked the cryptocurrency world,
highlighting the vulnerabilities inherent in digital assets and the repercussions of such attacks.
Background:
Grim Finance was a prominent cryptocurrency exchange platform known for its user-friendly
interface, wide range of supported cryptocurrencies, and robust security measures. Catering to a
global clientele, the platform facilitated trading, investment, and storage of various digital assets,
attracting a large user base of investors and enthusiasts alike.

Incident:
In a stunning turn of events, Grim Finance fell victim to a sophisticated cyber attack in July 2023,
marking one of the largest breaches in the history of cryptocurrency exchanges. The attack
unfolded as follows:

1. Breach of Security
2. Theft of Funds
3. Manipulation of Markets
Response and Mitigation Efforts:
In the aftermath of the cyber attack, Grim Finance initiated a multifaceted response aimed at
containing the breach, mitigating the damage, and restoring trust in the platform:

1. Incident Response Team Activation

2.User Notification and Support
3. Law Enforcement Collaboration
4. Platform Rebuilding and Security Enhancement
5. Rebuilding Trust and Reputation
Lessons Learned and Future Preparedness:
The Grim Finance cyber attack underscored several critical lessons for cryptocurrency exchanges
and the broader blockchain ecosystem:

1. Heightened Security Awareness

2. Regulatory Compliance and Accountability
3. Collaboration and Information Sharing
4. User Education and Empowerment
Conclusion:
The Grim Finance cyber attack serves as a sobering reminder of the evolving threat landscape
facing cryptocurrency exchanges and the imperative of robust cybersecurity measures to
safeguard digital assets and preserve investor trust.
33.Write an algorithm and Program for encrypting a plain text and
decrypting a cipher text using Caesar Cipher.

Algorithm for encryption and decryption:

Define a function encrypt to encrypt plaintext using the Caesar Cipher:

a. Iterate over each character in the plaintext
b. For each character, shift it by the specified number of positions (shift) in the alphabet.
c. Handle wrapping around the alphabet by using modulo % operator.
d. Append the shifted character to the encrypted text.
e. Print the encrypted text.

Define a function decrypt to decrypt ciphertext using the Caesar Cipher:

a. Iterate over each character in the ciphertext.
b. For each character, shift it back by the specified number of positions (shift) in the alphabet.
c. Handle wrapping around the alphabet by using modulo % operator.
d. . Append the shifted character to the decrypted text.
e. . Print the decrypted text.

Program:
#include <stdio.h>

void encrypt(char text[], int shift) {

int i;
for (i = 0; text[i] != '\0'; ++i) {
if (text[i] >= 'a' && text[i] <= 'z') {
text[i] = ((text[i] - 'a') + shift) % 26 + 'a';
} else if (text[i] >= 'A' && text[i] <= 'Z') {
text[i] = ((text[i] - 'A') + shift) % 26 + 'A';
}
}
printf("Encrypted text: %s\n", text);
}

void decrypt(char text[], int shift) {

int i;
for (i = 0; text[i] != '\0'; ++i) {
if (text[i] >= 'a' && text[i] <= 'z') {
text[i] = ((text[i] - 'a') - shift + 26) % 26 + 'a';
} else if (text[i] >= 'A' && text[i] <= 'Z') {
 text[i] = ((text[i] - 'A') - shift + 26) % 26 + 'A';
}
}
printf("Decrypted text: %s\n", text);
}

int main() {
char plaintext[100], ciphertext[100];
int shift;

printf("Enter plaintext: ");

scanf("%[^\n]s", plaintext);

printf("Enter the shift value: ");

scanf("%d", &shift);

// Encrypt plaintext
strcpy(ciphertext, plaintext);
encrypt(ciphertext, shift);

// Decrypt ciphertext
decrypt(ciphertext, shift);

return 0;
}

34.Write an algorithm and Program to implement Data

Encryption Standard (DES) for encryption and
decryption

Algorithm:
1. Define the initial and final permutation tables (IP and FP).
2. Define the 16 round keys using the key schedule algorithm.
3. Perform the initial permutation (IP) on the plaintext.
4. Divide the permuted plaintext into left and right halves (L0 and R0).
5. Perform 16 rounds of encryption/decryption using the Feistel function:
a. Expand the right half (Ri) to 48 bits using the expansion permutation table.
b. XOR the expanded Ri with the round key (Ki).
 c. Apply the S-box substitutions to the XOR result.
d. Permute the result using the P-box permutation table.
e. XOR the permuted result with the left half (Li-1).
f. Update Li = Ri-1 and Ri = XOR result.
6. Perform the final permutation (FP) on the concatenated Ri and Li.
7. Output the ciphertext.

Program:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

// Define permutation tables

int initial_permutation[] = {58, 50, 42, 34, 26, 18, 10, 2,
60, 52, 44, 36, 28, 20, 12, 4,
62, 54, 46, 38, 30, 22, 14, 6,
64, 56, 48, 40, 32, 24, 16, 8,
57, 49, 41, 33, 25, 17, 9, 1,
59, 51, 43, 35, 27, 19, 11, 3,
61, 53, 45, 37, 29, 21, 13, 5,
63, 55, 47, 39, 31, 23, 15, 7};

int final_permutation[] = {40, 8, 48, 16, 56, 24, 64, 32,

39, 7, 47, 15, 55, 23, 63, 31,
38, 6, 46, 14, 54, 22, 62, 30,
37, 5, 45, 13, 53, 21, 61, 29,
36, 4, 44, 12, 52, 20, 60, 28,
35, 3, 43, 11, 51, 19, 59, 27,
34, 2, 42, 10, 50, 18, 58, 26,
33, 1, 41, 9, 49, 17, 57, 25};

// Perform permutation
void permutation(int *input, int *output, int *permutation_table, int size) {
for (int i = 0; i < size; i++) {
output[i] = input[permutation_table[i] - 1];
}
}

// DES encryption/decryption
void des_encrypt_decrypt(int *block, int *subkeys, int rounds) {
int left[32], right[32], temp[32];

// Initial permutation
permutation(block, temp, initial_permutation, 64);
memcpy(left, temp, 32);
memcpy(right, temp + 32, 32);

// Rounds
for (int i = 0; i < rounds; i++) {
memcpy(temp, right, 32);

// Expansion permutation
permutation(right, temp, expansion_permutation, 48);

// XOR with subkey

for (int j = 0; j < 48; j++) {
temp[j] ^= subkeys[i][j];
}

// S-box substitution
sbox_substitution(temp);

// P-box permutation
permutation(temp, temp, pbox_permutation, 32);

// XOR with left half

for (int j = 0; j < 32; j++) {
temp[j] ^= left[j];
}

// Update left and right halves

memcpy(left, right, 32);
memcpy(right, temp, 32);
}

// Final permutation
memcpy(temp, right, 32);
memcpy(temp + 32, left, 32);
 permutation(temp, block, final_permutation, 64);
}

int main() {
// Define plaintext and key
int plaintext[64] = {0, 0, 0, 0, 0, 0, 0, 1,
0, 0, 0, 0, 0, 0, 1, 0,
0, 0, 0, 0, 0, 0, 1, 1,
0, 0, 0, 0, 0, 1, 0, 0,
0, 0, 0, 0, 0, 1, 0, 1,
0, 0, 0, 0, 0, 1, 1, 0,
0, 0, 0, 0, 0, 1, 1, 1,
0, 0, 0, 0, 1, 0, 0, 0};

int key[64] = {0, 0, 0, 0, 0, 0, 0, 0,

0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0};

// Generate subkeys
int subkeys[16][48];
generate_subkeys(key, subkeys);

// Perform DES encryption

des_encrypt_decrypt(plaintext, subkeys, 16);

// Output ciphertext
printf("Ciphertext: ");
for (int i = 0; i < 64; i++) {
printf("%d", plaintext[i]);
}
printf("\n");

return 0;
}
35.Write RSA algorithm and Program to implement RSA Standard for
encryption
and decryption

Algorithm:

1. Key Generation:
a. Choose two large prime numbers, p and q.
b. Calculate the modulus n = p * q.
c. Compute Euler's totient function φ(n) = (p - 1) * (q - 1).
d. Choose an integer e such that 1 < e < φ(n) and gcd(e, φ(n)) = 1.
e. Compute the modular multiplicative inverse d of e modulo φ(n), i.e., d * e ≡ 1 (mod φ(n)).
f. The public key is (n, e) and the private key is (n, d).

2. Encryption:
a. Convert the plaintext message M to an integer m such that 0 ≤ m < n.
b. Compute the ciphertext C ≡ m^e (mod n).

3. Decryption:
a. Compute the plaintext message M ≡ C^d (mod n).

Program:

#include <stdio.h>
#include <stdlib.h>
#include <math.h>

// Function to compute the greatest common divisor (gcd) of two numbers

int gcd(int a, int b) {
if (b == 0)
return a;
return gcd(b, a % b);
}

// Function to compute the modular multiplicative inverse of 'a' modulo 'm'

int mod_inverse(int a, int m) {
a = a % m;
for (int x = 1; x < m; x++) {
if ((a * x) % m == 1)
return x;
}
return -1;
}

// Function to generate RSA keys

void generate_keys(int p, int q, int *n, int *e, int *d) {
*n = p * q;
int phi = (p - 1) * (q - 1);

// Choose public key exponent e such that 1 < e < phi(n) and gcd(e, phi(n)) = 1
*e = 2;
 while (gcd(*e, phi) != 1) {
(*e)++;
}

// Compute private key exponent d such that (d * e) % phi(n) = 1

*d = mod_inverse(*e, phi);
}

// Function to perform RSA encryption

int rsa_encrypt(int plaintext, int e, int n) {
return (int)pow(plaintext, e) % n;
}

// Function to perform RSA decryption

int rsa_decrypt(int ciphertext, int d, int n) {
return (int)pow(ciphertext, d) % n;
}

int main() {
int p, q, n, e, d;
int plaintext, ciphertext;

// Input prime numbers p and q

printf("Enter two prime numbers (p and q): ");
scanf("%d %d", &p, &q);

// Generate RSA keys

generate_keys(p, q, &n, &e, &d);
printf("Public Key (n, e): (%d, %d)\n", n, e);
printf("Private Key (n, d): (%d, %d)\n", n, d);

// Input plaintext
printf("Enter plaintext message: ");
scanf("%d", &plaintext);

// RSA encryption
ciphertext = rsa_encrypt(plaintext, e, n);
printf("Encrypted message (ciphertext): %d\n", ciphertext);

// RSA decryption
plaintext = rsa_decrypt(ciphertext, d, n);
printf("Decrypted message (plaintext): %d\n", plaintext);

return 0;
}

36.Write the steps to analyze the E-Mail Application’s security vulnerabilities.

Below are the steps to conduct such an analysis:

1. Review Application Architecture

2. Assess Authentication Mechanisms
3. Analyze Encryption Practices
4. Investigate Authorization Controls
5. Inspect Input Validation and Sanitization
6. Evaluate Session Management
7. Check for Cross-Site Request Forgery (CSRF) Protection
8. Review Error Handling and Logging
9. Assess Third-Party Integrations and Dependencies
10. Perform Security Testing
11. Document Findings and Remediation Recommendations
12. Implement Remediation Measures
13. Regularly Monitor and Update Security Controls

37..What is SQL Injection? Write steps for SQL Injection attack on

Insert, Update and Delete.

SQL injection is a type of security vulnerability that occurs when an

attacker inserts malicious SQL code into input fields of an
application, which is then executed by the application's database
server. This can lead to unauthorized access, data leakage, data
manipulation, and other malicious activities. SQL injection attacks
are prevalent in web applications that use SQL databases for data
storage and retrieval.

Steps for SQL Injection Attack:

1. Identify Injection Point

2. Understand SQL Query Structure
3. Insertion Attack
- Example:
```
User input: '); DROP TABLE users; --
SQL query: INSERT INTO table_name (column1) VALUES ('user_input');
Malicious input: '); DROP TABLE users; --
Resulting query: INSERT INTO table_name (column1) VALUES (''); DROP
TABLE users; --');
```
- The attacker's input terminates the original INSERT statement, executes
the DROP TABLE command to delete the "users" table, and comments out the
remaining query to avoid syntax errors.

4. Update Attack
- Example:
```
 User input: ' WHERE id=1; DROP TABLE users; --
SQL query: UPDATE table_name SET column1 = 'new_value' WHERE
condition;
Malicious input: ' WHERE id=1; DROP TABLE users; --
Resulting query: UPDATE table_name SET column1 = 'new_value' WHERE
condition; DROP TABLE users; --';
```
5. Deletion Attack
- Example:
```
User input: ' OR 1=1; DROP TABLE users; --
SQL query: DELETE FROM table_name WHERE condition;
Malicious input: ' OR 1=1; DROP TABLE users; --
Resulting query: DELETE FROM table_name WHERE condition OR 1=1;
DROP TABLE users; --';
```
6. Execute Attack
7. Mitigation

38.Write an algorithm and a Program to implement Diffie Hellman Key

The Diffie-Hellman key exchange algorithm allows two parties to establish a

shared secret key over an insecure communication channel without any prior
shared secret. Below is the algorithm and a C program to implement the Diffie-
Hellman key exchange:

Algorithm:

1. Choose two large prime numbers, p and g.

2. Sender (Alice) computes her private key (a) and public key (A) as follows:
- Select a random integer 'a' such that 1 < a < p-1.
- Compute A = g^a mod p.
3. Receiver (Bob) computes his private key (b) and public key (B) as follows:
- Select a random integer 'b' such that 1 < b < p-1.
- Compute B = g^b mod p.
4. Alice and Bob exchange their public keys (A and B) over the insecure
channel.
5. Alice computes the shared secret key (K) as follows:
- Compute K = B^a mod p.
6. Bob computes the shared secret key (K) as follows:
- Compute K = A^b mod p.
7. The shared secret key (K) derived by both Alice and Bob is identical.

Program:
#include <stdio.h>
#include <stdlib.h>
#include <math.h>

// Function to compute modulo exponentiation (a^b mod p)

unsigned long long power_modulo(unsigned long long base, unsigned long long
exponent, unsigned long long modulus) {
unsigned long long result = 1;
base = base % modulus;
while (exponent > 0) {
if (exponent & 1)
result = (result * base) % modulus;
exponent = exponent >> 1;
base = (base * base) % modulus;
}
return result;
}

int main() {
unsigned long long p, g, a, b, A, B, K1, K2;

// Step 1: Choose large prime number p and primitive root g

printf("Enter prime number (p): ");
scanf("%llu", &p);
printf("Enter primitive root (g): ");
scanf("%llu", &g);

// Step 2: Alice computes her private key (a) and public key (A)
printf("Enter Alice's private key (a): ");
scanf("%llu", &a);
A = power_modulo(g, a, p);

// Step 3: Bob computes his private key (b) and public key (B)
printf("Enter Bob's private key (b): ");
scanf("%llu", &b);
B = power_modulo(g, b, p);

// Step 4: Exchange public keys (A and B) over insecure channel

// Step 5: Alice computes the shared secret key (K1)

K1 = power_modulo(B, a, p);

// Step 6: Bob computes the shared secret key (K2)

K2 = power_modulo(A, b, p);

// Step 7: Verify shared secret keys are identical

if (K1 == K2) {
printf("Shared Secret Key (K) is: %llu\n", K1);
} else {
printf("Error: Shared Secret Key Mismatch\n");
}
 return 0;
}
```

39.Write an RSA algorithm and Program to implement digital

Signature Scheme

Implementing an RSA-based digital signature scheme involves generating key

pairs (public and private keys), signing a message with the private key, and
verifying the signature with the public key. Below is the algorithm and a C
program to demonstrate the RSA digital signature scheme:

Algorithm:

1. Key Generation
2. Signature Generation
3. Signature Verification
Program:

#include <stdio.h>
#include <stdlib.h>
#include <math.h>
#include <string.h>

// Function to compute the greatest common divisor (gcd) of two numbers

int gcd(int a, int b) {
if (b == 0)
return a;
return gcd(b, a % b);
}

// Function to compute the modular multiplicative inverse of 'a' modulo 'm'

int mod_inverse(int a, int m) {
a = a % m;
for (int x = 1; x < m; x++) {
if ((a * x) % m == 1)
return x;
}
return -1;
}
// Function to compute modulo exponentiation (a^b mod p)
unsigned long long power_modulo(unsigned long long base, unsigned long
long exponent, unsigned long long modulus) {
unsigned long long result = 1;
base = base % modulus;
while (exponent > 0) {
if (exponent & 1)
result = (result * base) % modulus;
exponent = exponent >> 1;
base = (base * base) % modulus;
}
return result;
}

int main() {
unsigned long long p, q, n, e, d, message, signature, decrypted_signature;

// Step 1: Key Generation

printf("Enter prime number p: ");
scanf("%llu", &p);
printf("Enter prime number q: ");
scanf("%llu", &q);

n = p * q;
unsigned long long phi = (p - 1) * (q - 1);

// Choose public key exponent 'e' such that 1 < e < phi(n) and gcd(e,
phi(n)) = 1
printf("Enter public key exponent e: ");
scanf("%llu", &e);

// Compute private key exponent 'd' such that (d * e) % phi(n) = 1

d = mod_inverse(e, phi);

// Step 2: Signature Generation

printf("Enter message to sign: ");
scanf("%llu", &message);
 // Encrypt message digest using private key to generate digital signature
signature = power_modulo(message, d, n);

printf("Digital Signature: %llu\n", signature);

// Step 3: Signature Verification

printf("Enter received signature: ");
scanf("%llu", &decrypted_signature);

// Decrypt received signature using public key to obtain decrypted message

digest
unsigned long long decrypted_message =
power_modulo(decrypted_signature, e, n);

// Compare original message with decrypted message

if (decrypted_message == message) {
printf("Signature is valid.\n");
} else {
printf("Signature is invalid.\n");
}

return 0;
}

40.Write an algorithm and Program to generate Pseudo Random

numbers in a range

Generating pseudo-random numbers in a range typically involves using a

random number generator function to produce numbers within the desired
range. Below is an algorithm and a C program to generate pseudo-random
numbers within a specified range:

Algorithm:

1. Input the lower bound (min) and upper bound (max) of the desired range.
2. Use a random number generator function to generate a pseudo-random
number.
3. Scale and shift the generated number to fit within the specified range.
4. Output the generated pseudo-random number.
Program:
#include <stdio.h>
#include <stdlib.h>
#include <time.h>

// Function to generate pseudo-random numbers in a range [min, max]

int generate_random_number(int min, int max) {
// Seed the random number generator with current time
srand(time(NULL));

// Generate a pseudo-random number between 0 and RAND_MAX

int random_num = rand();

// Scale and shift the generated number to fit within the specified range
random_num = (random_num % (max - min + 1)) + min;

return random_num;
}

int main() {
int min, max, num;

// Input lower and upper bounds of the range

printf("Enter the lower bound: ");
scanf("%d", &min);
printf("Enter the upper bound: ");
scanf("%d", &max);

// Generate pseudo-random number in the specified range

num = generate_random_number(min, max);

// Output the generated pseudo-random number

printf("Pseudo-random number in the range [%d, %d]: %d\n", min, max,
num);

return 0;
}

46. Write a Program to validate your Email address

#include <stdio.h>
#include <string.h>
#include <regex.h>

int validate_email(char *email) {

// Regular expression pattern for validating email address
char *pattern = "^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$";

// Compile the regular expression

regex_t regex;
if (regcomp(&regex, pattern, REG_EXTENDED) != 0) {
fprintf(stderr, "Error: Failed to compile regular expression\n");
return 0;
}

// Execute the regular expression to match the email address

int result = regexec(&regex, email, 0, NULL, 0);

// Free the compiled regular expression

regfree(&regex);

// Check if the email address matches the pattern

if (result == 0) {
return 1; // Valid email address
} else {
return 0; // Invalid email address
}
}

int main() {
char email[100];

// Input email address from the user

printf("Enter your email address: ");
scanf("%s", email);

// Validate the email address

if (validate_email(email)) {
 printf("Valid email address\n");
} else {
printf("Invalid email address\n");
}

return 0;
}

47.Write the steps to check the devices connected to your internet

and about data usage

To check the devices connected to your internet network and monitor data
usage, you can follow these steps:

1. Access Your Router's Admin Interface

2. View Connected Devices
3. Check Data Usage
4. Set Usage Limits and Alerts (Optional)
5. Secure Your Network

50. Write the steps to read Email Headers and identify them as
SPAM.

Reading email headers and identifying them as spam involves analyzing the
information contained in the headers and looking for indicators that suggest
the email may be spam. Below are the steps to read email headers and
identify them as spam:

1. Access Email Headers:

- Open the email client or webmail interface where the email is received.
- Locate the option to view the email headers. This option is typically
available in the email settings or by right-clicking on the email and selecting
"View Headers" or "Show Original."

2. Analyze Header Information:

- Examine the email headers to gather information about the email's origin,
route, and authentication.
- Look for specific header fields such as:
- **From**: The sender's email address.
- **To**: The recipient's email address.
- **Subject**: The subject line of the email.
 - **Date**: The date and time the email was sent.
- **Received**: This field contains a list of servers that processed the
email. Trace the route to identify any suspicious or unfamiliar servers.
- **Authentication**: Check for authentication results such as SPF (Sender
Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-
based Message Authentication, Reporting, and Conformance) to verify the
legitimacy of the sender.

3. Identify Suspicious Indicators:

- Look for common characteristics of spam emails, including:
- Unknown or suspicious sender addresses.
- Misspellings or odd formatting in the subject line or body of the email.
- Excessive use of capital letters, punctuation marks, or symbols.
- Unusual or unexpected attachments or links.
- Requests for personal or sensitive information.
- Generic greetings or overly formal language.
- Threats, urgency, or offers that seem too good to be true.
- Messages claiming to be from reputable organizations but containing
mismatched or suspicious URLs.

4. Check for Spam Signatures:

- Use spam filtering software or online spam databases to check if the email
has been reported as spam by other users.
- Compare the email headers and content against known patterns or
signatures of spam messages.
- Look for keywords, phrases, or patterns that are commonly associated with
spam.

5. Use Spam Filters:

- Configure spam filters in your email client or server settings to
automatically detect and flag suspected spam emails based on predefined
criteria.
- Train the spam filter by marking emails as spam or not spam to improve
its accuracy over time.

6.Take Action:
- Once you have identified an email as spam, take appropriate action:
- Delete the email to prevent further interaction.
- Report the email as spam to your email provider or spam reporting
organization.
- Add the sender's email address or domain to your email client's blocklist
to prevent future emails from reaching your inbox.
 - Educate yourself and others about common spam tactics and how to
recognize and avoid them.