B.

Com (Computer Applications) CBCS Semester - VI

Cyber Security Practical Record
________________________________________

1. What are the Roles and Responsibilities of System Administrator? Write the steps
for creating the User account, setting permissions and protecting your files with
password.
Roles and Responsibilities of System Administrator:

The system administrator’s responsibilities are diverse and involve many areas of an

organization’s technology systems.

 Design, organize, modify, and support an organization’s computer systems, including

operating systems, business applications, security tools, web servers, email systems, and
user hardware (laptops, PCs).
 Quickly resolve any system failures and troubleshoots issues.
 Upgrade and manage hardware and software.
 Research upcoming products, service protocols, and standards in support of systems
software procurement and development efforts.
 Install and configure local area networks (LANs), wide area networks (WANs), and
network segments and servers, such as file servers, VPN gateways, and intrusion
detection systems.
 Ensure an uninterrupted internet connection and manages mail servers for sending and
receiving emails and file servers for saving and managing data.
 Oversee system performance and report generation.
 Manage user accounts, credentials, permissions, access rights, storage allocations, and
active directory administration.
 Lead process improvements and modifications.
 Secure system integrity from any breaches or viruses and play an essential role in risk
mitigation planning, including creating backup plans, safeguards for data, user security
policies, and identity management.
 Ensure high-level security and efficiency resulting in 100% output.
 Develop and execute backup and recovery plan.
 Maintain internal documentation through wiki.
 Offer technical support and training for staff.

1
Steps for Creating User Accounts:

 Start > Settings > Accounts > Family & other people. Under Other people, click Add
someone else to this PC.
 In the resulting dialog, enter a username, password, confirm the password then create a
hint.
 Click Next to complete the creation of the account.

Password protect a folder or a file:

1. Navigate to the folder or file you want to encrypt.

2. Right-click on the item, click Properties, then click Advanced.
3. Check Encrypt contents to secure data. Click OK, then click Apply.
4. Windows then asks if you want to encrypt only the file or its parent folder and all the files
within that as well. Opt for full-folder encryption to be safe.
5. Then, when you navigate to the encrypted folder, you’ll see a small yellow lock on the file
icon. When you add new content to that folder, it will automatically be encrypted as well.

2. Write the steps for disk partitioning and perform operations like shrinking,
Extending, deleting and formatting.
Shrink the existing volume:

1. Type and search [Computer Management] in the Windows search bar, then click [Run
2. as administrator].
3. In Computer Management, select [Disk Management].
4. In Disk Management, right-click the existing volume you want an additional partition, then
select [Shrink Volume].
5. Shrink volume will automatically calculate the maximum space that you can shrink, you
also can enter the size you want to shrink, and then select [Shrink].
6. After the shrink is completed, an unallocated region will be created in Disk Management,
and then you can use the unallocated region to create a new partition.

Extend the existing volume:

1. Type and search [Computer Management] in the Windows search bar, then click [Run as
2. administrator].
3. In Computer Management, select [Disk Management].
4. In Disk Management, right-click the existing volume you want to extend, then select
[Extend Volume].
5. In Extend Volume Wizard, select [Next].
6. Enter the size of the volume you want to extend or accept the maximum default size, and
then select [Next].
7. The volume extension is completed, confirm the following settings you set up, and then
select [Finish].

2
Deleting Volume:

1. Type and search [Computer Management] in the Windows search bar, then click [Run as
administrator].
2. In Computer Management, select [Disk Management]. In the Disk Management window,
you see a list of available hard drives.
3. Locate the partition you want to delete.
4. Right-click that partition and select the Delete Volume option from the drop-down menu
that appears.
5. A pop-up message appears to confirm that you want to delete the partition; click yes.
6. Once the partition is deleted, it is listed as unallocated space.

Create New Partition:

1. Type and search [Computer Management] in the Windows search bar, then click [Run as
administrator].
2. Right-click an unallocated region on your hard disk, and then select New Simple Volume.
3. In the New Simple Volume Wizard, select Next.
4. Enter the size of the volume you want to create in megabytes (MB) or accept the Maximum
default size, and then select Next.
5. Accept the default drive letter or choose a different drive letter to identify the partition,
and then select Next.
6. Click on Finish.

3. Prepare a Case study on Ransomware attacks. (Ex: MediaMarkt)

Ransomware:

Definition:

Ransomware is a type of malicious software (malware) that threatens to publish or blocks

access to data or a computer system, usually by encrypting it, until the victim pays a ransom
fee to the attacker. In many cases, the ransom demand comes with a deadline. If the victim
doesn’t pay in time, the data is gone forever or the ransom increases.

Ransomware attacks are all too common these days. Major companies in North America and
Europe alike have fallen victim to it. Cybercriminals will attack any consumer or any business
and victims come from all industries.

MediaMarkt:

Electronics retail giant MediaMarkt has suffered a Hive ransomware with an initial ransom
demand of $240 million, causing IT systems to shut down and store operations to be disrupted
in Netherlands and Germany.

3
MediaMarkt is Europe's largest consumer electronics retailer, with over 1,000 stores in 13
countries. MediaMarkt employs approximately 53,000 employees and has a total sale of
€20.8 billion.

A Hive Ransomware Attack:

 MediaMarkt suffered a ransomware attack late Sunday evening into Monday morning
that encrypted servers and workstations and led to the shutdown of IT systems to prevent
the attack's spread.

 Bleeping Computer has learned that the attack affected numerous retail stores
throughout Europe, primarily those in the Netherlands.

 While online sales continue to function as expected, cash registers cannot accept credit
cards or print receipts at affected stores. The systems outage is also preventing returns
due to the inability to look up previous purchases.

 Local media reports that internal MediaMarkt communications tell employees to avoid
encrypted systems and disconnect cash registers from the network.

 Screenshots posted on Twitter of alleged internal communications state that 3,100

servers were affected in this attack. However, Bleeping Computer has not been able to
corroborate those statements at this time.

Ransomware Prevention and Detection:

Prevention for ransomware attacks typically involves setting up and testing backups as well
as applying ransomware protection in security tools. Security tools such as email protection
gateways are the first line of defence, while endpoints are a secondary defence. Intrusion
Detection Systems (IDSs) are sometimes used to detect ransomware command-and-control
to alert against a ransomware system calling out to a control server. User training is
important, but user training is just one of several layers of defence to protect against
ransomware, and it comes into play after the delivery of ransomware via an email phish.

5. Write the steps to make Microsoft Chrome as a default browser, Add Active X
Controls and Add–on to the Browser.
Make Default Browser:

1. Once downloaded, open Google Chrome.

2. Click the three vertical dots in the upper-right corner to open the menu.

3. Select Settings from the list.

4
4. Click on Default browser from the menu on the left.

Add Add-on to chrome:

1. Click on Default browser from the menu on the left.

2. Search or browse for the extension you want to add to Chrome. Click the extension to open
its details page.

3. Click Add to Chrome. In the pop-up, click Add extension.

4. After a moment, the extension will be added to Chrome.

Add Active-x Controls:

Step 1: Open your Google Chrome browser.

Step 2: Click on the Google Chrome menu option (three horizontal or vertical lines/dots,
depending on the version that you have installed).

Step 3: Click on Settings.

Step 4: Scroll to the bottom of the page and select Advanced

Step 5: Navigate to the System section.

Step 6: Select Open Proxy Settings and a new popup window will appear.

Step 7: Click on the Security tab and select Custom Level (located under the Security Level for
This Zone section).

From there, you will be able to see all the security settings that you can change. Scroll down

and select the Prompt option for both “Download Signed ActiveX Controls” and “Download

Unsigned ActiveX Controls sections”. Also, make sure that Enable has been checked in the

“Run ActiveX Control and Plug-Ins” section.

Click on ‘OK‘ and restart your browser for the changes to be saved.

7. What is Wi-Fi? How do you configure the Wi-Fi on Windows operating system.
Wi-Fi:

Wi-Fi is a wireless networking technology that allows devices such as computers (laptops and
desktops), mobile devices and other equipment to interface with the Internet. It allows these
devices--and many more--to exchange information with one another, creating a network.

Internet connectivity occurs through a wireless router. When you access Wi-Fi, you are
connecting to a wireless router that allows your Wi-Fi-compatible devices to interface with
the Internet.

5
1. Once you've acquired a wireless router, you'll need to connect it to your existing
2. Internet modem.
3. Connect an Ethernet cable from your modem to the wireless router.
4. Plug in the power cable for the wireless router.
5. you'll need to use your computer to configure your router's default settings
6. Using your web browser, enter the router's default IP address into the address bar, then
press Enter.
7. some of the most common addresses include 192.168.0.1, 192.168.1.1, and 192.168.2.1.
8. The router's sign-in page will appear. Again, the exact sign-in details should be included
with your router's instructions.
9. Your router's settings page will appear. Locate and select the Network Name setting, then
enter a unique network name.
10. Locate and select the Network Password setting, and choose an Encryption option. There
are several types of encryptions you can use, but we recommend WPA2, which is generally
considered to be the most secure.
11. Enter your desired password. Make sure to use a strong password to help ensure no one
else can access your network.
12. Locate and select the Save button to save your settings.

9. What are the features of firewall? Write the steps in providing network security
and to set Firewall Security in windows.
Firewall:

A firewall is a network security system that is designed to prevent unauthorized access to or from a
private network.

It is a security best practice to use a firewall, especially for businesses that have confidential customer
data to protect. Enabling your firewall is a common security policy and procedure to protect you and
your company.

You can implement a firewall in both hardware and software, or a combination of both. Frequently,
businesses use network firewalls to prevent unauthorized Internet users from accessing private
networks connected to the Internet.

Steps Providing Network Security:

1. Open the Control Panel in Windows.

2. Click on System and Security.
3. Click on Windows Firewall.
4. If your firewall is disabled, you’ll see Windows Firewall marked “Off.” To turn it on, in the left
navigation pane, you can click on Turn Windows Firewall on or off.
5. In the Customize Settings window, select Turn on Windows Firewall and click OK.

6
12.Write a Program to identify the category of IP address for a given IP address
Program:

#include <stdio.h>

#include <string.h>

void extractIpAddress(unsigned char *sourceString,short *ipAddress)

unsigned short len=0;

unsigned char oct[4]={0},cnt=0,cnt1=0,i,buf[5];

len=strlen(sourceString);

for(i=0;i<len;i++)

if(sourceString[i]!='.')

buf[cnt++] =sourceString[i];

if(sourceString[i]=='.' || i==len-1)

buf[cnt]='\0';

cnt=0;

oct[cnt1++]=atoi(buf);

ipAddress[0]=oct[0];

ipAddress[1]=oct[1];

ipAddress[2]=oct[2];

ipAddress[3]=oct[3];

int main()

7
{

unsigned charip[20]={0};

short ipAddress[4];

printf("Enter IP Address (xxx.xxx.xxx.xxx format): ");

scanf("%s",ip);

extractIpAddress(ip,&ipAddress[0]);

printf("\nIpAddress:%03d.%03d.%03d.%03d\n",ipAddress[0],ipAddress[1],ipAddress[2],ipAd
dress[3];

if(ipAddress[0]>=0 && ipAddress[0]<=127)

printf("Class A Ip Address.\n");

if(ipAddress[0]>127 && ipAddress[0]<191)

printf("Class B Ip Address.\n");

if(ipAddress[0]>191 && ipAddress[0]<224)

printf("Class C Ip Address.\n");

if(ipAddress[0]>224 && ipAddress[0]<=239)

printf("Class D Ip Address.\n");

if(ipAddress[0]>239)

printf("Class E Ip Address.\n");

return 0;

Output:

Enter IP Address (xxx.xxx.xxx.xxx format): 145.160.017.001

Ip Address: 145. 160. 017. 001

Class B Ip Address.

13.Write a Program to check the strength of the password.

Program:

#include <bits/stdc++.h>

void printStrongNess(string& input)

8
{

int n = input.length();

bool hasLower = false, hasUpper = false;

bool hasDigit = false, specialChar = false;

string normalChars = "abcdefghijklmnopqrstu"

"vwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890 ";

for (int i = 0; i < n; i++)

if (islower(input[i]))

hasLower = true;

if (isupper(input[i]))

hasUpper = true;

if (isdigit(input[i]))

hasDigit = true;

size_tspecial = input.find_first_not_of(normalChars);

if (special != string::npos)

specialChar = true;

// Strength of password

cout << "Strength of password:-";

if (hasLower && hasUpper && hasDigit && specialChar && (n >= 8))

cout << "Strong" << endl;

else if ((hasLower || hasUpper) && specialChar && (n >= 6))

cout << "Moderate" << endl;

else

cout << "Weak" << endl;

int main()

9
{

string input = "Password@124";

printStrongNess(input);

return 0;

Output:

Strength of password:-Strong

16.Write a Program to search the given pattern using optimized algorithm

Program:

#include <stdio.h>

#include <string.h>

void search(char pat[], char txt[])

int M = strlen(pat);

int N = strlen(txt);

int i = 0;

while (i <= N - M) {

int j;

/* For current index i, check for pattern match */

for (j = 0; j < M; j++)

if (txt[i + j] != pat[j])

break;

if (j == M) // if pat[0...M-1] = txt[i, i+1, ...i+M-1]

printf("Pattern found at index %d \n", i);

i = i + M;

else if (j == 0)

10
i = i + 1;

else

i = i + j; // slide the pattern by j

int main()

char txt[] = "ABCEABCDABCEABCD";

char pat[] = "ABCD";

search(pat, txt);

return 0;

Output:

Pattern found at index 4

Pattern found at index 12

19. Write the steps to prevent the Denial-of-Service attacks.

Denial-of-Service attacks:

A distributed denial of service (DDoS) attack operates like its name implies; it’s a form of cyber-
attack that disrupts connectivity or network services to deny service for users. Attacks
generally feature tools, such as a bot, that overwhelm the network with repeated signals until
it can no longer process genuine requests from users.

Steps for DDoS Attack Prevention:

1. Organize a DDoS Attack Response Plan:

Don’t be caught blindsided by DDoS attacks; have a response plan ready in case of a security
breach so your organization can respond as promptly as possible. Your plan should document
how to maintain business operations if a DDoS attack is successful, any technical competencies
and expertise that will be necessary, and a systems checklist to ensure that your assets have
advanced threat detection.

2. Secure your Infrastructure with DDoS Attack Prevention Solutions:

Equip your network, applications, and infrastructure with multi-level protection strategies.
This may include prevention management systems that combine firewalls, VPN, anti-spam,
11
content filtering and other security layers to monitor activities and identity traffic
inconsistencies that may be symptoms of DDoS attacks.

3. Perform a Network Vulnerability Assessment:

Identify weakness in your networks before a malicious user does. A vulnerability assessment
involves identifying security exposures so you can patch up your infrastructure to be better
prepared for a DDoS attack, or for any cybersecurity risks in general.

4. Identify Warning Signs of a DDoS Attack:

If you can identify the symptoms of a DDoS attack as early as possible, you can take action and
hopefully mitigate damage. Spotty connectivity, slow performance, and intermittent web
crashes are all signs that your business may be coming under attack from a DDoS criminal.
Educate your team on signs of DDoS attacks so everyone can be alert for warning signs.

5. Adopt Cloud-Based Service Providers:

There are several benefits to outsourcing DDoS attack prevention to the cloud. Cloud providers
who offer high levels of cybersecurity, including firewalls and threat monitoring software, can
help protect your assets and network from DDoS criminals. The cloud also has greater
bandwidth than most private networks, so it is likely to fail if under the pressure of increased
DDoS attacks.

21. What is Malware? Write the steps to remove the malware from your PC.
Malware:

Malware is intrusive software that is designed to damage and destroy computers and
computer systems. Malware is a contraction for “malicious software.” Examples of common
malware includes viruses, worms, Trojan viruses, spyware, adware, and ransomware.

Removing a computer Malware from a PC:

Step 1: Download and install a virus scanner

Step 2: Disconnect from internet.

When you are removing a virus from your PC, it is a good idea to disconnect from the internet
to prevent further damage: some computer viruses use the internet connection to spread.

Step 3: Reboot your computer into safe mode:

Step 4: Delete any temporary files

Step 5: Run a virus scan

Step 6: Delete or quarantine the virus

Step 7: Reboot your computer

12
Step 8: Change all your passwords

Step 9: Update your software, browser and operating system.

22.What are the various types of Vulnerabilities for hacking the web applications.
Some of the most common attacks that hackers might attempt on your website. Knowing
these common web application vulnerabilities.

1: SQL Injection

Many hackers start with an attempt to gain access to the database through SQL injection
attacks. This is when the attacker inserts malicious SQL statements into form fields and other
injection points, with the intention of gathering information from and controlling the
database. They can use this information to access and modify or even destroy the information,
and to attack the underlying system.

Attackers typically use these attacks to collect vital customer information such as their contact
information, passwords, or even credit card info. They may even exploit these web security
vulnerabilities to change the price of a product, for instance. Advanced attacks can even allow
them to control the database server and the operating system.

2: Cross-Site Scripting (XSS)

As mentioned earlier, cross-site scripting or XSS is one of the most popular web application
vulnerabilities that could put your users’ security at risk. These attacks inject malicious code
into the running application and executes it on the client-side.

their devices with malware or stealing sensitive information. This type of website application
vulnerability can give the attacker full control of the user’s browser and can be extremely
dangerous to any website.

3: Authentication Failure

Authentication-related web application vulnerabilities occur when there’s an improper

implementation of adequate user authentication controls. This puts user accounts at risk of
being breached. Attackers may exploit these web security vulnerabilities to gain control over
any user account or even over the entire system.

One of these vulnerabilities is Credential Stuffing, where an attacker will test a list of valid
passwords and usernames gleaned from another breach or attack until they manage to find a
valid combination and gain access.

4: Security Misconfiguration

Security misconfigurations provide attackers with an easy way into your website, making it
one of the most critical web application vulnerabilities that you need to prevent.

13
Unused pages, unpatched flaws, unprotected files and directories, and default configurations,
are some of the security misconfigurations that attackers can leverage to gain unauthorized
access.

Every level of your application stack can be vulnerable to security misconfigurations. This
includes your web server, platform, database, network services, storage, frameworks,
application server, and more.

5: XML External Entities

An XML external entity attack, also known as an XXE, or an XML injection attack, is another
class of vulnerabilities you should watch out for. These types of attacks occur when attackers
exploit a weakly configured XML parser. Through such attacks, attackers can inject additional
data, access confidential data, and execute applications and create remote tunnels (shells).

XML external entity attacks can also result in remote code execution, Server-Side Request
Forgery(SSRF), and more. By default, most XML parsers are prone to these attacks. This leaves
it up to the developers to ensure that their web application is free from these web application
vulnerabilities.

6: Broken Access Control (Authorization Failure)

Access control helps you control what sections of a website and what application data
different visitors can access.

For instance, if your website is a platform for different sellers to list their products, they will
need some kind of access to add new products and manage their sales. However, not every
visitor will need that level of access since most of them are visiting your site to buy products.

As such, having a broken access control opens up your site to web application vulnerabilities,
which attackers can exploit to access sensitive information or unauthorized functionality. They
might even use these attacks to make modifications to access rights and user data.

23. Write steps for sharing files and printer remotely between two system
Share files from PC to PC:

Follow these steps to connect two computers having a Windows Operating system to share
the files between them:

Step 1: Connect two Computers using an ethernet cable.

Step 2: Click on Start->Control Panel->Network and Internet->Network and Sharing Centre.

Step 3: Click on option Change Advanced Sharing Settings in the upper-left side of the

window.

Step 4: Turn on file sharing. Check the Turn on file and printer sharing.

14
Step 5: To Share a folder follow these steps-

 Go to the folder’s location.

 Select the folder you want to share.
 Click on the Share tab and then on specific people
 Select everyone from the drop-down menu.
 Click Share
 Click Done

To share a printer:

1. From the Control Panel, open Devices and Printers.

2. Right-click the printer you want to share. Click Printer Properties, and then select the

Sharing tab.

3. Check Share this Printer. Under Share name, select a shared name to identify the printer.

Click OK.

24. List out the various Mobile security apps. Write the steps to install and use, one

of the mobile security app.

Mobile Security Applications for Android:

1. Avast Mobile Security

Avast is a great app to provide your Android phone protection against viruses coupled with
many other threats.

2. Malware bytes

Safeguard your Android devices from ransom ware, malware, and other threats using the
advanced protection of Malware bytes.

3. VIPRE

One of the popular security apps – VIPRE Android Security, is a great alternative. It puts the
security of your device first by safeguarding from malware and viruses for Androids.

4. Lookout

Lookout is literally always on the “lookout” for suspicious activities and threats.

5. Safe Security

Everything you need for protection against viruses, Safe Security, also helps you clean and
speed up your device.

Steps to Install Avast Mobile Security:

15
1. On your Android device, tap the button below to open the Avast Mobile Security product
page in Google Play Store.
2. Tap Install to download and install the app. When installation is complete, tap Open
3. Tap Get started to confirm that you accept Avast's Agreement and Privacy Policy, then tap
Next.
4. Select one of the options 1.Purchase 2.Free Version.
5. Avast Mobile Security is now installed on your Android device

30. Create a Presentation on “Security Protocols” ( at least 5 protocols).

Procedure:

Step1: open power point application window

Start button ->all programs ->Microsoft office -> Microsoft PowerPoint.

Step2: Take new slide: go to Home tab -> slides ->select new slide

Step3: Repeat Step2 4 times to take new slides

Step4: type about “Security Protocols” in all 5 slides.

Step5: select a slide and write the content regarding the topics then apply transitions

Go to animation tab -> transition to this slide group ->select any one transition.

Step7: repeat step 4 and 5 until to apply custom animations to all slides

Step 8: save the file.

33. Write an algorithm and Program for encrypting a plain text and decrypting a
cipher text using Caesar Cipher.
Algorithm for Caesar Cipher:

Input:

1. A String of lowercase letters, called Text.

2. An Integer between 0-25 denoting the required shift.

Procedure:

1. Traverse the given text one character at a time .

2. For each character, transform the given character as per the rule, depending on whether
we’re encrypting or decrypting the text.
3. Return the new string generated.

Program that receives a Text (string) and Shift value( integer) and returns the encrypted

text.

16
#include <iostream>

using namespace std;

string encrypt(string text, int s)

string result = "";

for (int i=0;i<text.length();i++)

if (isupper(text[i]))

result += char(int(text[i]+s-65)%26 +65);

// Encrypt Lowercase letters

else

result += char(int(text[i]+s-97)%26 +97);

return result;

int main()

string text="ATTACKATONCE";

int s = 4;

cout << "Text : " << text;

cout << "\nShift: " << s;

cout << "\nCipher: " << encrypt(text, s);

return 0;

Output:

Text: ATTACKATONCE

Shift: 4

Cipher: OARANUJAR

17
37. Write the steps to check the devices connected to your internet and about data
Usage.
1. Open a browser. You can use a web browser to log in to the web interface for your wireless
router.
2. Type the IP address of your router in the address bar. This takes you to the web interface
for your wireless router. Common router IP addresses include 192.168.1.1, and 10.0.0.1.
3. Enter your username and password. If you haven't changed the username and password,
input the default information.
4. Look for a list of devices. You can find a list of connected devices in the web interface for
your router. This is going to be different depending on the make and model of your router.
It may be under "Connected devices" or "Attached devices" or something similar. This will
show the device name and MAC address for each device connected.

Check Data Usage:

1. Use the Windows key + I keyboard shortcut to open the Settings app.
2. Click Network & internet.
3. Click Data usage. Under Overview, you'll see the total data usage from the last 30 days for
Wi-Fi and Ethernet connections.

38. Write an algorithm and a Program to implement Diffie Hellman Key.

Diffie-Hellman algorithm:

The Diffie-Hellman algorithm is being used to establish a shared secret that can be used for
secret communications while exchanging data over a public network using the elliptic curve
to generate points and get the secret key using the parameters.

 For the sake of simplicity and practical implementation of the algorithm, we will consider
only 4 variables, one prime P and G (a primitive root of P) and two private values a and b.
 P and G are both publicly available numbers. Users (say Alice and Bob) pick private values
a and b and they generate a key and exchange it publicly. The opposite person receives
the key and that generates a secret key, after which they have the same secret key to
encrypt.

Step 1: Alice and Bob get public numbers P = 23, G = 9

Step 2: Alice selected a private key a = 4 and

Bob selected a private key b = 3

Step 3: Alice and Bob compute public values

Alice: x =(9^4 mod 23) = (6561 mod 23) = 6

Bob: y = (9^3 mod 23) = (729 mod 23) = 16

18
Step 4: Alice and Bob exchange public numbers

Step 5: Alice receives public key y =16 and Bob receives public key x = 6

Step 6: Alice and Bob compute symmetric keys

Alice: ka = y^a mod p = 65536 mod 23 = 9

Bob: kb = x^b mod p = 216 mod 23 = 9

Step 7: 9 is the shared secret.

Program:

#include<stdio.h>

#include<math.h>

// Power function to return value of a ^ b mod P

long long int power(long long int a, long long int b,long long int P)

if (b == 1)

return a;

else

return (((long long int)pow(a, b)) % P);

int main()

long long int P, G, x, a, y, b, ka, kb;

P = 23; // A prime number P is taken

printf("The value of P : %lld\n", P);

G = 9; // A primitive root for P, G is taken

printf("The value of G : %lld\n\n", G);

a = 4; // a is the chosen private key

printf("The private key a for Alice : %lld\n", a);

x = power(G, a, P); // gets the generated key

b = 3; // b is the chosen private key

19
printf("The private key b for Bob : %lld\n\n", b);

y = power(G, b, P); // gets the generated key

ka = power(y, a, P); // Secret key for Alice

kb = power(x, b, P); // Secret key for Bob

printf("Secret key for the Alice is : %lld\n", ka);

printf("Secret Key for the Bob is : %lld\n", kb);

return 0;

Output:

The value of P : 23

The value of G : 9

The private key a for Alice : 4

The private key b for Bob : 3

Secret key for the Alice is : 9

Secret Key for the Bob is : 9

40. Write an algorithm and Program to generate Pseudo Random numbers in a range.
Pseudo Random Number Generator (PRNG) refers to an algorithm that uses mathematical
formulas to produce sequences of random numbers. PRNGs generate a sequence of numbers
approximating the properties of random numbers.

#include<stdio.h>

#include<stdlib.h>

#include<time.h>

int main()

srand(time(NULL));

int i;

for(i = 0; i<5; i++)

printf("%d\t", rand()%10);

20
Output 1:

37012

Output 2:

19772

45. Create a Presentation on “Cyber Security Attacks” with at least 10 slides.

Procedure:

Step1: open power point application window

Start button ->all programs ->Microsoft office -> Microsoft PowerPoint.

Step2: Take new slide: go to Home tab -> slides ->select new slide

Step3: Repeat Step2 10 times to take new slides

Step4: type title about “Cyber Security Attacks” in all 10 slides.

Step5: select a slide and write the content regarding the topics about various Cyber Attacks
then apply transitions.

Go to animation tab -> transition to this slide group ->select any one transition.

Step7: repeat step 4 and 5 until to apply custom animations to all slides

Step 8: save the file

50. Write the steps to read Email Headers and identify them as SPAM.
You can easily view email headers in Gmail by following the steps below on a desktop

computer or laptop.

1. Open your Gmail client and select the email that has the message header you want to
view.
2. Access the kebab menu by clicking on the three dots beside the “Reply” button once you
see the message body.
3. Next, select “Show Original” in the dropdown menu.
4. A new window will pop up, displaying the longer header in its original HTML format. You’ll
be able to view header details such as authentication statuses, IP addresses, MIME
version, and DKIM signature.
5. Click on “Download Original” if you want to install and inspect the header data individually.

There are 3 types of verification checks a properly configured set of emails should PASS:

DKIM, SPF, and DMARC

By checking various email header fields

21
1. Mismatched sender addresses or domains

2. Email travel path and email client. Most emails originate from a client (i.e. Outlook, Gmail),
and all emails pass through at least 2 servers (source, destination), but often more. These are
interim hops are visible in the header.

22