1). What are the Roles and Responsibilities of System Administrator?

Write the steps for

creating the User account, setting permissions and protecting your files with password.

A) What are the Roles and Responsibilities of System Administrator?

Write the steps for creating the User account, setting permissions and protecting
your files with password.

Introduction

In case there is no Active Directory or LDAP in your environment, you will need to
add local users to one or two of servers such as an FTP Servers.

Step 1: Open Server Manager

Click on your Windows Start button and search for “Server Manager” in-case it is
not fired up already.

Step 2: Open computer management

Click on “Tools” and select “Computer Management” as illustrated below. That

should open computer management window where we shall proceed to add one or
more users.

Step 3: Add User

In this window, expand “Local Users and Groups” then right-click on “Users” and
select “New User“.
Choose the one that makes sense to you then proceed to click on “Create” to create
the user and then close after you are through.

Step 4: Optional Addition of user to Administrator group

This is in case you would wish your user to be an Administrator. Click on the “Users”
folder still in “Computer Management” to expose all of the users. Right-click the
name of the specific user and select “properties".

Step 5: Configure
Once you click on “properties” in the previous step, a new “username properties”
window will come up. While in the window, click on “member of” tab then “Add“. You
should see a smaller “Select Groups” window. Type in “Administrators” and on
“Check Name“. If the group is found within the Server, click on “OK“.
Conclusion

It has been a smooth session and we now have our local users added to the
Server.setting permissions and protecting your files with password.
Password-protect a folder
Using a password to protect a folder means that you need to enter a password to
see the list of documents in the folder.
Windows 7

1. In Windows Explorer, navigate to the folder you want to password-protect.

Right-click on the folder.
2. Select Properties from the menu. On the dialog that appears, click
the General tab.
3. Click the Advanced button, then select Encrypt content to secure data.
Click OK. Your Windows username and password will be used.
4. Double-click the the folder to ensure you can access it.
Hide a folder

When you hide a folder or file in Windows, the folder or file does not appear in the
directory list, unless the Don't show hidden files, folders, or drives setting is
unchecked.

Windows 7, 8, and 10

1. Right-click on the file or folder that you want to hide. Select Properties.
2. Click the General tab, under the Attributes section, check Hidden.
3. Click Apply.

If the file or folder remains visible in the directory, you will need to enable another
setting.

1. In Windows Explorer, click the File tab.

2. Select Options, then select the View tab.
3. Under Hidden files and folders, select Don't show hidden files, folders, or
drives.

To see your hidden files or folder, repeat the instructions above, but click Show
hidden files, folders, and drives.

Conclusion

Although Microsoft has taken away the ability to password-protect a folder, you can
still keep your confidential information private by using either a password-protected
zipped folder or hiding files and folders so they don't appear in the directory list.
2Q: Write the steps for disk partitioning and perform operations like shrinking, Extending,
deleting and formatting?

Ans: After installing Windows 10, we need to partition hard drive in Disk Management to
distribute more free space for Windows 10 future use. If you have unallocated space on
your hard drive, it's ok to create partition with it without data loss, but if you have no such
space available, you have to split exist partition into partitions, in Windows 10 Disk
Management, Delete Volume is the function you shall use, which will not keep data when
operating.

1. Create a new Partition

Steps of creating a new partition in Windows 10 Disk Management:

1. Press Windows bottom and type disk management in search box to open Disk
Management.
2. Right-click on unallocated space and select New Simple Volume; follow New Simple
Volume Wizard.
3. Confirm Simple Volume size, assign drive letter, format volume with file system,
allocate unit size (cluster size), Volume label, and perform a quick format, Finish.

When a new window pops up, it means you succeed, this window is file explorer of the
volume you created.
2. Merge partitions

Windows 10 Disk Management has no function called Merge Partitions, but we simulate it
in Disk Management, without the help of any third-party partition software, the thoery is to
maunally copy everything from one partition to another, delete one partition, merge the
free space to another

Functions we’ll be using to merge partitions:

● Delete Volume
● Extend Volume

Steps of merging volume using Disk Management:

1. Press Windows + E to open File Explorer, or in Disk Management right-click on the

target partition and click Explore
2. Press Ctrl+A to select all files and navigate into another Drive you’d like to merge,
right-click on an empty (blank) area and choose New and choose Folder, name it as
“Merged Drive” or any other name you prefer
3. Double-click to go into that folder and Ctrl+V to paste everything there, time spend
on this progress may vary according to the file size
4. Then in Disk Management, right-click on the we copied data from and choose Delete
Volume and confirm when prompted with the warning message to make this area
unallocated
5. Then right-click on the other partition and choose Extend Volume to evoke
to Extend Volume Wizard

By doing so, we can merge two partitions in Disk Management

3. Prepare a Case study on Ransomware attacks. (Ex: MediaMarkt)

What is Ransomware

Ransomware is a subset of malware that can lock and encrypt data on a victim's
computer. Attackers then notify the victim that an exploit has occurred and the data
will not be unlocked or decrypted until a payment is received.

Types of Ransomware

● Locker blocks access to computers, and attackers require payment to unlock

access.
● Crypto encrypts all or some files on a computer, and attackers require payment
before handing over a decryption key.
● Ransomware as a service (RaaS) occurs when cybercriminals can access
malicious code for a fee.

Ransomware vectors

Phishing
Phishing, which targets an organization by embedding malware in email, remains
one of the most popular ways for cybercriminals to deliver their payload.

RDP and credential abuse

Cybercriminals can inject malware through RDP, which is Microsoft's proprietary
protocol for secure remote access to servers and desktops.

Vulnerabilities from poor patching practices

Websites, including plugins, and complex software environments that link to third
parties enable malware to be inserted undetected.

Top Ransomware targets

1. education
2. retail
3. business, professional and legal services
4. central government (including federal and international)
5. IT
6. manufacturing
7. energy and utilities infrastructure
8. healthcare
9. local government
10. financial services

Some of the most notable ransomware attacks include the following recent victims:

1. An attack on Colonial Pipeline led to a multiday disruption of the fuel supply for a
large swath of the East Coast. Colonial paid a $4.4 million demand to speed its
recovery efforts. Some of that payment, made in cryptocurrency, was
later recovered by the U.S. government.
2. Global beef manufacturer JBS USA had to shutter operations for several days
after it was hit by a ransomware attack. The company paid attackers $11 million to
ensure no data was exfiltrated.
3. The Buffalo Public Schools system in New York ceased instruction -- in-person
and online -- in the wake of a crippling ransomware attack. The system required a
week to get back on its feet and resume classes.

How to recognize attacks

Here are three types of ransomware detection techniques:

● signature-based ransomware compares a sample hash gathered from suspicious

activity to known signatures;
● behavior-based ransomware examines new behaviors in relation to historical data;
and
● deception uses a lure such as a honeypot that normal users wouldn't touch to
catch attackers.

How to prevent Ransomware attacks

● Maintain a defense-in-depth security program.

● Consider advanced protection technologies -- such as zero trust and endpoint
detection and response.
● Educate employees about the risks of social engineering.
● Patch regularly.
● Perform frequent backups of critical data.

Don't depend solely on backups.

Q4. Write the Steps for Installation of Software from Open Source Mode
and Paid Subscription Mode.

Ans Once you have decided to migrate to open source software, you will need to do some
basic installing. Installing open source software depends on your operating system. read
the appropriate section for your OS. Use the OS package manager to install pre-built
softwares. This is always recommended. Viz.,

Alternatively, you could follow these steps:

• Download and uncompress the source code.

• In the terminal, move into the extracted directory.
• Run "./configure" to configure the software.
 • Run "make" to compile the software.
• Run "make install" to install the software.

Installing of Software from Paid Subscription Model is similar to installing from Open
Source, the only difference is that your need to PAY in Subscription Model.

• Go to the Website
• Check for required Software
• Subscribe and Pay for the Software
• Download and Run the Installer
• Once Installed Shortcuts will be created.
Q5. Write steps to make Microsoft Chrome as default browser, Add Active X Controls
and Add-on to the Browser.
Ans For Windows 10 the following steps are to be done for adding Microsoft Chrome as
default browser.

1. On your computer, click the Start menu .

2. Click Settings .
3. Open your default apps:
• Original version: Click System Default apps.
• Creators Update: Click Apps Default apps.
4. At the bottom, under "Web browser," click your current browser (typically Microsoft
Edge).
5. In the "Choose an app" window, click Google Chrome.

To easily open Chrome later, add a shortcut to your taskbar:

1. On your computer, open Chrome.

2. In the Windows taskbar at the bottom, right-click on Chrome.
3. Click Pin to taskbar.

To Activate Active X Control follow the following steps.

Step 1

Open your Google Chrome browser.

2nd step

Click on the Google Chrome menu option (three horizontal or vertical lines / dots, depending
on which version you have installed).

Step 3

Click on Settings.

Step 4

Scroll to the bottom of the page and select Advanced.

Step 5

Go to the System section.

Step 6

Select Open proxy settings and a new pop-up window will appear.
Step 7

Click the Security tab and select Custom Level (located under the Security Level section

for this zone).

From there you will be able to see all the security settings that you can change. Scroll
down and select the Prompt option for the “Download signed ActiveX controls” and
“Download unsigned ActiveX controls” sections. Also make sure that the Enable option
has been checked in the “Run ActiveX control and plug-ins” section.
Click on ‘Okay‘ and restart your browser for the changes to be saved.

Web browser plugins and add-ons are programs integrated into your web
browser and extending its capabilities. For example, you can use them to view
media content on a web page, receive news and mail, download files, block
undesired pop-up windows, and so on.

To Install an extension
1. Open the Chrome Web Store.
2. Find and select the extension you want.
3. Click Add to Chrome.
4. Some extensions will let you know if they need certain permissions or data. To
approve, click Add extension. Important: Make sure you only approve extensions
that you trust.

Q6. Write Steps to establish peer to peer network connection

using two systems in a LAN. A6.

Hardware You Will Need

1. At least two computers.

2. Network adapters for each computer.
3. If you have 10Base-T adapters, and only two computers, you can directly connect one
computer to the other with a crossover cable.
4. If you have 10Base-T adapters and more than two computers you will need a 10Base-T
hub to connect them.

Adding Your Network Adapter

1. With the computer off, install the NIC card in an open bay (Slot 1 is
recommended) 2. Start the Computer
3. Open up the Control Panel
4. Click on Add New Hardware
5. Click the Next button
6. You can either have Windows95 search for the adapter by selecting YES or select NO to
manually enter the adapter
7. Click the Next button
8. If you selected NO, you will need to manually select an adapter.
9. If you have a driver diskette for your network adapter, use it to install the appropriate
driver for your NIC card 7. Reboot if requested

Adding the Protocol Stack

1. You will need to decide which protocol stack you want to use for your local network.
2. If you are going to be totally isolated and never dial-up to the Internet, you could use
NetBEUI or IPX.
3. If you are going to dial to the Internet, you can select TCP/IP and just assign dummy IP
addresses for your local LAN. This way you only need to install one protocol stack. You
can also have NetBEUI or IPX as well as TCP/IP installed. NetBEUI or IPX would be used
for your local LAN and TCP/IP for the Internet Dial-Up.
4. Open the Control Panel
5. Double-click on the Network icon
6. From your network adapter detection in previous table, you should have Client for
Microsoft Networks, Client for Netware, your Adapter, IPX and NetBEUI already
installed.
7. If you just want NetBEUI, highlight and remove IPX or vice versa.
8. If you want to add TCP/IP, click on the Add button
9. Click on Protocol
10. Click on Microsoft
11. Click on TCP/IP

Configuring the Network

1. Under Control Panel / Network / Identification make sure each Computer has a unique
name.
2. Make sure that the Workgroup name is the SAME for all computers.
3. Do not have any spaces in either the Computer or Workgroup names. Keep them simple.
4. If you have TCP/IP installed, select different IP address with the same subnet mask. You
do not need to fill in WINS, Gateway, or DNS IP addresses.
5. Click on the File and Print Sharing button and check off whether you want share Files or
Printers.

Sharing Local Resources

Sharing Resources will allow you connect to another to computer to transfer files or use its
printer.

Enable your computer to share files and/or printers

1. Open up the Network Icon in the Control Panel

2. You should see File and Print Sharing below the protocol
3. If not, click on the File and Print Sharing button.
4.Click on the options you want to enable then on the OK button
5. Click on the options you want to enable then on the OK button

Sharing a Local Resource

1. Open up the Explorer

2. Right click on the directory you want to share and select Sharing
3. Type in the Share name
4. Select whether Read, Full or Depends on Password 5. Type in and agreed upon password.
6. Similar steps can be taken to share a printer.

To Connect to another Computer's Shared Resource

Click on network neighborhood to access a shared resource on another computer on the

network.

To Connect to a printer configured and attached to another computer on the network, the
printer must be configured as a shared device on the computer that it is attached to.

1. Click on start-settings-printers and then click on add printer.

2. Click on next
3. Click on network printer and then next
4. Browse the network to find the computer that hosts the printer you would like to
connect to
5. Choose the printer that appears as attached to the computer
6. Click on next and then finish
7. The computer the printer is attached to MUST be booted and active on the network for
the printer to be shared.
 7. What is Wi-Fi? How do you configure the Wi-Fi on windows operating
system?
Ans: Wi-Fi: Wi-Fi is the wireless technology used to connect computers, tablets,
smartphones and other devices to the internet. Wi-Fi is the radio signal sent from a wireless
router to a nearby device, which translates the signal into data you can see and use. The
device transmits a radio signal back to the router, which connects to the internet by wire or
cable.

Setting up a wireless network in Windows

Before you can set up your wireless network, here’s what you’ll need:

Broadband Internet connection and modem. A broadband Internet connection is a high-

speed Internet connection. Digital Subscriber Line (DSL) and cable are two of the most
common broadband connections. You can get a broadband connection by contacting an
Internet service provider (ISP).

Wireless router. A router sends info between your network and the Internet. With a
wireless router, you can connect PCs to your network using radio signals instead of wires.
There are several different kinds of wireless network technologies, which include 802.11a,
802.11b, 802.11g, 802.11n, 802.11ac, and 802.11ax.

Wireless network adapter. A wireless network adapter is a device that connects your PC to
a wireless network. To connect your portable or desktop PC to your wireless network, the
PC must have a wireless network adapter.

Select Start , type device manager in the search box, and then select Device Manager.

1. Expand Network adapters.

2. Look for a network adapter that might have wireless in the name.

Setting up the modem and Internet connection

After you have all the equipment, you'll need to set up your modem and Internet
connection. your Internet service provider (ISP), follow the instructions that came with your
modem to connect it to your PC and the Internet. If you're using Digital Subscriber Line
(DSL), connect your modem to a phone jack. If you're using cable, connect your modem to a
cable jack.

Securing your wireless network

 Security is always important; with a wireless network, it's even more important because
your network's signal could be broadcast outside your home. If you don't help secure your
network, people with PCs nearby could access info stored on your network PCs and use your
Internet connection.To help make your network more secure.

Change the default user name and password. This helps protect your router. Most router
manufacturers have a default user name and password on the router and a default network
name (also known as the SSID). Someone could use this info to access your router without
you knowing it. To help avoid that, change the default user name and password for your
router.

Set up a security key (password) for your network. Wireless networks have a network
security key to help protect them from unauthorized access. We recommend using Wi-Fi
Protected Access 3 (WPA3) security if your router and PC support it. See the documentation
for your router for more detailed info, including what type of security is supported and how
to set it up.

Some routers support Wi-Fi Protected Setup (WPS). If your router supports WPS and it’s
connected to the network, follow these steps to set up a network security key:

▪ In Windows 10, select Start , then select Settings > Network & Internet > Status > Network
and Sharing Center.

▪ Connect a PC to your wireless networkIn Windows 10

1. Select the Network or Wifi icon in the notification area.

2. In the list of networks, choose the network that you want to connect to, and then
select Connect.

3. Type the security key (often called the password).

4. Follow additional instructions if there are any.

If you have problems with your Wi-Fi network when using Windows 10, see Fix Wi-Fi
problems in Windows for advanced troubleshooting info.

Q8. Write steps to install and configure Network Components like Switches, Hub and
Modem. How do you connect to Dial-Up Networking.
Ans: After defining the switch, you can define the switch configuration, that is the "inside"
of the switch. On the Switch List, select the switch and the Work with switch configurations
action from the context menu (or action code s ). The following are the steps to configure a
Switch.

Step 1: Connect to the console

If you’re labbing with a simulator/emulator or accessing the CLI via SSH, you can skip this
step.

You need to start with a connection to the console port. That means configuring your
terminal emulator software and connecting your rollover cable between your switch’s
console port and your PC.

Many Cisco switches use these serial settings:

• Baud rate: 9600

• Data bits: 8
• Stop bits: 1
• Parity: None

Assuming your PC’s serial port is COM1, if you use Putty and Windows, you can set the
session up like this (under the “Serial” options in the menu):
Once your cable is connected and the session is set up, click open. Then press enter to get a
response at the terminal window.

Step 2: Set a management IP and default gateway

The management IP address is where you can log in to the switch for future administrative
tasks. Once your management IP is set up, you can use it to SSH into the switch and
configure it over the network.

First, we access Privileged EXEC mode with the “enable” switch configuration command:

Switch>
enable
Switch#

From there, we enter Global Configuration mode with “config t” (or “configure terminal”):

Switch#config t
[Enter configuration commands, one per line. End with “CNTL/Z”.]
Switch(config)#

Next, we access the VLAN interface:

Switch(config)#interface vlan 1
Switch(config-if)#

Be sure to replace that with the correct values for your switch!

Switch(config-if)#ip address 10.10.11.11 255.255.255.0

Switch(config-if)#

We can exit interface configuration mode and assign a default gateway for the switch from
global configuration mode.

Switch(config-if)#exit
Switch(config)#ip default-gateway 10.10.11.1
Switch(config)#
Step 3: Set hostname and domain name
In addition to setting the IP address of the switch, you should give it a logical hostname. To
do that, we enter global configuration mode and use the hostname command:

Switch(config)#hostname PepperAndEggSwitch
PepperAndEggSwitch(config)#

Similarly, we can also add a domain name with the domain command:

PepperAndEggSwitch(config)#ip domain-name cafeJohnny.local

PepperAndEggSwitch(config)#

Step 4: Set logins on VTY lines and console port

Strong passwords are an important part of hardening a managed switch, so next we’ll
add a password to all virtual terminal (VTY) lines. Our switch has 16 VTY lines which are
used for remote access, so we’ll configure the entire range from 0-15:

PepperAndEggSwitch(config)#line vty 0 15
PepperAndEggSwitch(config-line)#password BigSecretDon'tT3ll@ny1
PepperAndEggSwitch(config-line)#

Next, we’ll exit the VTY configuration, access console line 0, and assign it a separate
password:

PepperAndEggSwitch(config-line)#exit
PepperAndEggSwitch(config)#line console 0
PepperAndEggSwitch(config-line)#password BigSecretForConsoleDon'tT3ll@ny1
PepperAndEggSwitch(config-line)#

Step 5: Set Privileged EXEC password

In addition to password protecting the VTY and console lines, we can and should protect
Privileged EXEC mode with a password.

We can do that from global configuration mode:

PepperAndEggSwitch(config-line)#exit
PepperAndEggSwitch(config)#enable secret Top$ecretPrivEXECpassWORD
PepperAndEggSwitch(config)#
 Note: Because switch security is a complex topic, and we’re focused on the basics, we
won’t go intouser managementhere. However, be sure to properly configure users or
remote authentication servers before a production deployment.

Step 6: Enable SSH

At some point, you’ll find yourself in need of access to your network devices, and you’re
not physically in the same room as them. To access a switch’s CLI over the network, you’ll
need to use Telnet or SSH. From a security perspective, Telnet is usually a non-starter
because data is transmitted in plaintext. That leaves us with SSH.

The first step to enabling SSH is generating the RSA keys:

PepperAndEggSwitch(config)#crypto key generate rsa
The name for the keys will be: PepperAndEggSwitch.cafeJohnny
Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys.
Choosing a key modulus greater than 512 may take a few minutes.

How many bits in the modulus [2048]:

% Generating 2048-bit RSA keys, keys will be non-
exportable...[OK]
PepperAndEggSwitch(config)#

Next, we’ll set the SSH version to 2:

PepperAndEggSwitch(config)#ip ssh version 2

*Mar 4 7:4:9.374: %SSH-5-ENABLED: SSH 1.99 has been enabled
PepperAndEggSwitch(config)#

Now, we can set SSH up on specific VTY lines. I’ll use the first 6 lines here:

PepperAndEggSwitch(config)#line vty 0 5
PepperAndEggSwitch(config-line)#transport input ssh

Finally, we’ll tell the switch to check the local users’ database to authenticate users:

PepperAndEggSwitch(config-line)#login local
PepperAndEggSwitch(config-line)#
Step 7: Create VLANs
One of the most obvious reasons to use a managed switch is the ability to create VLANs
to separate network segments. We can do that by using the vlancommand, and then
assigning our VLAN a name. For example, to create VLAN 2 and name it “cafe”:

PepperAndEggSwitch(config-line)#vlan 2
PepperAndEggSwitch(config-vlan)#name cafe
PepperAndEggSwitch(config-vlan)#

You can now exit, and repeat these steps for as many VLANs as you need.

Step 8: Add access ports to a VLAN

After we create our VLANs, we can add ports to them. For example, to add ports 5, 6, and 7
as access ports in VLAN 2, we can use these switch configuration commands:

PepperAndEggSwitch(config-vlan)#exit
PepperAndEggSwitch(config)#interface range fast
PepperAndEggSwitch(config)#interface range fastEthernet 0/5-7
PepperAndEggSwitch(config-if-range)#switchport mode access
PepperAndEggSwitch(config-if-range)#switchport access vlan 2
PepperAndEggSwitch(config-if-range)#

Step 9: Configure trunk ports

If you need one port to transmit traffic from multiple VLANs, you’ll need to designate it a
“trunk port”. To make a port a trunk port, we simply access its configuration and set the
mode to trunk. For example, to make port 2 on our switch a trunk port:

PepperAndEggSwitch(config-if-range)#exit
PepperAndEggSwitch(config)#interface fastEthernet 0/2
PepperAndEggSwitch(config-if)#switchport mode trunk
PepperAndEggSwitch(config-if)#

Step 10: Save configuration

When our configuration is complete, we can save our changes to the startup configuration.
Don’t forget this step, or all your work will be gone come the next switch reboot!

PepperAndEggSwitch(config-if)#exit
PepperAndEggSwitch(config)#exit
PepperAndEggSwitch#
%SYS-5-CONFIG_I: Configured from console by console

PepperAndEggSwitch#copy running-configstartup-config Destination filename [startup-

config]?
Building configuration...
[OK]
PepperAndEggSwitch#

Installing and configuring a Hub

When expanding an existing computer network or building a new one, one of the many
devices that can be used in the process is an Ethernet hub. A hub is a simple device that
connects multiple computers together and to the rest of the network, allowing
communication to occur between all connected devices. When there is no need for the
enhanced functions available on a router or the higher communications speed of a switch,
an Ethernet hub can be an efficient way to create or expand a network at a lower cost
when compared to a router or switch.

Step 1
Find the WAN or uplink port of the Ethernet hub. Typically, it is located on the rear of the
unit, and it is often separate from the LAN ports.

Step 2
Connect an Ethernet cable from the WAN port of the hub to either the Ethernet port of
the internet modem or, if expanding a network, to an empty LAN port on the existing
network’s router, switch or hub.
Step 3
Plug an Ethernet cable into one of the LAN ports on the Ethernet hub and connect the
other end of cable to the computer or device that will be added to the network. Repeat for
any other devices that will need to be on the network.

Step 4
Power up the Ethernet hub and the computers or other devices attached to it. On the front
of the hub will be a series of LEDs that correspond to each LAN and WAN port on the hub.
Every port that has a cable plugged into it should have one or more of the LEDs lit that
represent that port. If not, check the connections and swap out the Ethernet cable if
necessary.

Step 5
Configure the network settings on each connected computer. If you are expanding a
network and the network uses DCHP, or dynamic IP addressing, no configuration will be
necessary. On networks using static IP addressing or on a new network setup using the
Ethernet hub, each computer or device must be assigned a unique IP address. Local IP
addresses must use the allowed “private” address pools that will not interfere with
internet addresses. Acceptable addresses include 192.168.x.x, 172.16.x.x to 172.31.x.x, or
10.x.x.x. The “x” represents a number that is chosen by the user, from 0 to 254. All
computers on the network should share the first three numbers in the address, with the
final number representing the individual computer. In a network with three computers, for
example, the first could be 192.168.1.1, the second could be 192.168.1.2 and the third
could be 192.168.1.3, though the final number does not need to be sequential.

Step 6
Click the “Start” button in Windows, select “Control Panel" and double-click the icon labeled
“Network Connections.”

Step 7
Right-click the icon for the Ethernet adapter and select “Properties.” Click on the check box
marked “Internet Protocol (TCP/IP)” and press the “Properties” button.
Step 8
Select the radio button labeled “Use the following IP address.” Enter a unique IP address for
the computer and the applicable subnet mask. If a router is used on the network, enter the
router’s IP address as the default gateway. Press the “OK” button and reboot if necessary.

Step 9
Enable file and printer sharing from the “Properties” dialog for the Ethernet card if files will
be transferred between the networked computers.

Step 10
Click the “Start” button, select “Control Panel” and double-click on the “System” icon. Select
the “Computer Name” tab and click on the button labeled “Change” to set the computer’s
network name. In the “Computer Name” box, enter a unique name for the computer. In the
“Member of” section, choose the radio button marked “Workgroup” and enter the
workgroup of the network. If setting up a new network, this name can be change but all
computers on the network must share the same workgroup name.

Step 11
Verify that all computers can access the network and the Internet if connected.

Installing and configuring a Modem

• The Wi-Fi modem (CODA-4680)

• A coaxial cable
• A power cord
• An ethernet cable

1. Connect the coaxial cable

The coaxial cable must be properly screwed in on both ends.
1. Connect the power cord
Make sure the power cord is properly connected to the Wi-Fi modem and wall
outlet.

Ideally, connect the power cord directly into the wall outlet instead of to a power strip.

1. Check if your Wi-Fi modem is ready

A series of lights will appear on your modem. Make sure they match those in this
picture.

1. Write down your modem's network name & password

Find the network name (Default Wi-Fi Network) and password (Default Key) printed
on the back of your Wi-Fi modem.
If the network name (Default Wi-Fi Network) does not appear in the list of available
networks on a Wi-Fi enabled device, it means your Wi-Fi modem's update is not complete.

1. Configure your modem

Select the name of your Wi-Fi network from the list of networks available to your Wi-
Fi enabled device and enter the password. Your Web browser will open. You will be
redirected to the "Easy Connect" interface. Follow the on-screen steps.

You may have to open your Web browser manually.

DI
AL
-
UP
Ne
tw
or
k

Most computers don't come with dialup modems, so make sure you have one installed
before proceeding. Be sure the dialup modem is compatible with Windows 10.

1. Click on the network icon which is normally located at the bottom right of your screen.

2. Click Network settings.

3. Click on Dial-up on the left side.

4. Click Set up a new connection.

5. Click Connect to the Internet.

6. Click Next.
7. Click Dial-up.

8. Enter the number provided to you from Windstream to dial.

9. Enter your Windstream email address and password.

10. Name the connection Windstream dial-up.

11. Click Create.

12. As the final screen states, “To connect to the Internet next time, left-click the
network icon in the taskbar and click the connection you just created.”

Click Close.

Q9. What are the Features of Firewall. Write Steps in providing network security and to
set Firewall Security in Windows.

A Cyber Security Firewall is a network security system which can either be a hardware or
software that protects the trusted network from unauthorised access from external
networks and external threats.

Traditionalfirewallswere designed to protect traditional networks against traditional cyber

threats. As organizations’ networks and the cyber threat landscape grow and
evolve,network firewallsrequire additional functionality and features to ensure the security
of the company’s network and the sensitive data that it contains. Below, we list the top 5
features:
#1. Unified Security Management
Organizations must cope with rapidly increasingnetwork securitycomplexity. Most
companies’ networks are growing larger and more complex as mobile devices, cloud
deployments, and Internet of Things (IoT) devices join traditional user workstations and on-
premises servers on the corporate network. At the same time, cyber threats are becoming
more sophisticated and numerous. As a result, companies must deploy, monitor, and
maintain a growing array of security solutions to manage their cyber risk.

An organization’snext-generation firewallshould help to alleviate security complexity, not

contribute to it. A firewall with integrated Unified Security Management (USM) functionality
enables an organization’s security team to easily and efficiently manage and enforce
security policies across their entire network environment. This allows the security team to
keep up with the company’s expanding digital attack surface and minimize the
organization’s cyber risk.

#2. Threat Prevention

The longer that a cyber threat has access to an organization’s network, the more expensive
it will be to remediate it. Cyberattacks can cause damage and additional expense in a
number of different ways. Exfiltration of sensitive data can result in legal and regulatory
penalties, ransomware can decrease productivity and cause a loss of profits, and even
simple malware often has persistence mechanisms designed to make it difficult and time-
consuming to remove from a system.

Minimizing the damage that a cyberattack can cause to a network requires threat
prevention. By identifying and blocking an attack before it crosses the network boundary, an
organization nullifies the threat it poses to the network. This is why a network firewall with
integrated threat prevention functionality – including anti-phishing, antimalware, anti-bot,
and integration with high-quality threat intelligence feeds – is an essential component of an
organization’s cybersecurity strategy.

#3. Application and Identity-Based Inspection

Digital transformation efforts mean that an organization’s network landscape is
constantly evolving. New applications are deployed on the corporate network to
accomplish certain goals, and others are phased out when they become obsolete.
Different applications require different policies. Some applications may be high-priority
traffic, while others should be blocked, throttled, or otherwise managed on the network.
An organization’s nextgeneration firewall should be capable of identifying the application
that generates a particular stream of traffic and applying application-specific policies to
that traffic.

Organizations are also composed of a number of individuals with different job roles and
responsibilities. An organization’s security policies should also be configurable based upon
the identity of the user. Employees within an organization should have access to different
systems and be able to use varying sets of applications. A firewall should support policy
creation and enforcement based upon user identity.

#4. Hybrid Cloud Support

Almost all organizations are using cloud computing, and the vast majority are using a
hybrid cloud deployment. Private and public cloud deployments have different security
requirements, and it is necessary for an organization to be able to enforce consistent
security policies across cloud-based environments hosted by multiple vendors.

For this reason, an organization’s next-generation firewall should incorporate hybrid cloud
support. The firewall should be easily deployable and scalable in any major cloud
environment and enable an organization’s security team to manage all of their security
settings from a single console. According to Gartner,99% of cloud security failuresthrough
2025 will be the customer’s fault, a problem that the company’s firewall should help the
organization to avoid.

#5. Scalable Performance

Many organizations have transitioned to cloud-based infrastructure due to its increased
scalability and flexibility. Ultimately, we want the benefits of the cloud, in the cloud and on-
premises. In the cloud this simply means choosing a NGFW template. In regards to on-
premises, this means looking beyond legacy HA clustering solutions.

Hyperscale is the ability of an architecture to scale appropriately as increased demand is

added to the system. This involves the ability to seamlessly provision and add more
resources to the system that make up a larger distributed computing environment.
Hyperscale is necessary to build a robust and scalable distributed system. In other words, it
is the tight integration of storage, compute, and virtualization layers of an infrastructure into
a single solution architecture.

How does a firewall work?

A firewall system analyzes network traffic based on pre-defined rules. It then filters the
traffic and prevents any such traffic coming from unreliable or suspicious sources. It only
allows incoming traffic that is configured to accept.

Typically, firewalls intercept network traffic at a computer's entry point, known as a port.
Firewalls perform this task by allowing or blocking specific data packets (units of
communication transferred over a digital network) based on predefined security rules.
Incoming traffic is allowed only through trustedIPaddresses, or sources.
Limitations of Firewall

The importance of using firewalls as a security system is obvious; however, firewalls have
some limitations:

o Firewalls cannot stop users from accessing malicious websites, making it vulnerable
to internal threats or attacks.
o Firewalls cannot protect against the transfer of virus-infected files or software.
o Firewalls cannot prevent misuse of passwords. oFirewalls cannot protect if security
rules are misconfigured. oFirewalls cannot protect against non-technical security
risks, such as social engineering. oFirewalls cannot stop or prevent attackers with
modems from dialing in to or out of the internal network. oFirewalls cannot secure
the system which is already infected.
Windows comes with a firewall named, coincidentally, Windows Firewall. It’s accessed from
the Control Panel. Follow these steps:

1. Open the Control Panel.

2. Click the System and Security heading. Click the Windows Firewall heading.
3. The Windows Firewall window appears.
 The Windows Firewall window.

As far as you’re concerned, Windows Firewall has only two settings: on and off. To change
the setting, click the Turn Windows Firewall On or Off link on the left side of the Windows
Firewall window.

Once activated — and it should be activated — the Windows Firewall goes to work. When
unwanted access is detected, either to or from the Internet, you see a pop-up window
alerting you to the intrusion. At that point, you can choose to allow access by the named
program by clicking the Allow Access button. If you want to continue blocking the program,
just click Cancel.

Windows Firewall in action.

Above, the Skype program desires Internet access. If you start that program, the request is
legitimate and you should click the Allow Access button. If, on the other hand, you don’t
recognize the program name, click the Cancel button, and the firewall thwarts the
program’s attempted access.

Q10. Write Steps for installation of System Software; Application Software and Anti Virus.

Installing software from the Web

Today, the most common way to get new software is to download itfrom the Internet.
Applications like Microsoft
Office and Adobe Photoshop can now be purchased and downloaded right to your
computer. You can also install free software this way. For example, if you wanted to install
the Google Chrome web browser, you can visitthispageand click the Download button.

The installation file will be saved to your computer in .exe format. Pronounced dot e-x-e,
this is the standard extension for installation files on Windows computers. You can follow
the steps below to install an application from an .exe file.

1. Locate and download an .exe file.

2. Locate and double-click the .exe file. (It will usually be in your Downloads
folder.)
 3. A dialog box will appear. Follow the instructions to install the software.

4. The software will be installed. You can now open the application from the
Start menu (Windows 7) or the Start Screen (Windows 8).

You can follow the steps below to install an application from an .exe file.

1. Locate and download an .exe file.

2. Locate and double-click the .exe file. (It will usually be in your Downloads folder.)
3. A dialog box will appear. Follow the instructions to install the software.
4. The software will be installed.

Antivirus programs help preventvirusesandspywarefrominfectinga computer and therefore

are one of the essential software programs each computer should have running at all times.
There are thousands of viruses and spyware on the Internet, and any one of them can cause
damage to personal files or the computer'soperating system.
If your computer does not have anantivirus programinstalled and running, we highly
recommend you install one today. Follow the steps below for help on how to install and
update an antivirus program on your computer.

To install an antivirus program on your computer, follow the steps below.

1. If you purchased the antivirus program from a retail store, insert theCDorDVDinto the
computer's disc drive. The installation process should start automatically, with a
window opening to help guide you through the install process.
2. If youdownloadedthe antivirus program on the Internet, find the downloaded file on
your computer. If the downloaded file is a zip file,unzipthe file to extract and access the
installation files. Look for a file named setup.exe, install.exe, or something similar,
thendouble-clickthat file. The installation process should start, with a window opening
to help guide you through the install process.

a) In the installation process window, follow the steps provided to install the
antivirus program. The install process provides recommended options so the
antivirus program will function properly, which in most cases can be accepted as
is. The one exception is if the install process recommends to install any toolbars
for Internet browsers or other helpful programs for your computer. If prompted
to install other software with the antivirus program, uncheck all boxes or
decline the install of those extra programs. No additional programs should be
needed for the antivirus program to install and run successfully on your
computer.

b) When the install process is complete, close out of the install window.

c) If used, remove the CD or DVD from the computer's disc drive.

The antivirus program is now installed and ready to use. While it may not be required, we
recommendrestartingyour computer so that any modified settings in the operating system
can take effect correctly.

Q11. What do you mean by Spooling Printers? Write the Steps for Spooling Printers.

Incomputing, spooling is a specialized form ofmulti-programmingfor the purpose of copying

data between different devices. In contemporary systems,[a]it is usually used for mediating
between a computer application and a slowperipheral, such as aprinter. Spooling allows
programs to "hand off" work to be done by the peripheral and then proceed to other tasks,
or to not begin until input has been transcribed. A dedicated program, the spooler,
maintains an orderly sequence of jobs for the peripheral and feeds it data at its own rate.
Conversely, for slow input peripherals, such as acard reader, a spooler can maintain a
sequence of computational jobs waiting for data, starting each job when all of the relevant
input is available; seebatch processing. The spool itself refers to the sequence of jobs, or
the storage area where they are held. In many cases, the spooler is able to drive devices at
their full rated speed with minimal impact on other processing.
Spooling is a combination ofbufferingandqueueing.
The Spooler is a special process that manages access to printers by multiple users. For most
users, the function of the Spooler is transparent. They generate a job for a printer and go to
the printer to pick up the output. The Spooler permits users to continue working without
waiting for a print job to finish printing.

The Print Spooler is software built into the Windows operating system that temporarily
stores print jobs in the computer's memory until the printer is ready to print them. In some
circumstances you may need to stop and/or restart the service. To access the Print Spooler
you must open the Local Services console.

STEP 1: Click the Windows "Start" button, right-click "Computer" and choose "Manage" from
the context menu.

STEP 2: Double-click "Services and Applications" and double-click "Services" to view all the
services.

STEP 3: Scroll down and double-click the "Print Spooler" service to open its Properties
window.

STEP 4: Select "Automatic" in the Startup Type drop-down menu and click the "Start" button
to enable printer spooling on your computer.

STEP 5: Click "OK" to close the Properties window, and close the Computer Management
window.

Step 1 – Go To The Start Menu

Start by opening the Start menu of Windows OS. You can do so by pressing the Windows key
on your keyboard. Otherwise, you can move your pointer to the bottom left corner of the
desktop and click on the Start icon.

Step 2 – Search For Command Prompt

Once the start menu opens, type “cmd”. Cmd is the short form of Command Prompt. Once
you finish typing, you must see the Command Prompt application listed on the screen.
Step 3 – Open Command Prompt Application
Right-click on the Command Prompt icon, and you will see a dropdown menu appear on the
screen. Click on “Run as administrator” option from the menu. You may see a pop-up dialog
box showing you a warning. Click on Yes to continue.

Note: Command Prompt is an application where you type commands for the operating
system to execute instantly.
Instead of using the command prompt, you can use the graphical interface of the operating
system. But, at times, the command prompt saves a lot of time by letting you avoid various
steps at once. Step 4 – Stopping Printer Spooler Service

In the command prompt, type the command “net stop spooler” and press the Enter key.
You will see a message on the command prompt “The print spooler service is stopping”.
After some time, you will see another message confirming “The print spooler service
stopped successfully”.
Step 5 – Delete The Pending Orders
Now that the spooler has stopped working, you have to ensure that when the spooler
service restarts, it does not print the previously stopped order and pending orders.

Open File Explorer and in the address bar, type “C:\windows\system32\spool\PRINTERS”

and press Enter key. You may be seeing a pop-up box asking for permission. Click on the
Continue button.
Now, you need to delete all the entries that you find inside the PRINTERS folder. Remember
not to delete the PRINTERS folder.
Step 6 – Restart The Spooler Service

You need to restart the spooler service so that

your printer continues to print documents for
future orders without any issue. In the CMD type
“net start spooler” and tap the Enter key. You will
see the message “The print spooler service started
successfu lly”.

Finally, close the command prompt and restart your computer.

12.Write a Programto identify the category of IP address for a given IP address

#include <stdio.h>
#include <string.h>
void extractIpAddress(unsigned char *sourceString,short *ipAddress)
{
unsigned short len=0;
unsigned char oct[4]={0},cnt=0,cnt1=0,i,buf[5];

len=strlen(sourceString);
for(i=0;i<len;i++)
{
if(sourceString[i]!='.'){
buf[cnt++] =sourceString[i];
}
if(sourceString[i]=='.' || i==len-1){
buf[cnt]='\0';
cnt=0;
oct[cnt1++]=atoi(buf);
}
}
ipAddress[0]=oct[0];
ipAddress[1]=oct[1];
ipAddress[2]=oct[2];
ipAddress[3]=oct[3];
}
int main()
{
unsigned char ip[20]={0};
short ipAddress[4];

printf("Enter IP Address (xxx.xxx.xxx.xxx format): ");

scanf("%s",ip);

extractIpAddress(ip,&ipAddress[0]);

printf("\nIp Address: %03d. %03d. %03d. %03d\

n",ipAddress[0],ipAddress[1],ipAddress[2],ipAddress[3]);

if(ipAddress[0]>=0 && ipAddress[0]<=127)

printf("Class A Ip Address.\n");
if(ipAddress[0]>127 && ipAddress[0]<191)
printf("Class B Ip Address.\n");
if(ipAddress[0]>191 && ipAddress[0]<224)
printf("Class C Ip Address.\n");
if(ipAddress[0]>224 && ipAddress[0]<=239)
printf("Class D Ip Address.\n");
if(ipAddress[0]>239)
printf("Class E Ip Address.\n");

return 0;
}

Output
Enter IP Address (xxx.xxx.xxx.xxx format): 145.160.017.001

Ip Address: 145. 160. 017. 001

Class B Ip Address.

13Q: Write a progam to check the strength of the password.

Ans:

#include <bits/stdc++.h>

using namespace std;

void printStrongNess(string& input)

{

int n = input.length();

// Checking lower alphabet in string

bool hasLower = false, hasUpper = false;

bool hasDigit = false, specialChar = false;

string normalChars = "abcdefghijklmnopqrstu"

"vwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890 ";

for (int i = 0; i < n; i++) {

if (islower(input[i]))

hasLower = true;

if (isupper(input[i]))

hasUpper = true;

if (isdigit(input[i]))

hasDigit = true

size_t special = input.find_first_not_of(normalChars);

if (special != string::npos)

specialChar = true;

// Strength of password
 cout << "Strength of password:-";

if (hasLower && hasUpper && hasDigit &&

specialChar && (n >= 8))

cout << "Strong" << endl;

else if ((hasLower || hasUpper) &&

specialChar && (n >= 6))

cout << "Moderate" << endl;

else

cout << "Weak" << endl;

// Driver code

int main()

string input = "cyberpassWord!@12";

printStrongNess(input);

return 0;

Output
Strength of password:-Strong

Q14. Write Steps to transfer files between Wireless Communication using Blue Tooth and
FTP.

This process is actually a bit easier but will drastically vary, depending on the operating
system you’re using. However, most platforms have developed a very user-friendly process
for sending files via Bluetooth. I’ll demonstrate usingBlueman, which should illustrate how
easy sharing files can be. Here’s the process:

1. Open up the Bluetooth app (in this case, Blueman)

2. Set the device to share files as trusted (right-click the device and
select Trust, as shown in Figure E)
3. Right-click the trusted device, and select Send a File
4. Locate and select the file to be sent, and click OK
5. If prompted on your smartphone, tap to allow the transfer Figure E

Sharing a file to your smartphone with Blueman.

As I mentioned, depending on your platform, the process will vary — but it shouldn’t be any
more difficult than what I outlined above. Sharing files between your Android device and
your desktop doesn’t have to be a challenge. If you happen to have a Bluetooth adapter on
your desktop, you can make this process even easier by taking advantage of the Android
built-in sharing system.

Share a photo, video, or other kind of file with a friend who has a phone, laptop, or tablet.

1. Make sure the other device you want to share with is paired with your PC, turned
on, and ready to receive files.Learn how to pair.
2. On your PC, select Start >Settings >Devices>Bluetooth & other devices.
3. In Bluetooth & other devices settings, select Send or receive files via Bluetooth.
4. In Bluetooth File Transfer, select Send files> choose the device you want to share to
>Next.
5. Select Browse> the file or files to share >Open>Next (which sends it) >Finish.
6. On the receiving device, have your friend accept the file. SeeReceive a file over
Bluetooth.
The procedure below will work with current versions of Internet Explorer and Firefox for
Windows.
To transfer files viaFTPusing your web browser in Windows:
1. From the File menu, choose Open Location....
2. In the "Location" field, type a URL like the following:

ftp://username@name-of-server

For example, if your username is dvader, and you want to reach your account on
deathstar.empire.gov, enter:

ftp://[email protected]
Note: Do not close the URL with /, or you will connect to the root directory rather than your home
a directory.

3.You will be prompted for your password. After you supply the password, you will see the contents
of your

home directory on the remote machine. To change directories, click the appropriate
yellow folder icon.
4. To download a file, drag the file from the browser window to the desktop. You can
also double-click the filename, and you will be prompted to either save or open the
file.
5. To upload a file, drag the file from your hard drive to the browser window.

15Q: Prepare a case study on Cosmos bank cyber attack in pune?

Ans: Brief of the incidence:

A fraud was carried out at Punes’ cosmos bank, caused my malware attack on banks’
systems. INR 95 Cr (approx. $13.4 billion) was withdrawn from several ATMs placed all
around the globe. Transactions regarding the fraud took place between August 11 to August
13 and the attack by the hackers originated in Canada. The embezzlement was done by a
malware attack on the bank servers and by cloning thousands of debit cards, said Mr. Milind
Kale, Cosmos Bank Chairman.Some payment experts theorize that the fraud involved
breaching the firewall in the servers that authorize ATM transactions. This meant that the
ATMs were releasing money without checking whether the cards were genuine or whether
there was a bank account.

Consequence of attack:
The malware attack was done on the critical communication systems between the various
payment gateways after which an amount estimated to be INR 78 crore was withdrawn
“physically” through 12,000 ATM transactions outside India, while another 2,800
transactions were made in different corners of the country, worth an estimated INR 2.5 crore.
It was observed that unusual repeated transactions were taking place through Visa and Rupay
cards used at various ATMs for nearly two hours. On August 13, INR 13.5 crore was
transferred by the hackers to the Hong Kong-based Hanseng bank, using the Society for
Worldwide Interbank Financial Telecommunication (SWIFT) facility. As per the payment
settlement system, Visa and Rupay had raised demands for payment for all of the fraudulent
transactions and as per the agreement the bank had to pay a total amount of INR 80.5 Cr to
them.Regarding the transaction of transfer of money (INR 13.92 Cr) to a Hong Kong based
bank.
Reasons of the attack:Investigations showed that the cyber-criminals had made enough and
extremely through background surveillance of the cosmos banking infrastructure first.. The
researchers concluded that the heist would be very visible from the bank audit report
generated by the system itself.Also a few days prior to the attack, the American FBI had
warned banks of a major hacking threat to ATMs worldwide and despite increased awareness
and spend, organizations have proven themselves largely unprepared for a more organized,
strategic and persistent threat.

Technical Loopholes:It has been stated that the bank may have failed to adequately invest in
its SOC (Security Operation Center), which should have analyzed the traffic coming in. An
analysis was made that the bank’s fraud detection mechanism was non- existent as there
should’ve been red alerts when so many overseas transactions were taking place at such a
short span of time.
However, in its statement the bank contended it had adequate IT security in place.

Results/Pending investigation:The Special Investigating Team (SIT) had recovered INR

10.25 Cr that was lost in the heist as was revealed on August 2018.The Hong Kong based
bank ‘Hang Seng bank’ also returned INR 5.72 Cr in the first installment to Cosmos bank.
The police also recovered INR 4 Lakh from genuine Cosmos cardholders, who had visited
ATMs when the malware was active and withdrew more money than their account balance.
Impact on the business of the bank:The bank was neither penalized for its weak cyber-
security nor has anyone been held accountable. This highlights the need for RBI to enforce its
cyber guidelines for cooperative banks as strictly as it has for commercial banks. Extensive
audit reports had been called for.The bank's annual report reported total amount involved in
the attack to be INR 100. 22 crore, including exchange loss on payment settlement. That was
not the only impact. The bank says that “the cyber-attack and restoration of payment systems
back to normalcy caused an impact on the customers and their transactions.
Timeline of refund by Pune police:
January 2020 Rs 8.37 lakh
February 2020 Rs 5.98 crore
March 2020 Rs 27.25 lakh
April 2020 Rs 50.52 lakh
16.Write a Program to search the given pattern using optimized algorithm

#include <stdio.h>
#include <string.h>
int main (){
char txt[] = "tutorialsPointisthebestplatformforprogrammers";
char pat[] = "a";
int M = strlen (pat);
int N = strlen (txt);
for (int i = 0; i <= N - M; i++){
int j;
for (j = 0; j < M; j++)
if (txt[i + j] != pat[j])
break;
if (j == M)
printf ("Pattern matches at index %d \n", i);
}
return 0;
}

17.Prepare a case study on Social Media Crime that occurred in Pune 2021.

Social media crime recorded 100% rise in 2021 in Pune

The number of cybercrime complaints reported based on misuse of social networking sites doubled in
2021 compared to 2020. The overall number of complaints have seen an exponential increase since
2018. The city cybercrime cell received 19,023 total complaints in 2021 that belong to various
categories, such as monetary frauds, sending vulgar messages on phones, email hacking, stealing
online data and defaming people by posting morphed pictures in social media and many more.
According to Pune cybercrime police data, 14,950 such complaints were reported in 2020 and 7,795
in 2019.
The methods of defrauding people have become innovative, according to BhagyashreeNavatake,
deputy commissioner of police, cybercrime, and Economic offence wing of Pune police. “There were
innovative ways of defrauding people every 8-10 days. When Covid began, the number of cases of
calling up positive patients and duping them increased. This happened in addition to the casual
approach of people who click on links and share OTP. The use of e-commerce and various kinds of
software also increased. These factors contributed to the rise in cases,” said DCP Navatake.
Among social media-related cybercrime, the cases from popular platforms Facebook and Instagram
are the highest. The city police introduced a new section for its records for “sextortion” and
“friendship fraud”, on Facebook and Instagram, which consist of cases of using sexual images or
videos for extortion. The highest number of cases were of defamation and posts by making fake
profiles or making vulgar comments on posts or through messages. The number of cases doubled
from 791 in 2020, to 1,518 in 2021.
On other platforms including Twitter, the new section added for record was of posting vulgar
comments on Zoom meetings and uploading of videos on social media sites other than Facebook and
Instagram. The trend has seen a worrying rise among minor victims and adults equally. Children were
exposed to added screentime owing to the online schooling necessitated by the lockdown, said
officials.
18.Prepare a case study on Japanese Bank for Keylogger Scam

In the London case, where the criminals attempted to transfer $420 from a London branch of Japanese
bank, the technique applied was password cracking. Using Key loggers, the criminals were in a
position to get access to some of the key passwords to the bank system. The information that was
obtained from the key logger programs was used to access some of the most important and restricted
data areas, including access codes that were private the banking top managerial staff. This gave the
criminals directs access to the bank information that led to the attempted crime.
It is also possible that the criminals also used session hijacking through the internet to enable them to
get into important accounts of the bank. A combination of these two techniques must have led to
successful log in to the private accounts of the bank. These are some of the topmost methods that the
criminals always use in accessing private information from the banks. Recent crimes related to the
same have been witnesses in various regions of the world. It has still been realized that password
cracking is still the main method that is usually employed.
There are numerous measures that exist to control cybercrimes. One of these is the use of strong
passwords or user ID. This should be frequently reviewed and changed to limit the extent to which the
key logger programs can access the passwords. It may be able to detect the password, but in changing
this password again and again, successful hacking may be limited.

19. Write the steps to prevent the denial of Service attacks.

1. Organize a DDoS Attack Response Plan. Don’t be caught blindsided by DDoS attacks; have a
response plan ready in case of a security breach so your organization can respond as promptly as
possible. Your plan should document how to maintain business operations if a DDoS attack is
successful, any technical competencies and expertise that will be necessary, and a systems checklist to
ensure that your assets have advanced threat detection.

2. Secure your Infrastructure with DDoS Attack Prevention Solutions.

Equip your network, applications, and infrastructure with multi-level protection strategies. This may
include prevention management systems that combine firewalls, VPN, anti-spam, content filtering and
other security layers to monitor activities and identity traffic inconsistencies that may be symptoms of
DDoS attacks.

3. Perform a Network Vulnerability Assessment.

Identify weakness in your networks before a malicious user does. A vulnerability assessment involves
identifying security exposures so you can patch up your infrastructure to be better prepared for a
DDoS attack, or for any cybersecurity risks in general.

4. Identify Warning Signs of a DDoS Attack.

If you can identify the symptoms of a DDoS attack as early as possible, you can act and hopefully
mitigate damage. Spotty connectivity, slow performance, and intermittent web crashes are all signs
that your business may be coming under attack from a DDoS criminal. Educate your team on signs of
DDoS attacks so everyone can be alert for warning signs.
5. Adopt Cloud-Based Service Providers.
Cloud providers who offer high levels of cybersecurity, including firewalls and threat monitoring
software, can help protect your assets and network from DDoS criminals. The cloud also has greater
bandwidth than most private networks, so it is likely to fail if under the pressure of increased DDoS
attacks.

20.Write the steps to demonstrate intrusion detection system (ids) using the tool SNORT

Intrusion Detection System (IDS)

A system called an intrusion detection system (IDS) observes network traffic

for malicious transactions and sends immediate alerts when it is observed. It
is software that checks a network or system for malicious activities or policy
violations. Each illegal activity or violation is often recorded either centrally
using a SIEM system or notified to an administration. IDS monitors a network
or system for malicious activity and protects a computer network from
unauthorized access from users, including perhaps insiders. The intrusion
detector learning task is to build a predictive model (i.e. a classifier) capable of
distinguishing between ‘bad connections’ (intrusion/attacks) and ‘good
(normal) connections’.

How does an IDS work?

● An IDS (Intrusion Detection System) monitors the traffic on a computer

network to detect any suspicious activity.
● It analyzes the data flowing through the network to look for patterns and
signs of abnormal behavior.
● The IDS compares the network activity to a set of predefined rules and
patterns to identify any activity that might indicate an attack or intrusion.
● If the IDS detects something that matches one of these rules or patterns, it
sends an alert to the system administrator.
● The system administrator can then investigate the alert and take action to
prevent any damage or further intrusion.
Classification of Intrusion Detection System
IDS are classified into 5 types:
● Network Intrusion Detection System (NIDS): Network intrusion detection
systems (NIDS) are set up at a planned point within the network to
examine traffic from all devices on the network. It performs an observation
of passing traffic on the entire subnet and matches the traffic that is passed
on the subnets to the collection of known attacks. Once an attack is
identified or abnormal behavior is observed, the alert can be sent to the
administrator. An example of a NIDS is installing it on the subnet where
firewalls are located in order to see if someone is trying to crack the
firewall.

● Host Intrusion Detection System (HIDS): Host intrusion detection

systems (HIDS) run on independent hosts or devices on the network. A
HIDS monitors the incoming and outgoing packets from the device only
and will alert the administrator if suspicious or malicious activity is
detected. It takes a snapshot of existing system files and compares it with
the previous snapshot. If the analytical system files were edited or deleted,
an alert is sent to the administrator to investigate. An example of HIDS
usage can be seen on mission-critical machines, which are not expected to
change their layout.
● Protocol-based Intrusion Detection System (PIDS): Protocol-based
intrusion detection system (PIDS) comprises a system or agent that would
consistently reside at the front end of a server, controlling and interpreting
the protocol between a user/device and the server. It is trying to secure the
web server by regularly monitoring the HTTPS protocol stream and
accepting the related HTTP protocol. As HTTPS is unencrypted and before
instantly entering its web presentation layer then this system would need to
reside in this interface, between to use the HTTPS.
● Application Protocol-based Intrusion Detection System (APIDS): An
application Protocol-based Intrusion Detection System (APIDS) is a system
or agent that generally resides within a group of servers. It identifies the
intrusions by monitoring and interpreting the communication on application-
specific protocols. For example, this would monitor the SQL protocol
explicitly to the middleware as it transacts with the database in the web
server.
● Hybrid Intrusion Detection System: Hybrid intrusion detection system is
made by the combination of two or more approaches to the intrusion
detection system. In the hybrid intrusion detection system, the host agent
or system data is combined with network information to develop a complete
view of the network system. The hybrid intrusion detection system is more
effective in comparison to the other intrusion detection system. Prelude is
an example of Hybrid IDS.

Benefits of IDS

● Detects malicious activity: IDS can detect any suspicious activities and
alert the system administrator before any significant damage is done.
● Improves network performance: IDS can identify any performance
issues on the network, which can be addressed to improve network
performance.
● Compliance requirements: IDS can help in meeting compliance
requirements by monitoring network activity and generating reports.
● Provides insights: IDS generates valuable insights into network traffic,
which can be used to identify any weaknesses and improve network
security.
Detection Method of IDS
1. Signature-based Method: Signature-based IDS detects the attacks on the
basis of the specific patterns such as the number of bytes or a number of
1s or the number of 0s in the network traffic. It also detects on the basis of
the already known malicious instruction sequence that is used by the
malware. The detected patterns in the IDS are known as signatures.
Signature-based IDS can easily detect the attacks whose pattern
(signature) already exists in the system but it is quite difficult to detect new
malware attacks as their pattern (signature) is not known.
2. Anomaly-based Method: Anomaly-based IDS was introduced to detect
unknown malware attacks as new malware is developed rapidly. In
anomaly-based IDS there is the use of machine learning to create a trustful
activity model and anything coming is compared with that model and it is
declared suspicious if it is not found in the model. The machine learning-
based method has a better-generalized property in comparison to
signature-based IDS as these models can be trained according to the
applications and hardware configurations.
Comparison of IDS with Firewalls
IDS and firewall both are related to network security but an IDS differs from a
firewall as a firewall looks outwardly for intrusions in order to stop them from
happening. Firewalls restrict access between networks to prevent intrusion
and if an attack is from inside the network it doesn’t signal. An IDS describes a
suspected intrusion once it has happened and then signals an alarm.
Conclusion:
Intrusion Detection System (IDS) is a powerful tool that can help
businesses in detecting and prevent unauthorized access to their network.
By analyzing network traffic patterns, IDS can identify any suspicious
activities and alert the system administrator. IDS can be a valuable addition
to any organization’s security infrastructure, providing insights and
improving network performance.

Q21. What is Malware? Write Steps to remove the malware from your PC.

Malware, or malicious software, is any program or file that is intentionally harmful to a

computer, network or server. Types of malware include computer viruses, worms, Trojan
horses,ransomware and spyware. These malicious programs steal, encrypt and delete
sensitive data; alter orhijack core computing functionsand monitor end users' computer
activity.

Malware can infect networks and devices and is designed to harm those devices, networks
and/or their users in some way. Depending on the type of malware and its goal, this harm
may present itself differently to the user or endpoint. In some cases, the effect malware has
is relatively mild and benign, and in others, it can be disastrous.

No matter the method, all types of malware are designed to exploit devices at the expense
of the user and to the benefit of the hacker -- the person who has designed and/or
deployed the malware.

Malware authors use a variety of physical and virtual means to spread malware that
infects devices and networks. For example, malicious programs can be delivered to a
system with a USB drive, through popular collaboration tools and by drive-by downloads,
which automatically download malicious programs to systems without the user's approval
or knowledge.

Different types of malware have unique traits and characteristics. Types of malware include
the following:
• Avirusis the most common type of malware that can execute itself and spread by
infecting other programs or files.
• Awormcan self-replicate without a host program and typically spreads without any
interaction from the malware authors.
• ATrojan horseis designed to appear as a legitimate software program to gain access to
a system. Once activated following installation, Trojans can execute their malicious
functions.
• Spywarecollects information and data on the device and user, as well as observes the
user's activity without their knowledge.
• Ransomwareinfects a user's system and encrypts its data. Cybercriminals thendemand
a ransom paymentfrom the victim in exchange for decrypting the system's data.
• Arootkitobtains administrator-level access to the victim's system. Once installed, the
program gives threat actors root or privileged access to the system.
• Abackdoorvirus or remote access Trojan (RAT) secretly creates a backdoor into an
infected computer system that enables threat actors to remotely access it without
alerting the user or the system's security programs.
• Adwaretracks a user's browser and download history with the intent to display pop-up
or banner advertisements that lure the user into making a purchase. For example, an
advertiser might use cookies to track the webpages a user visits to better target
advertising.
• Keyloggers, also called system monitors, track nearly everything a user does on their
computer. This includes emails, opened webpages, programs and keystrokes.

As mentioned, many security software products are designed to detect and prevent
malware, as well as remove it from infected systems.

Malwarebytesis an example of an antimalware tool that handles detection and removal of

malware. It can remove malware from Windows, macOS, Android and iOS platforms.
Malwarebytes can scan a user's registry files, running programs, hard drives and individual
files. If detected, malware can then be quarantined and deleted. However, unlike some
other tools, users cannot set automatic scanning schedules.

Steps to remove Malware from PC

Step 1: Disconnect from the internet

Disconnecting from the internet will prevent more of your data from being sent to a
malware server or the malware from spreading further.

Step 2: Enter safe mode

If malware is set to load automatically, this will prevent the malware from loading, making
it easier to remove. To enter safe mode:

1. Restart your PC.

2. When you see the sign-in screen, hold down the Shift key and select Power →
Restart.
3. After your PC restarts, to the “Choose an option” screen, select: Troubleshoot →
Advanced Options → Startup Settings.
4. On the next window, click the Restart button and wait for the next screen to appear.
5. A menu will appear with numbered startup options. Select number 4 or F4 to start
your PC in Safe Mode.
Disclaimer: Avoid logging into accounts during malware removal

To avoid sharing your personally identifiable information, do not log into sensitive accounts
while your device is infected.

Step 3: Check your activity monitor for malicious applications

If you know that you’ve installed a suspicious update or application, close the application if
it’s running. Your activity monitor shows the processes that are running on your computer,
so you can see how they affect your computer’s activity and performance.
In Type to search type → Resource Monitor → Find End Task → Right Click → End Process
Step 4: Run a malware scanner

Luckily, malware scanners can remove many standard infections. But remember that if you
already have an antivirus program active on your computer, you should use a different
scanner for this malware check since your current antivirus software may not detect the
malware initially.

Step 5: Fix your web browser

Malware is likely to modify your web browser’s homepage to re-infect your PC. Check your
homepage and connection settings using the steps below for common browsers.
To verify your homepage on Chrome:
• In the top right corner of your Chrome browser,
click More → Settings.
Select the dropdown menu in the “Search engine” section.
• Verify your default homepage.
To verify your homepage on Internet Explorer:

1. Select the Tools icon.

2. Click Internet options.
3. In the General tab, find the “Search” section and click Settings.
4. Verify your default homepage.
Step 6: Clear your cache

After you’ve verified your homepage setting, it’s imperative to clear your browser’s cache.
Follow these steps below to learn how to clear your cache for Chrome and Internet
Explorer. To clear your cache on Chrome:
History → Clear Browsing Data → Time Range → All Time → Clear Data. To clear your cache
on Internet Explorer:

Q22. What are the various types of Vulnerabilities for hacking the Web Applications.
Most Common Website Security Vulnerabilities

1. SQL INJECTIONS

SQL injection is a type of web application security vulnerability in which an attacker

attempts to use application code to access or corrupt database content. If successful, this
allows the attacker to create, read, update, alter, or delete data stored in the back-end
database. SQL injection is one of the most prevalent types
ofwebapplicationsecurityvulnerabilities.

2. CROSS SITE SCRIPTING (XSS)

Cross-site scripting (XSS) targets an application's users by injecting code, usually a client-side
script such as JavaScript, into a web application's output. The concept of XSS is to
manipulate client-side scripts of a web application to execute in the manner desired by the
attacker. XSS allows attackers to execute scripts in the victim's browser which can hijack
user sessions, deface websites or redirect the user to malicious sites.

3. BROKEN AUTHENTICATION & SESSION MANAGEMENT

Broken authentication and session management encompass several security issues, all of
them having to do with maintaining the identity of a user. If authentication credentials and
session identifiers are not protected at all times, an attacker can hijack an active session
and assume the identity of a user.

4. INSECURE DIRECT OBJECT REFERENCES

Insecure direct object reference is when a web application exposes a reference to an

internal implementation object. Internal implementation objects include files, database
records, directories and database keys. When an application exposes a reference to one of
these objects in a URL, hackers can manipulate it to gain access to a user's personal data.

5. SECURITY MISCONFIGURATION

Security misconfiguration encompasses several types of vulnerabilities all centered on a lack

of maintenance or a lack of attention to the web application configuration. A secure
configuration must be defined and deployed for the application, frameworks, application
server, web server, database server and platform. Security misconfiguration gives hackers
access to private data or features and can result in a complete system compromise.

6. CROSS-SITE REQUEST FORGERY (CSRF)

Cross-Site Request Forgery (CSRF) is a malicious attack where a user is tricked into
performing an action he or she didn't intend to do. A third-party website will send a request
to a web application that a user is already authenticated against (e.g. their bank). The
attacker can then access functionality via the victim's already authenticated browser.
Targets include web applications like social media, in browser email clients, online banking,
and web interfaces for network devices.
Don't get caught with your guard down. Practicesafewebsitesecuritymeasuresand always be
ready to protect yourself, and your company's future, from an attack that you might never
recover from. The best way to tell if your website or server is vulnerable is to conduct
regularsecurityaudits.

8 Simple Ways to improve Web Security

1. KEEP YOUR SOFTWARE UP-TO-DATE

It is crucial to keep all platforms or scripts you've installed up-to-date. Hackers aggressively
target security flaws in popular web software, and the programs need to be updated to
patch security holes. It is important to maintain and update every software product you
use.

2. ENFORCE A STRONG PASSWORD POLICY

It is important to use strong passwords. Hackers frequently utilize sophisticated software

that use brute force to crack passwords. To protect against brute force, passwords should
be complex, containing uppercase letters, lowercase letters, numerals, and special
characters. Your passwords should be at least 10 characters long. This password policy
should be maintained throughout your organization.

3. ENCRYPT YOUR LOGIN PAGES

UseSSLencryptionon your login pages. SSL allows sensitive information such as credit card
numbers, social security numbers, and login credentials to be transmitted securely.
Information entered on a page is encrypted so that it's meaningless to any third party who
might intercept it. This helps to prevent hackers from accessing your login credentials or
other private data.

4. USE A SECURE HOST

Choosing a secure and reputablewebhostingcompanyis very important to your website

security. Make sure the host you choose is aware of threats and devoted to keeping your
website secure. Your host should also back up your data to a remote server and make it
easy to restore in case your site is hacked. Choose a host who offers ongoing technical
support whenever necessary. CommonPlaces offers secure, reliable hosting for our
customers.

5. KEEP YOUR WEBSITE CLEAN

Every database, application, or plugin on your website is another possible point of entry for
hackers. You should delete any files, databases, or applications from your website that are
no longer in use. It is also important to keep your file structure organized to keep track of
changes and make it easier to delete old files.

6. BACKUP YOUR DATA

Back up your site regularly. You should maintain backups of all of your website files in case
your site becomes inaccessible or your data is lost. Your web host provider should provide
backups of their own servers, but you should still backup your files regularly. Some content
management programs have plugins or extensions that can automatically back up your site,
and you should also be able to back up databases and content manually.

7. SCAN YOUR WEBSITE FOR VULNERABILITIES

It is important to regularly perform web security scans to check

forwebsiteandservervulnerabilities. Web security scans should be performed on a schedule
and after any change or addition to your web components. There are a number of free tools
on the Internet that you can use to measure how secure your website is. Those tools can be
helpful for a brief review, but they won't detect all the possible security flaws of your site.
Having a professional perform security scans on your website will provide an in-depth
review and explanation of the vulnerabilities on your website.

8. HIRE A SECURITY EXPERT

Developing a relationship with a firm that provides security services can be a lifesaver when
it comes to protecting your website. While the small things can be taken care of on your
own, there are many security measures that should be handled by an expert. Companies
providing security services can regularly scan your website for vulnerabilities, perform full
website security audits, monitor for malicious activity, and be on hand whenever repair is
needed. You and your team must always be vigilant in protecting your website, and these
practical tips represent only the most basic methods. Never stop seeking security
protections for your website. Don't let the bad guys win.
Q23. Write Steps for Sharing Files and Printer remotely between two systems.

Our remote file access feature allows administrators to quickly connect with any computer
in their domain/workgroup and access files remotely. The remote file transfer process
offers convenience and efficiency to administrators as they can work from anywhere.

For instance, in the middle of a troubleshooting session an administrator can remotely

transfer files that are necessary to fix the problem to the target computer. Thus remote file
access and transfer can be a valuable feature for any administrator.

To transfer files to remote computers, follow the steps given below:

1.Click the Tools tab
2.In the Windows Tools section, click Remote Control

3. Click Connect against the name of a computer to connect remotely to it

4. On the top of the remote-connection screen, click File Transfer
5. Select the required file from a folder from your computer
6. Click to transfer it to a folder in the remote computer

You have transferred files to a remote computer.

Share the printer on the primary PC

There are two ways to share your printer: using Settings or Control Panel.

Share your printer using Settings

1. Select the Start button, then select Settings>Devices >Printers & scanners.
2. Choose the printer you want to share, then select Manage.
3. Select Printer Properties, then choose the Sharing tab.
4. On the Sharing tab, select Share this printer.
 5. If you want, edit the share name of the printer. You'll use this name to connect to
the printer from a secondary PC.

Share your printer using Control Panel

1. In the search box on the taskbar, type control panel and then select Control Panel.
2. Under Hardware and Sound, select View devices and printers.
3. Select and hold (or right-click) the printer you want to share, select Printer
properties, and then choose the Sharing tab.
4. On the Sharing tab, select Share this printer.
5. If you want, edit the share name of the printer. You'll use this name to connect to he
printer from a secondary PC..

Q24. List out the Various Mobile Security Apps. Write the Steps to install and use one of
the Mobile Security App.

Mobile application security focuses on the software security posture of mobile apps on
various platforms like Android, iOS, and Windows Phone. This covers applications that run
both on mobile phones as well as tablets.

Mobile app security has become equally important in today's world. A breach in mobile
security can not only give hackers access to the user's personal life in real-time but also
disclose data like their current location, banking information, personal information, and
much more.

Some of the best Android Mobile Security App are

• Bitdefender Mobile Security.

• Norton Mobile Security.
• Avast Mobile Security.
• Kaspersky Mobile Antivirus.
• Lookout Security & Antivirus.
• McAfee Mobile Security.
• Google Play Protect.

Google Play Protect checks your apps and devices for harmful behavior.

• It runs a safety check on apps from the Google Play Store before you download
them.
• It checks your device for potentially harmful apps from other sources. These harmful
apps are sometimes called malware.
• It warns you about potentially harmful apps.
• It may deactivate or remove harmful apps from your device.
 • It warns you about detected apps that violate ourUnwanted Software Policyby
hiding or misrepresenting important information.
• It sends you privacy alerts about apps that can get user permissions to access your
personal information, violating ourDeveloper Policy.
• It may reset app permissions to protect your privacy on certain Android versions.

Verify your device certification status

1. Open the Google Play Store app .

2. At the top right, tap the profile icon.
3. Tap Settings.
4. Under “About,” check if your device is Play Protect certified.

How to turn Google Play Protect on or off

Important: Google Play Protect is on by default, but you can turn it off. For security, we
recommend that you always keep Google Play Protect on.

1. Open the Google Play Store app .

2. At the top right, tap the profile icon.
3. Tap Play Protect Settings.
4. Turn Scan apps with Play Protect on or off.

25.Write the algorithm for encoding and decoding the Hash-Based Message

Authentication Code(HMAC)

HMAC algorithm stands for Hashed or Hash-based Message Authentication Code. It is a

result of work done on developing a MAC derived from cryptographic hash functions. HMAC
is a great resistance towards cryptanalysis attacks as it uses the Hashing concept twice.
HMAC consists of twin benefits of Hashing and MAC and thus is more secure than any other
authentication code. RFC 2104 has issued HMAC, and HMAC has been made compulsory to
implement in IP security. The FIPS 198 NIST standard has also issued HMAC.

What is the MD5 Algorithm?

MD5 (Message Digest Method 5) is a cryptographic hash algorithm used

to generate a 128-bit digest from a string of any length. It represents the digests
as 32 digit hexadecimal numbers. Ronald Rivest designed this algorithm in 1991 to
provide the means for digital signature verification.

There are four major sections of the algorithm:

Padding Bits

When you receive the input string, you have to make sure the size is 64 bits
short of a multiple of 512. When it comes to padding the bits, you must add one(1)
first, followed by zeroes to round out the extra characters.

Padding Length

You need to add a few more characters to make your final string a multiple of
512. To do so, take the length of the initial input and express it in the form of 64 bits.
On combining the two, the final string is ready to be hashed.

Initialize MD Buffer

The entire string is converted into multiple blocks of 512 bits each. You also
need to initialize four different buffers, namely A, B, C, and D. These buffers are 32
bits each and are initialized as follows:

A = 01 23 45 67
B = 89 ab cd ef
C = fe dc ba 98
D = 76 54 32 10

Process Each Block

Each 512-bit block gets broken down further into 16 sub-blocks of 32 bits
each. There are four rounds of operations, with each round utilizing all the sub-
blocks, the buffers, and a constant array value.

This constant array can be denoted as T[1] -> T[64].

Each of the sub-blocks are denoted as M[0] -> M[15].

26.Prepare a case study on Mahesh Bank cyber attack.

Police learnt Nigerian handlers operating from India were tasked to open bank accounts through
locals in banks. Phishing mails were sent by an unidentified hacker to 200 staff of Mahesh bank
and two of them clicked on links in mails, allowing remote access Trojan malware to be
installed.

27.Prepare a case study of cyber attack through Facebook Account

 CEO Mark Zuckerberg’s private credentials are part of the larger leaked data set from
2019
Facebook has suffered yet another data breach , only this time, private information from
533 million accounts have been leaked online. Even the company’s founder and CEO Mark
Zuckerberg’s private credentials are part of the larger leaked data set from 2019.

What kind of data was leaked and how was it done?

Private information of users was primarily obtained by exploiting Facebook’s contact
importer feature that allows users to find friends on social media using their phone’s contact
list.
Malicious actors exploited a weakness in the feature to gain access to user ID, address,
phone number, email address, names of workplaces, date of birth, date of account creation,
and other personal identifiable information. They then leaked this data in the dark web.
Information on users’ finance and password were not divulged.
All 533,000,000 Facebook records were just leaked for free.

This means that if you have a Facebook account, it is extremely likely the phone number
used for the account was leaked.

Facebook claims hackers obtained user data through data scraping — a process used by
people to import data from a website onto a local file that is saved in a computer. The social
networking giant also noted in a blog post that “the specific issue that allowed them
[hackers] to scrape this data in 2019 no longer exists.”
“A lot of companies like Facebook, Google and others provide their APIs to developers for
several reasons. Hacker groups essentially use them to scrape data from these sites,” said
Rajshekhar Rajaharia, a Rajasthan-based entrepreneur and cyber security researcher, in an
email to The Hindu.
“They can procure the name and email of a particular user from one website through their
API, A second website’s API might provide them with their phone number and address, a
third might open the doors to more sensitive information on the same user. Hackers are
essentially combining these details and creating a complete data set which is then being sold
online.”
Uniqueness of this leak, and similarity with others

The latest instance stands out for the sheer number of accounts compromised. According to
a report published by Business Insider , personal information of over half a billion
Facebook users in 106 countries was leaked online. This includes over 32 million records on
users in the U.S., 11.5 million in the U.K., and 6 million in India.
Earlier, data of 500 million LinkedIn users were being sold online by an unknown hacker
who had dumped two million users’ data as sample. Separately, online stock trading
company Upstox’s data was stolen due to compromised Amazon Web Service (AWS) keys.
This hack includes users’ Aadhaar and PAN credentials, passport soft copy, bank account
numbers, and photos of signatures, Rajaharia noted.
“In the case of LinkedIn, it was asserted that data was scraped, in other words, someone
violated the terms of service to cull out data from the public profile, combined with data
from other sites,” Raj Samani, Chief Scientist at cybersecurity firm McAfee told The Hindu .
 The information leaked is in many ways similar to Facebook’s leak, but it contains other
professional information that might add another layer of sensitivity.

Where is this data now, and for what can it be used?

The stolen information can be used to send spam emails, make calls, mount phishing
campaigns and target advertising. It can be used to plot and execute various nefarious online
fraud schemes. Hackers can impersonate users and transfer cash on their behalf, without
their knowledge.
The database of private information is available on dark web for anyone to sift through. CTO
of cyber intelligence firm Hudson Rock in early January confirmed that this data was now
being sold on various groups on the cloud-based messaging app Telegram. Recently the data
set seems to be popping up on various hacker forums all across the internet.

How can one check whether their data has been compromised?
Internet users seeking to know whether their data has been leaked or compromised, can
visit HaveiBeenPawned.com . All they have to do is to key in their email id and check.

28.Create a Presentation on “ Ethical Hacking” at least 10 slides

Definition. Ethical hacking involves an authorized attempt to gain unauthorized access to a

computer system, application, or data. Carrying out an ethical hack involves duplicating strategies
and actions of malicious attacker.

Hacking experts follow four key protocol concepts:

1. Stay legal. Obtain proper approval before accessing and performing a security
assessment.
2. Define the scope. Determine the scope of the assessment so that the ethical
hacker’s work remains legal and within the organization’s approved
boundaries.
3. Report vulnerabilities. Notify the organization of all vulnerabilities discovered
during the assessment. Provide remediation advice for resolving these
vulnerabilities.
4. Respect data sensitivity. Depending on the data sensitivity, ethical hackers
may have to agree to a non-disclosure agreement, in addition to other terms
and conditions required by the assessed organization.

How are ethical hackers different than malicious hackers?

Ethical hackers use their knowledge to secure and improve the technology of
organizations. They provide an essential service to these organizations by looking for
vulnerabilities that can lead to a security breach.
An ethical hacker reports the identified vulnerabilities to the organization.
Additionally, they provide remediation advice. In many cases, with the organization’s
consent, the ethical hacker performs a re-test to ensure the vulnerabilities are fully
resolved.
Malicious hackers intend to gain unauthorized access to a resource (the more
sensitive the better) for financial gain or personal recognition. Some malicious
hackers deface websites or crash backend servers for fun, reputation damage, or to
cause financial loss. The methods used and vulnerabilities found remain unreported.
They aren’t concerned with improving the organizations security posture.

29. Write a Program to download a file from HTTP server

#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <string.h>
#include <errno.h>
#include <arpa/inet.h>

#include <string.h>

int ReadHttpStatus(int sock){

char c;
char buff[1024]="",*ptr=buff+1;
int bytes_received, status;
printf("Begin Response ..\n");
while(bytes_received = recv(sock, ptr, 1, 0)){
if(bytes_received==-1){
perror("ReadHttpStatus");
exit(1);
}

if((ptr[-1]=='\r') && (*ptr=='\n' )) break;

ptr++;
}
*ptr=0;
ptr=buff+1;

sscanf(ptr,"%*s %d ", &status);

printf("%s\n",ptr);
printf("status=%d\n",status);
printf("End Response ..\n");
return (bytes_received>0)?status:0;

//the only filed that it parsed is 'Content-Length'

int ParseHeader(int sock){
char c;
char buff[1024]="",*ptr=buff+4;
int bytes_received, status;
printf("Begin HEADER ..\n");
while(bytes_received = recv(sock, ptr, 1, 0)){
 if(bytes_received==-1){
perror("Parse Header");
exit(1);
}

if(
(ptr[-3]=='\r') && (ptr[-2]=='\n' ) &&
(ptr[-1]=='\r') && (*ptr=='\n' )
) break;
ptr++;
}

*ptr=0;
ptr=buff+4;
//printf("%s",ptr);

if(bytes_received){
ptr=strstr(ptr,"Content-Length:");
if(ptr){
sscanf(ptr,"%*s %d",&bytes_received);

}else
bytes_received=-1; //unknown size

printf("Content-Length: %d\n",bytes_received);
}
printf("End HEADER ..\n");
return bytes_received ;

int main(void){

char domain[] = "sstatic.net", path[]="stackexchange/img/logos/so/so-logo-med.png";

int sock, bytes_received;

char send_data[1024],recv_data[1024], *p;
struct sockaddr_in server_addr;
struct hostent *he;

he = gethostbyname(domain);
if (he == NULL){
herror("gethostbyname");
exit(1);
}

if ((sock = socket(AF_INET, SOCK_STREAM, 0))== -1){

perror("Socket");
exit(1);
}
server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(80);
server_addr.sin_addr = *((struct in_addr *)he->h_addr);
bzero(&(server_addr.sin_zero),8);
 printf("Connecting ...\n");
if (connect(sock, (struct sockaddr *)&server_addr,sizeof(struct sockaddr)) == -1){
perror("Connect");
exit(1);
}

printf("Sending data ...\n");

snprintf(send_data, sizeof(send_data), "GET /%s HTTP/1.1\r\nHost: %s\r\n\r\n", path, domain);

if(send(sock, send_data, strlen(send_data), 0)==-1){

perror("send");
exit(2);
}
printf("Data sent.\n");

//fp=fopen("received_file","wb");
printf("Recieving data...\n\n");

int contentlengh;

if(ReadHttpStatus(sock) && (contentlengh=ParseHeader(sock))){

int bytes=0;
FILE* fd=fopen("test.png","wb");
printf("Saving data...\n\n");

while(bytes_received = recv(sock, recv_data, 1024, 0)){

if(bytes_received==-1){
perror("recieve");
exit(3);
}

fwrite(recv_data,1,bytes_received,fd);
bytes+=bytes_received;
printf("Bytes recieved: %d from %d\n",bytes,contentlengh);
if(bytes==contentlengh)
break;
}
fclose(fd);
}

close(sock);
printf("\n\nDone.\n\n");
return 0;
}

30.Create a Presentation on “Security Protocols” ( atleast 5 protocols)

Procedure:

Step1: open power point application window Start button ->all programs ->Microsoft office ->
Microsoft PowerPoint.

Step2: Take new slide: go to Home tab -> slides ->select new slide

Step3: Repeat Step2 4 times to take new slides

Step4: type about “Security Protocols” in all 5 slides.

Step5: select a slide and write the content regarding the topics then apply transitions

Step6: Go to animation tab -> transition to this slide group ->select any one transition.

Step7: repeat step 4 and 5 until to apply custom animations to all slides

Step 8: save the file 33. Write an algorithm and Program for encrypting a plain text

31.Write the steps to detect the number of devices connected to wifi and block unauthorized
devices

Find Unknown Device on your Wi-Fi:

Every device has a unique address called IP (Internet Protocol) address on
your network using which they connect to the internet. Every device on your
network can be identified, even unknown IP addresses on routers, using the
IP address.
You can find the IP address on the windows by the following steps:
● Click on the Start option, then go to the “Settings” option.
● Go to the “Network & Internet” option.
● Here you select your network connection, and you can view the IP address
beside the “IP Address.”
● Now click on the “Wi-Fi” option, then go to “Advanced Options,” here IP
address will be displayed next to “IPv4 Address.” Here you can find the IP
address of the devices connected to your network and therefore check for
devices that are unknown to you.
But still, the above method doesn’t give sufficient information, so there is
another way of finding the unknown devices connected to your network
regardless of what devices you use or have access to if you have the internet
at home and can access a web browser. Before that, you need to have the
router’s login information. The chances are your login info is set to default. It’s
usually a combination of “username” for the username field and “password” for
the password field, but this does change depending on your router and further
you can put your own username and password, so make sure you have the
correct information. Find your default gateway IP address which is your
router’s IP address (like http://192.168.1.1)you can use to enter into a web
browser like a URL to access your router’s web-management setup, you can
get your router’s IP address by following the first 3 steps in the above-
mentioned process.
Now you can find the devices connected to your Wi-Fi network by following
the steps:
1. Open up any web browser tab on a mobile device or a computer; type in
your default gateway IP address, and press Enter for it to load.
2. Now login to your router’s web management portal by entering in your
username and password.
3. Navigate around and look for the list to find the connected devices. Many
times, routers will divide up lists of connections by connection type,
depending on the type of your devices choose wired devices and Wi-Fi
devices.
As you find your device list, there may be a chance that you don’t recognize
the name of every device connected to your network. Some devices of your
devices will have identifiable names, but others may come up as an unknown
or random string of letters and numbers. Now take a count of your internet-
enabled devices to compare with the list you find to find out the unknown
devices.
● There is another method to find all devices on your network including wired
devices by following steps (For Windows): –
● Using cmd command open the command prompt utility and run it as an
administrator.
● Type arp -a command and push enter.
● You will view a list of IP addresses and MAC addresses of connected
devices on your screen.
Also, you can identify the device by using its IP address and MAC address,
the information can be obtained by pinging the device on your command
prompt on your Windows Devices. This is done by following steps (For
Windows): –
● Using cmd command open the command prompt utility and make sure to
run it as an administrator.
● Use the ping command and type ping -a XYZ, where XYZ is the IP
address of the device which you want to find.
● Now you can see if it is pinging a certain network name. But it won’t work if
you turned your devices.
Now you can use a network scanning tool to monitor, discover, map, and scan
the network devices to protect your network against unknown devices. Some
commonly used tools are:
● Auvik
● Intruder
● SolarWinds
● NetScan Tools Pro.
● NMap

Prevention:

● Scan your home network at regular intervals to remove the devices which
you see as fit.
● Update your Wi-Fi password with a stronger one and try to change it after a
period of time.
● Update your default Wi-Fi SSID (Service Set Identifier).
● Disable WPS (Wi-Fi Protected Setup) through your router’s admin panel.
● Enable New Device Approval.

Conclusion:
Most of the time, finding some unknown device on your network isn’t going to
cause any problems for you. But it is not proper for someone to use the
service you are paying for, even when that device could be someone you’ve
given access to before, and you don’t recognize their name. Also, there are
chances for malicious persons to steal your data, so one should always be
careful about taking all the above-mentioned precautions.
32.Prepare a case study on Crypto currency Cyber attack. (Ex: Grim Finance)

Key Findings

● Over $600 million in cryptocurrency stolen in platform attacks in the

first three weeks of December from BadgerDAO, BitMart, AscendEX,
Vulcan Forged, and Grim Finance.
● Cross-chain swaps and Tornado Cash dominated on-chain
movements by attackers.
● Attackers continue to target crypto platforms as 2021 comes to a
close through phishing and contract exploits.
‍
Decentralized Finance (DeFi) platform Grim Finance announced on the evening of
December 18, 2021, that it suffered a hack resulting in over $30 million in losses.
This is the third hack in the last week and the fifth for the month of December
bringing total losses to over $600 million.
Analysis by Grim Finance identified the platform compromise was carried out by an
advanced attacker.
“The attacker attacked using the function titled beforeDeposit() from our vault
strategy entering a malicious token contract. The attacker create a malicious token
contract that executed five reentrancy loops from safeTransferFrom(), where in all 5
rentrancy, the _pool value is set to the current balance(). On the last
safeTransferFrom(), the rentrancy loop is broken, and some want can be transferred
to the strategy, which will increase the _amount to put the vault in a state to mint
shares. On the unwinding of the 5 rentrancies, each loop will see that the _amount is
not 0, and mint the corresponding shares, mint the same share count 5x (the
number of rentrancy loops).”
Approximately one hour prior to the malicious token contract was created, the
attacker funded both Ethereum (ETH) and Binance Smart Chain (BSC) wallets from
Tornado Cash. The attacker bridged the stolen crypto from Grim Finance from the
Fantom Mainnet to the ETH mainnet for USDC and DAI.
‍
Cross-chain analytics within TRM’s Forensics platform (Source: TRM)

In addition to the inbound stolen funds bridged from Fantom mainnet, an unknown
individual sent a message to the attacker via BSC to alert that wallets associated
with the attacker were blacklisted.
‍

33.Write an algorithm and Program for encrypting a plain text and decrypting a cipher text using
Caesar Cipher.

#include<stdio.h>

int main()
{
char message[100], ch;
int i, key;
printf("Enter a message to encrypt: ");
gets(message);
printf("Enter key: ");
scanf("%d", &key);
for(i = 0; message[i] != '\0'; ++i){
ch = message[i];
if(ch >= 'a' && ch <= 'z'){
ch = ch + key;
if(ch > 'z'){
ch = ch - 'z' + 'a' - 1;
}
message[i] = ch;
}
else if(ch >= 'A' && ch <= 'Z'){
ch = ch + key;
if(ch > 'Z'){
ch = ch - 'Z' + 'A' - 1;
}
message[i] = ch;
}
}
printf("Encrypted message: %s", message);
return 0;
}

Output
#Encryption

#Decryption

34.Write an algorithm and Program to implement Data Encryption Standard (DES) for
encryption and decryption

#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
#include <math.h>
#include <time.h>

int IP[] =
{
58, 50, 42, 34, 26, 18, 10, 2,
60, 52, 44, 36, 28, 20, 12, 4,
62, 54, 46, 38, 30, 22, 14, 6,
64, 56, 48, 40, 32, 24, 16, 8,
57, 49, 41, 33, 25, 17, 9, 1,
59, 51, 43, 35, 27, 19, 11, 3,
61, 53, 45, 37, 29, 21, 13, 5,
63, 55, 47, 39, 31, 23, 15, 7
};

int E[] =
{
32, 1, 2, 3, 4, 5,
4, 5, 6, 7, 8, 9,
8, 9, 10, 11, 12, 13,
12, 13, 14, 15, 16, 17,
16, 17, 18, 19, 20, 21,
20, 21, 22, 23, 24, 25,
24, 25, 26, 27, 28, 29,
28, 29, 30, 31, 32, 1
};

int P[] =
{
16, 7, 20, 21,
29, 12, 28, 17,
1, 15, 23, 26,
5, 18, 31, 10,
2, 8, 24, 14,
32, 27, 3, 9,
19, 13, 30, 6,
22, 11, 4, 25
};

int FP[] =
{
40, 8, 48, 16, 56, 24, 64, 32,
39, 7, 47, 15, 55, 23, 63, 31,
38, 6, 46, 14, 54, 22, 62, 30,
37, 5, 45, 13, 53, 21, 61, 29,
36, 4, 44, 12, 52, 20, 60, 28,
35, 3, 43, 11, 51, 19, 59, 27,
34, 2, 42, 10, 50, 18, 58, 26,
33, 1, 41, 9, 49, 17, 57, 25
};

int S1[4][16] =
{
 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13
};

int S2[4][16] =
{
15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9
};

int S3[4][16] =
{
10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12
};

int S4[4][16] =
{
7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14
};

int S5[4][16] =
{
2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3
};

int S6[4][16] =
{
12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13
};

int S7[4][16]=
{
4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12
};

int S8[4][16]=
{
13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11
};

int PC1[] =
{
57, 49, 41, 33, 25, 17, 9,
1, 58, 50, 42, 34, 26, 18,
10, 2, 59, 51, 43, 35, 27,
19, 11, 3, 60, 52, 44, 36,
63, 55, 47, 39, 31, 23, 15,
7, 62, 54, 46, 38, 30, 22,
14, 6, 61, 53, 45, 37, 29,
21, 13, 5, 28, 20, 12, 4
};

int PC2[] =
{
14, 17, 11, 24, 1, 5,
3, 28, 15, 6, 21, 10,
23, 19, 12, 4, 26, 8,
16, 7, 27, 20, 13, 2,
41, 52, 31, 37, 47, 55,
30, 40, 51, 45, 33, 48,
44, 49, 39, 56, 34, 53,
46, 42, 50, 36, 29, 32
};

int SHIFTS[] = { 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1 };

FILE* out;
int LEFT[17][32], RIGHT[17][32];
int IPtext[64];
int EXPtext[48];
int XORtext[48];
int X[8][6];
int X2[32];
int R[32];
int key56bit[56];
int key48bit[17][48];
int CIPHER[64];
int ENCRYPTED[64];

void expansion_function(int pos, int text)

{
for (int i = 0; i < 48; i++)
{
if (E[i] == pos + 1) {
EXPtext[i] = text;
}
}
}
int initialPermutation(int pos, int text)
{
int i;
for (i = 0; i < 64; i++)
{
if (IP[i] == pos + 1) {
break;
}
}
IPtext[i] = text;
}

int F1(int i)
{
int r, c, b[6];

for (int j = 0; j < 6; j++) {

b[j] = X[i][j];
}

r = b[0] * 2 + b[5];
c = 8 * b[1] + 4 * b[2] + 2 * b[3] + b[4];

if (i == 0) {
return S1[r][c];
}
else if (i == 1) {
return S2[r][c];
}
else if (i == 2) {
return S3[r][c];
}
else if (i == 3) {
return S4[r][c];
}
else if (i == 4) {
return S5[r][c];
}
else if (i == 5) {
return S6[r][c];
}
else if (i == 6) {
return S7[r][c];
}
else if (i == 7) {
return S8[r][c];
}
}

int XOR(int a, int b) {

return (a ^ b);
}

int ToBits(int value)

{
int k, j, m;
static int i;

if (i % 32 == 0) {
i = 0;
}

for (j = 3; j >= 0; j--)

{
m = 1 << j;
k = value & m;
if (k == 0) {
X2[3 - j + i] = '0' – 48;
}
else {
X2[3 - j + i] = '1' – 48;
}
}

i = i + 4;
}

int SBox(int XORtext[])

{
int k = 0;
for (int i = 0; i < 8; i++)
{
for (int j = 0; j < 6; j++) {
X[i][j] = XORtext[k++];
}
}

int value;
for (int i = 0; i < 8; i++)
{
value = F1(i);
ToBits(value);
}
}

int PBox(int pos, int text)

{
int i;
for (i = 0; i < 32; i++)
{
if (P[i] == pos + 1) {
break;
}
}
R[i] = text;
}

void cipher(int Round, int mode)

{
 for (int i = 0; i < 32; i++) {
expansion_function(i, RIGHT[Round – 1][i]);
}

for (int i = 0; i < 48; i++)

{
if (mode == 0) {
XORtext[i] = XOR(EXPtext[i], key48bit[Round][i]);
}
else {
XORtext[i] = XOR(EXPtext[i], key48bit[17 – Round][i]);
}
}

SBox(XORtext);

for (int i = 0; i < 32; i++) {

PBox(i, X2[i]);
}

for (int i = 0; i < 32; i++) {

RIGHT[Round][i] = XOR(LEFT[Round – 1][i], R[i]);
}
}

void finalPermutation(int pos, int text)

{
int i;
for (i = 0; i < 64; i++)
{
if (FP[i] == pos + 1) {
break;
}
}
ENCRYPTED[i] = text;
}

void convertToBinary(int n)
{
int k, m;
for (int i = 7; i >= 0; i--)
{
m = 1 << i;
k = n & m;

if (k == 0) {
fprintf(out, "0");
}
else {
fprintf(out, "1");
}
}
}

int convertCharToBit(long int n)

{
FILE* inp = fopen("input.txt", "rb");
out = fopen("bits.txt", "wb+");
char ch;
int i = n * 8;

while (i)
{
ch = fgetc(inp);
if (ch == -1) {
break;
}
i--;
convertToBinary(ch);
}
fclose(out);
fclose(inp);
}

void Encryption(long int plain[])

{
out = fopen("cipher.txt", "ab+");
for (int i = 0; i < 64; i++) {
initialPermutation(i, plain[i]);
}

for (int i = 0; i < 32; i++) {

LEFT[0][i] = IPtext[i];
}

for (int i = 32; i < 64; i++) {

RIGHT[0][i – 32] = IPtext[i];
}

for (int k = 1; k < 17; k++)

{
cipher(k, 0);

for (int i = 0; i < 32; i++)

LEFT[k][i] = RIGHT[k – 1][i];
}

for (int i = 0; i < 64; i++)

{
if (i < 32) {
CIPHER[i] = RIGHT[16][i];
}
else {
CIPHER[i] = LEFT[16][i – 32];
}
finalPermutation(i, CIPHER[i]);
}

for (int i = 0; i < 64; i++) {

fprintf(out, "%d", ENCRYPTED[i]);
 }
fclose(out);
}

void Decryption(long int plain[])

{
out = fopen("decrypted.txt", "ab+");
for (int i = 0; i < 64; i++) {
initialPermutation(i, plain[i]);
}

for (int i = 0; i < 32; i++) {

LEFT[0][i] = IPtext[i];
}

for (int i = 32; i < 64; i++) {

RIGHT[0][i – 32] = IPtext[i];
}

for (int k = 1; k < 17; k++)

{
cipher(k, 1);

for (int i = 0; i < 32; i++) {

LEFT[k][i] = RIGHT[k – 1][i];
}
}

for (int i = 0; i < 64; i++)

{
if (i < 32) {
CIPHER[i] = RIGHT[16][i];
} else {
CIPHER[i] = LEFT[16][i – 32];
}
finalPermutation(i, CIPHER[i]);
}

for (int i = 0; i < 64; i++) {

fprintf(out, "%d", ENCRYPTED[i]);
}

fclose(out);
}

void convertToBits(int ch[])

{
int value = 0;
for (int i = 7; i >= 0; i--) {
value += (int)pow(2, i) * ch[7 – i];
}
fprintf(out, "%c", value);
}

int bittochar()
{
out = fopen("result.txt", "ab+");
for (int i = 0; i < 64; i = i + 8) {
convertToBits(&ENCRYPTED[i]);
}
fclose(out);
}

void key56to48(int round, int pos, int text)

{
int i;
for (i = 0; i < 56; i++)
{
if (PC2[i] == pos + 1) {
break;
}
}
key48bit[round][i] = text;
}

int key64to56(int pos, int text)

{
int i;
for (i = 0; i < 56; i++)
{
if (PC1[i] == pos + 1) {
break;
}
}
key56bit[i] = text;
}

void key64to48(unsigned int key[])

{
int k, backup[17][2];
int CD[17][56];
int C[17][28], D[17][28];

for (int i = 0; i < 64; i++) {

key64to56(i, key[i]);
}

for (int i = 0; i < 56; i++)

{
if (i < 28) {
C[0][i] = key56bit[i];
}
else {
D[0][i – 28] = key56bit[i];
}
}

for (int x = 1; x < 17; x++)

{
int shift = SHIFTS[x – 1];
 for (int i = 0; i < shift; i++) {
backup[x - 1][i] = C[x – 1][i];
}

for (int i = 0; i < (28 – shift); i++) {

C[x][i] = C[x – 1][i + shift];
}

k = 0;
for (int i = 28 – shift; i < 28; i++) {
C[x][i] = backup[x – 1][k++];
}

for (int i = 0; i < shift; i++) {

backup[x - 1][i] = D[x – 1][i];
}

for (int i = 0; i < (28 – shift); i++) {

D[x][i] = D[x – 1][i + shift];
}

k = 0;
for (int i = 28 – shift; i < 28; i++) {
D[x][i] = backup[x – 1][k++];
}
}

for (int j = 0; j < 17; j++)

{
for (int i = 0; i < 28; i++) {
CD[j][i] = C[j][i];
}

for (int i = 28; i < 56; i++) {

CD[j][i] = D[j][i – 28];
}
}

for (int j = 1; j < 17; j++)

{
for (int i = 0; i < 56; i++) {
key56to48(j, i, CD[j][i]);
}
}
}

void decrypt(long int n)

{
FILE* in = fopen("cipher.txt", "rb");
long int plain[n * 64];
int i = -1;
char ch;

while (!feof(in))
 {
ch = getc(in);
plain[++i] = ch – 48;
}

for (int i = 0; i < n; i++)

{
Decryption(plain + i * 64);
bittochar();
}

fclose(in);
}

void encrypt(long int n)

{
FILE* in = fopen("bits.txt", "rb");

long int plain[n * 64];

int i = -1;
char ch;

while (!feof(in))
{
ch = getc(in);
plain[++i] = ch – 48;
}

for (int i = 0; i < n; i++) {

Encryption(plain + 64 * i);
}

fclose(in);
}

void create16Keys()
{
FILE* pt = fopen("key.txt", "rb");
unsigned int key[64];
int i = 0, ch;

while (!feof(pt))
{
ch = getc(pt);
key[i++] = ch – 48;
}

key64to48(key);
fclose(pt);
}

long int findFileSize()

{
FILE* inp = fopen("input.txt", "rb");
long int size;
 if (fseek(inp, 0L, SEEK_END)) {
perror("fseek() failed");
}
// size will contain number of chars in the input file.
else {
size = ftell(inp);
}
fclose(inp);

return size;
}

int main()
{
// destroy contents of these files (from previous runs, if any)
out = fopen("result.txt", "wb+");
fclose(out);

out = fopen("decrypted.txt", "wb+");

fclose(out);

out = fopen("cipher.txt", "wb+");

fclose(out);

create16Keys();

long int n = findFileSize() / 8;

convertCharToBit(n);

encrypt(n);
decrypt(n);

return 0;
}

35.Write RSA algorithm and Program to implement RSA Standard for encryption and decryption

RSA Algorithm in Cryptography

RSA algorithm is an asymmetric cryptography algorithm. Asymmetric actually
means that it works on two different keys i.e. Public Key and Private Key. As
the name describes that the Public Key is given to everyone and the Private
key is kept private.
An example of asymmetric cryptography:
1. A client (for example browser) sends its public key to the server and
requests some data.
2. The server encrypts the data using the client’s public key and sends the
encrypted data.
3. The client receives this data and decrypts it.
Since this is asymmetric, nobody else except the browser can decrypt the
data even if a third party has the public key of the browser.
The idea! The idea of RSA is based on the fact that it is difficult to factorize a
large integer. The public key consists of two numbers where one number is a
multiplication of two large prime numbers. And private key is also derived from
the same two prime numbers. So if somebody can factorize the large number,
the private key is compromised. Therefore encryption strength totally lies on
the key size and if we double or triple the key size, the strength of encryption
increases exponentially. RSA keys can be typically 1024 or 2048 bits long, but
experts believe that 1024-bit keys could be broken in the near future. But till
now it seems to be an infeasible task.
Let us learn the mechanism behind the RSA algorithm : >> Generating
Public Key:
Select two prime no's. Suppose P = 53 and Q = 59.
Now First part of the Public key : n = P*Q = 3127.
We also need a small exponent say e :
But e Must be
An integer.
Not be a factor of n.
1 < e < Φ(n) [Φ(n) is discussed below],
Let us now consider it to be equal to 3.
Our Public Key is made of n and e
>> Generating Private Key:
We need to calculate Φ(n) :
Such that Φ(n) = (P-1)(Q-1)
so, Φ(n) = 3016
Now calculate Private Key, d :
d = (k*Φ(n) + 1) / e for some integer k
For k = 2, value of d is 2011.
Now we are ready with our – Public Key ( n = 3127 and e = 3) and Private
Key(d = 2011) Now we will encrypt “HI” :
Convert letters to numbers : H = 8 and I = 9
Thus Encrypted Data c = 89e mod n.
Thus our Encrypted Data comes out to be 1394

Now we will decrypt 1394 :

Decrypted Data = cd mod n.
Thus our Encrypted Data comes out to be 89

8 = H and I = 9 i.e. "HI".

Below is the implementation of the RSA algorithm for
Method 1: Encrypting and decrypting small numeral values:

// C program for RSA asymmetric cryptographic

// algorithm. For demonstration values are

// relatively small compared to practical

// application

#include <bits/stdc++.h>

using namespace std;

// Returns gcd of a and b

int gcd(int a, int h)

int temp;

while (1) {

temp = a % h;

if (temp == 0)

return h;

a = h;

h = temp;

// Code to demonstrate RSA algorithm

int main()

// Two random prime numbers

double p = 3;

double q = 7;

// First part of public key:

double n = p * q;

// Finding other part of public key.

// e stands for encrypt

double e = 2;

double phi = (p - 1) * (q - 1);

while (e < phi) {

// e must be co-prime to phi and

// smaller than phi.

if (gcd(e, phi) == 1)

break;

else

e++;

}
// Private key (d stands for decrypt)

// choosing d such that it satisfies

// d*e = 1 + k * totient

int k = 2; // A constant value

double d = (1 + (k * phi)) / e;

// Message to be encrypted

double msg = 12;

printf("Message data = %lf", msg);

// Encryption c = (msg ^ e) % n

double c = pow(msg, e);

c = fmod(c, n);

printf("\nEncrypted data = %lf", c);

// Decryption m = (c ^ d) % n

double m = pow(c, d);

m = fmod(m, n);
 printf("\nOriginal Message Sent = %lf", m);

return 0;

// This code is contributed by Akash Sharan.

Output
Message data = 12.000000
Encrypted data = 3.000000
Original Message Sent = 12.000000

36.Write the steps to analyze the E-Mail Application’ssecurity vulnerabilities.

Email is the dream delivery platform for any and all types of cyberattacks; it provides a mechanism
capable of placing almost any kind of threat in front of almost any target.

Attackers use email to send malicious software attacks to an end user. Even when filters are able to
find potentially unwanted programs, attackers can still fall back to time-tested social engineering
tactics to convince victims to take actions against their own interests.

For decades, email has been the predominant end-user network application, so it should be no surprise
that attackers have focused their attention on exploiting email security threats. While the attack
techniques have become much more sophisticated over the years, security teams have long understood
the fundamentals of email security threats.
While the forms and intentions of email security threats have morphed many times, from sowing
chaos and denial of service via spam campaigns to today's dominant threats of ransomware and email
fraud, the email security threats themselves still generally fall into three categories:

Malware delivery
Phishing
Domain spoofing

Malware delivery
Ever since email applications began to include attachments, file attachments have been used to deliver
malware. Once email applications began to support executable content using the same types of
content that are offered on the web, attackers quickly learned to subvert that content with malicious
code.

Phishing
Phishing, in all its forms, is the practice of using email or other types of messaging applications to
carry out social engineering campaigns in an effort to convince the victim to perform some action.
Ordinary phishing campaigns spread generic phishing emails to a broad spectrum of potential targets
in order to harvest user credentials or infect users' systems with ransomware by prompting them to
click on malicious links.

Domain spoofing
Spoofing domains is a common tactic attackers use against email users. The domain being spoofed
may be in the headers of a message to try to fool the recipient into believing that the email originated
from a known domain. For example, an attacker may send a phishing message that appears to have
originated from the recipient's employer, bank or other trusted source.

37.What is SQL Injection? Write steps for SQL Injection attack on Insert, Update and Delete.

SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that
an application makes to its database. It generally allows an attacker to view data that they are not
normally able to retrieve. This might include data belonging to other users, or any other data that the
application itself is able to access. In many cases, an attacker can modify or delete this data, causing
persistent changes to the application's content or behavior.

SQL injection examples

There are a wide variety of SQL injection vulnerabilities, attacks, and techniques, which arise in
different situations. Some common SQL injection examples include:

Retrieving hidden data, where you can modify an SQL query to return additional results.
Subverting application logic, where you can change a query to interfere with the application's logic.
UNION attacks, where you can retrieve data from different database tables.
Examining the database, where you can extract information about the version and structure of the
database.
Blind SQL injection, where the results of a query you control are not returned in the application's
responses.

SQL injection in different parts of the query

Most SQL injection vulnerabilities arise within the WHERE clause of a SELECT query. This type of
SQL injection is generally well-understood by experienced testers.
But SQL injection vulnerabilities can in principle occur at any location within the query, and within
different query types. The most common other locations where SQL injection arises are:

In UPDATE statements, within the updated values or the WHERE clause.

In INSERT statements, within the inserted values.
In SELECT statements, within the table or column name.
In SELECT statements, within the ORDER BY clause.

38.Write an algorithm and a Program to implement Diffie Hellman Key

#include <stdio.h>
// Function to compute `a^m mod n`
int compute(int a, int m, int n)
{
int r;
int y = 1;

while (m > 0)
{
r = m % 2;

// fast exponention
if (r == 1) {
y = (y*a) % n;
}
a = a*a % n;
m = m / 2;
}

return y;
}

// C program to demonstrate the Diffie-Hellman algorithm

int main()
{
int p = 23; // modulus
int g = 5; // base

int a, b; // `a` – Alice's secret key, `b` – Bob's secret key.
int A, B; // `A` – Alice's public key, `B` – Bob's public key

// choose a secret integer for Alice's private key (only known to Alice)
a = 6; // or, use `rand()`

// Calculate Alice's public key (Alice will send `A` to Bob)

A = compute(g, a, p);

// choose a secret integer for Bob's private key (only known to Bob)
b = 15; // or, use `rand()`

// Calculate Bob's public key (Bob will send `B` to Alice)

B = compute(g, b, p);

// Alice and Bob Exchange their public key `A` and `B` with each other
 // Find secret key
int keyA = compute(B, a, p);
int keyB = compute(A, b, p);

printf("Alice's secret key is %d\nBob's secret key is %d", keyA, keyB);

return 0;
}

39.Write an RSA algorithm and Program to implement digital Signature Scheme

// C program for RSA asymmetric cryptographic

// algorithm. For demonstration values are

// relatively small compared to practical

// application

#include<stdio.h>

#include<math.h>

// Returns gcd of a and b

int gcd(int a, int h)

int temp;

while (1)

temp = a%h;

if (temp == 0)

return h;

a = h;

h = temp;

}
// Code to demonstrate RSA algorithm

int main()

// Two random prime numbers

double p = 3;

double q = 7;

// First part of public key:

double n = p*q;

// Finding other part of public key.

// e stands for encrypt

double e = 2;

double phi = (p-1)*(q-1);

while (e < phi)

// e must be co-prime to phi and

// smaller than phi.

if (gcd(e, phi)==1)

break;

else

e++;

int k = 2; // A constant value

double d = (1 + (k*phi))/e;
 // Message to be encrypted

double msg = 20;

printf("Message data = %lf", msg);

// Encryption c = (msg ^ e) % n

double c = pow(msg, e);

c = fmod(c, n);

printf("\nEncrypted data = %lf", c);

// Decryption m = (c ^ d) % n

double m = pow(c, d);

m = fmod(m, n);

printf("\nOriginal Message Sent = %lf", m);

return 0;

40.Write an algorithm and Program to generate Pseudo Random numbers in a range

#include <stdio.h>

#include <conio.h>

#include <stdlib.h>

int main()

int n, max, num, c;

printf("Enter the number of random numbers you want\n");

scanf("%d", &n);
 printf("Enter the maximum value of random number\n");

scanf("%d", &max);

printf("%d random numbers from 0 to %d are:\n", n, max);

randomize();

for (c = 1; c <= n; c++)

num = random(max);

printf("%d\n",num);

getch();

return 0;

41. Create a presentation on cyber security regulations with at least 10 slides?

1 . Important of legal framework :

● Importance of Legal Framework:
● Law takes the principle of territoriality as
point of departure;
●Cyber security tools and targets are physical-
boundary-independent;
●Agreements between nations create a general
common basis for cyber security measures
Cyber Security Legal Framewor

2. Cyber Security Legal Framework

●International Agreements
●EU Legal Framework
●Bilateral Agreements
● National law
●Internal regulation

3 Development of International Law

● Cyber Security is a rather new area for
law*.
● Over the years, the international co-
operation on cybercrime has been very
active and comprehensive.
● The international level of consensus on
criminal law has, however, not been
achieved.
.

3 International Activities / UN
General Assembly Resolutions on:
● Developments in the Field of
Information and
Telecommunications in the Context
of International Security
● Combating the Criminal Misuse of
Information Technology
● Creation of a Global Culture of
Cybersecurity
● Creation of a Global Culture of
Cybersecurity and the Protection of
Critical Information Infrastructures
 5 C3 : Substantial criminal law
● Article 2 – Illegal access
● Article 3 – Illegal interception
● Article 4 – Data interference
● Article 5 – System interference
● Article 6 – Misuse of devices
● Article 7 – Computer-related forgery
● Article 8 – Computer-related fraud
● Article 9 – Offences related to child pornography
● Article 10 – Offences related to infringements of
copyright and related right

42.Create a Presentation on “Role of International Law” with at least 10 slides

43.Create a Presentation on “Cyber Forensics” with at least 10 slides

A) What is Cyber Forensics?

The science of collecting, inspecting, interpreting, reporting, and presenting computer-related

electronic

evidence is known as cyber forensics. Evidence can be found on the hard drive or in deleted files.

How are cybersecurity and digital forensics related?

Cybersecurityaims to reduce the risk ofcyberattacks and protect against unauthorized exploitation
of

systems, networks, and technologies. While digital forensicsfocuses on the recovery and
investigation of

artifacts found on adigitaldevice.

Cyber Forensics Scope

As everything becomes digitalized, the scope of cyber forensics expands. It assists us in combating

hostile actions by identifying underlying perpetrators. The evidence gathered during inquiries aids

cybersecurity specialists in locating the hackers and crackers.

Cyber forensics takes a systematic interpretation, sorting it out concisely.

 Obtaining a digital copy of the under inspection system: This method entails producing a copy

of the system’s data to avoid harm from being done to the actual system, which might lead to

file confusion with the files already present on the computer. Cloning a hard disc entails

replicating the hard drive’s files and folders. The duplicate is present on another disc by copying

every small piece of data for analysis

 Authenticating and confirming the replica: After copying the files, experts verify that the copied
data is consistent and exactly as it exists in the real system.

 Determining that the copied data is forensically acceptable: It is possible to change the format

of the data while duplicating it from a device, resulting in discrepancies in the operating systems

of the investigators and the one from which the data was copied. To avoid this, detectives

ensure that the structure stays constant and that the data is forensically acceptable and is

written on the hard disk drive in a format that is adequately used in the computer.

Recovering deleted files: Criminals think of innovative ways of deleting the scene and often
remove

some data that could indicate their misconduct; it is the work of the investigators to recover and

reconstruct deleted files with state-of-the-art software.

Skills Required for a Cyber Forensic Investigator

 Technical Aptitude: Cybersecurity is a technology-driven field; you will probably be responsible

for debugging, regularly updating the ISS, and offering protection systems in real-time. To

conduct the normal operations of cybersecurity professionals, being technologically competent

is necessary.

 Analytical ability: A major part of being a cyber forensics specialist is the capability to analyze

and build a clear comprehension of data.

 Strong communication skills: A crime scene investigator must be able, as part of a case, to

examine and explain technical facts to others in depth.

44. Create a presentation on cyber security standards with at least 10 slides?

1. Cyber security standards

Cyber security standards are techniques generally set forth in published
materials that attempt to protect the cyber environment of a user or
organization. This environment includes: users themselves networks devices all
software processes information in storage or transit applications services
systems that can be connected directly or indirectly to networks .

2. Cyber security standards cont.

The principal objective to reduce the risks including prevention or mitigation
of cyber-attacks. These published materials consist of collections of tools,
Policy security concepts security safeguards guidelines, risk management
approaches, actions, training, best practices, assurance and technologies.

3. Cyber security standards cont.

Cyber security standards have existed over several decades as users and
providers have collaborated in many domestic and international forums to
effect the necessary capabilities, policies, and practices - generally emerging
from work at the Stanford Consortium for Research on Information Security
and Policy in the 1990s. Also many tasks that were once carried out by hand
are now carried out by computer; therefore there is a need for information
assurance (IA) and security. Around 70% of the surveyed organizations see
the NIST Cyber security Framework as the most popular best practice for
computer security, but many note that it requires significant investment (US
SFA study report, 2016)
 4. NIST Cyber security Framework (NIST CSF)
The NIST Cyber security Framework (NIST CSF) provides a
policy framework of computer security guidance for how private
sector organizations in the US can assess and improve their ability to
prevent, detect, and respond to cyber attacks .It provides a high level
taxonomy of cyber security outcomes and a methodology to assess
and manage those out comes .It is intended to help private sector
organizations that provide critical infrastructure with guidance on
how to protect it, along with relevant protections for privacy and civil
liberties.

5. ETSI Cyber Security Technical Committee (TC CYBER)

TC CYBER is responsible for the standardization of Cyber Security
internationally and for providing a center of relevant expertise for
other ETSI committees. Growing dependence on networked digital
systems has brought with it an increase in both the variety and
quantity of cyber-threats. The different methods governing secure
transactions in the various Member States of the EU sometimes
make it difficult to assess the respective risks and to ensure adequate
security. Building on ETSI's world-leading expertise in the security of
Information and Communications Technologies (ICT), it set up a new
Cyber Security committee (TC CYBER) in 2014 to meet the growing
demand for standards to protect the Internet and the
communications and business it carries.

6.ISO/IEC and 27002

SO/IEC 27001, part of the growing ISO/IEC family of standards, is
an information security management system (ISMS) standard, of
which the last revision was published in October 2013 by
the International Organization for Standardization (ISO) and
the International Electro technical Commission (IEC).Its full name
is ISO/IEC 27001:2013 – Information technology – Security
techniques – Information security management systems –
Requirements. ISO/IEC formally specifies a management system that
is intended to bring information security under explicit management
control.

7. ISO/IEC and Cont.

ISO/IEC incorporates mainly part 1 of the BS 7799 good

security management practice standard. The latest
versions of BS 7799 is BSISO/IEC is a high level guide to
cyber security. It is most beneficial as explanatory
guidance for the management of an organization to
obtain certification to the ISO/IEC standard. The
certification once obtained lasts three years. Depending
on the auditing organization, no or some intermediate
audits may be carried out during the three years.

8. NERC
The North American Electric Reliability Corporation (NERC) addresses
patching in NERC CIP Requirement 2.It requires Bulk Power System
(BPS) Operators/Owners to identify the source or sources utilized to
provide Entiter Security related patches for Cyber Assets utilized in
the operation of the Registered Entities are required to check for
new patches once every thirty five calendar days. Upon identification
of a new patch, entities are required to evaluate applicability of a
patch and then complete mitigation or installation activities within
35 calendar days of completion of assessment of applicability The
bulk electric system standards also provide network security
administration while still supporting best-practice industry processes.

9. Security controls
Security controls are safeguards or countermeasures to avoid,
detect, counteract, or minimize security risks to physical property,
information, computer systems, or other assets.

10. International information security standards

ISO/IEC 27001 specifies 114 controls in 14 groups:

A.5: Information security policies

A.6: How information security is organized

A.7: Human resources security - controls that are applied before,

during, or after employment

A.8: Asset management

A.9: Access controls and managing user access

A.10: Cryptographic technology

A.11: Physical security of the organization's sites and equipment.

A.12: Operational security.

A.13: Secure communications and data transfer

A.14: Secure acquisition, development, and support of information

systems

A.15: Security for suppliers and third parties

A.16: Incident management

A.17: Business continuity/disaster recovery (to the extent that it

affects information security)

A.18: Compliance - with internal requirements, such as policies, and

with external requirements, such as laws.
 45.Create a Presentation on “Cyber Security Attacks” with at least 10 slides

What is a Cyber Attack?

Before heading to the different types of cyber attacks, we will first walk you through a
cyber attack. When there is an unauthorized system/network access by a third party,
we term it as a cyber attack. The person who carries out a cyberattack is termed as
a hacker/attacker.

Slides:
 1. Malware Attack

This is one of the most common types of cyberattacks. “Malware” refers to malicious
software viruses including worms, spyware, ransomware, adware, and trojans.

The trojan virus disguises itself as legitimate software. Ransomware blocks access to
the network's key components, whereas Spyware is software that steals all your
confidential data without your knowledge. Adware is software that displays
advertising content such as banners on a user's screen.

2. Phishing Attack

Phishing attacks are one of the most prominent widespread types of cyberattacks. It
is a type of social engineering attack wherein an attacker impersonates to be a
trusted contact and sends the victim fake mails.

Unaware of this, the victim opens the mail and clicks on the malicious link or opens
the mail's attachment. By doing so, attackers gain access to confidential information
and account credentials. They can also install malware through a phishing attack.

3. Password Attack

It is a form of attack wherein a hacker cracks your password with various programs
and password cracking tools like Aircrack, Cain, Abel, John the Ripper, Hashcat,
etc. There are different types of password attacks like brute force attacks, dictionary
attacks, and keylogger attacks.
4. Man-in-the-Middle Attack

A Man-in-the-Middle Attack (MITM) is also known as an eavesdropping attack. In

this attack, an attacker comes in between a two-party communication, i.e., the
attacker hijacks the session between a client and host. By doing so, hackers steal
and manipulate data.

As seen below, the client-server communication has been cut off, and instead, the
communication line goes through the hacker.

5. SQL Injection Attack

A Structured Query Language (SQL) injection attack occurs on a database-driven

website when the hacker manipulates a standard SQL query. It is carried by
injecting a malicious code into a vulnerable website search box, thereby making
the server reveal crucial information.

This results in the attacker being able to view, edit, and delete tables in the
databases. Attackers can also get administrative rights through this.

6. Denial-of-Service Attack

A Denial-of-Service Attack is a significant threat to companies. Here, attackers

target systems, servers, or networks and flood them with traffic to exhaust their
resources and bandwidth.

When this happens, catering to the incoming requests becomes overwhelming for
the servers, resulting in the website it hosts either shut down or slow down. This
leaves the legitimate service requests unattended.
7. Insider Threat

As the name suggests, an insider threat does not involve a third party but an insider.
In such a case; it could be an individual from within the organization who knows
everything about the organization. Insider threats have the potential to cause
tremendous damages.

8. Cryptojacking

The term Cryptojacking is closely related to cryptocurrency. Cryptojacking takes

place when attackers access someone else’s computer for mining cryptocurrency.

The access is gained by infecting a website or manipulating the victim to click on a

malicious link. They also use online ads with JavaScript code for this. Victims are
unaware of this as the Crypto mining code works in the background; a delay in the
execution is the only sign they might witness.

9. Zero-Day Exploit

A Zero-Day Exploit happens after the announcement of a network vulnerability;

there is no solution for the vulnerability in most cases. Hence the vendor notifies the
vulnerability so that the users are aware; however, this news also reaches the
attackers.

46.Write a Program to validate your Email address

< html><head>
<meta charset="utf-8">

<title>JavaScript form validation - checking email</title>

<link rel='stylesheet' href='form-style.css' type='text/css' />

</head>

<body onload='document.form1.text1.focus()'>

<div class="mail">

<h2>Input an email and Submit</h2>

<form name="form1" action="#">

<ul>

<li><input type='text' name='text1'/></li>

<li>&nbsp;</li>

<li class="submit"><input type="submit" name="submit" value="Submit"

onclick="ValidateEmail(document.form1.text1)"/></li>

<li>&nbsp;</li>

</ul>

</form>

</div>

<script src="email-validation.js"></script>

</body></html>

47) Write the steps to check the devices connected to your internet and about data usage
Use GlassWire Pro to See Who is Connected (And Get Alerts when
a New Device Connects to Your Wi-Fi)

GlassWire isn’t just a firewall, it also has beautiful graphs to show

your bandwidth usage, see what applications are connecting to what, and
exactly how much bandwidth each application is using. You can get alerts
when an application changes something, or when an installer tries to
install a new system driver.

if you go into the Settings panel, you can actually enable alerts
whenever a new device tries to connect to your Wi-Fi. Now that’s a great
feature
 48.Create a Presentation on “Cyber Security Policies 2013” with at least 10 slides

National Cyber Security Policy is a policy framework by Department of Electronics and Information
Technology (DeitY) It aims at protecting the public and private infrastructure from cyber attacks. The
[1] [2]

policy also intends to safeguard "information

Reason for Cyber Security policies

India had no Cyber security policy before 2013. In 2013, The Hindu newspaper, citing documents leaked
by NSA whistle-blower Edward Snowden, has alleged that much of the NSA surveillance was focused on
India's domestic politics and its strategic and commercial interests. This sparked a furore among
[5]

people. Under pressure, the government unveiled a National Cyber Security Policy 2013 on 2 July 2013.

Vision
To build a secure and resilient cyberspace for citizens, business, and government and also to protect
anyone from intervening in user's privacy.

Mission
To protect information and information infrastructure in cyberspace, build capabilities to prevent and
respond to cyber threat, reduce vulnerabilities and minimize damage from cyber incidents through a
combination of institutional structures, people, processes, technology, and cooperation.

Objective
Ministry of Communications and Information Technology (India) define objectives as follows:
To create a secure cyber ecosystem in the country, generate adequate trust and confidence in IT system
and transactions in cyberspace and thereby enhance adoption of IT in all sectors of the economy.
To create an assurance framework for the design of security policies and promotion and enabling
actions for compliance to global security standards and best practices by way of conformity assessment
(Product, process, technology & people).
To strengthen the Regulatory Framework for ensuring a SECURE CYBERSPACE ECOSYSTEM.

Strategies
Creating a secured Ecosystem.
Creating an assurance framework.
Encouraging Open Standards.
Strengthening The regulatory Framework.
The policy also intends to safeguard "information, such as personal information (of web users), financial
and banking information and sovereign data". This was particularly relevant in the wake of US National
Security Agency (NSA) leaks that suggested the US government agencies are spying on Indian users, who
have no legal or technical safeguards against it. Ministry of Communications and Information
Technology (India) defines Cyberspace as a complex environment consisting of interactions between
people, software services supported by worldwide distribution of information and communication
technology.[2][3][4]

What are the main objectives of the national cybersecurity policy 2013?

The National Cyber Security Policy 2013 aims at secure computing environment, enabling adequate
trust and confidence in electronic transactions and guiding stakeholders actions for the protection of
cyberspace.

49.Create a Presentation on “State and Private sectors in Cyber Space” with at least 10 slides

Enterprises can either be public or private. It is significant to

understand the difference between the two because the privacy
rights of a consumer differ in both sectors. The main difference
between both the enterprises is that shares of public sector
companies are traded on the stock exchange while shares of private
sector enterprises are not. There are several differences between
both terms. In this article, we will learn the difference between the
public sector and private sector enterprises.
The private sector has a responsibility to proactively mitigate cyber risk rather
than react only when an attack occurs, and also to remain compliant with
regulators.

The authors conclude that cybersecurity is not purely a public good because of all
the money and resources being dedicated to cybersecurity. Firms do not appear to
be free riding off of other firms but are investing in it themselves because of the high
return.

cybersecurity should not be framed and managed as a club good - it should be

treated as a public good, that is, a non-rivalrous good that is also non-
excludable

The federal government works at cyber defense across a variety of agencies.

The National Security Agency (NSA) is among the most prominent, but least well
understood. They are involved in intercepting foreign cyberattacks while also
engaging in offense cyber programs against our enemies

Government cyber security: Strategies to improve cyber security in

the public sector

1. Enhanced visibility into threats

The first step—and one at which public sector organizations are failing in huge numbers
—is threat awareness. It's crucial to understand both internal threats (like malicious
or uneducated employees) and external threats (like ransomware attacks).

2. Minimize impact and quickly restore operations

One of the worst impacts of a cyber attack for public sector organizations can be the
resulting downtime, which can have financial implications due to the inability to collect
parking fees, for example. Even more critical are the delays it can cause in services—
especially for life-or-death situations as in healthcare and emergency services.
 Strategies to improve cyber security in private
sector.

1. 1. Implement password rules.

2. 2. Regular system and application updates.
3. 3. VPN Implementation for every connection.
4. 4. Give up all the services that are not in use.
5. 5. Reduce spam email.
6. 6. Security awareness training programmes.
7. 7. Assess how secure the company is.
8. 8. Multi-factor authentication.

50.Write the steps to read Email Headers and identify them as SPAM

You can easily view email headers in Gmail by following the steps below on a
desktop computer or laptop.
1. Open your Gmail client and select the email that has the message header you
want to view.
2. Access the kebab menu by clicking on the three dots beside the “Reply” button
once you see the message body.
3. Next, select “Show Original” in the dropdown menu.
4. A new window will pop up, displaying the longer header in its original HTML
format. You’ll be able to view header details such as authentication statuses, IP
addresses, MIME version, and DKIM signature.
5. Click on “Download Original” if you want to install and inspect the header data
individually. There are 3 types of verification checks a properly configured set of
emails should PASS: DKIM, SPF, and DMARC By checking various email header
fields
1. Mismatched sender addresses or domains
2. Email travel path and email client.Most emails originate from a client (i.e. Outlook,
Gmail), and all emails pass through at least 2 servers (source, destination), but often
more. These are interim hops are visible in the head.