Amity Institute of Information Technology

Amity University, Uttar Pradesh, Noida

Session:2022-2025(Even Semester)

[CSIT371]
CYBER SECURITY AND
CYBER-LAWS

Submitted to: Dr Nidhi Sindhwani. Submitted by: Chattaniya dev holkar

BCA (Evening) A10046622018
 EXPERIMENT 1
How to create a user account in windows 11
Step 1: At first, we need to open the settings of the device. there is
an option present called ‘Account’.
Step 2: we need to click on Family & Other Users.

Step 3: click on the button ‘Add Someone Else To This PC’.

Step 4: For that purpose, we need to click on the below-mentioned
link. This will help to skip this part.
Step 5: we have to click on the very below link there. That link will
help to create a user account without a Microsoft Account.

Step 6: Now, a new window will open. This is our desired window.
There is no need to provide a Microsoft Account. We need to provide
a Username there. Also, we need to provide a password for that.
There we have to provide a password hint for that. This is like a
Security Question we used to provide for any password. As per the
convenience of the user, they can provide any data. After that, we
need to click on Next.
Step 7: After that, it will come back to the Accounts Page. We will
find new user data on that page. We have provided the Username as
User2.
Step 8: Now, we can restart the machine. Or we can log out from the
device. There we will find the User2 account present. Users can log in
with the User2 account by providing the password.
 EXPERIMENT 2
How to Set up Firewall in windows security
Step 1: Launch Start from the taskbar.
Step 2: Search “Settings” in the search bar if you do not find the
Settings icon in Start menu.

Step 3: In the left pane of Settings, click Privacy & security.

Step 4: Click Windows Security option in Privacy & security menu.
Step 5: Select Firewall & network protection.

 Step 6: Now Window’s Security window will pop up window’s.

Here you can verify whether your Defender firewall is active
or not.
Step 7: Now to configure the firewall according to your
requirement, click Advanced settings. You will be prompted by User
Account Control to give Administrative access to Windows Defender
to make changes. Click Yes to proceed.
Step 8: Windows Defender Firewall with Advanced Security window
will launch after giving administrative permission.
Step 9: The left pane has several options:
o Inbound rules: Programs, processes, ports can be
allowed or denied the incoming transmission of data
within this inbound rules.
o Outbound rules: Here we can specify whether data can
be sent outwards by that program, process, or port.
Step 10: To add a new inbound rule, select Inbound Rules option,
then click New Rule… from the right pane.
Step 11: Now we will configure an inbound rule for a network port.
A New Inbound Rule Wizard window pops-up, select Port option
and click next.

Step 12: Now select TCP and specify port number 65000.
Step 13: Now we can select the action we need to take on this port.
We will block the inbound connection by selecting Block the
connection option then click Next.

Step 14: Here we can specify when should this rule come into
action. We will keep only Public option selected and move Next.
Step 15: This is the last step. Here we provide a name to this rule so
that we can keep track of it later in the Inbound rules list. Write the
name “65000 Port Block (Public)”. Click Finish.

Step 16: The inbound rule is successfully created. We can find

“65000 Port Block (Public)” in the Inbound rules list.

 Step 17: Right-click the rule we just created and there are
multiple options with which it can be Disabled or Deleted.

Firewall can be configured on Windows in the above-mentioned

way
 EXPERIMENT 3
Explore security features of organisation like google and cisco to
protect user data in detail
Google's Security Features:
Advanced Encryption: Google employs robust encryption protocols,
such as HTTPS and Transport Layer Security (TLS), to safeguard data
during transmission between devices, services, and data centers.

Proactive Security Alerts: Users receive immediate notifications if

suspicious activities are detected, including unauthorized logins or
access attempts, enabling prompt action to secure accounts.

Safe Browsing Technology: Integrated into browsers like Chrome,

Safari, and Firefox, Google's Safe Browsing protects billions of devices
by identifying and warning users about potentially harmful websites
and downloads.
Passkey Support: To enhance account security, Google has
introduced passkeys—a passwordless authentication method
leveraging biometrics or device PINs—reducing reliance on
traditional passwords and mitigating phishing risks.

Dark Web Monitoring: Google offers tools that monitor the dark web
for compromised personal information, alerting users if their data is
found and providing steps to secure their accounts.

Cisco's Security Features:

User Protection Suite: Cisco's comprehensive suite includes:
Secure Access: Combines Secure Internet Access and Secure Private
Access to protect users accessing applications from any location.
Duo Security: Provides multi-factor authentication (MFA) and device
trust policies to verify user identities and device compliance,
reducing the risk of unauthorized access.
Email Threat Defense: Utilizes advanced AI to detect and block
malicious emails, safeguarding users from phishing and other email-
based attacks.
Secure Endpoint: Offers endpoint detection and response capabilities
to identify and mitigate threats on user devices, ensuring
comprehensive protection across the network.
Identity Services Engine (ISE): Enforces network access control
policies, managing devices and delivering trusted access to network
resources.
Data Loss Prevention (DLP): Cisco Umbrella's DLP functionality
analyzes outbound web traffic to prevent sensitive data from leaving
the organization, mitigating risks associated with cloud app usage
and ensuring compliance
 EXPERIMENT 4
Password Protecting a word document in different operating
system
Step 1: On the navigation menu bar click on the File option.
Step 2: Next click on the Info option from the left panel.

Step 3: Then click on the down arrow icon in Protect

Document option as shown in the image
Step 4: Then select Encrypt with password option.

Step 5: A Encrypt Document dialog box will open where you can set
your password.
Step 6: Create a strong password for your document.

Step 7: Then click on OK.

Step 8: Again a confirm password dialog box will open to confirm
your password.

Step 9: Re-enter your password.

Step 10: Next click on the OK option.
Finally, your document is protected with a password. Whenever
anyone tries to open it, it will first ask for a valid password as
shown in the image. Whosoever has a valid password can access it.
 EXPERIMENT 5
Explain CIA (confidentiality, Integrity and Availability) Triad in
Details
1. Confidentiality
Confidentiality ensures that sensitive information is accessible only to
authorized individuals and entities, preventing unauthorized access or
disclosure.
 Key Concepts:
o Access Control: Restricting access to data through authentication
and authorization mechanisms.
o Encryption: Using algorithms to encode data so only authorized
parties can decode and access it.
o Least Privilege Principle: Granting users the minimum level of
access needed to perform their roles.
o Data Masking: Concealing sensitive parts of data, such as
masking credit card numbers.
o Privacy Controls: Ensuring compliance with data privacy
regulations like GDPR or HIPAA.
 Risks to Confidentiality:
o Unauthorized access via hacking, phishing, or insider threats.
o Data interception during transmission.
o Poor password or key management practices.
 Examples:
o Encrypting sensitive emails.
o Implementing Multi-Factor Authentication (MFA) to access a
system.

2. Integrity
Integrity ensures that data remains accurate, consistent, and unaltered
during storage, processing, or transmission, except by authorized actions.
 Key Concepts:
o Data Validation: Ensuring input data meets required standards or
formats.
o Checksums and Hashing: Verifying the integrity of data by
comparing hash values before and after transmission.
o Version Control: Keeping track of changes to data or files.
o Audit Trails: Recording changes made to data, including who
made them and when.
 Risks to Integrity:
o Accidental or deliberate data modification by unauthorized
users.
o Malware or ransomware attacks altering data.
o Transmission errors causing corruption.
 Examples:
o Ensuring financial transactions are completed without
modification.
o Using digital signatures to verify the authenticity of a document
or message.

3. Availability
Availability ensures that authorized users have timely and reliable access to
information and systems when needed.
 Key Concepts:
o Redundancy: Using backup systems, data replication, and failover
mechanisms to ensure system continuity.
o Disaster Recovery Plans: Preparing for events like natural
disasters or cyberattacks to recover data and systems quickly.
 o System Maintenance: Regular updates and patching to avoid
unplanned downtime.
o Load Balancing: Distributing workloads across multiple systems
to prevent bottlenecks or outages.
 Risks to Availability:
o Distributed Denial of Service (DDoS) attacks overwhelming a
system.
o Hardware or software failures.
o Natural disasters or power outages disrupting services.
 Examples:
o Setting up cloud-based backups for critical data.
o Implementing network monitoring to detect and mitigate
potential threats.

Importance of the CIA Triad

The CIA Triad is essential because it:
 Provides a structured framework for designing robust security systems.
 Helps organizations identify and address vulnerabilities effectively.
 Serves as a benchmark for evaluating and improving security policies
and practices.