Page 1
APPENDIX 1
IBM CYBER SECURITY ANALYST
INDUSTRIAL SUMMER TRAINING REPORT
Submitted by
PRABAL MANHAS
UID: 20BCS4513
in partial fulfilment of Industrial Summer training for the award of the degree
of
BACHELOR OF ENGINEERING
IN
CSE (Hons.) Internet of Things
APEX INSTITUTE OF TECHNOLOGY
CHANDIGARH UNIVERSITY, GHARUAN
Mohali (Punjab)
JUNE - JULY (2022)
Page 2
ABOUT THE COMPANY
Coursera is a US Based MOOCS (Massive Open Online Course) provider
founded in 2012 by the Stanford University Professors Daphne Koller and
Andrew with an aim of providing life-transforming learning experiences to
learners around the world.
Today, Coursera is a global online learning platform that offers anyone,
anywhere, access to online courses and degrees from leading universities and
companies. Coursera received B Corp certification in February 2021, which
means that we have a legal duty not only to our shareholders, but to also make a
positive impact on society more broadly, as we continue our efforts to reduce
barriers to world-class education for all.
82 million learners, 100+ Fortune 500 companies, and more than 6,000
campuses, businesses, and governments come to Coursera to access world-class
learning anytime, anywhere.
Page 3
CERTIFICATE
This is to certify that the work incorporated in the project report
entitled IBM - Cyber Security Analyst Professional is a record of
work carried out by Prabal Manhas (20BCS4513). Under my
guidance and supervision for the partial fulfilment of Industrial
Summer Training for the award of degree of Bachelor of Engineering
in CSE (Hons.) Internet of Things in the faculty of Apex Institute of
Technology, Chandigarh University, Gharuan (Mohali, Punjab).
To the best of my knowledge and belief the industrial summer
training report
I. We do our work ourselves.
II. Has duly been completed.
III. Our training follows the orders of the university and meets the
requirements.
IV. This industrial summer training is designed keeping both
language and content in mind and referred to the examiners.
Pramod Vishwakarma
Assistant Professor (AIT-CSE)
Page 4
ACKNOWLEDGEMENT
The success and final outcome of this summer industrial training required a lot
of guidance and assistance from many people and I am extremely privileged to
have got this all along the completion of my project report. All that I have done
is only due to such supervision and assistance and I would not forget to thank
them.
I respect and thank Mr. Pramod Vishwakarma (Assistant Professor), for
providing me this opportunity and license to this value added specialization
course “IBM - Cyber Security Analyst Professional” and supporting me at every
point of my training, which made me complete the project report duly.
I am extremely thankful to him for providing such a nice support and guidance,
although he had busy schedule.
I would also like to thank the Coursera Organization and the professors for
providing such a valuable course content and learning resources.
I am thankful to and fortunate enough to get constant encouragement, support
and guidance from all Teaching staffs of Department of (AIT-CSE) Computer
Science & Engineering of Chandigarh University, which ultimately helped me
in successfully completing the summer industrial training (June-July) 2022.
Page 5
List of Figures
S.No.
01.
02.
03.
04.
05.
06.
07.
08.
09.
10.
11.
12.
13.
14.
Title
Recent Data Breach
Cause of attack
Compromised/Affected Parties (Platforms)
Data Breach Timeline
Vulnerabilities
Costs and Prevention
IBM Cybersecurity Analyst Assessment
Methodologies
Response Checklist
Countermeasure
Methodology Used (Packet Sniffing)
Methodology (Digital Forensics)
IP Spoofing
Denial of Service Attack
Page No.
20
”
21
21
22
22
23
24
”
25
25
26
”
27
Page 6
List of Tables
S.No.
01.
Title
Denial of Service (DoS) attack
Page No.
28
Page 7
List of Photographs
S.No.
01.
02.
03.
04.
05.
06.
Title
Incident Response Life Cycle
DOS Attack Algorithm (Flowchart) 1
DOS Attack Algorithm (Flowchart) 2
Cybersecurity Job Vacancy
Projected Growth
Coursera - Certificate of Completion
Page No.
29
”
30 - 31
32
33
35
Page 8
ABSRACT
It was a Specialization Course consisting of 8 integrated courses, in which a strong
foundation of Cybersecurity was build. I came to know about several domains related
to cybersecurity in each module mentioned below:1. Introduction to Cybersecurity Tools & Cyber Attacks: In this module, I
came to know about several tools being used for becoming a cybersecurity
analyst, such as Wireshark, Kali Linux etc.
Week 1 - I learned about brief history of cybersecurity as well as learned about
the key terms and various roles in cybersecurity such as Cyber Security
Analyst, Penetration Tester, Incident Response Manager. It also included the
role of critical thinking in Cybersecurity, The SANS Institute, OWASP, ISSA
etc.
Week 2 - In week 2 I got to learn about type of actors and their motives, the
2019 Ponemon Institute Study on the Cyber Resilient Organization, Hacking
Organizations, Major different types of cyber attacks, Security Attack
Definition, Security services and Mechanisms, Network Security Model,
Organizational Threats, Malware and Ransomware and several Internet
Security Threats such as Mapping, Packet Sniffing, IP Spoofing, Denial of
Service Attacks, and most importantly the Social Engineering.
Week 3 - Week 3 was all about key security concepts, that play a major
important role in cybersecurity position, The CIA Traid - “Confidentiality,
Integrity and Availability”, also the significance of incident response and
frameworks around cybersecurity. Finally got an overview about IT
Governance best practices and compliance.
Week 4 - I got introduced to key security tools including firewalls, antivirus,
cryptography. Explored the penetration testing and digital forensics domain.
The domains or technologies included were Packet Filtering, Application
gateway, XML Gateway, Stateless and Stateful Firewalls,
Antivirus/Antimalware, Antispyware, Types of Cryptography and the
Cryptography attacks, Vulnerability Tests and also read about several research
reports on SecurityIntelligence.com.
2. Cybersecurity Roles, Processes & Operating System Security: Learned about
the service management framework and how it affects an organization will use
this framework to avoid or react to cybersecurity attacks. Also performed
research on ITIL standard processes. Discussed the importance of Business
Page 9
Process Management and the advantages of following the IT Service
Management best practices documented in ITIL, the IT Infrastructure Library
and Key roles within Cybersecurity.
3. Compliance Frameworks and Industry Standards: In this module learned
about the importance of understanding compliance frameworks and industry
standards as it relates to Cybersecurity. Also about investigate additional
resources from the National Institute of Standards and Technology, the
American Institute of CPAs and the Center for Internet Security and different
industry standards for Healthcare and the Payment Card industries.
The other topics covered were:





The challenges organizations face which require compliance and regulation.
The key privacy and data protection requirements of GDPR.
Describing the differences between SOC1, SOC2, and SOC3 controls and
reporting.
Defining the three rules established as standards for the Health Insurance
Portability and Accountability Act (HIPAA).
Describing the Payment Card Industry Data Security Standard (PCI DSS).
Describing the differences between basic, foundational and organizational
Center for Internet Security (CIS) controls.
4. Network Security and Database Vulnerabilities: Understood the basics of
TCP/IP Models, Recount DNS, DHCP, Switching and Routing Concepts,
Understanding IP Addressing, Network Address Translation and Packet
Sniffing. And last but not the least the structures and vulnerabilities of key
databases for cybersecurity including SQL, Couch, Oracle and Mongo DB.
5. Penetration Testing, Incident Response and Forensics: Learned about the
importance of understanding penetration testing, the phases of penetration
testing and tools available for penetration testing.



Explaining the different phases of a penetration test.
Describing the various ways to gather enough information to gain access to a
system.
Recalling the names of popular penetration testing tools and their general
function.
Page 10
6. Cyber Threat Intelligence: Investigated several threat intelligence resources
and understood various threat intelligence platforms. Overview about threat
intelligence, Intelligence strategy and external sources.
Also learned about several frameworks, improving security by removing
ineffective firewall rules and adding new rules that are more effective as well
as using tools that can detect unusual behaviour to follow-up.
Ultimately, Deploying solutions that can find network anomalies and provide
visibly to network flows. Using security intelligence solutions that use
integrations, automation, and contexts to provide a complete view of what is
happening in your network.
7. Capstone: Breach Case Studies: This module was based upon data breaches
that took place in past such as the “Capstone Breach”. I was also assigned a
task to perform a research on recent Data Breach and prepare a case study
accordingly, I worked on the Indian Banking Data Breach Case Study
explaining about how the credit card data of about 3.2 million users was hacked
by performing DDOS Attack on the Hitachi Payment Services and several
ATM’s were attacked with the help of malware.
The case study also included several points such as how the attack was
planned, what were the vulnerabilities that lead to this attack, how much
revenue was spent in order to fix the hacked systems, and how the companies
responded to this attack and brief discussion about the future scope, that how
we can protect our systems from such attacks in future.
8. IBM Cybersecurity Analyst Assessment - This was the final module of this
specialization course, in which I passed the final examination consisting of 70
questions with a score of 84.28%
Page 11
APPENDIX-II
CONTENTS
Title Page
i
About the Company
ii
Certificate
iii
Acknowledgement
iv
List of Figures
v
List of Tables
vi
List of Photographs
vii
ABSTRACT
viii, ix, x
CONTENTS
xi
CHAPTER 1 INTRODUCTION
12…14
1.1 Introduction
12 - 13
1.2 Definition
13 - 14
1.3 Scope
14
CHAPTER 2 THEORY
15…16
2.1 Working Principe
15
2.2 Advantages/Disadvantages
15 - 16
2.3 Other Resources
16
CHAPTER 3 PROGRESS REPORT (WEEKLY)
17 - 23
3.1 Introduction to Cybersecurity Tools & Cyber Attacks
17
3.2 Cybersecurity Roles, Processes & Operating System Security
3.3 Chapter 3.3 - 3.8
18
18 - 23
CHAPTER 4 METHODOLOGY ADOPTED
24 - 27
CHAPTER 5 RESULTS AND DISCUSSIONS
28 - 31
CHAPTER 6 CONCLUSIONS AND FUTURE SCOPE OF STUDY
32 - 33
REFERENCES
34
CERTIFICATE OF COMPLETION
35
Page 12
CHAPTERS
PART-I
CHAPTER: 1
1.1 INTRODUCTION
In this summer training “Cyber Security Analyst Professional” carried out on courser
platform, I learned from basic to advanced level about the cybersecurity field, learned
several tools such as Kali Linux, penetration tester, social engineering, and other
frameworks.
‘Over the years, Information Technology has transformed the global economy and
connected people and markets in ways beyond imagination. With the Information
Technology gaining the centre stage, nations across the world are experimenting with
innovative ideas for economic development and inclusive growth. An increasing
proportion of the world’s population is migrating to cyberspace to communicate,
enjoy, learn, and conduct commerce. It has also created new vulnerabilities and
opportunities for disruption.
The cyber security threats emanate from a wide variety of sources and manifest
themselves in disruptive activities that target individuals, businesses, national
infrastructure and Governments alike. Their effects carry significant risk for public
safety, security of nation and the stability of the globally linked economy as a whole.
The origin of a disruption, the identity of the perpetrator or the motivation for it can be
difficult to ascertain and the act can take place from virtually anywhere. These
attributes facilitate the use of Information Technology for disruptive activities. As
such, cyber security threats pose one of the most serious economic and national
security challenges.
Cyberspace is such a term, which is not yet completely defined and also has no
geographical limitation. It is a term associated with application of the Internet
worldwide. It is also called as a virtual space as physical existence of cyberspace is
not detectable at all. Cyberspace is “the total interconnectedness of human beings
through computers and telecommunication without regard to physical geography.”
Information through computers is transferred in the form of Ones (1) and Zeros (0),
which do not inherently carry any separate information along with them for
Page 13
authentication. For authentication purposes, additional information needs to be carried
with cyberspace transactions for identity purposes.
Providing extra information in digital communication introduces the possibility for
identity theft. Because nothing prevents the transmission of false identity information,
or the duplication of another’s identity information. The seriousness of this problem is
highlighted when you consider that future technologies will allow extremely important
identifiers, such as a retinal scan or a fingerprint, to be represented digitally.
These biometrics characteristics are protected in real space because they are
embedded in the physical body of the person. This is lost in cyberspace. Thus,
cyberspace needs a system that allows individuals to verify their identities to others
without revealing to them the digital representation of their identities.
1.2 DEFINTION Cyber Security is “the security of information and its communicating channels as
applied to computing devices such as computers and smart phones, as well as
computer networks such as private and public networks, including the Internet as a
whole.”
The field covers all the processes and mechanisms by which computer-based
equipment, information and services are protected from unintended or unauthorized
access, change or destruction. Computer security also includes protection from
unplanned events and natural disasters.
Cyber security is a complex issue that cuts across multiple domains and calls for
multidimensional, multilayered initiatives and responses. It has proved a challenge for
governments all around the world. The task is made difficult by the inchoate and
diffuse nature of the threats and the inability to frame an adequate response in the
absence of tangible perpetrators.
The rapidity in the development of information technology (IT) and the relative ease
with which applications can be commercialized has seen the use of cyberspace expand
dramatically in its brief existence. From its initial avatar as a N/W created by
academics for the use of the military, it has now become a global communications
platform for socio-economic issues as well as for commercial and social purposes.
Page 14
The increasing centrality of cyberspace to human existence is exemplified by facts and
figures brought out recently by the International Telecommunications Union (ITU),
according to which,
The number of Internet users has doubled in the recent years.
 Users are connecting through a range of devices from the personal computer
(PC) to the mobile phone, and using the Internet for a variety of purposes from
communication to ecommerce, to data storage for several services.
 The rise in the Internet population has meant that while the threats and
vulnerabilities inherent to the Internet and cyberspace might have remained
more or less the same as before, the probability of disruption has grown apace
with the rise in the number of users.
 While such disruptions are yet to cause permanent or grievous damage
worldwide, they serve as a wake-up call to the authorities concerned to initiate
measures to improve the security and stability of cyberspace in terms of their
own security.
 Governments are constrained in their responses by pressures exerted by
politico-military-national security actors at one end and economic-civil society
actors at the other.
1.3 SCOPE To create awareness among the public regarding cyber security issues, also to learn
about several cybersecurity roles such as Penetration testers, Cyber Security Analyst,
Incident Response Manager, Social Engineer,
As well as giving them insights about several tools and domains such as Packet
Sniffing, Network Analysis, Mobile Forensics, Critical Thinking, Cryptography
techniques, OS such as Kali Linux, Bash Scripting, Port Scanning etc. so that the
audience has the core knowledge of cybersecurity which will ultimately help them to
guard themselves from scammers and popular cyber attacks.
Page 15
CHAPTER: 2 THEORY
2.1 Working Principle:
The principles on which cyber security works are: 2.1.1 Govern: This includes identifying the cyber attacks taking place as well
as managing the security risks caused by them.
 2.1.2 Protect: As the name suggest it includes protecting the cyber
infrastructure from these attacks and hackers. This includes the application of
the several acquired cybersecurity skills such as packet sniffing, networking,
cryptography, digital forensics etc.
 2.1.3 Detect: This involves detecting and understanding the cybersecurity
events in order to identify the incidents.
 2.1.4 Respond: This is the ultimate principle, it involves responding to the
cyber threats or attacks and finding an optimal solution for fixing or repairing
the hacked/compromised systems etc.
2.2 Advantages of Cybersecurity: Protection hardware/software infrastructure from cyber threats and attacks.
 Helping us to browse internet safely and keeping the devices secure.
 Prevention from several types of viruses such as ransomware, malware, keyloggers, spywares, backdoors etc.
 Protecting sensitive information: cyber security also helps an individual to
manage his/her sensitive documents, credentials or files from third parties and
storing them securely on their personal computer or devices.
 Analysis of all the incoming or outgoing packets and getting insights about
what’s happening on their computers.
Page 16
2.3 Disadvantages of Cybersecurity: Expenses: Most people don’t bother about protecting their online activity and
privacy hence they don’t consider spending amount in tools such as anti-virus
softwares, premium VPNs, password managers, firewalls, private cloud etc.
which is a major threat for cyber security agencies.
 Lack of skills and knowledge: There is a lack of cybersecurity professionals
and skills, most people don’t find it interesting to learn about cybersecurity
tools, linux, wireshark etc.
 Infrastructure: All these cybersecurity softwares requires modern and up to
date hardware configuration and operating systems and hence makes the older
systems slower, since most of the people don’t spend much money in
upgrading their RAM, OS, and hardware for improving their security and keep
using the outdated operating systems which is a major threat.
 Time Consuming: It takes hours to fix the compromised machines after a data
breach: Detecting all the hacked machines is a time consuming task, and
further critically thinking about the optimal solution in order to fix it is a
lengthy process.
2.4 Other types of books or resources available: Cybersecurity for Beginners - https://www.amazon.in/CybersecurityBeginners-Raef-Meeuwisse/dp/1911452037
 Hands-On Penetration Testing with Python: Enhance your ethical hacking
skills to build automated and intelligent systems:
https://www.amazon.in/Hands-Penetration-Testing-Python-intelligentebook/dp/B07G859QPL
 Kali Linux - https://www.kali.org/
 Guides - https://www.edureka.co/blog/ethical-hacking-using-kali-linux/
 Digital Forensics https://www.sciencedirect.com/journal/digital-investigation
Page 17
PART-II
CHAPTER 3:
3.1 Introduction to Cybersecurity Tools & Cyber Attacks
I learned about the brief history of cybersecurity as well as learned about the key
terms and various roles in cybersecurity such as Cyber Security Analyst, Penetration
Tester, Incident Response Manager. It also included the role of critical thinking in
Cybersecurity, The SANS Institute, OWASP, ISSA etc.
During week 2, I got to learn about type of cybersecurity actors and their motives, the
2019 Ponemon Institute Study on the Cyber Resilient Organization, Hacking
Organizations, Major different types of cyber attacks, Security Attack Definition,
Security services and Mechanisms, Network Security Model, Organizational Threats,
Malware and Ransomware and several Internet Security Threats such as Mapping,
Packet Sniffing, IP Spoofing, Denial of Service Attacks, and most importantly the
Social Engineering.
Week 3 was all about key security concepts, that play a major important role in
cybersecurity position, The CIA Traid - “Confidentiality, Integrity and Availability”,
also the significance of incident response and frameworks around cybersecurity.
Finally got an overview about IT Governance best practices and compliance.
In the final week 4 I got introduced to key security tools including firewalls, antivirus,
cryptography. Explored the penetration testing and digital forensics domain. The
domains or technologies included were Packet Filtering, Application gateway, XML
Gateway, Stateless and Stateful, Firewalls, Antivirus/Antimalware, Types of
Cryptography and the Cryptography attacks, Vulnerability Tests and read about
several research reports on SecurityIntelligence.com.
Page 18
3.2 Cybersecurity Roles, Processes & Operating System Security:
Learned about the key cybersecurity roles within an organization and the importance
of ITIL processes. They have a basic understanding of architecture, file systems, and
basic commands for multiple operating systems including Windows, MacOS, and
Linux. The badge earner is also familiar with the concept of virtualization as it relates
to cybersecurity.
The Skills covered in this course were:
 Cybersecurity Roles & Processes
 File Systems
 IBM New Collar
 IBM Security
 Linux
 Mac OS
 Windows
Last but not the least, Discussed the importance of Business Process Management and
the advantages of following the IT Service Management best practices documented in
ITIL, the IT Infrastructure Library and Key roles within Cybersecurity.
3.3 Compliance Frameworks and Industry Standards: In this module learned
about the importance of understanding compliance frameworks and industry standards
as it relates to Cybersecurity. Also about investigate additional resources from the
National Institute of Standards and Technology, the American Institute of CPAs and
the Center for Internet Security and different industry standards for Healthcare and the
Payment Card industries.
The other topics covered were:





The challenges organizations face which require compliance and regulation.
The key privacy and data protection requirements of GDPR.
Describing the differences between SOC1, SOC2, and SOC3 controls and
reporting.
Defining the three rules established as standards for the Health Insurance
Portability and Accountability Act (HIPAA).
Describing the Payment Card Industry Data Security Standard (PCI DSS).
Describing the differences between basic, foundational and organizational
Center for Internet Security (CIS) controls.
Page 19
3.4 Network Security and Database Vulnerabilities: Understood the basics of
TCP/IP Models, Recount DNS, DHCP, Switching and Routing Concepts,
Understanding IP Addressing, Network Address Translation and Packet Sniffing. And
last but not the least the structures and vulnerabilities of key databases for
cybersecurity including SQL, Couch, Oracle and Mongo DB.
3.5 Penetration Testing, Incident Response and Forensics: Learned about the
importance of understanding penetration testing, the phases of penetration testing
and tools available for penetration testing.



Explaining the different phases of a penetration test.
Describing the various ways to gather enough information to gain access to a
system.
Recalling the names of popular penetration testing tools and their general
function.
3.6 Cyber Threat Intelligence: Investigated several threat intelligence resources and
understood various threat intelligence platforms. Overview about threat intelligence,
Intelligence strategy and external sources.
Also learned about several frameworks, improving security by removing ineffective
firewall rules and adding new rules that are more effective as well as using tools that
can detect unusual behaviour to follow-up.
Ultimately, Deploying solutions that can find network anomalies and provide visibly
to network flows. Using security intelligence solutions that use integrations,
automation, and contexts to provide a complete view of what is happening in your
network.
3.7 Capstone: Breach Case Studies: This module was based upon data breaches that
took place in past such as the “Capstone Breach”. I was also assigned a task to
perform a research on recent Data Breach and prepare a case study accordingly, I
worked on the Indian Banking Data Breach Case Study explaining about how the
credit card data of about 3.2 million users was hacked by performing DDOS Attack on
the Hitachi Payment Services and several ATM’s were attacked with the help of
malware.
The case study also included several points such as how the attack was planned, what
were the vulnerabilities that lead to this attack, how much revenue was spent in order
to fix the hacked systems, and how the companies responded to this attack and brief
Page 20
discussion about the future scope, that how we can protect our systems from such
attacks in future.
Snapshots from my (Coursera Peer-Graded Assignment) data breach case study
powerpoint presentation are as follows:-
Fig.1 Recent Data Breach (Case Study)
Fig.2 Cause of attack
Page 21
Fig.3 Compromised/Affected Parties (Platforms)
Fig.4 Data Breach Timeline
Page 22
Fig.5 Vulnerabilities
Fig.6 Costs and Prevention
Page 23
3.8 IBM Cybersecurity Analyst Assessment - This was the final part of my summer
industrial training where I was provided with 70 questions in exam to test my skills in
2 hrs duration and I scored 84.28 % marks.
Screenshot for the same is attached below:-
Fig.7 IBM Cybersecurity Analyst Assessment
Page 24
CHAPTER 4: METHODOLOGY ADOPTED
Various procedures/methods available to solve the task/problem undertaken should be
mentioned under this chapter. For this, a few technical papers and web sources should be
referred and the same should be cited in the text at appropriate place. After this, methodology
adopted to solve the task to be explained followed by procedures, flow charts, calculations
etc. to be reported.
Methodologies Adopted in Responding/Investigating a Data Breach:-
Fig. 8 Methodologies
Fig.9 Response Checklist
Page 25
Fig.10 Countermeasure
Web Source: https://www.ekransystem.com/en/blog/data-breach-investigation-best-practices
PACKET SNIFFING
The packet sniffing is a type of network created threat where a malicious entity
captures network packets which are intended to intercept or steal data traffic that may
have been left unencrypted.
Fig.11 Methodology Used
Source: https://www.spiceworks.com/it-security/network-security/articles/what-is-packetsniffing/
Page 26
DIGITAL FORENSICS:
This is a type of investigation process performed when a cyber crime is reported, it is
the most intricate step. Digital Forensics is the scientific acquisition, analysis, and
preservation of data contained in electronic media whose information can be used as
evidence in a court of law.
Fig.12 Methodology (Digital Forensics)
Source: https://www.guru99.com/digital-forensics.html
IP Spoofing:
IP spoofing is the creation of Internet Protocol (IP) packets which have a modified
source address in order to either hide the identity of the sender, to impersonate another
computer system, or both. It is a technique often used by bad actors to invoke DDoS
attacks against a target device or the surrounding infrastructure.
Fig.13 IP Spoofing
Page 27
Denial of Service Attack (DOS):
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the
perpetrator seeks to make a machine or network resource unavailable to its
intended users by temporarily or indefinitely disrupting services of a host connected to
a network. Denial of service is typically accomplished by flooding the targeted
machine or resource with superfluous requests in an attempt to overload systems and
prevent some or all legitimate requests from being fulfilled.
Fig.14 Denial of Service Attack
Page 28
CHAPTER 5: RESULTS AND DISCUSSIONS
With the advent of modern technologies, social media platforms etc. a huge growth in
the number of Internet users is observed all over the world, the security of data and its
proper management plays a vital role for future prosperity and potentiality. It is
concerned with people trying to access remote service is that they are not authorized
to use.
For say, rules for compulsory wearing of helmet for bikers by government authorities,
has no benefit for them, it is for our own safety and life. Same we should understand
our responsibilities for our own cyberspace and should at least take care of safety for
our personal devices. These steps include installation of antivirus software and
keeping it updated, installing personal firewalls and keeping rules updated. We should
monitor and archive all security logs.
We should have backup of important data. Our devices should be protected by
passwords and there should be restricted access to sensitive data on our devices. And
above all, we should aspire for more computer literacy to understand the safety issues
related to our cyberspace. At the same time we need to utilize the specialization of
private sector in the field of cyber security and government should promote more PPP
projects for the national cyberspace.
TABLE 1:- Denial of Service (DoS) attack:
ATTACK TYPE
Dictionary
MECHANISM
Abuse features
EFFECT OF ATTACK
Gains user access
Ftp-write
SERVICE
telnet, rlogin, pop,
ftp, imap
ftp
Misconfig
Gains user access
Guest
telnet, rlogin
Misconfig
Gains user access
Imap
Imap
Bug
Gains root access
Named
Dns
Bug
Gains root access
Phf
http
Bug
Sendmail
Smtp
Bug
Xclock
Smtp
Misconfig
Xnsoop
Smtp
Misconfig
Executes command as http
user
Executes command as http
user
Spoof user to obtain
password
Monitors key strokes
remotely
Page 29
Fig.15 Incident Response Cycle
Fig.16 Process of Incident Response
Page 30
DOS Attack Algorithm (Flowchart) 1
Page 31
DOS Attack Algorithm (Flowchart) 2
Page 32
CHAPTER 6: CONCLUSIONS AND SCOPE FOR FUTURE STUDY:
Cybersecurity is a never-ending battle. With the advent in modern technologies there
will a massive increase in internet users, there will also an increase in the data
generated, cyberattacks, ransomwares, malfunctioning of machines etc. due to which
the scope of cybersecurity roles such as cybersecurity analyst will be very high as
these professionals will be in demand in the upcoming years.
The job scope will be four times more than the normal data security experts. As per
the latest reports in USA, there is an expected lack of 350,000 cybersecurity positions
and the shortage appeals for the talented workforce
Fig. 17 CyberSecurity Job Vacancy
Source: https://www.janbasktraining.com/blog/future-scope-of-cyber-security/
Page 33
Fig. 18 Projected Growth
The joblessness level in the cybersecurity call is zero. This is a reasonable clue that
the interest level is immensely higher than supply, which just drives to a significant
ascent at the value level. The present compensation size of a Cyber security jobs
salary for Professionals in the USA is a normal pay of over $92,000 p.a. Because of
the lack of qualified cybersecurity experts, it is assessed to ascend in the years to
come.
Page 34
REFERENCES –
Coursera:
https://www.coursera.org/professional-certificates/ibm-cybersecurity-analyst
Kali Linux:
https://www.kali.org/
Wikipedia:
https://www.wikipedia.org/
Article:
https://www.spiceworks.com/it-security/network-security/articles/what-is-packetsniffing/
Kali Linux Guide:
https://www.edureka.co/blog/ethical-hacking-using-kali-linux/
Digital Forensics:
https://www.sciencedirect.com/journal/digital-investigation
Data Breach Case Study: https://www.indiatoday.in/india/story/banks-on-guard-afterdata-security-breach-at-pvt-lender-347452-1999-11-30
Cyber Security Jobs: https://www.janbasktraining.com/blog/future-scope-of-cybersecurity/
E-Books:
Cybersecurity For Dummies: https://www.amazon.in/Cybersecurity-Dummies-JosephSteinberg/dp/1119560322
Cybersecurity for Beginners:
https://www.amazon.in/Cybersecurity-Beginners-Raef-Meeuwisse/dp/1911452037
Hands-On Penetration Testing with Python: Enhance your ethical hacking skills to
build automated and intelligent systems:
https://www.amazon.in/Hands-Penetration-Testing-Python-intelligentebook/dp/B07G859QPL
Top 10 Penetration Testing Books https://www.linkedin.com/pulse/top-10-penetrationtesting-books-beginnersand-more-mic-merritt
Page 35
CERTIFICATE OF COMPLETION
Verification Link: https://coursera.org/verify/professional-cert/DN39MNARW9YP