Practical = 9
Aim :- Test browser security using the following tools and
report your findings: Qualys Browser Check, Cloudflare ESNI
Checker, Privacy Analyzer, Panopticlick , AmIUnique .
Step = 1 :- Go to any Browser
Step = 2 :- Type Privacy Analyzer
Step = 3 :- Click on the first link
Step = 4 :- Then you will reach at that page
Step = 5 :- Start All this tests :1. Basic Info
2. Autofill Leak Test
3. User Account Tests
4. Browser Capability Test
5. Fingerprint analysis
Step = 6 :- When finish all the tests then your Browser security
Is finish.
Practical = 10
Aim :- Test your email data breach which can be used for
identity theft using following tools:
1. https://www.f-secure.com/en/home/free
tools/identitytheft-checker
2. https://haveibeenpwned.com/
Step = 1 :- Click on this link.
Step = 2 :- The website Will ask for your e-mail
Which is use for test.
Step = 3 :- Click on Check for Breaches (For the first link )
Step = 4 :- Click on pwned? ( For the second link )
Step = 5 :- Check if see this result then the e-mail is safe :-
0 BREACHES
for E-mail. No report was sent.
(For the first link )
Step = 6 :- Check if see this result then the e-mail is safe :-
Good news — no pwnage found!
No breached accounts and no pastes (subscribe to search sensitive breaches)
(For the second link )
Practical = 12
Aim :- Secure your mobile device
1. Prevent installation of third-party applications.
2. Check permissions given to the installed application and
evaluate whether the given permission is actually required by
that application i.e., message application should not have
permission to access camera
3. To prevent your device from connecting to poorly configured
or insecure networks disable auto-connect in wifi settings.
4. Turn off location services, Bluetooth, wifi, mobile data as
and when it is not required
5. Configure backup and restore data settings on your mobile
device
# Protect Mobile
1 . Do not install any third party applications
2 . step = 1 Go to your mobile setting
step = 2 Search Permissions
step = 3 Go to Permissions
step = 4 Check the all permissions to given applications and
modify it
3 . step = 1 Go to wi-fi on your mobile
step = 2 Go to wi-fi assistant
step = 3 Go to select the best network automatically
step = 4 Turn off it
4 . Turn off all network communications When it’s Don’t need
5 . # take backup for all your data
Link all your data with e-mail id
And access at the any way any time
Practical = 13
Aim :- Use Google password manager available at given link
https://passwords.google.com/ to save, manage, protect and
create strong passwords.
# passwords.google.com
Step = 1 Click on this link
Step = 2 Then you will reach at that page
Step = 3 Then you will see your all passwords
Step = 4 Show all passwords and make it strong
Practical = 14
Aim :- Demonstrate a phishing attack simulation with the
GoPhish tool.
Phishing Simulation with GoPhish
GoPhish
Gophish is an open-source attack simulation that allows pen testers or security
organizations to generate real-world phishing attacks easily.
Step = 1 :- Getting Started with GoPhish.
Step = 2 :- Setup a GoPhish Virtual
Machine.
Step = 3 :- Install GoPhish.
Step = 4 :- Setting up your Phishing
Campaign.
Step = 5 :- Configure the Sending Profile
Step = 6 :- Create a User Group
Step = 7:- Create a Landing Page
Step = 8 :- Create an Email Template
Step = 9 :- Create the Campaign
And then result will be apper.
On the GoPhish dashboard, we can see results
in real-time, and track the progress of our
campaign.
Practical = 15
Aim :- Test website authenticity and possible
phishing websites using VirusTotal, Google
Transparency Report, URLVoid, or any other
tools. Identify ways to report Fraudulent or
Scam Websites.
Method = 1
Step = 1 :- Open any web brouser.
Step = 2 :- Type transparencyreport.google.com
Step = 3 :- Type the website URL which Want to
check.
Step = 4 :- The status of website was apper in
the brouser.
Method = 2
Step = 1 :- Open any web brouser.
Step = 2 :- Type urlvoid.com
Step = 3 :- Type the website URL which Want to
check.
Step = 4 :- The status of website was apper in
the brouser.
Practical = 16
Aim :- Configure all privacy settings for social networks with
which you have an account and review your entire profile.
1 :- Instagram




Go to setting
Go to privacy and security
And check all privacy and security Setting
Improve all more.
2 :- Facebook




Go to setting
Go to privacy and security
And check all privacy and security Setting
Improve all more.
3 :- Twitter




Go to setting
Go to privacy and security
And check all privacy and security Setting
Improve all more.
Practical – 17
AIM :- Survey recent social media scams like lottery
scams, job scams and prepare a report for the following:
● What is the attacker trying to gain?
● Who is being scammed?
● What are the consequences for the person being scammed?
● Why does the scam work successfully?
● What awareness is required which could avoid the scam?
( 1 ) What is the attacker trying to gain?
 Cyber attacks are designed to cause damage. They can have
various objectives, including the following:
 Financial gain. Most cyber attacks today, especially those against
commercial entities, are launched by cybercriminals for financial
gain.
 These attacks often aim to steal sensitive data, such as customer
credit card numbers or employee personal information, which the
cybercriminals then use to access money or goods using the
victims’ identities.
 Malicious attackers are increasingly targeting internet-connected
systems and web applications that aren’t properly protected,
particularly as more people work from home because of the
COVID-19 pandemic. For example, nearly 60% of 520 security
professionals surveyed in 2020 by threat intelligence vendor
DomainTools said their organizations had seen a moderate to
dramatic increase in attempted cyber attacks. Similarly,
cybersecurity vendor CrowdStrike spotted about 41,000 network
intrusion attempts at its threat-detection customers in the first
half of 2020, versus 35,000 in all of 2019.
( 2 ) Who is being scammed ?
 Young people are falling victim to online scams at a higher rate
than ever before, but older generations are losing the most
money to them.
 That’s according to a report from fraud prevention firm SEON,
which analyzed data collected in 2020 by the FBI’s SEON’s “Gen-Z
Fraud Report” found that people younger than 20 had the biggest
year-over-year increase in fraud reports between 2019 and 2020.
The 23,186 young people who reported fraud represented an
116% increase from the previous year. Their collective losses
totaled about $70.98 million, or about $3,000 per person, in 2020.
( 3 ) What are the consequences for the person being scammed?
 Fraud can have a devastating impact on these victims and
increase the disadvantage, vulnerability and inequality they
suffer. Fraud can also cause lasting mental and physical trauma
for victims. Fraud also results in lost opportunities for individuals
and businesses.
( 4 ) Why does the scam work successfully?
 To succeed a scammer exploits human vulnerabilities finding ideal
targets by cycling through large groups of people. For every
thousand emails sent out, the cybercriminal may get only a
handful of responses, but only one or two replies is enough to
translate to hundreds or thousands of dollars.
( 5 ) What awareness is required which could avoid the scam?
 Keep your passwords and pin numbers in a safe place. Be very
careful about how much personal information you share on social
media sites. Scammers can use your information and pictures to
create a fake identity or to target you with a scam. Keep your
mobile devices and computers secure.
Practical – 18
AIM :- Study a government Cybercrime portal to prepare a
report on cybercrime and its laws.
What is cybercrime?
 Cybercrime is any criminal activity that involves a
computer, network device or a network.
 While most cybercrimes are carried out in order to
generate profit for the cybercriminals, some cybercrimes
are carried out against computers or devices directly to
damage or disable them.
 Others use computers or networks to spread malware,
illegal information, images or other materials. Some
cybercrimes do both – i.e., target computers to infect
them with a computer virus, which is then spread to other
machines and, sometimes, entire networks.
 A primary effect of cybercrime is financial. Cybercrime can
include many different types of profit-driven criminal
activity, including ransomware attacks, email and internet
fraud, and identity fraud, as well as attempts to steal
financial account, credit card or other payment card
information.
Cyber crime laws in India : In terms of cybersecurity, there are five main types of laws
that must be followed. Cyber laws are becoming
increasingly important in countries such as India which
have extremely extensive internet use.
 There are strict laws that govern the use of cyberspace
and supervise the use of information, software, electronic
commerce, and financial transactions in the digital
environment.
 India’s cyber laws have helped to enable electronic
commerce and electronic governance to flourish in India
by safeguarding maximum connectivity and minimizing
security concerns.
 This has also made digital media accessible in a wider
range of applications and enhanced its scope and
effectiveness.
Information Technology Act, 2000 (IT Act)
Overview of the Act :-
The IT Act is prominent in the entire Indian legal framework, as
it directs the whole investigation process for governing cyber
crimes. Following are the appropriate sections:
Section 43:This section of the IT Act applies to individuals who indulge in
cyber crimes such as damaging the computers of the victim,
without taking the due permission of the victim. In such a
situation, if a computer is damaged without the owner’s
consent, the owner is fully entitled to a refund for the complete
damage.
Section 66: Applies to any conduct described in Section 43 that is dishonest
or fraudulent. There can be up to three years of imprisonment
in such instances, or a fine of up to Rs. 5 lakh.
Section 66B:- This section describes the penalties for
fraudulently receiving stolen communication devices or
computers, and confirms a possible three-year prison sentence.
Depending on the severity, a fine of up to Rs. 1 lakh may also be
imposed.
Section 66C:- The focus of this section is digital signatures,
password hacking, and other forms of identity theft. Thi section
imposes imprisonment upto 3 years along with one lakh rupees
as a fine.
Section 66D:- This section involves cheating by personation
using computer Resources. Punishment if found guilty can be
imprisonment of up to three years and/or up-to Rs 1 lakh fine.
Section 66E:Taking pictures of private areas, publishing or transmitting
them without a person’s consent is punishable under this
section. Penalties, if found guilty, can be imprisonment of up to
three years and/or up-to Rs 2 lakh fine.
Section 66F:Acts of cyber terrorism. An individual convicted of a crime can
face imprisonment of up to life. An example: When a threat
email was sent to the Bombay Stock Exchange and the National
Stock Exchange, which challenged the security forces to
prevent a terror attack planned on these institutions. The
criminal was apprehended and charged under Section 66F of
the IT Act.
Section 67:- This involves electronically publishing obscenities.
If convicted, the prison term is up to five years and the fine is
up to Rs 10 lakh.
Practical = 19
Aim :- Prepare a report on how to report cybercrime online
Step = 1 :- Click on this link then you will reach At that page
where ever cyber-crime report.
Link :- File A Consumer Complaint Online in Consumer Court/Forum (onlinelegalindia.com)
Step = 2 :- Scroll that page and then you will see
File Consumer Complaint Online
Step = 3 :- Fill ditails and press next button.
Step = 4 :- Click On the Submit Button.
And then your report is reached the Cyber Crime Office.
Practical = 20
Aim :- Prepare a report on online acceptable behavior against
unethical behavior.
For the unethical behavior Report you must have this thing :-
1. Investigate the unethical behaviour
2. Compile proof
3. File a claim with HR
4. Fill out the reports
5. Keep it to yourself
If you have this things then report online.
If you have not this things then collect this things ,
And report after collect.