INDUSTRY INTERNSHIP
SUMMARY REPORT
Cybersecurity Virtual Internship
BACHELOR OF TECHNOLOGY
in
COMPUTER SCIENCE AND
ENGINEERING
Submitted by
Sumit Singh (21SCSE1040077)
SCHOOL OF COMPUTING SCIENCE AND
ENGINEERINGGREATER NOIDA, UTTAR PRADESH
Winter 2020 – 2021
1
2
CERTIFICATE
I hereby certify that the work which is being presented in the Internship project report
entitled “Cybersecurity Virtual Internship“ in partial fulfillment for the requirements for the award
of the degree of Bachelor of Technology in the School of Computing Science and Engineering of
Galgotias University , Greater Noida, is an authentic record of my own work carried out in the
industry.
To the best of my knowledge, the matter embodied in the project report has not been
submitted to any other University/Institute for the award of any Degree.
Sumit Singh (21SCSE1040077)
This is to certify that the above statement made by the candidate is correct and true to the
best of my knowledge.
Signature of Internship Coordinator
Signature of Dean (SCSE)
Dr.N.Partheeban
Professor & IIIC
School of Computing Science & Engineering
Galgotias University
Greater Noida.
Dr. MUNISH SABHARWAL
Professor & Dean
School of Computing Science & Engineering
Galgotias University
Greater Noida.
3
ABSTRACT
Cybersecurity projects help beginners hone their skills. Projects present hands-on
opportunities to explore cybersecurity fundamentals, practice important techniques, and
gain experience with cybersecurity solution design. Cybersecurity projects can teach vital
skills like threat detection and mitigation, identity access and management (IAM)
governance, and vulnerability assessment and remediation tactics.
Robust cybersecurity bootcamp programs use project-based learning to teach aspiring
cybersecurity professionals the skills that they need to get hired. Projects also help students
pass cybersecurity certifications, like CompTIA Security+. Cybersecurity projects also show
hiring managers that you possess the necessary technical skills and that you have an
aptitude for problem-solving.
4
CHAPTER 1
INTRODUCTION
1.1 Objective of the project
To determine the objectives of Cyber Security, it is important to understand that the main
purpose of Cyber Security is to stop intruders & people who are trying to access your
information without permissions. Information can be a company's most valuable possession,
and these days protecting information is more important than ever. One of the objectives of
Cyber Security is to protect credit card numbers and other financial information that
customers may have with a company. Information is a company's lifeblood, and without
information, companies can't survive.
Every organization has different objectives for securing its computer systems. It is
important for system managers and administrators to understand their organization's
objectives for cyber security.
It is a mistake to believe that you are of no interest to cyber attackers. Everyone who is
connected to the Internet needs cyber security. This is because most cyber attacks are
automated and aim to exploit common vulnerabilities rather than specific websites or
organisations.
1.2 Problem statement and research objectives
The category of theoretical cyber security research contains two main methods, formal
theoretical and simulation. The theoretical aspects of cyber security research often cross
over into other research fields. As mentioned previously, cryptography
and cryptanalysis are research fields that involve not only cyber security, but also
mathematics, theory of computation, and linguistics. The interdisciplinary nature can make
theoretical cyber security research sometimes dissimilar to the other research categories.
The key concepts in theoretical research are to define abstract concepts, either mathematical
5
or computational models that define the cyber universe. From those self-contained, abstract
universe questions, thought exercises and predictions can be made.
To decide whether or not you should conduct a formal theoretical approach or leverage a
simulation method depends on both the interests and resources available to the investigator.
First, if you are working with an existing theory, or are close to a having a defined theory
and want to exercise it to evaluate how it holds up under various conditions you might not
have considered, you could conduct a simulation. Alternatively, if you do not have a welldefined theory, but you can constrain and describe the situation with mathematical
constraints or using mathematical nomenclature, such as formal methods, you could
conduct a formal theoretical effort. Finally, if you do not have a theory, and you are unable
to define the concepts in precise mathematical notations, you can create an exploratory
simulation to flesh out your concepts and provide some early input to help determine where
to take the research next
1.3 Description of Domain
Cybersecurity professionals can use defensive artificial intelligence (AI) to detect or stop
cyberattacks. Savvy cybercriminals use technologies like offensive AI and adversarial
machine learning because they are more difficult for traditional cybersecurity tools to
detect.
1.4 A brief introduction about an organization.
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with
technology that is transforming the way people and organizations operate. Our mission is to
be the cybersecurity partner of choice, protecting our digital way of life. They help address
the world's greatest security challenges with continuous innovation that seizes the latest
breakthroughs in artificial intelligence, analytics, automation, and orchestration. By
delivering an integrated platform and empowering a growing ecosystem of partners, we are
at the forefront of protecting tens of thousands of organizations across clouds, networks, and
mobile devices. Our vision is a world where each day is safer and more secure than the one
before.
6
CHAPTER 2
TECHNICAL DESCRIPTION
1. Keep Your Software Up to Date
As we saw from the stats above, ransomware attacks were a major attack vector of 2017 for
both businesses and consumers. One of the most important cyber security tips to mitigate
ransomware is patching outdated software, both operating system, and applications. This
helps remove critical vulnerabilities that hackers use to access your devices. Here are a few
quick tips to get you started:

Turn on automatic system updates for your device

Make sure your desktop web browser uses automatic security updates

Keep your web browser plugins like Flash, Java, etc. updated
2. Use Anti-Virus Protection & Firewall
Anti-virus (AV) protection software has been the most prevalent solution to fight malicious
attacks. AV software blocks malware and other malicious viruses from entering your device
and compromising your data. Use anti-virus software from trusted vendors and only run
one AV tool on your device.
Using a firewall is also important when defending your data against malicious attacks. A
firewall helps screen out hackers, viruses, and other malicious activity that occurs over the
Internet and determines what traffic is allowed to enter your device. Windows and Mac OS
X comes with their respective firewalls, aptly named Windows Firewall and Mac Firewall.
Your router should also have a firewall built in to prevent attacks on your network.
3. Use Strong Passwords & Use a Password Management Tool
You’ve probably heard that strong passwords are critical to online security. The truth is
passwords are important in keeping hackers out of your data! According to the National
Institute of Standards and Technology’s (NIST) 2017 new password policy framework, you
should consider:
7

Dropping the crazy, complex mixture of upper case letters, symbols, and numbers.
Instead, opt for something more user-friendly but with at least eight characters and a
maximum length of 64 characters.

Don’t use the same password twice.

The password should contain at least one lowercase letter, one uppercase letter, one
number, and four symbols but not the following &%#@_.

Choose something that is easy to remember and never leave a password hint out in
the open or make it publicly available for hackers to see

Reset your password when you forget it. But, change it once per year as a general
refresh.
4. Use Two-Factor or Multi-Factor Authentication
Two-factor or multi-factor authentication is a service that adds additional layers of security
to the standard password method of online identification. Without two-factor
authentication, you would normally enter a username and password. But, with two-factor,
you would be prompted to enter one additional authentication method such as a Personal
Identification Code, another password or even fingerprint. With multi-factor
authentication, you would be prompted to enter more than two additional authentication
methods after entering your username and password.
According to NIST, an SMS delivery should not be used during two-factor authentication
because malware can be used to attack mobile phone networks and can compromise data
during the process.
5. Learn about Phishing Scams – be very suspicious of emails, phone calls, and
flyers
8
We recently blogged that phishing scams are nastier than ever this year. In a phishing
scheme attempt, the attacker poses as someone or something the sender is not to trick the
recipient into divulging credentials, clicking a malicious link, or opening an attachment that
infects the user’s system with malware, trojan, or zero-day vulnerability exploit. This often
leads to a ransomware attack. In fact, 90% of ransomware attacks originate from phishing
attempts.
A few important cyber security tips to remember about phishing schemes include:
1. Bottom line – Don’t open email from people you don’t know
2. Know which links are safe and which are not – hover over a link to discover where it
directs to
3. Be suspicious of the emails sent to you in general – look and see where it came from
and if there are grammatical errors
4. Malicious links can come from friends who have been infected too. So, be extra
careful!
6. Protect Your Sensitive Personal Identifiable Information (PII)
Personal Identifiable Information (PII) is any information that can be used by a
cybercriminal to identify or locate an individual. PII includes information such as name,
address, phone numbers, data of birth, Social Security Number, IP address, location details,
or any other physical or digital identity data. Your credit card information should be
protected by companies if they follow the PCI DSS standards.
In the new “always-on” world of social media, you should be very cautious about the
information you include online. It is recommended that you only show the very minimum
about yourself on social media. Consider reviewing your privacy settings across all your
social media accounts, particularly Facebook. Adding your home address, birthdate, or any
other PII information will dramatically increase your risk of a security breach. Hackers use
this information to their advantage!
9
7. Use Your Mobile Devices Securely
According to McAfee Labs, your mobile device is now a target to more than 1.5 million new
incidents of mobile malware. Here are some quick tips for mobile device security:
1. Create a Difficult Mobile Passcode – Not Your Birthdate or Bank PIN
2. Install Apps from Trusted Sources
3. Keep Your Device Updated – Hackers Use Vulnerabilities in Unpatched Older
Operating Systems
4. Avoid sending PII or sensitive information over text message or email
5. Leverage Find my iPhone or the Android Device Manager to prevent loss or theft
6. Perform regular mobile backups using iCloud or Enabling Backup & Sync from
Android
10
8. Backup Your Data Regularly
Backing up your data regularly is an overlooked step in personal online security. The top IT
and security managers follow a simple rule called the 3-2-1 backup rule. Essentially, you will
keep three copies of your data on two different types of media (local and external hard drive)
and one copy in an off-site location (cloud storage).
If you become a victim of ransomware or malware, the only way to restore your data is to
erase your systems and restore with a recently performed backup.
9. Don’t Use Public Wi-Fi
Don’t use a public Wi-Fi without using a Virtual Private Network (VPN). By using VPN software, the traffic between
your device and the VPN server is encrypted. This means it’smuch more difficult for a cybercriminal to obtain access to
your data on your device. Use your cell network if you don’t have a VPN when security is important.
11
12
13
CHAPTER 3
RESULTS AND DISCUSSIONS
Cyber security is one of the most important aspects of the fast-paced growing digital world.
The threats of it are hard to deny, so it is crucial to learn how to defend from them and
teach others how to do it too.
Protect data and respond to threats that occur over the Internet. Design and implement risk
analysis, security policies, and damage assessment. Plan, implement and audit operating
systems' security in a networked, multi-platform and cross platform environment.
While IT security protects both physical and digital data, cyber security protects the digital
data on your networks, computers, and devices from unauthorized access, attack, and
destruction. Network security, or computer security, is a subset of cyber security.
Computer security attempts to ensure the confidentiality, integrity, and availability of
computing systems and their components. Three principal parts of a computing system are
subject to attacks: hardware, software, and data.
Colleagues need to understand the role they play in strengthening a business’s cyber
security. In most cases, it needs to be taken back to the very basics. Cyber-crime shows no
signs of slowing down, and a cyber-attack has the potential to incapacitate an organisation.
Training your employees and making them aware is not only your best defence - it also
shows you’re paving your way to a more GDPR compliant future. Should you find your
company has fallen victim to a cyber-attack, the ICO will look at the preventative measures
you have put in place beforehand. It is crucial for businesses to implement the most basic
cyber security measures, and cyber security awareness for employees is one of them.
14
CHAPTER 4
CONCLUSION AND FUTURE WORK
Conclusion:
Cyber security is one of the most critical parts of today's rapidly evolvingdigital world. Its
threats are difficult to dismiss, therefore learning how to guard against themand teaching
others how to do so is critical.Widespread security flaws, as well as speedier and more
sophisticated cyber attacks, make itincredibly difficult for security specialists to avert such
dangers. As a result, a comprehensivecybersecurity strategy should be implemented to
prevent cyber attacks from inflicting harm.Understanding cyber security techniques and
methods is critical for effectively defendingagainst digital threats.
Future Work:
I will do cyber security analyst because it is primarily responsible for protecting a
company's network and systems from cyber attacks. This involves researching upcoming IT
trends, creating contingency plans, reviewing suspicious activities, reporting security
breaches, and educating the rest of the company on security measures
15
16
CHAPTER 5
REFERENCES
https://www.paloaltonetworks.com/
https://www.linkedin.com/company/palo-alto-networks
17