SRM INSTITUTE OF SCIENCE AND TECHNOLOGY

FACULTY OF SCIENCE AND HUMANITIES

DEPARTMENT OF COMPUTER APPLICATIONS

PRATICAL INTERNSHIP

STUDENT NAME : ARTHI INDHIRASENAN

REGISTER NUMBER : RA2331241010029

CLASS : BCA SECTION: A

YEAR&SEMESTER : II YEAR & III SEMESTER

SUBJECT CODE : UCA23P01L

SUBJECT TITLE :INTERNSHIP-1

OCTOBER 2024
 SRM INSTITUTE OF SCIENCE AND TECHNOLOGY
FACULTY OF SCIENCE AND HUMANITIES
DEPARTMENT OF COMPUTER APPLICATIONS
SRM Nagar, Kattankulathur-603203

CERTIFICATE

Certified to be the bonafide Intership of practical

Work done by ____ARTHI INDHIRASENAN ___________ Register

number_RA2331241010029__ of ___BCA ‘A’____ Degree course for
___UCA23P01L-Internship-1________ in the computer lab in SRM Institute of
Science and Technology during the academic year 2024-2025.

Staff in-charge Head of the Department

Submitted for Semester Practical Examination held on________

Internal Examiner External Examiner

 INTERNSHIP REPORT

MICROSOFT CYBERSECURITY

NAME OF THE INTERNSHIP COMPANY: TATA

STRIVE- MICROSOFT CYBERSURAKSHA

COURSE PERIOD: 40 HOURS

SUBMITTED BY:

ARTHI INDHIRASENAN
RA2331241010029
TABLE OF CONTENTS

1.Cloud computing
2.Web application security
3.Hacking
4.Information Security
5.Cyber Forensics
6.Cryptography
7. Understanding Network Hacking
8. Certification
10.Assessment report
11.Conclusion
COURSE INTRODUCTION :
Cybersecurity is the practice of protecting systems, networks, and programs fro m
digital attacks. It's an important part of protecting organizations and their employees
and assets from cyber threats
Bob Thomas is a computer scientist who is widely regarded as the father of
cybersecurity
He gained notoriety in 1971 when he created the first computer virus,called the
"Creeper virus." Thevirus was not malicious and was designed to demonstrate the
vulnerability of computer systems.

COMPANY INTRODUCTION :

friends Bill Gates and Paul Allen started Microsoft .

Microsoft was founded in 1975.Ourmission is to enable people and businesses
throughout the world to realize theirfullpotential by creating technology that
transforms the way people work, play,and communicate.

INTERNSHIP MOTIVE :

The internship program was informative and helped me learn a lot of technical skills. I
also learnt many soft skills like team work, communication, problem solving, decision
making etc. The get experience of working with an organization over a period of one
month, in the professional environment will help sharpen my professional attitude.
Learning the skills of documentation and diagrams will help me in my career in the
field of IT. I hope this internship will help me grow in my career both as an individual
and as a professional
Cloud Computing

Innovative technology enabling easy access and utilization of computing resources such
as storage, servers, and applications over the internet. No need to invest in expensive
hardware or software infrastructure.

Instrumental in accelerating development and adoption of advanced technologies like

machine learning, data analytics and blockchain. Continues to shape the future of
industries and organizations. Scalability, Security, Maintenance, Cost savings,
Accessibility, Environmental
friendly, Reliability are the advantages of Cloud Computing.

Types of Cloud Computing

Infrastructure as a Service (IaaS): Infrastructure as a Service (IaaS) provides users hit virtualized
computing resources,
such as serves, storage, and networking, over the internet.
Platform as a service (PaaS) :
Platform as a service (PaaS) provides user with a platform for developing, testing and deploying
applications over the internet.
Software as a Service (SaaS) :
Software as a Service (SaaS) provides users with access to software applications that are hosted on the
cloud that are hosted on the cloud and accessible via the internet.

Cloud computing is also prone to many types of security issues as mentioned here,
 Denial of service (DoS) attacks: Insider
 threats Lack of visibility into the cloud
 environment Content Delivery Network
 (CDN)
Web Application Security

Web application security protects web applications from malicious attacks , data
breaches , and unauthorized access.

security issues in web applications can be threats that can be used by malicious
actors to gain unauthorized access to sensitive data or systems, disrupt services , or
carry out other nefarious activities Multi factor authentication (MFA) ,
two factor authentication (2FA) should be used to authenticate users and secure the
loginproces
security measures is authentication and access controls. Access controls should be in
the place to restrict access to sensitive data and features.
Web application security is a critical aspect of web development.

This involves implementing various security measures, such as authentication and

access controls, input validation, encryption, and regular security testing , to protect
against threats.

Web applications are built using web technologies such as

 HTML
 CSS and
 Java Script

and developed by using web application framework such as

 Ruby on Rails
 Django or
 Node.js

These frameworks provides a set of tools and libraries that developers can use to build
and deploy web applications more quickly and efficiently.
Web application can include diverse online platforms such as Social Media sites,
E-commerce Websites, Online Banking Systems, Productivity tools, Online
Marketplaces.
Hacking

Hacking is an unauthorized intrusion into computer systems or networks with the intent
to steal, modify or damage data or systems for personal or malicious gain. Hackers
exploit weakness in software , hardware , or human behaviour to access confidential
data, disrupt normal operations , or inflict harm on targeted computer systems or
networks.
Weak security, Social Engineering, Misconfigured systems, Insider threats, Advance
persistent threat, Lack of security culture in organization , Lack of security training ,
Lack of dedicated cyber security staff are the several key factors that play a
significant role in the effectiveness of hacking activities.
Person who uses their technical knowledge and skills for breaking into a computer
system, device or network to get access to information or data by non-standard means.
The activities that can be carried out using hacking are:
Unauthorized access:
Hackers gain unauthorized access to computer systems, networks, or accounts without
permission or proper authentication .
Data theft:
Hackers steal sensitive information such as personal data , financial records, or
intellectual property for their own gain or to sell on the black market.
Disruption of services :
Hackers launch attacks that disrupt or interrupt the normal functioning of websites,
networks or services causing inconvenience or financial loss
Espionage:
Hackers infiltrate systems to gather intelligence or confidential information for political,
economical, or competitive advantage.
Website Defacement:
Hackers alter the appearance or content of a website to spread their message, showcase
their skills , or create a visual impact.
Extortion:
Hackers exploit vulnerabilities or steal sensitive data, then demand payment or other
favours in exchange for not disclosing or misusing the obtained information.
Information security
Information security is a continuous effort that requires ongoing attention and
vigilance. There is no single solution or approach that can fully address the complex
and evolving nature of Information Security. Staying current with the latest trends,
threats, and technologies is crucial to effectively addressing Information security
concerns .
Information security controls refer to the measures and processes put in protect
confidentiality, integrity, and availability of information assets. It is classified into
three categories:
* Administrative controls

* Technical controls
* Physical controls

Cyberattacks and Information Breaches

Attack vectors are the path way or ways through which cyber attacks are launched
against computer systems, networks, or individuals.
Understanding attack vectors is essential for identifying and mitigating potential
security risks. Social engineering attacks, Network based attacks, Physical attacks,
Web based attacks, Malware are some common attack vectors. Financial gain,
Espionage, Hacktivism, Revenge, Malicious intent are the motives
behind Attacks and breaches.

Cyber Forensics

Cyber Forensics or digital forensics, is a part of cybersecurity that focuses on collecting

and examining digital evidence from electronic devices and digital media. It is very
important in cybersecurity because it helps to discover and investigate cybercrimes like
hacking, identity theft, and data breaches.
Cyber forensics uses forensic methods to investigate digital crimes. It is the process of
gathering, analysing and safeguarding digital evidence that can be used in court to
demonstrate a cybercrime happened. The evidence can come from computer systems,
mobile devices, and other digital storage media.
Types of cyber forensics
Disk Forensics: This involves analysing data stored on a computer’s hard disk drive or
other storage media to extract digital evidence. Disk forensics can reveal deleted files,
hidden data, and other critical information.
Network Forensics: This involves capturing and analysing network traffic to identify
suspicious or malicious activity. Network forensics can help identify the source of an
attack, the type of attack, and the extent of damage caused
Mobile device forensics: This involves analysing digital evidence on mobile devices
such as smartphones, tablets,
Memory forensics: This involves analysing data stored in the memory of a computer
or mobile device. Memory forensics can help identify malware, rootkits, and other
malicious software that may be running in the background of a system. Database
Forensics: This involves analysing databases and their associated systems to
extract digital evidence related to cybercrimes. Database forensics can help identify
data breaches, unauthorised access, and other types of cybercrime
Cloud Forensics: This involves analysing digital evidence stored in cloud-based
environments such as Google drive, Dropbox, and Amazon Web services.

Cryptography

Cryptography is the process of secure communication to safeguard information

from unauthorized access. It uses techniques such as encryption, decryption,
digital signatures, and hashing to ensure confidentiality, integrity, and authenticity
of data.
Methods of cryptography
There are two primary methods of cryptography. suited for different uses cases.
Symmetric Encryption:
In Symmetric encryption, a single key is used for both encrypting and decrypting
data, and this key is shared between the sender and receiver, who keep it secret
to prevent unauthorised access.
Asymmetric Encryption:
Asymmetric encryption, also referred to as public-key encryption, employs two
distinct keys for encrypting and decrypting data. When using this method, the
sender utilises the recipient’s public key to encrypt the data, which can only be
decrypted by the recipient’s private key
Understanding Network Hacking

A computer network is a collection of interconnected devices that communicate

and share resources with each other. These devices can include computers,
servers, printers, routers, and switches. Networks can be classified by their size
(e.g., local area network (LAN), wide area network (WAN)) and their architecture
(e.g., client- server, peer-to-peer).
How it works:
Communication: Devices communicate using protocols, which are sets of rules
that determine how data is transmitted. Common protocols include TCP/IP for
data transfer and HTTP for web traffic.
Data Transmission: Data is broken into packets, which are sent over the network to
their destination. Each packet includes destination information, allowing it to find its
way through the network.

Network Devices:
Routers: Direct data between different networks and manage traffic.
Switches: Connect devices within the same network, allowing them to communicate
directly.
Access points: Enable wireless devices to connect to the network.
Resource sharing: Devices can share files, applications, and internet access,
improving collaboration and efficiency.
Network Security: Measures like firewalls and encryption protect data and devices
from unauthorized access.
Network Topologies: Network topologies refers to the physical or logical layout of
devices, nodes, and connections in a computer network. They determine how devices
are interconnected and how data flows within the network.
Types of Network topologies:
 Ring Topology
 Mesh Topology
 Star Topology
 Fully Connected Topology
 Line Topology
 Tree Topology
 Bus Topology
 COURSE CERTIFICATION

CERTIFICATE
OF COMPLETION

AWARDED TO

MS ARTHI INDHIRASENAN

234214-27020934-124
14 Oct 2024
SIGNATURE
 ACTIVITY DETAILS OF PARTICIPANT

Course Name : Microsoft Cybersuraksha For Learners_ Batch 3 Self Paced

Course Duration : 36 Days Course Type : Report
Participant Name : Arthi Indhirasenan Generated At : 14 Oct 2024 12:36 PM
Participant Email ID : ai7120@srmist.edu.in Participant Unique ID : 27020934

Grade Obtained : E % of TOC read :57.1429 % Result : Pass

Activity Activity Total Marks Pass Marks/ Marks Grade Activity Activity Assignment
Type Name Attempt No CutOff Obtained Attempted Status Link
Assessment 6.Social 1 11.0 0 9.0 NA Completed Pass N.A.
Engineering
Attacks_Mod
ule-end
Assessment
Assessment 9.Cryptograp 1 14.0 0 9.0 NA Completed Pass N.A.
hy_Module-
end
Assessment
Assessment Attitude to 1 15.0 0 4.0 NA Completed Pass N.A.
Succeed_Mo
dule-end
Assessment
Assessment 8.Understand 1 10.0 0 6.0 NA Completed Pass N.A.
ing Incident
Management
_Module-end
Assessment
Assessment 4. 1 23.0 0 9.0 NA Completed Pass N.A.
Understandin
g Network
Hacking and
Protection
Concepts_M
odule-end
Assessment
Assessment 4. 2 23.0 0 19.0 NA Completed Pass N.A.
Understandin
g Network
Hacking and
Protection
Concepts_M
odule-end
Assessment
Assessment 13.Cyber 1 14.0 0 8.0 NA Completed Pass N.A.
Crimes and
Cyber
Laws_Modul
e-end
Assessment
Assessment 2. Cloud 1 7.0 0 6.0 NA Completed Pass N.A.
Computing_
Module-end
Assessment
 Activity Activity Pass Marks/ Marks Grade Activity Activity Assignment
Type Name Attempt No Total Marks CutOff Obtained Attempted Status Link
Assessment 2. Cloud 2 7.0 0 6.0 NA Completed Pass N.A.
Computing_
Module-end
Assessment
Assessment 1. 1 13.0 0 10.0 NA Completed Pass N.A.
Introduction
to
Information
Security_Mo
dule-end
Assessment
Assessment 5. 1 22.0 0 18.0 NA Completed Pass N.A.
Understandin
g Web
Application
Security_Mo
dule-end
Assessment
Assessment 11.Understan 1 12.0 0 7.0 NA Completed Pass N.A.
ding BCP
and DR
Fundamental
s_Module-
end
Assessment
Assessment 7. Mobile 1 10.0 0 7.0 NA Completed Pass N.A.
Devices
Issues and
Protection
Mechanisms
_Module-end
Assessment
Assessment 3. 1 15.0 0 14.0 NA Completed Pass N.A.
Introduction
to
Hacking_Mo
dule-end
Assessment
Assessment 12.Understan 1 22.0 0 17.0 NA Completed Pass N.A.
ding Cyber
Forensics_M
odule-end
Assessment
Assessment Workplace 1 15.0 0 6.0 NA Completed Pass N.A.
Preparednes
s_Module
End
Assessment
Assessment 10 Identity 1 10.0 0 7.0 NA Completed Pass N.A.
and Access
Management
_Module-end
Assessment
Conclusion

In conclusion, the internship online course in Tata Strive Microsoft CyberSuraksha

has been an invaluable experience for enhancing our understanding of cybersecurity
principles and practices.
Throughout the course, we gained essential skills in identifying threats, implementing
security measures, and understanding the importance of data protection in today's
digital landscape.

The hands-on projects and real-world scenarios provided us with practical insights
into the challenges faced by organizations in safeguarding their information.
Moreover, the collaborative learning environment fostered by Tata Strive and
Microsoft encouraged us to engage with peers and experts, enriching our knowledge
and networking opportunities.

In an era where cybersecurity threats are becoming increasingly sophisticated, the

insights gained from this course have equipped us to not only safeguard digital assets
but also to innovate solutions that address emerging challenges. We are now better
prepared to contribute to the evolving field of cybersecurity.
As we move forward, the skills and insights gained from this course will undoubtedly
play a crucial role in our professional development in the cybersecurity field. We are
now better equipped to contribute to creating safer digital environments and to pursue
further opportunities in this dynamic industry. Thank you to Tata Strive for this
enriching experience.