Explain Kerberos with help of suitable diagram.

Kerberos:

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server
applications by using secret-key cryptography. It uses secret key cryptography. It is a solution to network security
problems. It provides tools for authentication and strong cryptography over the network to help you secure your
information system There are 4 parties involved in Kerberos protocol.

i) User
ii) Authentication service (AS)
iii) Ticket granting server (TGS)
iv) Service server

Working of Kerberos:

1. The authentication service, or AS, receives the request by the client and verifies that the client is indeed the
computer it claims to be. This is usually just a simple database lookup of the user’s ID.

2. Upon verification, a timestamp is created. This puts the current time in a user session, along with an expiration
date. The default expiration date of a timestamp is 8 hours. The encryption key is then created. The timestamp
ensures that when 8 hours is up, the encryption key is useless.

3. The key is sent back to the client in the form of a ticket-granting ticket, or TGT. This is a simple ticket that is
issued by the authentication service. It is used for authentication the client for future reference.

4. The client submits the ticket-granting ticket to the ticket-granting server, or TGS, to get authenticated.

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

5. The TGS creates an encrypted key with a timestamp, and grants the client a service ticket.

6. The client decrypts the ticket, tells the TGS it has done so, and then sends its own encrypted key to the service.

7. The service decrypts the key, and makes sure the timestamp is still valid. If it is, the service contacts the key
distribution center to receive a session that is returned to the client.

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

8. The client decrypts the ticket. If the keys are still valid, communication is initiated between client and server.

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

IP Security
Explain IP sec security with help of diagram.
Define AH & ESP with respect to IP security.

IP Sec overview:
IP Security (IPSec) refers to a collection of communication rules or protocols used to establish
secure network connections.
It encrypts and seal the transport and application layer data during transmission.
It also offers integrity protection for internet layer.
It sits between transport and internet layer of conventional TCP/IP protocol

1. Secure remote internet access:

To securely connect to an organization's network from home using IPsec, you'd make a local call to
your ISP, which will then establish a secure tunnel to your organization's network.
By doing so, you can access corporate network facilities or access remote desktop/servers.

2. Secure branch office connectivity:

Rather than subscribing to an expensive leased line for connecting its branches across cities, an
organization can setup an IPsec enabled network for security.

3. Setup communication with other organization: Just as IPsec allow connectivity between various
branches of an organization, it can also be used to connect the network of different organization
together in a secure & inexpensive fashion.

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

Basic Concept of IPsec Protocol:

IP packet consist two position IP header & actual data.

IPsec feature are implemented in the form of additional headers called as extension header to the
standard, default IP header.
IPsec offers two main services authentication & confidentially.
Each of these requires its own extension header.
Therefore, to support these two main services, IPsec defines two IP extension header one for
authentication & another for confidentiality.

It consists of two main protocols

Authentication header (AH):

Authentication header is an IP Packet (AH) protocol provides data integrity and authentication of IP
packets.
The IPsec AH is a header in an IP packet. The AH is simply inserted between IP header & any subsequent
packet contents. No changes are required to data contents of packet.

Encapsulation Header (ESP):

1. Used to provide confidentiality, data origin authentication, data integrity.
2. It is based on symmetric key cryptography technique.
3. ESP can be used in isolation or it can be combined with AH.

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

Email Security
Explain Email Security in SMTP.

Email is emerging as one of the most valuable services on the internet today.
Email security refers to the steps where we protect the email messages and the information that they
contain from unauthorized access, and damage.

Protocols Related To Email Security are :-

1. SMTP (simple mail transfer protocol)
2. PEM (Privacy Enhance Mail)
3. PGP (Pretty Good Privacy)

SMTP (Simple Mail Transfer Protocol)

Simple Mail Transfer Protocol, a protocol for sending email messages between servers.
Most of the internet systems use SMTP as a method to transfer mail from one user to another.
SMTP is a push protocol and is used to send the mail whereas POP (post office protocol) or IMAP
(internet message access protocol) are used to retrieve those mails at the receiver’s side.
In addition, SMTP is generally used to send messages from a mail client to a mail server.
This is why you need to specify both the POP or IMAP server and the SMTP server when you
configure your e-mail application.
SMTP usually is implemented to operate over Internet port 25.
An alternative to SMTP that is widely used in Europe is X.400.
Many mail servers now support Extended Simple Mail Transfer Protocol (ESMTP), which allows
multimedia files to be delivered as email.

The basic phases of an email communication consists of the following steps :-

1. At sender’s end an SMTP server takes the message sent by uses computer
2. The SMTP server at the sender’s end then transfer the message to the SMTP server of the receiver.
3. The receiver’s computer then pulls the email message from the SMTP server at the receive’s end,
using the other mail protocol such as Post Office Protocol (POP) or IMAP (Internet mail access
protocol )

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

Privacy Enhanced Mail (PEM) e-mail security:
PEM supports the 3 main cryptographic functions of encryption, nonrepudiation and message
integrity. The steps involved in PEM operation as follows.

Step 1: canonical conversion:

There is a possibility that the sender and the receiver of an email message use computers that have
different architecture and operating systems.
PEM transforms each email message into an abstract, canonical representation
This means that regardless of the architecture and the operating system of the sending and
receiving computers, the email travels in a uniform, independent format.

Step 2: Digital Signature:

It starts by creating a MD of email message using an algorithm such as MD2 or MD5.
The MD thus created is then encrypted with sender’s private key to form the sender’s digital
signature.

Step 3-Encryption:
The original email and the digital signature are encrypted together with a symmetric key.

Step 4: Base- 64 encoding-

This process transforms arbitrary binary input into printable character output.
The binary input is processed in blocks of 3 octets or 24 bits.
These 24 bits are considered to be made up of 4 sets, each of 6 bits.
Each such set of 6 bits is mapped into an 8-bit output character in this process

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443
PGP ( Pretty Good Privacy )
Describe PGP with suitable diagram. 4M

Pretty Good Privacy is a popular program used to encrypt and decrypt email over the internet.
It becomes a standard for email security.
It is used to send encrypted code (digital signature) that lets the receiver verify the sender’s
identity and takes care that the route of message should not change.
PGP can be used to encrypt files being stored so that they are in unreadable form and not readable
by users or intruders.
It is available in Low cost and Freeware version. It is most widely used privacy ensuring program
used by individuals as well as many corporations.

1. Email -> SHA 1 -> MD -> Sender Private Key -> Digital Signature
2. Input Message + Digital Signature -> Compression (Lempel -Ziv)-> File Size Reduce
3. Compressed O/P -> symmetric key ->encrypt
4. symmetric key -> receiver’s public key -> encrypt
3 + 4 -> Digital Envelop

There are five steps as shown below:

1. Digital signature:
It consists of the creation a message digest of the email message using SHA-1 algorithm.
The resulting MD is then encrypted with the sender’s private key.
The result is the sender’s digital signature.

2. Compression:
The input message as well as digital signature are compressed together to reduce the size of final
message that will be transmitted. For this the Lempel -Ziv algorithm is used.

3. Encryption:

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

The compressed output of step 2 (i.e. the compressed form of the original email and the digital signature
together) are encrypted with a symmetric key.

4. Digital enveloping:
The symmetric key used for encryption in step 3 is now encrypted with the receiver’s public key.
The output of step 3 and 4 together form a digital envelope.

5. Base -64 encoding:

This process transforms arbitrary binary input into printable character output.
The binary input is processed in blocks of 3 octets (24-bits).
These 24 bits are considered to be made up of 4 sets, each of 6 bits.
Each such set of 6 bits is mapped into an 8 - bit output character in this process.

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

Public Key Infrastructure (PKI)
Explain Public Key Infrastructure with example.

A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures
needed to create, manage, distribute, use, store and revoke digital certificates and manage public
key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a
range of network activities such as e-commerce, internet banking and confidential email.
PKI is the governing body behind issuing digital certificates. It helps to protect confidential data
and gives unique identities to users and systems. Thus, it ensures security in communications.
The public key infrastructure uses a pair of keys: the public key and the private key to achieve security.
The public keys are prone to attacks and thus an intact infrastructure is needed to maintain them.
PKI consists of the following components:

 A digital certificate also called a public key certificate

 Private Key tokens
 Registration authority
 Certification authority
 CMS or Certification management system

 Working on a PKI:

PKI and Encryption: The root of PKI involves the use of cryptography and encryption techniques.
Both symmetric and asymmetric encryption uses a public key. There is always a risk of MITM (Man
in the middle). This issue is resolved by a PKI using digital certificates. It gives identities to keys in order
to make the verification of owners easy and accurate.

Public Key Certificate or Digital Certificate:

Digital certificates are issued to people and electronic systems to uniquely identify them in the digital
world.
The Certification Authority (CA) stores the public key of a user along with other information about the
client in the digital certificate. The information is signed and a digital signature is also included in the
certificate.

Certifying Authorities: A CA issues and verifies certificates. This authority makes sure that the
information in a certificate is real and correct and it also digitally signs the certificate.

A CA or Certifying Authority performs these basic roles:

 Generates the key pairs – This key pair generated by the CA can be either independent or in
collaboration with the client.
 Issuing of the digital certificates – When the client successfully provides the right details about his
identity, the CA issues a certificate to the client. Then CA further signs this certificate digitally so that
no changes can be made to the information.
 Publishing of certificates – The CA publishes the certificates so that the users can find them. They
can do this by either publishing them in an electronic telephone directory or by sending them out to
other people.
 Verification of certificate – CA gives a public key that helps in verifying if the access attempt is
authorized or not.

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

 Revocation – In case of suspicious behavior of a client or loss of trust in them, the CA has the power
to revoke the digital certificate.

The most popular usage example of PKI (Public Key Infrastructure) is the HTTPS (Hypertext Transfer
Protocol Secure) protocol.
HTTPS is a combination of the HTTP (Hypertext Transfer Protocol) and SSL/TLS (Secure Sockets
Layer/Transport Layer Security) protocols to provide encrypted communication and secure
identification of a Web server.
In HTTPS, the Web server's PKI certificate is used by the browser for two purposes:

1. Validate the identity of the Web server by verify the CA's digital signature in the certificate.
2. Encrypt a secret key to be securely delivered to the Web server. The secret key will be used to encrypt
actual data to be exchanged between the browser and the Web server.

Other examples of PKI (Public Key Infrastructure) are:

 Digital signature - The sender of a digital message uses his/her private key to generate a digital
signature attached to the message. The receiver uses the sender's certificate to verify the digital
signature to ensure the message was sent by the claimed sender.
 Encryption of documents - The sender of a digital message uses the receiver's certificate to
encrypt the message to protect the confidentiality of the message. Only the receiver who can use
his/her private key decrypt the message.
 Digital identification - User's certificate is stored in a smart card to be used to verify card
holder's identities.

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

X.509 /PKIX Certificate format

Cybercrime :

List any types of cybercrimes

Describe cybercrime? Describe hacking related to cybercrime.
Cybercrime is defined as a crime in which a computer is the object of the crime or is used as a tool to
commit an offense.
Cybercriminals may use computer technology to access personal information, business trade
secrets, or use the Internet for exploitive or malicious purposes.
Criminals can also use computers for communication and document or data storage.
Criminals who perform these illegal activities are often referred to as hackers.
Cybercrime may also be referred to as computer crime.

Types of Cybercrimes are

1. Hacking
2. Digital Forgery
3. Cyber Stalking / Harassment
4. Cyber Pornography
5. Identity Theft and Fraud
6. Cyber Terrorism
7. Cyber Defamation

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

Hacking
List and explain different types of hackers.

Hacking is one of the most well-known types of computer crime. A hacker is someone who find out and
exploits the weaknesses of computer systems or networks. Hacking refers to unauthorized access of
another’s computer systems. Hacking often conducted in order to launch malicious programs known
as viruses, worms, and Trojan horses that can shut down entire computer network. Hacking is also
carried out as a way to talk credit card numbers, intent passwords, and other personal information. By
accessing commercial database, hackers are able to steal these types of items from millions of internet
users all at once.
There are different types of hackers:
1. White hat
2. Black hat
3. Grey hat
4. Elite hacker
5. Script hacker

There are different types of hackers:

1. White hat
2. Black hat
3. Grey hat
4. Elite hacker
5. Script kiddie hacker

1) Black Hat Hacker

 Black-hat Hackers are also known as an Unethical Hacker or a Security Cracker.
 These people hack the system illegally to steal money or to achieve their own illegal goals.
 They find banks or other companies with weak security and steal money or credit card
information.
 They can also modify or destroy the data as well. Black hat hacking is illegal.

2) White Hat Hacker

 White hat Hackers are also known as Ethical Hackers or a Penetration Tester.
 White hat hackers are the good guys of the hacker world.
 These people use the same technique used by the black hat hackers.
 They also hack the system, but they can only hack the system that they have permission to
hack in order to test the security of the system.
 They focus on security and protecting IT system. White hat hacking is legal.

3) Gray Hat Hacker

 Gray hat Hackers Are Hybrid between Black Hat Hackers and White hat hackers.
 They can hack any system even if they don't have permission to test the security of the
system but they will never steal money or damage the system.
 In most cases, they tell the administrator of that system.
 But they are also illegal because they test the security of the system that they do not have
permission to test.
 Grey hat hacking is sometimes acted legally and sometimes not.

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

4) Elite Hacker

Elite hackers avoid deliberately destroying information or otherwise damaging the computer
systems they have exploited.

5) Script Kiddie
A script kiddie, or “skiddie,” is someone who lacks programming knowledge and uses existing
software to launch an attack.
Often a script kiddie will use these programs without even knowing how they work or what they do.

Classify following cyber crimes:

i) Cyber stalking
ii) Email harassment

Cyberstalking/ Harassment: Cyberstalking/ Harassment refers to the use of the internet and other
technologies to harass or stalk another person online, and is potentially a crime in the India under
IT act-2000.
This can be done with the help of many protocols available such as e- mail, chat rooms, user net
groups.

Email harassment : Email harassment is a form of stalking in which one or more people send
consistent, unwanted, and often threatening electronic messages to someone else.

Identity Theft also called Identity Fraud is a crime that is being committed by a huge number
nowadays. Identity theft happens when someone steals your personal information to commit
fraud.

Cyber Defamation
Cyber Defamation is defaming someone by harming their public image and reputation in the
digital space.
Types of Cyber Defamation
1. Online Trolling
2. Social Media Stalking and Harassment
3. Unauthorized AI deep Fakes
4. Posting False, Misleading Information About the Victim
5. Circulating the Victim's Photo or Name in Offensive Memes

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443

  COBIT Framework

COBIT stands for “Control Objectives for Information and Related Technology”, it is a framework that
was developed by ISACA (Information System Audit and Control Association).
It is a set of guidance materials for IT governance to manage their requirements, technical issues,
and business risks.
COBIT connects IT initiatives with business requirements, monitors and improves IT management
practices, and ensures quality control and reliability of information systems in an organization.

COBIT Domains
COBIT defines IT activities in a generic process model within four domains:
 Plan and Organize: This domain addresses direction to solutions, Information architecture,
managing IT investments, assessing the risks, quality, and project.
 Acquire and Implement: This domain acquires and maintains application software and
technology infrastructure, develops as well as maintains procedures and manages changes,
implements desired solutions, and passes them to be turned into services.
 Deliver and Support: This domain defines and manages service levels, ensures the security of the
system, educates or trains, and advises users. It receives solutions and makes them usable for end
users.
 Monitor and Evaluate: This domain monitors the process, assesses internal control capability,
finds independent assurance, and provides independent audits.

Principle of COBIT:
 Providing service of delivering information that an organization requires.
 Undesired events will be prevented, detected, and corrected.
 Managing and controlling IT resources using a structured set of processes.
 Fulfilling client’s requirements

Prof. Somwanshi A.A. ( Arrow Computer Academy ) : - 8788335443