CSS

1.Explain cryptography and its types:

Cryptography is a technique of securing information and communications through the use of
codes so that only those persons for whom the information is intended can understand and
process it. Thus, preventing unauthorized access to information. The prefix “crypt” means
“hidden” and the suffix “graphy” means “writing”. . In Cryptography, the techniques that are
used to protect information are obtained from mathematical concepts and a set of rule-
based calculations known as algorithms to convert messages in ways that make it hard to
decode them.

• Cryptosystem is a 5-tuple consisting of “E,D,M,K,C”Where,

• E is an encryption algorithm

• D is an decryption algorithm

• M is the set of plaintexts

• K is the set of keys

• C is the set of ciphertexts

Key objectives of cryptography are :

1. confidentiality
2. integrity
3. availability

Types of Cryptography

1. Symmetric Key Cryptography (Secret-Key)

 Same key is used for both encryption and decryption.

 It is a Fast process

 In this key distribution is challenging.

Examples:

 AES (Advanced Encryption Standard)

 DES (Data Encryption Standard

2. Asymmetric Key Cryptography (Public-Key)

 Two keys: Public key (for encryption) and Private key (for decryption).
  It is More secure for communication but slower than symmetric.

Examples:

 RSA (Rivest–Shamir–Adleman

3. Hash Functions

 Converts data to a fixed-size hash value or digest.

 Used to verify data integrity.

Examples:

 MD5

 SHA-1, SHA-256.

2.Security goals of cryptography or CIA TRAIDS :

The major goals of information security are Confidentiality, Integrity, and Availability—
often called the CIA triad. Here’s what each of them means in simple terms:

1. Confidentiality – Keeping Information Private

Only the right people should have access to certain information. If an unauthorized person
gets access, confidentiality is broken.

This includes:

 Data confidentiality: Protecting sensitive data from being accessed by

unauthorized people.
2. Integrity – Keeping Information Accurate and Unchanged
Information should not be changed or tampered with by unauthorized people. If someone
alters the data without permission, its integrity is compromised.

This includes:

 Data integrity: Ensuring that stored and transmitted data remains

unchanged unless modified in an authorized way.
3.Availability – Keeping Information Accessible
Information and resources should always be available when needed. If a system crashes or is
attacked (e.g., a DDoS attack), availability is affected.Authorized users should be able to
access data anytime they need it.
3. Security vulnerabilities in Cryptography:

1.Weak or Outdated Algorithms:

Devices with weak and outdated algo have a risk if getting attacked

Algorithms like MD5 and SHA-1 are now considered insecure due to collision attacks.

DES (56-bit key) is easily brute-forced with modern computing power.

2.Lack of strong passwords:

Passwords are everywhere for quick recall one tends to use easy passwords such as name,
birthdates, school names etc. people who knows you can try to use it and access or steal
your data .

As a countermethod one should always choose or make a complex passwords that consists
of numbers words and special characters .

3.unpatched software:

Vendors release security patches that fixes something in the software installed previously .If
you don’t install these patches your system could be prone to attack because the required
security to fix that bug is not installed.

: 4.OSI Security architecture

The OSI Security Architecture is internationally recognized and provides a standardized

technique for deploying security measures within an organization. It focuses on three major
concepts: security attacks, security mechanisms, and security services, which are critical in
protecting data and communication processes

OSI model has seven layers which are as follows:

 The Physical Layer

 The Data Link Layer

 The Network Layer

 The Transport Layer

 The Session Layer

 The Presentation Layer

  The Application Layer

1. Security Attacks: A security attack is an attempt by a person or entity to gain

unauthorized access to disrupt or compromise the security of a system, network, or
device. It has 2 types passive and active attacks.
2. Security Mechanism:The mechanism that is built to identify any
breach of security or attack on the organization, is called a security
mechanism. Security Mechanisms are also responsible for
protecting a system, network, or device against unauthorized
access, tampering, or other security threats.
3. Security Services: Security services refer to the different
services available for maintaining the security and safety of an
organization. They help in preventing any potential risks to security

5.Difference between active and passive attacks

Attempts to alter system resources or affect Attempts to learn or make use of system information but does not affect
Definition operation system resources

Interaction Direct; modifies data/system Indirect; observes transmissions

Disruption, data alteration, unauthorized

Goal access Information gathering without being detected

Impact Integrity and Availability compromised Confidentiality compromised

Detection Easier to detect due to system changes Difficult to detect; no system changes visible

Harm to system
resources Yes No

Prevention Difficult Easier

Steganography:
Steganography in Cryptography

Definition:

Steganography is a technique of hiding secret information within an ordinary file

Steganography is the art and science of hiding the existence of a message, rather than just
encrypting it. While cryptography focuses on making data unreadable, steganography
focuses on making data invisible.

📦 Common Cover Media Used:

 Images (most common)

 Audio files

 Video files

 Text documents

🔑 Basic Process of Steganography

1. Embedding (Hiding phase)

 The secret message is embedded into the cover media using a steganographic
algorithm.

 Result: Stego file (looks normal)

2. Extraction (Revealing phase)

 The receiver extracts the hidden data using the same or compatible algorithm.

📡 Types of Steganography

Type Cover Medium Description

Image Images (PNG,

Hide data in pixel bits (e.g., LSB method)
Steganography BMP)

Audio Steganography WAV, MP3 files Hide info in audio samples or echo signals

Video Steganography Video files Hide data in video frames or motion vectors

Use invisible characters, font changes, or white

Text Steganography Text
spaces

✅ Advantages

 Very difficult to detect.

  Does not attract suspicion like encrypted files.

 Can be combined with cryptography for double security.

❌ Disadvantages

 Small capacity (limited by cover media).

 If detected, the secret is revealed.

 Can be affected by compression or image editing.

Q. Classical Encryption Techniques in Cryptography

Classical encryption refers to early methods of encrypting messages, developed before the
digital age. These techniques use simple mathematical transformations and manual
methods. They form the foundation of modern cryptography.

🔑 Two Main Categories

1. Substitution Techniques

Replace each element of the plaintext with another element.

a. Caesar Cipher

 Each letter is shifted by a fixed number.

 Example (shift = 3): HELLO → KHOOR

b. Monoalphabetic Cipher

 A fixed random substitution for each letter.

 Vulnerable to frequency analysis.

c. Playfair Cipher

 Encrypts digraphs (pairs of letters) using a 5×5 matrix.

 More secure than monoalphabetic.

d. Hill Cipher

 Uses matrix multiplication with modulo arithmetic.

 Requires matrix invertibility for decryption.

e. Vigenère Cipher

 Polyalphabetic cipher: uses a repeating keyword to shift letters.

 Harder to break than Caesar.

2. Transposition Techniques

Rearrange characters without substitution.

a. Keyless Transposition (Rail Fence Cipher)

Write in zigzag and read row-wise.

Example (3 rails):

Plaintext: HELLO WORLD

Encrypted: HOLELWRDLO

b. Keyed Transposition (Columnar Transposition)

Write text in rows under a keyword and rearrange columns based on alphabetical order of
keyword letters.

Example:

Keyword: ZEBRAS
Plaintext: WEAREDISCOVERED

 Arrange in columns and read column-wise after reordering

Module 2 : Block Ciphers & Public Key Cryptography

Explain block ciphers in detail :
A block cipher is a type of symmetric key encryption algorithm that operates on fixed-size
blocks of data (e.g., 64-bit or 128-bit blocks) rather than on individual bits or characters.It is
used to encrypt plain text to produce cipher texts through various modes.

Key components of block ciphers are :

1. Block Size – Size of the input/output block (e.g., 128 bits)

2. Key Size – Length of the encryption key (e.g., 128, 192, 256 bits)

3. Rounds – Number of transformation steps (e.g., AES has 10, 12, or 14)

Examples of block ciphers are :

Cipher Block Size Key Sizes Notes

AES 128 bits 128,192,256 bits Most widely used today

DES 64 bits 56 bits Obsolete; replaced by AES

3DES 64 bits 112 or 168 bits More secure than DES, slower

Blowfish 64 bits 32–448 bits Fast, flexible

Encryption Modes (Block Cipher Modes of Operation)

1. ECB – Electronic Codebook Mode

 Each plaintext block is encrypted independently.

 It is Simple but insecure

 identical plaintext → identical ciphertext.

 It Reveals patterns in plaintext

 Image encryption fails

🔹 2. CBC – Cipher Block Chaining Mode

 Each block is XORed with the previous ciphertext block .

 First block is XORed with an IV (Initialization Vector).

 It is More secure than ECB

 It can Resists pattern recognition

 It is Not parallelizable

 It Needs proper IV handling

🔹 3. CFB – Cipher Feedback Mode

 Turns a block cipher into a stream cipher.

 Encrypts the previous ciphertext, XORs with plaintext to produce next ciphertext.

 It is Good for streaming data

 Handles bit-level operations

 Encryption and decryption are similar

 Needs proper IV handling

Advantages of Block Ciphers

 Strong security for fixed-length data

 Widely used in SSL/TLS, VPNs, disk encryption

 Resistant to some attacks when used with proper mode

❌ Disadvantages

 Not suited for real-time streaming data

  Weak if used with insecure modes like ECB

Q. AES (Advanced Encryption Standard):

The Advanced Encryption Standard (AES) is the most widely used symmetric encryption
algorithm in the world. It is fast, secure, and used in applications ranging from Wi-Fi security
(WPA2/WPA3) to HTTPS, VPNs . It uses the same key for encryption and decryption. It act as
a block cipher.

🔑 Key Features:

 Block size: 128 bits (fixed)

 Key sizes: 128, 192, or 256 bits

 Structure: Substitution-Permutation Network (SPN)

 Rounds: Depends on key size:

o 10 rounds for 128-bit keys

o 12 rounds for 192-bit keys

o 14 rounds for 256-bit keys

Steps of AES process:

Step 1: Key Expansion

 The original key is expanded into multiple round keys (one for each round + one for
initial round).

 These are used during each encryption round.

🔹 Step 2: Initial Round:

 The 128-bit plaintext is XORed with the first round key.

Main Rounds (Repeat 9 \11\13times)

Each round has 4 operations:

1. SubBytes

 Replace every byte in the matrix with another one using (S-box).

2. ShiftRows

 Each row in the matrix is shifted left.

o Row 0 = no shift
 o Row 1 = shift by 1

o Row 2 = shift by 2

o Row 3 = shift by 3

3. MixColumns

 Mix all values in each column to spread the data.

 Adds more confusion to the message.

4. AddRoundKey

 XOR the result with the next round key.

Final Round (Only 3 steps)

Same as above, but skip MixColumns.

 SubBytes

 ShiftRows

 AddRoundKey

Decryption

 Reverse the process using inverse steps:

o InvSubBytes

o InvShiftRows

o InvMixColumns

o AddRoundKey.

Flowchart:

Advantages :

 Fast
  Secure
 Widely used

Q. DES (Data encryption standard):

DES is a symmetric key based block cipher which is used in encryption and decryption.it was
widely used in the world between the 1980’s to 2000’s .later it was nit used prominently as
AES was introduced..

Key characteristics of DES:

Feature Value

Block Size 64 bits

Key Size 56 bits (actual)

Rounds 16

Algorithm Type Feistel Network

Symmetric Same key for encrypt/decrypt

Steps used in DES:

1. Creation of 64 bit blocks: if the mssg if too long it is converted into the size of
64 bits blocks.
2. Initial permutation.: the mssg is arranged in a particular order. No security key
is added
3. Half slpits: left and right are splitted unto halfs (L0) and (R0) each are of 32
bits.
4. Subkey key generation: in this a subkey is generated from the 56bit key. And
this key is derived from complex mathematical concepts>
5. Rounds : it consists of 16 rounds . both left half and right half go through 16
rounds individually of encryptionoperation.
6. Final cipher text : after 16 rounds of encryption process data is encrypted.

✅ Advantages of DES (Historical)

 Simple, efficient in hardware

 Well-analyzed, foundational for cryptography

Weaknesses of DES

Short key length (56 bits)

not secure for modern use

Q. explain 3DES:
Triple DES (3DES) is an enhanced version of the Data Encryption Standard (DES), designed
to improve security by applying the DES algorithm three times with either two or three
keys. It was created because the original DES's 56-bit key was too short for modern security
needs.

📌 Key Features of 3DES

Feature Value

Block Size 64 bits

112 bits (2-key) or 168 bits

Key Sizes
(3-key)

Rounds 48 (3 × 16 DES rounds)

Type Symmetric block cipher

Structure Feistel network (like DES)

✅ Advantages

 More secure than DES (due to longer key size)

 Resistant to brute-force attacks (up to 112 or 168-bit

strength)

 Compatible with DES (legacy support)

❌ Disadvantages

Limitation Description

Performs 3 DES operations per block — ~3×

Slow
slower than DES

Block size is 64-bit blocks are small by modern standards

small (risk of collisions)

Q. Difference between AES & DES:

Feature AES (Advanced Encryption Standard) DES (Data Encryption Standard)

Developed By NIST IBM

Key Size 128, 192,256 56 bits (plus 8 parity bits)

Block Size 128 bits 56 bits

Number of 10 (AES-128), 12 (AES-192), 14 (AES-

16
Rounds 256)

Substitution-Permutation Network
Structure Feistel Network
(SPN)

slower in both hardware &

Speed Fast in both hardware & software
software

Security strong weak

Flexibility Flexible key size Fixed key size

Status Current standard, widely adopted Obsolete

Q. El-Gamal Algorithm

El-Gamal Algorithm:

El-Gamal is an asymmetric encryption algorithm.it uses two keys:

public and private. It is based on Discrete Logarithms, just like Diffie-Hellman.its main
drawback is its slow performance . it is Mostly used for encryption and digital signatures.

Elgamal encryption consists of 3 main components:

 Key generation
 Encryption
 Decryption

Key Generation (Receiver does this)

1. Choose a large prime number p.

2. Choose a primitive root g (called generator).

3. Choose a private key x (random number < p).

4. Compute y = g^x mod p

Public Key: (p, g, y)

Private Key: x
2. Encryption :Let’s say sender wants to send message M to the receiver.

1. Convert M to a number less than p.

2. Choose a random number k (temporary secret).

3. Compute:

o C1 = g^k mod p

o C2 = M × y^k mod p

4. Send the ciphertext: (C1, C2)

3.Decryption (Receiver side)

Receiver uses private key x , using the private key reciver decrypts the mssg.

Q. Diffie Hellman Key exchange:

 It is a key exchange algorithm, not encryption.

 It allows two people to generate a shared secret key over an insecure channel (like
the internet).

 Used in SSL, VPNs, and secure messaging.

🎯 Goal:

To create a common secret key between two people (say, Alice and Bob) without sending it
directly.
MODULE 3: Cryptographic Hashes, Message Digests and Digital Certificates

Hash functions: A cryptographic hash function is a mathematical algorithm that takes an

input (message or data) and returns a fixed-size string (called a hash or digest) that uniquely
represents the input.

It's like a fingerprint of the data. The length of the input could be just one character or a
video file the output for both the input will be of fixed size.
Security of hash functions :

1.pre image resistance

2. 2nd preimage resistance

3. collision resistance

Characteristics of hash functions:.

1. Only one way

2. Any length input fixed size output
3. No secrecy involved
4. Small input variation produces large output variations
1. One way only: This means that it is easy to calculate hash value from information and
nearly impossible to convert the hath value back to the original information.
Example: to convert milk into cheese, but can you convert cheese back to the original
milk impossible right? That's how hash functions are One-way only.
2. Any length input, fixed length output: Hash functions can work on any length of
input. It could work on a single character or a huge video file. It would always
produce the same length output. Unlike encryption where the output size is more or
less same as the input size, output from hashing process is only a unique
representation of the original information and does not contain the information
itself. Hence, the output length from hashing does not need to change with the
length of input.
3. No secrecy involved: Hashing process does not require a key and neither it requires
any secret. The hashing algorithms are implemented such that they are only a one-
way process producing a unique representation of the input information. Algorithms
are publicly known as well
4. Small variation in input produces large variation in output: It is nearly impossible to
establish any relation between input and output in the hashing process. A small
variation is the input totally changes the hash output.

Example:

Original information: I love cybersecurity

Hash value:

6530004906493611d0735020db1/94360cac64f0

Original information: U love cybersecurity

Hash value : 8b9a7e5b4e5c8306c6ba678454485356cb00024

Difference between MD5 , SHA 1 , SHA 256:

Feature MD5 SHA-1 SHA-256

Secure Hash Secure Hash Algorithm

Full Name Message Digest 5
Algorithm 1 256-bit

Output Size 128 bits (16 bytes) 160 bits (20 bytes) 256 bits (32 bytes)

32 hexadecimal 40 hexadecimal 64 hexadecimal

Hash Length
characters characters characters

Speed Fast Moderate Slower (more secure)

Weak (collision
Security Weak (broken) Strong
found)

Collision
Poor Poor Good
Resistance

Pre-image
Weak Moderate Strong
Resistance

Legacy only (not Phased out

Usage Today Widely used (secure)
recommended) (deprecated)

Year Introduced 1992 1995 2001

Older SSL certs, Git SSL/TLS, Bitcoin, Secure

Applications Old file checksums, legacy
hashes systems

Q. Digital Certificate X.509

Digital Certificate X.509: A Digital Certificate is an electronic document used to prove the
ownership of a public key. It is issued by a Certificate Authority (CA) and follows a standard
format called X.509.

X.509 Digital Certificate:

 X.509 is the most widely used standard for digital certificates.

 It is used in SSL/TLS, IPSec, email security, and more.

✅ Purpose:

 Authenticates identity of users, websites, or organizations.

  Binds a public key with the identity of its owner.

How it Works (Simplified Flow)

1. Website gets a certificate from a trusted Certificate Authority (CA).

2. Your browser checks the certificate:

o Is it from a trusted CA?

o Is it still valid?

o Is it for the correct website?

3. If all checks pass, the secure HTTPS connection is established.

Why It’s Important

 Ensures authenticity (you’re talking to the right server)

 Enables encryption (data is secure during transmission)

 Prevents man-in-the-middle (MITM) attacks

Example Use:

When you visit a secure website (https://), your browser checks the site's X.509 certificate to
ensure it’s trusted and secure.

What is PKI (Public Key Infrastructure)?

PKI is a framework of policies, technologies, and procedures used to secure
communication and manage digital keys and certificates

Main Components of PKI:

Component Role

Public Key Shared with everyone; used to encrypt or verify

Private Key Kept secret; used to decrypt or sign

Certificate Authority (CA) Trusted third party that issues digital certificates

Registration Authority (RA) Verifies identity before the CA issues certificates

Digital Certificate Binds a public key to an identity (follows X.509 standard)

How PKI Works (Simple Steps)

 1. Key Generation
User or system generates a public/private key pair.

2. Certificate Request
The public key and identity are sent to a Certificate Authority (via RA).

3. Certificate Issuance
The CA verifies identity and issues a digital certificate (X.509 format), binding your
identity with your public key.

4. Secure Communication
Others can use your public key (from the certificate) to:

o Encrypt data (only you can decrypt it with your private key)

o Verify your digital signature

Module 4 : Digital signature schemes and authentication Protocols

Explain digital signature in detail.
A digital signature is a cryptographic method used to verify the authenticity and integrity of
digital messages, documents, or transactions. It ensures that the sender of the information
is genuine and that the content has not been altered during transmission.

How Digital Signatures Work

1. Key Pair Generation: Digital signatures rely on two keys:

o Private Key: Kept secret and used to sign the document.

o Public Key: Shared openly and used to verify the signature.

2. Signing Process:

o The sender generates a hash (a fixed-length representation) of the document

using a cryptographic hash function (e.g., SHA-256).

o The hash is then encrypted with the sender's private key, creating the digital
signature.

o The original document and its digital signature are sent to the recipient.

3. Verification Process:
  The recipient uses the sender’s public key to decrypt the signature, revealing the
hash value.

Properties of digital signature:

Feature Purpose

Authentication Confirms the sender is genuine

Integrity Message wasn’t changed in transit

Non-repudiation Sender can’t deny they sent it

digital signature schemes:

1. RSA Digital Signature

 Uses the same algorithm as RSA encryption but in reverse.

 The message hash is encrypted with the private key.

 Verification is done using the public key.

2. DSA (Digital Signature Algorithm)

 Developed by NIST.

 Slower signature generation but faster verification.

 Based on modular exponentiation and discrete logarithms.

Needham Schroeder Authentication protocol:

The Needham–Schroeder authentication protocol is a key transport protocol designed for
secure communication over an network. Needham–Schroeder proposed two
authentication protocols one using symmetric key and one using asymmetric key. Its role is
to authenticate users
Needham–Schroeder Symmetric Key Protocol: in symmetric key based protocols there are 3
entities : 2 users and 1 server.

The goal of this protocol is to generate and share a key that can be used for a secure
communication between two users .

Needham–Schroeder Asymmetric Key Protocol: in symmetric key based protocols there are
3 entities : 2 users and 1 server.

The goal of this protocol is to share the respective public keys between the two users.

Module 5 : System Security

Q.Explain operating system security

Operating System Security refers to the measures and techniques used to protect the OS
from threats like unauthorized access, malware, data breaches, and system misuse. It
ensures confidentiality, integrity, and availability of data and services on a computer.

Key Objectives of OS Security:

1. Confidentiality – Keeping Information Private

Only the right people should have access to certain information. If an unauthorized person
gets access, confidentiality is broken.

This includes:
  Data confidentiality: Protecting sensitive data from being accessed by
unauthorized people.
2. Integrity – Keeping Information Accurate and Unchanged
Information should not be changed or tampered with by unauthorized people. If someone
alters the data without permission, its integrity is compromised.

This includes:

 Data integrity: Ensuring that stored and transmitted data remains

unchanged unless modified in an authorized way.
3.Availability – Keeping Information Accessible
Information and resources should always be available when needed. If a system crashes or is
attacked (e.g., a DDoS attack), availability is affected.Authorized users should be able to
access data anytime they need it.

Security Features in an Operating System:

1.User Authentication:

username password / otp / login credentials . prevent from unauthorised access.

2. Memory Protection : every file runs individually in its own space. So that no file can access
each others memory.

3.file protection: encrypts or restricts access to sensitive file,folders.

Q.Explain memory and address protection in detail :

Memory protection is a fundamental feature of an operating system that prevents a process

from accessing memory that has not been allocated to it. This protects the system from
crashes, bugs, and malicious software.

Why Is Memory Protection Needed?

 To prevent unauthorized access to data.

 To stop one process from affecting another.

 To ensure system stability and security.

Memory Protection Techniques :

1. Base and Limit Registers

  Think of this as giving each program its own box of memory.

 The Base is where the memory starts, and Limit is how big the box is.

 The program can only use what's inside its box. If it tries to go outside, the system
says "No!" and blocks it.

2. Segmentation

 Memory is split into sections (like code, data, stack).

 Each section has its own protected space.

 This makes sure one section (like data) doesn't mess with another (like code).

3. Paging

 Memory is broken into equal-sized blocks called pages.

 Pages from your program go into different places in RAM.

4. Virtual Memory

 If your program needs more memory than RAM has, the OS uses the hard disk as
fake RAM.

 This lets your program run smoothly even when memory is tight.

Q.File protection mechanism in OS:

File protection is a fundamental process in the OS. It is one of the most prominent features
of the Operating System . it ensures that unauthorised users cannot access the files /
folders , modify or alter the data present in the file , or location of the file.

Why Do We Need File Protection?

 To keep data safe from accidental or malicious changes.

 To control who can read, write, or execute a file.

 To prevent data leaks or system misuse.

Core objectives of file protection mechanism are:

1. Confidentiality – Keeping Information Private

Only the right people should have access to certain information. If an unauthorized person
gets access, confidentiality is broken.

This includes:

 Data confidentiality: Protecting sensitive data from being accessed by

unauthorized people.
2. Integrity – Keeping Information Accurate and Unchanged
Information should not be changed or tampered with by unauthorized people. If someone
alters the data without permission, its integrity is compromised.

This includes:

 Data integrity: Ensuring that stored and transmitted data remains

unchanged unless modified in an authorized way.
3.Availability – Keeping Information Accessible
Information and resources should always be available when needed. If a system crashes or is
attacked (e.g., a DDoS attack), availability is affected.Authorized users should be able to
access data anytime they need it.

Common File Protection Mechanisms

1. Access Control

This is the most basic protection method.

Each file or folder has a set of permissions based on who is trying to access it:

Action What It Means

Read View the contents of a file

Write Change or delete the contents

Execute Run the file as a program or script

2. User Authentication

 Ensures that only authorized users can log in and access files.

 Usually done through usernames and passwords.

3. Encryption

 Files are converted into unreadable form unless the correct key or password is used.

 Even if someone steals the file, they can’t read it without the key.
Q.Explain user authentication in OS in detail

User authentication is the process by which an operating system verifies the identity of
someone who is trying to access the system. It ensures that only authorized users can log in
and use resources.

It acts like a security guard who checks who you are before letting you in.

🔑 Why is Authentication Important?

 Protects sensitive data

 Prevents unauthorized access

 Ensures accountability (each action is linked to a user)

 Enables access control (users only get what they are allowed)

🔐 Methods of User Authentication in OS

1. Username and Password

 The most common method.

 Each user has:

o A unique username (e.g., yasir123)

o A secret password

 The OS compares the entered password with the one stored securely (often as a
hashed value).

Simple but can be weak if passwords are guessable.

2. Biometric Authentication

 Uses physical traits:

o Fingerprint

o Face recognition

o Iris scan

 Stored biometric data is compared during login.

✅ Fast and hard to fake.

3. Security Tokens

 A small hardware device or smartphone app generates one-time passwords (OTP).

 Used along with username and password.

✅ Adds strong second layer of protection.

4. Smart Cards

 A physical card with embedded chip.

 Inserted into a reader to authenticate user.

How OS Handles Authentication (Steps):

1. User Enters Credentials

→ e.g., username and password

2. Password Verification
→ Compares entered password with the stored hash

3. Authentication Decision

o If valid → Login success, session starts

o If not → Access denied

Factors of authentication:

1. Single Factor Authentication.: Single factor authentication requires only a single type
of authentication to successfully access the data. For Example , Mobile Phones , once
you have entered the pin and if the pin is correct you can access the mobile phone .
2. Two factor authentication: two-factor authentication requires two different phases of
authentication in order to successfully access the data . for example atm . you must
put your debit card first as the first phase of authentication , and then after entering
enough details you have to enter the pin (2nd phase of authentication).

Explain database security in detail:

Database is a repository of information organized in an meaningful way. Database security
refers to the security of database from unauthorized access and unwanted devices.it is done
to protect the data from getting misused, altered and modified. It ensures the
confidentiality, integrity and availability of the data.
Goals of data Security are :

 Confidentiality
 Integrity
 Availability
 Access Control

1.Confidentiality – Keeping Information Private

Only the right people should have access to certain information. If an unauthorized person
gets access, confidentiality is broken.

This includes:

 Data confidentiality: Protecting sensitive data from being accessed by

unauthorized people.
2.Integrity – Keeping Information Accurate and Unchanged
Information should not be changed or tampered with by unauthorized people. If someone
alters the data without permission, its integrity is compromised.

This includes:

 Data integrity: Ensuring that stored and transmitted data remains

unchanged unless modified in an authorized way.
3.Availability – Keeping Information Accessible
Information and resources should always be available when needed. If a system crashes or is
attacked (e.g., a DDoS attack), availability is affected. Authorized users should be able to
access data anytime they need it.

4.. Access Control

This is the most basic protection method.

Each file or folder has a set of permissions based on who is trying to access it:

Action What It Means

Read View the contents of a file

Write Change or delete the contents

Execute Run the file as a program or script

Database Security Techniques:

1. User Authentication
  Verifies user identity before access.

 Methods:

o Passwords

o Biometrics

o Two-factor authentication (2FA)

2. Encryption

 Encrypt sensitive data at rest and in transit.

 Ensures data cannot be read even if accessed illegally.

 Example:

o AES for data encryption

o SSL/TLS for data transmission

Explain multi level database security :

Database is a repository of information organized in an meaningful way. Database security
refers to the security of database from unauthorized access and unwanted devices.it is done
to protect the data from getting misused, altered and modified. It ensures the
confidentiality, integrity and availability of the data.

Multi-Level Database Security (MLS) is a security model used in databases where data is
classified at different security levels This model is commonly used in military, defense, and
government systems.

Security levels in multilevel database security:

Level Description

Top Secret Highest sensitivity data

Secret Sensitive but less than Top Secret

Confidential Restricted data

Unclassified Public or general access data

Goals of data Security are :

 Confidentiality
 Integrity
 Availability
 Access Control

1.Confidentiality – Keeping Information Private

Only the right people should have access to certain information. If an unauthorized person
gets access, confidentiality is broken.

This includes:

 Data confidentiality: Protecting sensitive data from being accessed by

unauthorized people.
2.Integrity – Keeping Information Accurate and Unchanged
Information should not be changed or tampered with by unauthorized people. If someone
alters the data without permission, its integrity is compromised.

This includes:

 Data integrity: Ensuring that stored and transmitted data remains

unchanged unless modified in an authorized way.
3.Availability – Keeping Information Accessible
Information and resources should always be available when needed. If a system crashes or is
attacked (e.g., a DDoS attack), availability is affected. Authorized users should be able to
access data anytime they need it.

4.. Access Control

This is the most basic protection method.

Each file or folder has a set of permissions based on who is trying to access it:

Action What It Means

Read View the contents of a file

Write Change or delete the contents

Execute Run the file as a program or script

List and explain vulnerabilities in windows operating system

Q .Common Vulnerabilities in Windows OS
1. Unpatched Software

 Explanation: Microsoft regularly releases updates to fix bugs and security holes. If
these patches are not installed, the system remains vulnerable.

 Example: WannaCry ransomware exploited an unpatched SMB vulnerability in

Windows.

2. Weak or Default Passwords

 Explanation: Default or easy-to-guess passwords (like admin, 1234) can be easily

cracked.

 Impact: Allows attackers to gain unauthorized access to the system.

3. Remote Desktop Protocol (RDP) Attacks

 Explanation: RDP allows remote access to the desktop. Weak RDP settings can let
attackers brute-force into the system.

MODULE 6:

Explain Web Security: Web security is the practice of protecting websites, web
applications, and online services from cyber threats. It ensures that users' data and
transactions remain confidential, secure, and trustworthy.

Why Web Security Is Important

 Protects user data (passwords, credit cards, etc.)

 Prevents hacking or defacement of websites

 Maintains trust and business reputation

Key Web Security Practices

1.Authentication & Session Management

 Use strong password policies.

 Implement multi-factor authentication (MFA).

 Expire sessions after inactivity.

2. Access Control

 Restrict user permissions.

  Ensure users can only access authorized resources.

3. Regular Updates & Patching

 Keep web servers, databases, CMS, and plugins updated

Q. Explain SSL in detail. :

SSL (Secure Sockets Layer) is a security protocol that creates an encrypted connection
between a web server and a web browser. It ensures that any data passed between them
stays private and secure. SSL & TLS are most widely used web security protocols. SSL 3.0
became obsolete in 2015.-

Why is SSL Used?

SSL is used to:

 Secure sensitive data (like login info, credit cards)

 Prevent eavesdropping or tampering

 Authenticate the identity of websites

 Ensure data integrity during transmission

Types of SSL Protocols :

 Handshake protocol
 Change cipher spec protocol
 Alert protocol
 HTTP
How SSL Works – Step-by-Step

1. Client Hello

 The browser (client) sends a "Hello" message to the server.

 It includes supported encryption algorithms and a random number.

2. Server Hello

 The server responds with:

o Chosen encryption algorithm

o Its SSL certificate

o A server-generated random number

3. Certificate Verification

 The browser checks:

o Is the certificate valid and from a trusted Certificate Authority (CA)?

o Is the website domain matching?

4. Session Key Generation

 Browser generates a session key (symmetric key) and encrypts it using the server’s
public key from the certificate.

 Sends it to the server.

5. Session Key Decryption

 Server uses its private key to decrypt the session key.

 Now both browser and server have the same key.

6. Secure Encrypted Communication

 They now communicate using symmetric encryption (faster than asymmetric).

 All future messages are encrypted using the session key.

An SSL certificate includes:

 Website’s public key

 Domain name

 Organization info
  Certificate Authority (CA)

 Validity period

 Digital signature of CA

Explain SSL Handshake Protocol :

SSL Handshake Protocol is a security protocol that occurs initially after creating a secured
communication between the server and the browser.it sets up a secure communication
between them before any actual data is transferred.

Why Handshake Protocol is Important:

 Ensures privacy
 Prevents hijacking
 Prevents data leakage
 Agreement on Encryption algorithm.

Flowchart of handshake protocol:

Steps for handshake protocol :

1. Browser Hello

 The browser (client) sends a "Hello" message to the server.

 It includes supported encryption algorithms and a random number.

2. Server Hello

 The server responds with:

o Chosen encryption algorithm

 o Its SSL certificate

o A server-generated random number

3. Certificate Verification

 The browser checks:

o Is the certificate valid and from a trusted Certificate Authority (CA)?

o Is the website domain matching?

4. Session Key Generation

 Browser generates a session key (symmetric key) and encrypts it using the server’s
public key from the certificate.

 Sends it to the server.

5. Session Key Decryption

 Server uses its private key to decrypt the session key.

 Now both browser and server have the same key.

6. Secure Encrypted Communication

 They now communicate using symmetric encryption (faster than asymmetric).

 All future messages are encrypted using the session key.

Differentiate between HTTP & HTTPS :

Feature HTTP (HyperText Transfer Protocol) HTTPS (HyperText Transfer Protocol Secure)

1. Full Form HyperText Transfer Protocol HyperText Transfer Protocol Secure

2. Protocol Type Insecure protocol Secure protocol using SSL/TLS

3. Security Data is sent in plain text Data is encrypted and secure

4. Port Used Port 80 Port 443

5. Encryption No encryption Yes, uses SSL/TLS encryption

6. Certificate No certificate required Requires SSL/TLS certificate

7. URL Format Starts with http:// Starts with https://

Feature HTTP (HyperText Transfer Protocol) HTTPS (HyperText Transfer Protocol Secure)

Ensures data is not altered during

8. Data Integrity Not ensured
transmission

Uses digital certificates to verify server

9. Authentication No identity verification
identity

General browsing, less secure Banking, payments, logins, secure

10. Used For
applications communications

Slightly faster (no encryption Slightly slower (due to encryption, but

11. Speed
overhead) minimal)

12. SEO
No SEO boost Google gives ranking boost to HTTPS
Advantage

13. Data Privacy No privacy guarantee Data privacy is ensured

Explain SSH (secure Shell): Secure shell is a network protocol that uses secure remote
access and control of computers over an unsecured network.

It is mainly used by developers and administrators for:

 Remotely login to server

 Transfer file securely
 Execute commands remotely

Why is SSH Secure:

 Integrity: data is not altered or modified

 Encryption: data is transferred securely
 Authentication: only authorised users can access it (with passwords or SSH key pair).

How SSH Works (Simplified Steps)

1. Client Initiates Connection

 The SSH client (e.g., your computer) sends a request to connect to the SSH server
(e.g., remote Linux machine).

2. Server Sends Public Key

 The server sends its public key to the client.

3. Client Verifies Key

  The client checks the key against a known list of trusted servers (or prompts the user
to verify it).

4. User Authentication

 You log in using a:

o Password, or

o SSH key pair (more secure)

5. Encrypted Session Starts

 Once authenticated, all communication is encrypted, and you can:

o Run commands

o Transfer files (via SCP, SFTP)

o Manage the server securely

Session Management :
Session management is the process of starting , handling and
terminating a session between user and a server. It observes the activity and requests made
by user during the session and . whenever a users authenticates and start a session by
accepting its cookies the activities made by user and the requests made by user are
observed where the user moves after login in the site and session can hold the data like
what is in the cart and which part of the website have been visited the most.

Session lifecycle:

1. Authenticate: The user begins to establish a session by authenticating to the webserver or

the application that she is trying to access. This could be any authentication mechanism that
the user has signed up for before such as username and password or biometric.
2. Establish Session: Once the user is successfully authenticated, the session host (webserver
or application) creates a session secret (usually a session ID) and shares it with the client
(browser, OS or the app). The session can have several other information such as user
language preference, location or anything else that the session host requires to deliver a
good user experience.

3. Use: The user can then make several requests to the session host as long as the session is
active and can access the resources as per the authorization she has. On each request, the
client software attaches the session secret (session ID) that was established in the previous
step.

4. Terminate Session: Once the user is done with all the required interactions and has no
further requests to make, then she can terminate the session by logging out. The session can
also terminate by itself due to inactivity to avoid allowing someone else to hijack
an unused session.

Explain Cookie :

Cookies are small text files that are located in the browser to store
information from a browsing session . cookies are used for session management and other
purposes as well . note when ever you authenticate yourself on a website the website send
cookie request when you accept those request the website can now see your login
credentials your activity on the web your cart everything . cookies are not just used to store
information but cookies can identify and understand the user surfing and then personalize it
according to user .

Cookies can store user prefrences and from the next time when user visits the website it
can adapt the behaviuor and directly ask user to restore the pages or go to that page again .

Uses of cookies are :

 Personalization – it adapts users behaviour and personalizes according to it.

 Session tracking – websites can track the session with the help of cookies.
 Authentication – keep users logged in.

A cookie contains:

Field Description

Name The cookie’s identifier (e.g., user_id)

Value The data stored (e.g., 12345)

Field Description

Domain The website that created the cookie

Path URL path where the cookie is valid

Expiration When the cookie expires (or if it's session-based)

Session hijacking:
Session hijacking means when an attacker steals your session id and
o=takes over a valid session . attacker uses this session id and uses the website
impersonating as you.

How it works : whenever you visit an website the website gives browser a valid session id
the attacker steals your session id via (sniffing , XSS) and uses the websites and you wont
even have any idea.

How Attackers Steal Session IDs:

Packet Sniffing -On public Wi-Fi, attacker reads traffic and captures session ID (if not using
HTTPS)

To prevent this use HTTPS or vpn while being on a public wifi .using https will encrypt your
session.

Real life example : you're at a coffee shop logged into a bank on your laptop. If a hacker on
the same Wi-Fi steals your "access ticket" (session ID), they can use it to pretend to be you—
even without knowing your password.

Web bugs :

web bugs are very tiny images on the web pages that are invisible to users. These images
are present on the web pages that collect information.it is a type of malicious code that
allows third party websites to have our data .

These data could be :

 IP Address
 Name
 Host name
 Browser type and version
 User details
 Cookies
 Paths
These bugs are commonly referred as :

 Tracking bug
 Tag
 Web tag
 Page tag
 Pixel tag
 1*1 GIF
 Clear GIF

These bugs could be very small like 1*1 GIF so being invisible to human eye , nut even if it is
visible it doesn’t change and the bug collect and stores data.

Clickjacking: clickjacking is an attack where the user is maliciously tricked into clicking on
something. This something is usually a link . the attacker puts something exciting on the
webpage and on the link of that exciting prize is the link of this mailicious attack.example the
attacker puts an exciting prize on any webpage like ‘ click here to get your free phone reward
by seeing this ome users get trapped and clixk on that link this leads them to an
attack .where the attackers wanted them to visist they just clicked his link and now he has
the access of that device .

One of the most trending and recent clickjacking example is image downloading . the
attacker sends an image on the whatsapp of the client if the persons clicks on the download
icon then the image gets downloaded and now the attacker has full access of the device .

Types of click jaking are :

Like jacking- in the the user has to like at a certsin point.

Cursor jacking – In this the user has to put cursor in the marked area

Cookie jacking – In this the attacker takes the data from a cookie.