Google Android Developer & Palo Alto

Cybersecurity

An Internship Report submitted in partial

fulfillment of the requirements
for the award of the degree of

Bachelor of technology
In
Computer Science & Engineering

by
SRAVANA KUMAR NAMPALLI
Reg. NO 21H71A05I0

OFFERED BY

AICTE- EDUSKILLS-AWSACADEMY

Department of Computer Science & Engineering

DVR & Dr. HS

MIC College of Technology

(Autonomous)
Kanchikacherla– 521180, NTR Dist., Andhra Pradesh

March 2025
i
 CERTIFICATE

This is to certify that the Internship Report entitled “Google Android Developer
& Palo Alto Cybersecurity Internship” submitted by Sravana Kumar.
NAMPALLI(21H71A05I0), to the DVR & Dr. HS MIC College of Technology
in partial fulfillment of the requirements for the award of the Degree of Bachelor
of Technology in Computer Science & Engineering is a bonafide record of
work.

Internship Coordinator Head of the Department

Examiner 1 Examiner 2

ii
Certificate of Internship:

iii
iv
v
 ACKNOWLEDGEMENT

The satisfaction that accompanies the successful completion of any task would
be incomplete without the mention of the people who made it possible and whose
constant guidance and engagement crown all the efforts with success. I thank our
college management and respected Sri D. PANDURANGA RAO, CEO for
providing us the necessary infrastructure to carry out the Internship.

I express my sincere thanks to Dr. T. Vamsee Kiran, Principal who has been a
great source of inspiration and motivation for the internship program.

I profoundly thank Dr. D. Prasad, Head of Department, Computer Science

and Engineering for permitting me to carry out the internship.

I am thankful to the AICTE and EduSkills for enabling me an opportunity to

carry out the internship in such a prestigious organization.

I am thankful to our Internship Coordinator Dr. S Babu Rajendra Prasad,

Associate Professor, Department of CSE for their internal support and
professionalism who helped us in completing the internship on time.

I take this opportunity to express our thanks to one and all who directly or
indirectly helped me in bringing this effort to present form.

Finally, my special thanks go to my family for their continuous support and help
throughout and for their continual support and encouragement for the completion
of the Internship on time.

vi
 ABSTRACT

The All India Council for Technical Education (AICTE) has partnered with
Google for Developers to offer a virtual internship program on Android
Application Development. The program is designed to help students develop the
skills they need to become Android developers and to prepare them for the
workforce.

Google for Developers is a program that provides developers with access to

Google's tools, resources, and support to help them build innovative applications
and experiences.

The program will be delivered with edtech company India Edu Program
Educational Services Pvt.Ltd through their career readlines platform-India Edu
Program.

The program is a great opportunity for students to learn how to develop Android
apps and to gain valuable industry experience.

Palo Alto Networks offers an enterprise cybersecurity platform that provides

network security, cloud security, endpoint protection, and various cloud-delivered
security services. It is one such vendor that offers a comprehensive and easy-to-
use set of firewalls and also provides next-generation firewalls (NGFW) giving
the security teams complete visibility and control over all networks using
powerful traffic identification, malware prevention, and threat intelligence
technologies.
The three pillars of Palo Alto networks strategy are
• Visibility and access control
• Data loss protection
• Threat Prevention
vii
 INDEX

S.NO CONTENTS PAGE NO.

1 Introduction 1

2 Android Development Models 3

2.1Setting Up Development Environment 3

2.2 Android Building Blocks 4

2.3 User Interface(UI) 7

2.4. Networking 8

2.5. Debugging And Testing 9

2.6. Deploying The App 11

3 Badges Earned 12

4 Cybersecurity Networks 14

4.1 Introduction to Cybersecurity 14

4.2 Fundamentals of Network Security 21

4.3 Fundamentals of Cloud Security 24

4.4 The Fundamentals of SOC (Security 25

Operations Centre)

5 Conclusion 26

viii
 1.INTRODUCTION

Android development is the process of creating applications for devices running

the Android operating system. Android is an open-source operating system, which
means that it is free to use and modify. This has led to a large and active
community of developers who are constantly creating new and innovative
applications for Android devices.

Why Android development?

There are many reasons why Android development is a popular choice for
developers. Some of the most common reasons include:

Open-source: Android is an open-source operating system, which means that it is

free to use and modify. This makes it a more accessible platform for developers
than some other platforms.

Easy to learn: Android development is relatively easy to learn, especially if you

have experience with Java or Kotlin. There are many resources available to help
you learn Android development, including online tutorials, books, and courses.

What does a Android Developer do?

• Designing and developing Android apps: Android developers are

responsible for the entire app development process, from conception and
design to coding and testing. They work closely with designers and product
managers to understand the user experience (UX) and user interface (UI)
requirements for the app.
• Writing code: Android developers use Java or Kotlin, the official
programming languages for Android development, to write the code for
their apps. They also use various Android SDK libraries and tools to
implement features and functionality.

1
 Introduction Palo Alto Networks

Palo Alto Networks offers an enterprise cybersecurity platform that provides

network security, cloud security, endpoint protection, and various cloud-delivered
security services. Palo Alto Networks is one such vendor that offers a
comprehensive and easytouse set of firewalls, including NGFWs and Web
Application and API Security platform, which includes a built-in WAF. Palo Alto
has a dedicated management interface, which makes it easy to manage the device
and handle the initial configuration. It has fantastic throughput, and its connection
speed is pretty fair, even when dealing with a high-traffic load. With Palo Alto, I
can configure and manage with REST API integration. Palo Alto Networks
NextGeneration Firewalls (NGFW) give security teams complete visibility and
control over all networks using powerful traffic identification, malware
prevention, and threat intelligence technologies.

• Cybersecurity is the protection of internet-connected systems such

as hardware, software, and data from cyber threats.
• The practice is used by individuals and enterprises to protect
against unauthorized access to data centers and other
computerized systems.
• Cybersecurity is crucial because it safeguards all types of data
against theft and loss.

2
 2.ANDROID DEVELOPMENT MODULES

2.1 Setting Up Development Environment

Setting up a development environment for Android development is an essential

step in creating Android applications. The environment provides the necessary
tools and resources to write, compile, and test your apps. Here's a step-by-step
guide on setting up your Android development environment:

1. Install Java Development Kit (JDK): Java is the primary programming

language for Android development. Download and install the latest
version of Java JDK from Oracle's website. Set the JAVA_HOME
environment variable to point to the JDK installation directory.

2. Install Android Studio: Android Studio is the official integrated

development environment (IDE) for Android development. It provides
a comprehensive set of tools for writing, editing, debugging, and testing
Android apps. Download and install the latest version of Android Studio
from the Android Developer website.

3. Configure Android Studio: Launch Android Studio and follow the setup
wizard to configure the IDE. You'll need to choose a default installation
location, create an AVD (Android Virtual Device), and accept the
licensing agreements.

4. Install Android SDK (Software Development Kit): The Android SDK

provides the core libraries and tools for developing Android apps.
Android Studio comes with a built-in SDK manager, which you can use
to install and manage the SDK components. Open the SDK Manager

3
 from Android Studio and install the latest version of the Android SDK
Platform and Build-Tools.

5. Set up Android AVD (Android Virtual Device): An Android Virtual

Device (AVD) is a software emulation of an Android device that allows
you to test and debug your apps without the need for a physical device.
Create an AVD in Android Studio by specifying the desired Android API
level, device type, and resolution.

2.2 Android Building Blocks

Android building blocks are the fundamental components that form the
foundation of Android applications. These building blocks provide the essential
tools and resources needed to create and manage Android apps, ensuring they
function seamlessly and deliver a rich user experience. Here's an overview of the
core Android building blocks:
Main Android Building Blocks
1. Activities: Activities are the fundamental building blocks of the
Android user interface. They represent individual screens or states
within an application, providing the layout and functionality for each
screen. Activities manage the lifecycle of an application's screens,
handling user interactions, data processing, and navigation between
different screens.
2. Services: Services are background processes that run independently of
the user interface. They perform tasks that don't require direct user
interaction, such as background music playback, network data
fetching, or scheduled tasks. Services can interact with activities and
other components to provide essential functionalities.
3. Broadcast Receivers: Broadcast receivers listen for and respond to
system-wide events, such as incoming SMS messages, device reboots,
4
 or connectivity changes. They allow applications to react to these
events and perform appropriate actions, such as displaying
notifications or updating data.
4. Content Providers: Content providers manage and share data
between different applications. They provide a standardized interface
for accessing, modifying, and sharing data, enabling applications to
share information with each other and maintain data consistency across
different apps.
5. AndroidManifest.xml: The AndroidManifest.xml file is a crucial
configuration file that describes the application's components,
permissions, and capabilities. It provides the Android system with
essential information about the app, such as its name, launcher icon,
required permissions, and supported features. 12
6. Intents: Intents are messaging objects that facilitate communication
between different components within an application or between
different applications. They specify actions to be performed and can
carry data along with them, enabling components to exchange
information and trigger actions.
7. Resources: Resources are the non-code assets of an application, such
as images, audio files, layouts, and strings. They are stored in separate
directories and accessed using resource identifiers. Resources provide
a centralized way to manage and reuse application assets, ensuring
consistent presentation and functionality

Activity Lifecycles:
The Android activity lifecycle refers to the different states that an activity can
transition through during its lifespan, from its creation to its destruction. Each
state represents a specific phase in the activity's existence, and it triggers
corresponding callback methods that developers can implement to manage the
activity's behaviour accordingly.
5
The Core Activity Lifecycle States:

1. onCreate( ) This method is called when the activity is first created. It's
the starting point for the activity's lifecycle, where developers initialize
the activity's components, set up its layout, and perform initial data
loading.
2. onStart( ) This method is called when the activity is about to become
visible to the user. The activity is not yet interacting with the user at this
stage, but it is ready to receive user input and perform actions.
3. onResume( ) This method is called when the activity becomes visible
to the user and starts interacting with them. It's the primary state where
the activity is actively responding to user interactions, handling events,
and updating the UI.
4. onPause( ) This method is called when the activity is partially obscured
by another activity or when it loses focus due to user actions, such as
pressing the back button or switching to a different app. The activity is
still partially visible, but it's no longer the primary focus.
5. onStop() This method is called when the activity is completely hidden
from the user's view. The activity is no longer visible or interacting with
the user, and it may be temporarily destroyed to conserve system
resources.
6. onDestroy() This method is called when the activity is finally destroyed
and removed from memory. All resources associated with the activity
are released, and the activity's lifecycle comes to an end.

6
2.3 User Interface(UI)
The user interface (UI) is a crucial aspect of any Android application, as it serves
as the primary point of interaction between the app and its users. A well-designed
UI can enhance the user experience, making the app intuitive, easy to use, and
enjoyable to interact with. Key Principles of Android UI Design
1. Material Design: Android follows the Material Design guidelines, a
comprehensive set of principles for creating user interfaces that are
appealing, consistent, and functional across various Android devices.
These guidelines provide recommendations for layout, typography,
colour palettes, and animation, ensuring a cohesive user experience.
2. User-Centered Design: Prioritize the user's needs and preferences
throughout the design process. Understand how users will interact
with the app, identify their goals, and design the UI accordingly.
Conduct user testing to gather feedback and refine the UI based on
real-world usage.
3. Simplicity and Clarity: Strive for a simple and uncluttered UI that is
easy to navigate and understand. Avoid overwhelming users with too
many options or complex layouts. Use clear and consistent labels,
icons, and visual cues to guide users through the app.
4. Consistency and Predictability: Maintain consistency in UI
elements, layout patterns, and interactions across different screens and
functionalities within the app. This consistency creates a sense of
familiarity and predictability for users, enhancing their overall
experience.
5. Responsiveness and Performance: Ensure that the UI responds
promptly to user interactions and provides smooth performance across
various Android devices. Optimize UI elements, use efficient code,
and consider device capabilities to ensure a seamless user experience.

7
2.4. Networking
Networking is an essential aspect of Android development, as it enables
applications to communicate with remote servers, fetch data from the internet,
and perform tasks that require accessing resources beyond the device itself.
Android provides various tools and libraries to handle network operations
efficiently and securely. Core Networking Concepts in Android
1. HTTP (Hypertext Transfer Protocol): HTTP is the foundation of
web communication, defining how data is exchanged between web
servers and clients. Android applications use HTTP to send and receive
data from servers, enabling them to access web content, perform
authentication, and exchange information.
2. Sockets: Sockets provide a low-level mechanism for establishing
direct network connections between devices. Android applications can
use sockets for specialized communication scenarios, such as peer-to-
peer communication or real-time data streaming.
3. Networking Libraries: Android offers various networking libraries,
such as Ok-Http and Volley, which simplify and streamline network
operations. These libraries provide higher-level abstractions for
making HTTP requests, handling responses, and managing network
connectivity.
4. Asynchronous Networking: Network operations are typically
performed asynchronously, meaning they don't block the main thread
and allow the application to remain responsive while waiting for
network responses. This ensures a smooth user experience and
prevents the app from freezing while waiting for network data.
5. JSON (JavaScript Object Notation): JSON is a lightweight data-
interchange format commonly used for exchanging data between web
applications. Android applications often use JSON to parse and
interpret data retrieved from servers, allowing them to extract.
8
2.5. Debugging And Testing
Debugging : Debugging is an essential part of the development process,
especially when it comes to Android development. It involves identifying and
resolving issues that arise during the development or testing of an Android
application. Effective debugging helps ensure that the app functions as intended,
providing a smooth and bug-free experience for users.

Key Aspects of Debugging in Android Development

1. Identifying and Reproducing Issues: The first step in debugging is to

identify and reproduce the specific issue or bug that is occurring. This
often involves understanding the symptoms of the problem, observing
user interactions, and analysing crash logs or error messages.
2. Setting Breakpoints: Breakpoints allow developers to pause the
execution of the code at specific points in the application's lifecycle.
This enables them to inspect the state of variables, examine the call
stack, and identify the source of the issue.
3. Logging and Inspection: Logging statements can be inserted into the
code to print messages or variable values to the console. This provides
valuable information about the app's behaviour and helps narrow down
the source of the problem.
4. Using Debugger Tools: Android Studio provides a built-in debugger
that allows developers to step through the code line by line, inspect
variables, and visualize the app's state.
5. Testing and Verification: After making changes to address the issue,
it's crucial to thoroughly test the app again to ensure the bug has been
fixed and no new issues have been introduced.

9
Testing : Testing is an integral part of the software development process, and
Android development is no exception. Testing ensures that Android applications
function as intended, meet user expectations, and are free from defects. A
comprehensive testing strategy involves different types of testing to cover
various aspects of the application.

Types of Testing in Android Development:

1. Unit Testing: Unit testing focuses on individual components or units of

code, ensuring that each unit functions correctly in isolation. Unit tests are
typically written by developers using testing frameworks like JUnit or
Mockito.
2. Integration Testing: Integration testing verifies how different
components of the application interact with each other. It ensures that the
components work together seamlessly and that the overall system
functions as intended.
3. UI Testing: UI testing focuses on the user interface (UI) of the
application, ensuring that the UI elements are displayed correctly, respond
to user interactions appropriately, and provide a consistent user
experience. UI testing can be automated using tools like Espresso or
Robotium.
4. Functional Testing: Functional testing verifies that the application's
features and functionalities work as expected. It covers the application's
behaviour from the user's perspective, ensuring that the app meets its
intended purpose and full fills user requirements.
5. Performance Testing: Performance testing evaluates the application's
performance under various workloads and conditions. It measures factors
like response times, resource utilization, and scalability to ensure the app
can handle real-world usage scenarios.

10
2.6. Deploying The App
Deploying an Android application involves the process of making the app
available to users, either through the Google Play Store or other distribution
channels. It encompasses several steps, including preparing the app for
deployment, building the app for release, and publishing it to the target platform.
Preparation for Deployment:
1. Signing the App: App signing involves using a digital certificate to sign
the app's release-ready APK (Android Package) file. This ensures the
app's authenticity and integrity, preventing unauthorized modifications
or distribution.
2. Versioning: Assign a version number to the app, which helps track
different releases and identify the current version installed on users'
devices.
3. Release Notes: Prepare release notes that outline the changes made in
the new version, bug fixes, and any important information for users.
4. Proguard Configuration: Configure Proguard, a code obfuscation
tool, to optimize the app's release build, reducing its size and improving
performance.

11
3.BADGES EARNED

12
13
 4.Cybersecurity Networks

• Introduction to Cybersecurity
• Fundamentals of Network Security
• Fundamentals of Cloud Security
• The Fundamentals of SOC (Security Operations Centre)

4.1 Introduction to Cybersecurity

It introduces the fundamentals of cybersecurity, including the concepts needed to

recognize and potentially mitigate attacks against home networks and mission-
critical infrastructure.

14
In the introduction to cybersecurity, we learn 5 types. They are

• Cybersecurity Landscape
• Cyberattack Types
• Cyberattack Techniques
• APTs and Wi-Fi Vulnerabilities
• Security Models

Cybersecurity Landscape

The modern cybersecurity landscape is a rapidly evolving hostile environment

with advanced threats and increasingly sophisticated threat actors. It describes the
current cybersecurity landscape, explains SaaS application challenges, describes
various security and data protection regulations and standards, identifies
cybersecurity threats and attacker profiles, and explains the steps in the
cyberattack lifecycle.

Modern Computing Trends

The nature of enterprise computing has changed dramatically over the past
decade. It changes to the web 2.0 to web 3.0. The vision of Web 3.0 is to return
the power of the internet to individual users, in much the same way that the
original Web 1.0 was envisioned. To some extent, Web 2.0 has become shaped
and characterized, if not controlled, by governments and large corporations
dictating the content that is made available to individuals and raising many
concerns about individual security, privacy, and liberty. In web 3.0, we have AI
and Machine Learning, Blockchain, Data Mining, Mixed Reality, and Natural
Language Search.

Introduction to SaaS

Data is located everywhere in today’s enterprise networks, including in many

locations that are not under the organization’s control. New data security

15
challenges emerge for organizations that permit SaaS use in their networks. With
SaaS applications, data is often stored where the application resides – in the cloud.
Thus, the data is no longer under the organization’s control, and visibility is often
lost. SaaS vendors do their best to protect the data in their applications, but it is
ultimately not their responsibility. Just as in any other part of the network, the IT
team is responsible for protecting and controlling the data, regardless of its
location.

SaaS Application Risks

The average employee uses at least eight applications. As employees add and use
more SaaS apps that connect to the corporate network, the risk of sensitive data
being stolen, exposed or compromised increases. It is important to consider the
security of the apps, what data they have 5 access to, and how employees are
using them. Because of the nature of SaaS applications, their use is very difficult
to control – or have visibility into – after the data leaves the network perimeter.
This lack of control presents a significant security challenge: End users are now
acting as their own “shadow” IT department, with control over the SaaS
applications they use and how they use them. Click the arrows for more
information about the inherent data exposure and threat insertion risks of SaaS.
In SaaS is used Malicious Outsiders, Malicious Insiders, Accidental Data
Exposure, Accidental Share, Promiscuous Share, and Ghost Share.

16
Attacker Profiles
News outlets are usually quick to showcase high-profile attacks, but the sources
of these attacks are not always easy to identify. Each of the different attacker types
or profiles generally has a specific motivation for the attacksthey generate. Here
are some traditional attacker profile types. Because these different attacker
profiles have different motivations, information security professionals must
design cybersecurity defenses that can identify the different attacker motivations
and apply appropriate deterrents. Click the arrows for more information about the
profile type of each attacker.

Cyberattack Types

Attackers use a variety of techniques and attack types to achieve their objectives.
Malware and exploits are integral to the modern cyberattack strategy. This lesson
describes the different malware types and properties, the relationship between
vulnerabilities and exploits, and how modern malware plays a central role in a
coordinated attack against a target. This lesson also explains the timeline for
eliminating a vulnerability.

17
Malware

Malware usually has one or more of the following objectives: to provide a remote
control for an attacker to use an infected machine, to send spam from the infected
machine to unsuspecting targets, to investigate the infected user’s local network,
and to steal sensitive data. Malware is varied in type and capabilities. Let us
review several malware types those are Logic Bombs, Rootkits, Backdoors, Anti-
AV, etc….

Advanced or modern malware leverages networks to gain power and resilience.

Modern malware can be updated—just like any other software application—so
that an attacker can change course and dig deeper into the network or make
changes and enact countermeasures.

Ransomware

Ransomware is malware that locks a computer or device (locker ransomware) or

encrypts data (crypto-ransomware) on an infected endpoint with an encryption
key that only the attacker knows, thereby making the data unusable until the
victim pays a ransom (usually in cryptocurrency such as Bitcoin). Reve ton and
Locker are two examples of locker ransomware, while Locky, Tesla
Crypt/Encrypt, Crypto locker, and Crypto wall are examples of crypto
ransomware.

Cyberattack Techniques

Attackers use a variety of techniques and attack types to achieve their objectives.
Spamming and phishing are commonly employed techniques to deliver malware
and exploits to an endpoint via an email executable or a web link to a malicious
website. Once an endpoint is compromised, an attacker typically installs back
doors, remote access Trojans (RATs), and other malware to ensure persistence.
This lesson describes spamming and phishing techniques, how bots and botnet’s
function, and the different types of botnets.

18
Phishing Attacks

We often think of spamming and phishing as the same thing, but they are separate
processes, and they each require mitigations and defenses. Phishing attacks, in
contrast to spam, are becoming more sophisticated and difficult to identify. In
phishing attacks there are some types those are Spear Phishing, Whaling,
Watering Hole, and Pharming.

19
Security Models

The goal of a security model is to provide measurable threat prevention through

trusted and untrusted entities.

This can be a complicated process, as every security model will have its
customizations, and many variables need to be identified. This lesson describes
the core concepts of a security model and why the model is important, the
functions of a perimeter-based security model, the Zero Trust security model
design principles, and how the principle of least privilege applies to the Zero Trust
security model.

Zero Trust Security Model

The Zero Trust security model addresses some of the limitations of perimeter-
based network security strategies by removing the assumption of trust from the
equation. With a Zero Trust model, essential security capabilities are deployed in
a way that provides policy enforcement and protection for all users, devices,
applications, and data resources, as well as the communications traffic between
them, regardless of location. There are a few types those are No Default Trust,
Monitor and Inspect, and Compartmentalize.

20
4.2 Fundamentals of Network Security

This training introduces someone with no prior knowledge of the fundamentals

of network security including concepts they must understand to recognize and
potentially defend home networks and mission-critical infrastructure. In
Fundamentals of Network Security, there are 5 types are

• The Connected Globe

• Addressing and Encapsulation

• Network Security Technologies

• Endpoint Security and Protection

• Secure the Enterprise

The Connected Globe

In this, we will discuss how hundreds of millions of routers deliver Transmission

Control Protocol/Internet Protocol (TCP/IP) packets using various routing
protocols across local-area networks and wide-area networks. We also will
discuss how the Domain Name System (DNS) enables internet addresses, such as
www.facebook.com, to be translated into routable IP addresses.

21
The Net

In the 1960s, the U.S. Défense Advanced Research Projects Agency (DARPA)
created ARPANET, the precursor to the modern internet. ARPANET was the first
packet-switched network. A packet-switched network breaks data into small
blocks (packets), transmits each packet from node to node toward its destination,
and then reassembles the individual packets in the correct order at the destination.
The ARPANET evolved into the internet (often referred to as the network of
networks) because the internet connects multiple local area networks (LAN) to a
worldwide 10 wide area network (WAN) backbone. Today billions of devices
worldwide are connected to the Internet and use the transport communications
protocol/internet protocol (TCP/IP) to communicate with each over a packet-
switched network. Specialized devices and technologies such as routers, routing
protocols, SD-WAN, the domain name system (DNS), and the world wide web
(WWW) facilitate communications between connected devices.

Internet of Things (IoT)

With almost five billion internet users worldwide in 2022, which represents well
over half the world’s population, the internet connects businesses, governments,
and people across the globe. Our reliance on the internet will continue to grow,
with nearly 30 billion devices “thing” – including autonomous vehicles,
household appliances, wearable technology, and more – connecting to the internet
of things (IoT) and nearly nine billion worldwide smartphone subscriptions that
will use a total of 160 EB of monthly data by 2025. IoT connectivity technologies
are broadly categorized into five areas: cellular, satellite, short-range wireless,
low-power WAN and other wireless WAN, and Identity of Things (IDOT).

22
Addressing and Encapsulation

It describes the functions of physical, logical, and virtual addressing in

networking, IP addressing basics, subnetting fundamentals, OSI and the TCP/IP
models, and the packet lifecycle.

TCP/IP Overview

In cybersecurity, you must understand that applications sending data from one
host computer to another host computer will first segment the data into blocks
and will then forward these data blocks to the TCP/IP stack for transmission. The
TCP stack places the block of data into an output buffer on the server and
determines the maximum segment size of individual TCP blocks permitted by the
server operating system. The TCP stack then divides the data blocks into 11
appropriately sized segments, adds a TCP header, and sends the segment to the IP
stack on the server. The IP stack adds source and destination IP addresses to the
TCP segment and notifies the server operating system that it has an outgoing
message that is ready to be sent across the network. When the server operating
system is ready, the IP packet is sent to the network adapter, which converts the
IP packet to bits and sends the message across the network.

Virtual Private Networks

A VPN creates a secure, encrypted connection (or tunnel) across the internet
between two endpoints. A client VPN establishes a secure connection between a
user and an organization's network. A site-to-site VPN establishes a secure
connection between two organizations' networks, usually geographically
separated. VPN client software is typically installed on mobile endpoints, such as
laptop computers and smartphones, to extend a network beyond the physical
boundaries of the organization. The VPN client connects to a VPN server, such
as a firewall, router, or VPN appliance (or concentrator). After a VPN tunnel is

23
established, a remote user can 13 access network resources, such as file servers,
printers, and Voice over IP (VoIP) phones, as if they were physically in the office.

4.3 Fundamentals of cloud security

It shows that someone with no prior knowledge of the fundamentals of cloud

security including concepts they must understand to recognize threats and
potentially defend data centers, 16 enterprise networks, and small office/home
office (SOHO) networks from cloud-based attacks. In the Fundamentals of cloud
security, we have a few types those are

• Cloud Computing
• Cloud Native Technologies
• Cloud Native Security
• Hybrid Data Centre Security
• Prisma Access SASE Security
• Prisma SaaS
• Prisma Cloud Security

24
4.4 The Fundamentals of SOC (Security Operations Centre)

The Fundamentals of Security Operations Centre training is a high-level

introduction to the general concepts of SOC and SecOps. It will introduce the
Security Operations framework, people, processes, and technology aspects
required to support the business, the visibility that is required to defend the
business, and the interfaces needed with other organizations outside of the SOC.

• The life of a SOC Analyst 20

• Business
• People
• Processes
• Interfaces
• Visibility
• Technology
• SOAR
• SOAR Solution

25
 5.CONCLUSION

Throughout my Android development internship, I gained valuable hands-on

experience in the field of mobile app development.. I also gained valuable
insights into the software development lifecycle, from planning and design to
testing and deployment. Additionally, I had the opportunity to collaborate with
experienced developers and learn from their expertise, which further enhanced
my understanding of the field. Overall, my Android development internship was
an incredibly rewarding experience that provided me with the practical skills and
knowledge I need to succeed in this industry.

I have gained knowledge of cybersecurity, fundamentals of network security,

cloud security and SOC. These courses helped me to understand the overview of
threat landscape and use various tools and technology to defend todays
cyberattacks.

I could identify different malware types and understand cyberattack techniques,

spamming and how phishing attacks are performed. I identified the capabilities
of Palo Alto Networks prevention first architecture. Various security models
helped me understand how all these security attacks can be avoided.

All the four courses helped me gain knowledge in cybersecurity operations, cloud
computing models, potential to defend home networks and mission critical
infrastructure. It was delightful as it helped me develop skills in rapidly changing
technologies. This raised my interest in cybersecurity and to pursue a career in
cybersecurity platform.

26