<a href="https://colab.research.google.com/github/DartDoesData/python-practice/blob/main/Week_4_Day_2_warmup.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# 🗂️ **Week 4, Day 2 (warmup): Review of Python Data Structures**

In this lesson, we'll dive deeper into Python's core data structures. Understanding these structures is crucial for organizing and manipulating data effectively, especially when working with cybersecurity data.

### Topics Covered:
1. **Dictionaries**: Key-value pairs for storing related data.
2. **Lists of Dictionaries**
3. **Dictionaries of Lists**
4. **Looping Through Data Structures**

## 1. **Dictionaries**

A **dictionary** is a collection of key-value pairs. Each key is unique and used to access the corresponding value.

In [None]:
# Example: Phishing attack details stored in a dictionary
phishing_report = {
    'url': 'http://phishingsite.com/login',
    'target': 'Online Banking',
    'verified': True,
    'submission_time': '2024-11-10T14:30:00'
}
print('Phishing Report:', phishing_report)

# Accessing a value
print('Target:', phishing_report['target'])

### 💻 **Activity 1**:
1. Create a dictionary representing a DDoS attack report (keys: `ip_address`, `attack_type`, `duration_minutes`).
2. Update the `duration_minutes` value and print the updated dictionary.
3. Add a new key-value pair for `mitigation_strategy`.
4. Print all keys and values using `.keys()` and `.values()` methods.
5. Use the `.get()` method to safely access a non-existent key.

In [None]:
# YOUR CODE HERE

## 2. **Lists of Dictionaries**

A **list of dictionaries** is a collection where each item is a dictionary. This is useful for storing multiple items with the same structure, such as logs of network scans.

In [None]:
# Example: Network scan results
network_scans = [
    {'ip': '192.168.1.1', 'status': 'open', 'service': 'HTTP'},
    {'ip': '192.168.1.2', 'status': 'closed', 'service': 'SSH'},
    {'ip': '192.168.1.3', 'status': 'open', 'service': 'FTP'}
]
print('Second Scan Result:', network_scans[1]['service'])

# Adding a new scan result
network_scans.append({'ip': '192.168.1.4', 'status': 'open', 'service': 'DNS'})
print('Updated Network Scans:', network_scans)

### 💻 **Activity 2**:
1. Create a list of dictionaries with information about 3 different firewall logs (keys: `timestamp`, `action`, `source_ip`, `destination_ip`).
2. Print the `source_ip` of the first log entry.
3. Add a new log entry and print the updated list.
4. Loop through the list and print the `action` for each log entry.
5. Filter the list to show only log entries where the action was `blocked`.

In [None]:
# YOUR CODE HERE

## 3. **Dictionaries of Lists**

A **dictionary of lists** is a structure where each key has a list as its value. This is useful when grouping multiple items under a single category, such as different types of cyber attacks.

In [None]:
# Example: Categorizing cyber threats
cyber_threats = {
    'malware': ['Ransomware', 'Adware', 'Spyware'],
    'network': ['DDoS', 'Man-in-the-Middle', 'DNS Spoofing'],
    'social_engineering': ['Phishing', 'Pretexting', 'Baiting']
}
print('Network Threats:', cyber_threats['network'])

# Adding a new threat
cyber_threats['malware'].append('Trojan')
print('Updated Malware Threats:', cyber_threats['malware'])

### 💻 **Activity 3**:
1. Create a dictionary of lists for 3 different cyber response teams (`incident_response`, `threat_hunting`, `forensics`).
2. Print the list of members in the `threat_hunting` team.
3. Add a new member to the `incident_response` team and print the updated list.
4. Loop through the dictionary and print the team name and number of members in each team.
5. Find the longest list of members and print the team name.

In [None]:
# YOUR CODE HERE

## 4. **Looping Through Data Structures**

Python provides ways to loop through lists, tuples, and dictionaries to access and manipulate their elements.

In [None]:
# Example: Looping through a list of cybersecurity tools
tools = ['Wireshark', 'Nmap', 'Metasploit']
for tool in tools:
    print('Tool:', tool)

# Example: Looping through a dictionary of attack details
attack_details = {'type': 'DDoS', 'target': 'Web Server', 'duration_minutes': 120}
for key, value in attack_details.items():
    print(f'{key}: {value}')

### 💻 **Activity 4**:


**List of Firewall Rules**
```python
firewall_rules = [
    "Allow TCP from 192.168.1.0/24 to 192.168.2.0/24 on port 80",
    "Deny UDP from 10.0.0.0/8 to any on port 53",
    "Allow ICMP from any to any",
    "Deny all traffic from 172.16.0.0/16",
    "Allow TCP from any to 192.168.1.10 on port 443"
]
```

**Network Device Configuration Dictionary**
```python
network_device_config = {
    "hostname": "Firewall-01",
    "IP address": "192.168.0.1",
    "model": "Cisco ASA 5506-X"
}
```

**Sample List of Firewall Log Entries**
```python
log_entries = [
    {
        "timestamp": "2024-11-09 14:35:21",
        "action": "blocked",
        "source_ip": "192.168.1.5",
        "destination_ip": "10.0.0.25",
        "service": "HTTP"
    },
    {
        "timestamp": "2024-11-09 14:20:10",
        "action": "allowed",
        "source_ip": "192.168.1.12",
        "destination_ip": "10.0.0.40",
        "service": "HTTPS"
    },
    {
        "timestamp": "2024-11-09 13:45:55",
        "action": "blocked",
        "source_ip": "192.168.1.30",
        "destination_ip": "10.0.0.50",
        "service": "SSH"
    }
]
```

**Attack Details Dictionary**
```python
attack_details = {
    "attack_1": {"type": "DDoS", "duration_minutes": 120},
    "attack_2": {"type": "Phishing", "duration_minutes": 45},
    "attack_3": {"type": "Malware", "duration_minutes": 180},
    "attack_4": {"type": "Ransomware", "duration_minutes": 240}
}
```

**Two Lists of IP Addresses for Comparison**
```python
list_a = ["192.168.1.1", "192.168.1.2", "192.168.1.3", "192.168.1.4", "192.168.1.5"]
list_b = ["192.168.1.3", "192.168.1.4", "192.168.1.5", "192.168.1.6", "192.168.1.7"]
```

Given this sample data (or data of your choosing), carry out the following tasks:
1. Loop through a list of **firewall rules** and print each rule.
2. Loop through a dictionary of a **network device’s configuration** (keys: `hostname`, `IP address`, `model`) and print each key-value pair.
3. Loop through a list of dictionaries (e.g., the firewall logs from Activity 4) and print the `timestamp` of each blocked log entry.
4. Write a loop to find and print the longest service duration in the `attack_details` dictionary.
5. Create a nested loop to compare entries in two lists and print any matching items.

In [None]:
# YOUR CODE HERE