<a href="https://colab.research.google.com/github/DartDoesData/python-practice/blob/main/Week_4_Day_1_part_2.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# 🗂️ **Week 4, Day 1 (part 2): Review of Python Data Structures**

In this lesson, we'll dive deeper into Python's core data structures. Understanding these structures is crucial for organizing and manipulating data effectively, especially when working with cybersecurity data.

### Topics Covered:
1. **Lists**: Ordered, mutable collections of items.
2. **Tuples**: Ordered, immutable collections of items.
3. **Dictionaries**: Key-value pairs for storing related data.
4. **Lists of Dictionaries**
5. **Dictionaries of Lists**
6. **Looping Through Data Structures**

## 1. **Lists**

A **list** is an ordered collection of items. Lists are **mutable**, which means you can change their content after creation.

In [None]:
# Example: Creating a list of cybersecurity tools
tools = ['Wireshark', 'Cloudflare', 'Splunk']
print('Cybersecurity Tools:', tools)

# Adding a new tool
tools.append('Snort')
print('Updated Tools List:', tools)

# Modifying an item in the list
tools[0] = 'Aircrack-ng'
print('Modified Tools List:', tools)

# Removing the last item
tools.pop()
print('Final Tools List:', tools)

### 💻 **Activity 1**:
1. Create a list of your any 3 favorite cybersecurity tools.
2. Add two new tools to the list using `.append()` and `.insert()`.
3. Remove a tool from the list using `.remove()` and `.pop()`.
4. Sort the list in alphabetical order and print it.
5. Count the number of tools in the list.

In [None]:
# YOUR CODE HERE

## 2. **Tuples**

A **tuple** is an ordered collection of items, similar to a list, but it is **immutable**. This means once a tuple is created, it cannot be modified.

In [None]:
# Example: Tuple of common port numbers
common_ports = (80, 443, 22, 21)
print('Common Ports:', common_ports)

# Accessing an item in the tuple
print('First Port:', common_ports[0])

### 💻 **Activity 2**:
1. Create a tuple with three common DNS server IP addresses (e.g., Google DNS, Cloudflare DNS).
2. Print the second IP address.
3. Attempt to change one of the IP addresses and observe the error.
4. Count the number of elements in the tuple.
5. Use tuple unpacking to assign each IP address to a separate variable.

In [None]:
# YOUR CODE HERE

## 3. **Dictionaries**

A **dictionary** is a collection of key-value pairs. Each key is unique and used to access the corresponding value.

In [None]:
# Example: Phishing attack details stored in a dictionary
phishing_report = {
    'url': 'http://phishingsite.com/login',
    'target': 'Online Banking',
    'verified': True,
    'submission_time': '2024-11-10T14:30:00'
}
print('Phishing Report:', phishing_report)

# Accessing a value
print('Target:', phishing_report['target'])

### 💻 **Activity 3**:
1. Create a dictionary representing a DDoS attack report (keys: `ip_address`, `attack_type`, `duration_minutes`).
2. Update the `duration_minutes` value and print the updated dictionary.
3. Add a new key-value pair for `mitigation_strategy`.
4. Print all keys and values using `.keys()` and `.values()` methods.
5. Use the `.get()` method to safely access a non-existent key.

In [None]:
# YOUR CODE HERE

## 4. **Lists of Dictionaries**

A **list of dictionaries** is a collection where each item is a dictionary. This is useful for storing multiple items with the same structure, such as logs of network scans.

In [None]:
# Example: Network scan results
network_scans = [
    {'ip': '192.168.1.1', 'status': 'open', 'service': 'HTTP'},
    {'ip': '192.168.1.2', 'status': 'closed', 'service': 'SSH'},
    {'ip': '192.168.1.3', 'status': 'open', 'service': 'FTP'}
]
print('Second Scan Result:', network_scans[1]['service'])

# Adding a new scan result
network_scans.append({'ip': '192.168.1.4', 'status': 'open', 'service': 'DNS'})
print('Updated Network Scans:', network_scans)

### 💻 **Activity 4**:
1. Create a list of dictionaries with information about 3 different firewall logs (keys: `timestamp`, `action`, `source_ip`, `destination_ip`).
2. Print the `source_ip` of the first log entry.
3. Add a new log entry and print the updated list.
4. Loop through the list and print the `action` for each log entry.
5. Filter the list to show only log entries where the action was `blocked`.

In [None]:
# YOUR CODE HERE

## 5. **Dictionaries of Lists**

A **dictionary of lists** is a structure where each key has a list as its value. This is useful when grouping multiple items under a single category, such as different types of cyber attacks.

In [None]:
# Example: Categorizing cyber threats
cyber_threats = {
    'malware': ['Ransomware', 'Adware', 'Spyware'],
    'network': ['DDoS', 'Man-in-the-Middle', 'DNS Spoofing'],
    'social_engineering': ['Phishing', 'Pretexting', 'Baiting']
}
print('Network Threats:', cyber_threats['network'])

# Adding a new threat
cyber_threats['malware'].append('Trojan')
print('Updated Malware Threats:', cyber_threats['malware'])

### 💻 **Activity 5**:
1. Create a dictionary of lists for 3 different cyber response teams (`incident_response`, `threat_hunting`, `forensics`).
2. Print the list of members in the `threat_hunting` team.
3. Add a new member to the `incident_response` team and print the updated list.
4. Loop through the dictionary and print the team name and number of members in each team.
5. Find the longest list of members and print the team name.

In [None]:
# YOUR CODE HERE

## 6. **Looping Through Data Structures**

Python provides ways to loop through lists, tuples, and dictionaries to access and manipulate their elements.

In [None]:
# Example: Looping through a list of cybersecurity tools
tools = ['Wireshark', 'Nmap', 'Metasploit']
for tool in tools:
    print('Tool:', tool)

# Example: Looping through a dictionary of attack details
attack_details = {'type': 'DDoS', 'target': 'Web Server', 'duration_minutes': 120}
for key, value in attack_details.items():
    print(f'{key}: {value}')

### 💻 **Activity 6**:
1. Loop through a list of **firewall rules** and print each rule.
2. Loop through a dictionary of a **network device’s configuration** (keys: `hostname`, `IP address`, `model`) and print each key-value pair.
3. Loop through a list of dictionaries (e.g., the firewall logs from Activity 4) and print the `timestamp` of each blocked log entry.
4. Write a loop to find and print the longest service duration in the `attack_details` dictionary.
5. Create a nested loop to compare entries in two lists and print any matching items.

In [None]:
# YOUR CODE HERE