Week 1
Introduction
Motivational Lecture
Course Introduction
Success stories
Job market
Course Applications
Institute/work ethics
Introduction to Cybersecurity
Objectives
Roles
Differences between Information security and cybersecurity
What is Cyberspace?
What is Cyber security?
Why is Cyber security Important?
What is a Hacker?
Home Assignment
Week 2
Footprinting and Reconnaissance
Describe the elements of information security
Explain information security threats and attack vectors
Describe the hacking concepts, types, and phases
Explain the ethical hacking concepts and scope
Understand the information security controls (information defense-in-depth,policies, procedures, awareness, physical management process, and risk
Understand the penetration testingprocess
Week 3
Scanning Networks &Enumeration
Describe the network scanning concepts
Use various scanning tools
Perform scanning to check for live systems and open ports
Perform scanning by using various scanning techniques
Scan beyond intrusion detection system (IDS) and firewall
Perform banner grabbing
Draw network diagrams using network discovery tools
Perform scanning penetration testing
Describe the enumeration concepts
Explain different techniques for Netbios enumeration
Explain different techniques for SNMP enumeration
Explain different techniques for LDAP enumeration
Explain different techniques for NTP enumeration
Explain different techniques for SMTP and DNS enumeration
Explain other enumerations such as IPsec, VolP, RPC, and Linux/Unix enum
Apply enumeration countermeasures
Perform enumeration penetration testing
Week 4
Seminar
Week 5
Vulnerability Analysis
Describe vulnerability assessment
Describe about vulnerability management life cycle (vulnerability assessment
Understand different approaches of vulnerability assessment solutions
Describe different characteristics of good vulnerability assessment solutions
Explain different types of vulnerability assessment tools
Choose an appropriate vulnerability assessment tools
Understand vulnerability scoring systems
Use various vulnerability assessment tools
Generate vulnerability assessment reports
Week 6
Systems Hacking Describe the Hacking Methodology
Explain different techniques to gain access to the system
Apply privilege escalation techniques
Explain different techniques to create and maintain remote access to the system
Describe different types of rootkits
Explain steganography and steganalysis techniques
Apply different techniques to hide the evidence of compromise
Perform system hacking penetration testing
Week 7
Malware Threats
Describe the concepts of malware and malware propagation techniques
Describe the concepts of Trojans, their types, and how they infect systems
Explain the concepts of viruses, their types, and how they infect fi
Explain the concept of computer worms
Perform malware analysis
Explain different techniques to detect malware
Apply malware countermeasures
Perform malware penetration testing
Week 8
Sniffing & Session Hijacking
Describe the sniffing concepts
Explain different MAC attacks
Explain different DHCP attacks
Describe the ARP poisoning
Explain different MAC spoofing tracks
Describe the DNS poisoning
Use different sniffing tools
Apply sniffing countermeasures
Apply various techniques to detect sniffing
Perform sniffing penetration testing
Week 9
Social Engineering
Describe the social engineering concepts
Perform social engineering using various techniques
Describe insider threats
Perform impersonation on social networking sites
Describe identity theft
Apply social engineering countermeasures
Apply insider threats and identity theft countermeasures
Perform social engineering penetration testing
Week 10
Denial of Service
Describe the DoS/DD0S concepts
Perform DoS/DDOS using various attack techniques
Describe Botnets
Describe DoS/DDOS case studies
Explain different DoS/DDoS attack tools
Apply best practices to mitigate DdoS/DD0S attacks
Perform DoS/DDOS penetration testing
Week 11
Session Hijacking
Describe the session hijacking concaps
Perform application level sesionhpcing
Perform network lewl session hijacking
Apply different session hijacking tools
Apply session hijacking countermeasures
Perform session hijacking penetration testing
Week 12
Evading IDS, Firewalls and Honeypots
Describe IDS, firewall, and honeypot concepts
Use different IDs, firewall and honeypot solutions
Explain different techniques to bypass IDS
Explain various techniques to bypass firewalls
Use different IDS/firewall evading tools
Explain different techniques to detect honeypots
Apply IDS/firewall evasioncountermeasures
Perform IDS and firewall penetration testing
Week 13
Hacking web servers
Hacking web servers
Describe the web server concepts
Perform various web server attack
Describe about web server attack methodology
Use different web server attack tools
Apply web server attack countermeasures
Describe the patch management concepts
Use different web server security tools
Perform web server penetration testing
Week 14
Hacking Web Applications&SQL Injection
Describe web application concepts
Perform various web application attacks
Describe about web application hacking methodology
Use different web application hacking tools
Apply web application attacks countermeasures
Use different web application security testing tools
Perform web application penetration testing
Describe the SQL injection concepts
Perform various types of SQL injection attacks
Describe SQL injection methodology
Use different SQL injection tools
Explain different IDS evasion techniques
Apply SQL injection countermeasures
Use different SQL injection detection tools
Week 15
Mid-Term Assignment
Week 16
Hacking Wireless Network
Describe wireless concepts
Explain different wireless encryption algorithms
Describe wireless threats
Describe wireless hacking methodology
Use different wireless hacking tools
Describe Bluetooth hacking techniques
Apply wireless hacking countermeasures
Use different wireless security tools
Perform wireless penetration testing
Week 17
Hacking Mobile Platforms
Understand mobile platform attack vectors
Understand various Android threats and attacks
Understand various iOS threats and attacks
Use various mobile spyware
Describe Mobile Device Management (MDM)
Apply various mobile security countermeasures
Use various mobile security tools
Perform mobile penetration testing
Week 18
Cloud Computing
Describe cloud computing concepts
Understand cloud computing threats
Explain cloud computing attacks
Apply cloud computing security measures
Use various cloud computing security tools
Perform cloud penetration testing
Week 19
Network Security Fundamentals Security Through Network Devices
o Standard Network Devices
o Network Security Hardware
Security Through Network Technologies
o Network Address Translation (NAT)
o Network Access Control (NAC)
Security Through Network Design Elements
o Demilitarized Zone (DMZ)
o Subnetting
o Virtual LANs (VLANs)
Remote Access
Week 20
Access Control Fundamentals
What Is Access Control?
o Access Control Terminology
o Access Control Models
o Best Practices for Access Control
Implementing Access Control
o Access Control Lists (ACLs)
o Group Policies
o Account Restrictions
Authentication Services
o RADIUS
o Kerberos
o Terminal Access Control Access Control System (TACACS)
o Terminal Access Control Access Control System (TACACS)
Security Assertion Markup Language (SAML)
Week 21
Employable Project/Assignment (6 weeks i.e. 21-26)
● Guidelines to the Trainees for selection of students employable project like final year project (FYP)
● Assign Independent project to each Trainee
● A project based on trainee’s aptitude and acquired skills.
● Designed by keeping in view the emerging trends in the local market as well as across the globe.
● The project idea may be based on Entrepreneur.
● Leading to the successful employment.
● The duration of the project will be 6 weeks
● Ideas may be generated via different
sites such as:
https://1000projects.org/
https://nevonprojects.com/
https://www.freestudentprojects.com/
https://technofizi.net/best-computerscience-and-engineering-cse-projecttopics-ideas-for-students/
Final viva/assessment will be conducted on project assignments.
At the end of session the project will be presented in skills competition
The skill competition will be conducted on zonal, regional and National level.
The project will be presented in front of Industrialists for commercialization
The best business idea will be placed in NAVTTC business incubation center for commercialization.
OR On job training for 2 weeks:
Aims to provide 2 weeks industrial training to the Trainees as part of overall training program
Ideal for the manufacturing trades
As an alternate to the projects that involve expensive equipment
Focuses on increasing Trainee’s motivation, productivity, efficiency and quick learning approach.
Week 22
Business Continuity and DRP
What Is Business Continuity?
Disaster Recovery
o Disaster Recovery Plan (DRP)
o Redundancy and Fault Tolerance
o Data Backups
Environmental Controls
o Fire Suppression
o Electromagnetic Interference (EMI) Shielding
o HVAC
Incident Response
o Forensics
Incident Response Procedures
Week 23
Risk Identification and Mitigation & Incident Handling
Controlling Risk
o Privilege Management
o Change Management
o Incident Management
o Risk Calculation
Reducing Risk Through Policies
o What Is a Security Policy?
o Balancing Trust and Control
o Designing a Security Policy
o Types of Security Policies
Awareness and Training
o Compliance
o User Practices
o Threat Awareness
Training Techniques
Week 24
Security Audit
Security Auditing (planning, operations, performance, evaluation)
Ethical Hacking / Penetration testing
Cyber Security Awareness
Hands-on Lab(s) o Building a machine for penetration testing o Perform vulnerability analysis
Secure configurations of devices and systems
Week 25
Monitoring and Logging
Firewall logs
System logs
SIEM logs
Week 26
Entrepreneurship and Final Assessment in project
Job Market Searching
Self-employment
Freelancing sites
Introduction
Fundamentals of Business Development
Entrepreneurship
Startup Funding
Business Incubation and Acceleration
Business Value Statement
Business Model Canvas
Sales and Marketing Strategies
How to Reach Customers and Engage CxOs
Stakeholders Power Grid
RACI Model, SWOT Analysis, PEST Analysis
SMART Objectives
OKRs
Cost Management (OPEX, CAPEX, ROCE etc.)
Final Assessment