APPIN’S STUDENT MANUAL (ADCS)
PREFACE
We are an establishment with an extraordinary foundation of excellence and global impact and in the coming years, we have enormous potential to build on these strengths and rise to even greater heights of distinctions through service. Our vision is to be the most trusted provider of systems and technologies that ensure both and security and freedom.
We celebrate everything that we have realized, but we also raise the bar a little higher each time we succeed. We have a blueprint, the constant development of initiatives focused on the prevention, identification, mitigation and treatment of the disorders that confront your organization. OUR PLANS
Develop Professional Workforce of 500 Trained Cyber Security Experts per year to assist various Govt. / Non-Govt. Organizations fight the devastating Cyber Crimes. Encourage RESEARCH ORIENTED EDUCATION SYSTEM. Implement "WORK WHILE LEARN" No one person in cyber security is going to be able to solve this problem, because no one knows everything. BUT WE WANT ONE.
APPIN’S APPEARANCE
ACADEMIC DRESS: Academic dress is obligatory at the sessions provided for the semesters, when sitting in any internal (written or online) examinations or while attending any guest lecture or in-house seminar. Following will be the appearance:
BOYS:
FOR SUMMERS: Black trousers, Light Grey shirt (Half sleeves), black tie, black belt, and black shoes.
FOR WINTERS: Black trousers, Light Grey shirt (Full sleeves), Black coat, Black tie, Black belt, and Black shoes.
Special note: The shirt should be properly tugged (Low waist strictly prohibited as it looks unprofessional)
GIRLS:
FOR SUMMERS: Black salwar, Light Grey kammez, Black jacket, Black plain Jutti.
FOR WINTERS: Black salwar, Light Grey Kammez, Black coat, plain Black Jutti
Subjects within International Diploma in Cyber Security (IDCS)/ (ADCS) Distribution of subjects stands as follows:
Semester Module Subjects number I Mod 0 Fundamentals of System Maintenance
Mod 1 Introduction of Information Security Mod 2 Windows Security
II Mod 3 Linux internals and security Mod 4 Server security Mod 5 Data Security
III Mod 6 Fundamental Network security
Mod 7 Web security Mod 8 Cryptography and Steganography IV Mod 9 Advanced Network security
Mod 10 Introduction to Cybercrimes
Mod 11 Secured Programming in Python/Android/Ruby V Mod 12 Information security auditing Mod 13 Vulnerability Assessment & Penetration Testing Mod 14 Cyber Laws VI Mod 15 Cyber Forensics Mod 16 Project + Journal Publication
Syllabus for IDCS/ ADCS
SEMESTER 1 MOD 0. FUNDAMENTALS OF SYSTEM MAINTENANCE MOD 1. INTRODUCTION OF INFORMATION SECURITY The Digital Space Security and its need Hacking (types and methods) Security Service Life Cycle Security Mechanisms (Corporate Implementation Case Studies) Fundamental Concepts Standard Reference Models Case Study
TOOLS: Wire shark Ether cap TCP dump (bt) Cola soft packet builder H ping packet crafting tool Scapy System maintenance tools—Tune up utilities/ cc cleaner /folder lock/ease US partition magic
MOD 2. WINDOWS SECURITY OS Architecture Introduction to Windows NT Ini file virtualization Security architecture components Windows 7 Security Features Registry Windows level vulnerability. File systems Virtual machines Windows OS vulnerability assessment OS hardening Sysinternals Forensics Toolkit (with Case Study) Introduction to Windows 8 security features Case study
TOOLS: Registry cleaner Deskman pro Windows 7 security features Computer forensics and incident response using command prompt Reg edit (registry tricks)/ (group policy editor) Linux security features Sys internal Tool kit
SEMESTER 2 MOD 3: LINUX INTERNALS AND SECURITY Introduction to LINUX LINUX operating system Inter process communication Linux file system Linux security features Multiprocessing TOOLS: Linux security toolkit
MOD 4: SERVER SECURITY
Introduction to servers Types of Servers Client-server architecture Windows 2003 /2008 server implementation (with practical steps) LINUX server implementation (with practical steps) VPN windows server (with practical steps) Client-server security issues: threats, vulnerabilities and case studies
TOOLS: ISA 2006 implementation and server security toolkit (BT 5)
MOD 5 : DATA SECURITY
Data Security Data Backup Data Recovery
TOOLS: Data recovery tools: ( Recuva, Ease US data recovery, Photo rec, Test disc, Digital forensics (bt) Tool kit) Online backup tools: (I drive, Sky drive etc.) Offline backup: (Windows system image, Windows backup Helix (incident response) Project on cryptographic algorithm Steganography using command prompt Truecrypt Trinity PGP implementation
SEMESTER 3: MOD 6: FUNDAMENTAL NETWORK SECURITY Wired LAN Wireless LAN Firewalls
TOOLS: Wireless LAN: (Aircrack, Aero peek, Air snort, Kismet,WEP crack, Airsnort, BT scanner, Wids) Lan administration—classroom spy pro/ tight VNC / router configuration …configuration Windows based LAN config and LINUX based NMAP Technitium MAC changer Ether change Firewalls—comodo/ zonealarm WIN & LINUX Proxy server/websites etc in windows, linux and BT Snort IDS Paros proxy GFI languard
MOD 7: WEB SECURITY Introduction to Internet Browser Security IP security E-mail security Social networking
TOOLS: Retina scanner Sam spade NS tool kit (network scanning ) Ellite proxy switcher Net stumbler Installation of mail server Microsoft outlook SET social engineering tool kit (email spoofing) Tor browser NS auditor (n/w and port scanning) Path analyzer pro Netfilter Squid wingate
MOD 8 : CRYPTOGRAPHY AND STEGANOGRAPHY
Cryptography -Introduction -Fundamental Security Attacks -Security Services -Types of Cryptography Standard) -AES (Advanced Encryption Standard) -RSA (Rivest Shamir Adelman) Algorithm -IDEA -SSL (Secured Socket Layer) -TLS (Transport Layer Security) -PGP (Pretty Good Privacy) with implementation -Digital Signature -Digital Certification -Diffie-Hellman Key Exchange -Kerberos Steganography -Introduction -Types of Steganography -Practical Steganographic Techniques
SEMESTER 4 MOD 9: ADVANCED NETWORK SECURITY Router security Access control VOIP Intrusion Detection System Unified threat management TOOLS: Router security: [Router configuration and security features ( wired) Router configuration and security features (wireless)] Intrusion detection & prevention: (Snort, Sys internals, OSSIM) Access control: [SE linux, UTM (Unified threat management)] VOIP: (Skype security configurations, VLAN ping, Wireshark) VPN: (Implementation, Firewall, SSL putty
MOD 10: INTRODUCTION TO CYBERCRIMES Malwares Attacks Honeypot
TOOLS: Virus creation and disinfection Bot injection and disinfection (some RAT tool) Antivirus configuration (Quick Heal, Windows defender) Phishing (SET bt; manual)+ tabnabbing (SET bt; manual) Social Engineering Demonstration. Cookie hijacking (Cookie capturing & injection) Keylogger (aradmax, LKL; linux, anti keylogger ) SQL injection (havij, SQL map, SQL ninja, w3af) Google tricks Password cracking tools Hiren boot CD Metasploit—armitage Netcat LOIC (Low Orbit Ion Cannon-DOS attack--- live demo) plus live IDS prevention
MOD 11: SECURED PROGRAMMING IN PYTHON/ANDROID/RUBY
SEMESTER 5 MOD 12: INFORMATION SECURITY AUDITING ISMS Preparation of an audit report
TOOLS: windows and LINUX based auditing tools
MOD 13: VULNERABILITY ASSESSMENT & PENETRATION TESTING Vulnerability Assessment -Introduction -Types of Vulnerabilities -Information Gathering -Vulnerability Assessment Methodology -Foot-printing -Network Enumeration Penetration Testing-
TOOLS: NS auditor Acunetix W3af Nessus Net sparker Samurai HT track Nikto Retina network scanner Maltego
MOD 14: CYBER LAWS Introduction National /International Law Enforcement Agencies and Policies Cyber Offences Cyber Terrorism IPR Laws IT ACT 2000 IT ACT 2000 (Amendments 2008) E-Governance Cyber Law Complications Case Study 1 Case Study 2
SEMESTER 6 MOD 16: CYBER FORENSICS
TOOLS: Windows live forensics (Sys internal) Caine –forensic tool kit (Computer Aided Investigative Environment) DART DEFT (Digital Evidence Forensics Tool Kit) Android OS Netsleuth Foremost Helix Mobile edit Forensic Tool kit Honeypot
MOD 15: PROJECT + JOURNAL PUBLICATION
JOURNAL PUBLICATION
Appin aims at a research based education system in which every student is compulsorily the part of various research opportunities & activities including publishing national/ international research paper. This research will help them out to create something unique which will be presented in International journals or in International conferences.
This involves delving in depth into a research topic and includes grasping, evaluating and refining ideas, mathematical rigor, problem formulation, literature survey, implementation (programming) and performance evaluation. Typically students decide on their research area and faculty advisor in the final semester while doing course work. Thereafter, the steps involved are: finishing course work (to build research background and breadth) and thesis defense.
INDUSTRIAL/ FUN TRIPS
Appin believes that education without fun is husky and dry. Students need some refreshments at a regular interval of time whether it is inside or outside.
Visit to industries are an integral part of study that enables the students to get a glimpse of the industry. We believe that students visit industries, in order to get a firsthand view of industrial processes.
The aims of such visits are:
Exposure to Actual Working Conditions Making Students Aware of Industry Practices Creating Practical Awareness of various Industrial Sectors Acquaint Students with Interesting Facts and Breath-Taking Technologies
In Appin, Fun trips are not meant only for fun. Here we try make a combo of fun and learning. Besides adventure activities, we also stress on educating students.
For each Annual Period two trips visits are arranged by the Committee, one is industrial and another is Fun.
ANNUAL FESTS/ NATIONAL CONFERENCE
Appin’s annual fests are organized every year with an aspect of appreciation and motivation in overall personality of each member. It is not a 2 day rust-full celebration. It is about gaining something extra, demonstrating the extra-curricular capabilities what a student has.
These activities will be organized by the students community under a supervision of certain coordinators of the lab. The fest community will be made in the 2nd month of 1st semester after discovering the capabilities of the students.
Students will enjoy annual fest in the month of October every year.
Strict prohibitions:
1) Institute rules do not permit the use of mobile phones inside Appin premises. If any of the students is found to be engaged with the same, the mobile phone will be confiscated and a fine of Rs.500/- will be imposed. 2) Any personal or loose behavior with any of the faculty member, coordinators or other trainee students of Lab which wrongly influence the pure culture of Appin will not be tolerated. In such a scenario the candidate will be dismissed and strict judicial actions may be taken against him/her (if required). 3) Roaming around here and there inside the Appin premises or around the campus area without any reason will be considered as loose behavior and will not be tolerated. 4) Taking tobacco, liquor or any sort of intoxicants inside or around the lab premises is absolutely not allowed. Any such activity will be liable for a penalty of Rs.1000/- on a student.
Rules regarding taking a leave:
1) Whenever a student is taking leave, he/she must take permission in prior from the administrator. Leave will be granted only in case administrator allows. 2) In case of only one day leave, only verbal permission is required. But in case if the leave has to be taken for more than one day, a written application is required. 3) Absence without permission in any case will be liable for a per day penalty of Rs.100. 4) In case a student is regularly getting absent within a month or a two, his/her parents may be called for a meet with admin members.