School of Computing Science and Engineering POST GRADUATE COURSE IN ADVANCED CLOUD COMPUTING Semester – I Teaching Scheme (Hrs./Week) Examination Scheme Sr. Course Total Core Course Name Formative Summative Marks No. Code Assessment Assessment L T P C CIA ESE Course Lab Course Lab 1 PC ACC101 Networking and Security 3 - - 3 50 -- 50 - 100 Concepts - 2 PC ACC102 Cloud Computing Concepts 3 - - 3 50 -- 50 - 100 - Linux Operating Systems – Sys - 3 PC ACC103 3 - - 3 50 -- 50 100 Admin - Windows Operating System – Sys 4 ACC104 3 - - 3 50 - 50 - 100 PC Admin Hands on Linux Operating 5 ACC111 PC System Lab - - 2 1 - 25 - 25 50 Hands-on eNlight Cloud Hands- 6 PC ACC112 - - 2 1 - 25 - 25 50 on Lab Hands on Windows Operating 7 PC ACC113 - - 2 1 -- 25 -- 25 50 System Sys Admin Lab Short term Project – Solution 8 PC ACC114 Architecting and constructing - - 2 1 - 100 - - 100 Cloud Infra on eNlight Cloud TOTAL 12 - 8 16 200 175 200 75 650 CIA: Continuous Internal Assessment #: Internship for 15 days. CIA Weightage Description L: Theory Lecture *: Oral Examination CIA 1 10% Home Assignment CIA 2 20% Mid-Term Exam (MTE) T: Tutorial UC: University Core CIA 3 10% Seminar Presentation P: Practical PC: Programme Core CIA 4 10% Research Based Activity TH: Theory Exam. PE: Programme Elective TOTAL 50% Note: ACC14 – Industry Internship in winter vacation. Applicable for Natural growth students only, Minimum Two weeks, Students will submit report for the same. Document Reference Revision No. / Date Prepared By Approved By SUN/SOCSE/COMP/PGDAC/2019 R0 23/10/2019 School of Computing Science and Engineering Year: First Year Semester – I Course: Networking and Security Concepts Course Code: ACC101 Teaching End Semester Scheme Continuous Internal Assessment (CIA) Examination Total (Hrs. /Week) L T P C CIA-1 CIA-2 CIA-3 CIA-4 Lab Theory Lab 3 0 0 3 10 20 10 10 -- 50 -- 100 Max. Time, End Semester Exam (Theory) -3Hrs. End Semester Exam (Lab) - 0Hrs. Prerequisites: Networking and Security Concepts. Objectives: Students are able to:- This course will engage students networking concepts, and facilitative discussions to ensure maximum skill deliver and retention. In addition students will avail practical training that 1 will enhance their technical knowledge, skills that will help them to become an expert professional. 2 Get hands on Networking and device monitoring protocol. 3 Get hands on practices on cloud security concepts. Unit Details Hours No Module 1:Indroduction to Computer Network-Introduction,Application of Computer network,Network Type LAN,WAN,MAN. OSI Layer- Physical Layer Data Link Layer,Network Layer,Transport Layer, Session Layer, Presentation Layer Application Layer. IP Address and Classes- 3 Prefixes,Subnets,Classes.Public, Private, static and Dynamic IP,IPv4 and IPV6. 1 TCP/UDP Protocal- Connection Less transport,Connection Oriented Transport,TCP connection and Flow control Practically Example. Module 2: DNS Protocol - What is DNS and Important of DNS in hosting industry Domain Name Server and Root Servers,How does DNS Protocol 4 Works,DNS Records,DNS Security. Module 1: HTTP Protocol - What is Web Servers and Important of it, how does web servers works? Web Server Protocol, Web Server Management. 2 2 Module 2: Email Services and Protocol - What is SMTP,POP and IMAP , IMAP and POP comparison, Email Servers and Email Client, How does email services 3 works, Email Client configuration and basic setting. Document Reference Revision No. / Date Prepared By Approved By SUN/SOCSE/COMP/PGDAC/2019 R0 23/10/2019 School of Computing Science and Engineering Module 1: Database Servers - Define DBMS, Structure and Un structure Database Different Type of Database Servers, Normalization and De- Normalization 3 SQL statements- DDL, DML, DCL. ACID (Atomicity, Consistency, Isolation, Durability) Database indexes, Triger and Procedure, Database Mirroring, Database Clustering. 3 Module 2: Device Monitoring Protocal- Different device Monitoring Protocol Define Simple network management protocol (SNMP), SNMP components- [SNMP Manager,Agent,Management Information Base], SNMP messages- [GetRequest, GetNextRequest, GetBulkRequest, SetRequest, Response, Trap, 4 InformRequest] SNMP security levels- [noAuthNoPriv, authNopriv, authPriv] SNMP versions- [SNMPv1, SNMPv2c, SNMPv3] Module 1: Attack on OSI Layer- Application and Presentation Layer Attack - User ID/Password Sniffing, Brute Force Attack, Large Payload POST requests, User ID/Password Sniffing, Software vulnerabilities, application security vulnerability: code flaws, insecure code, SQL Injection, Cross-Site Scripting, Cross- Site Request Forgery, Directory Traversal, Error Handling and Sensitive Data Expose, Failure to Restrict URL Access, Malicious Code, OS Command Injection, 5 Malware and Worm Attack. Session Layer Attack- SSL/TLS session Sniffing, Cookies hijack, SSL Exhaustion, Long Lived TCP sessions (slow transfer rate), SSL 4 Exhaustion, Broken Authentication and Session Management. Transport and Network Level Attack- HTTP flood, UDP Flood, DNS query/NXDOMAIN floods, TCP SYN Flood, DDOS Attack, Slow Loris Attack, Reflection Attacks, Amplification Attacks. Biggest Cyber Attack- Wanacry, NotPetya, Ethereum, Equifax, github. Module 2: Cloud Security1: Introduction, Attack on C-I-A objective- Attack on Confidentiality, Attack on Integrity, Attack on Availability. Adaptive Security 4 Architecture- Predict, Prevent, Respond, Detect. Module 1: Cloud Security2: Identify and Access Management- Single Access Control Interface(SSO), Multi Factor Authentication, Enhanced Security, Resource- level Access Control, Access/Role Level Control, Passwords and API Keys, SAML and OIDC, Access Level Control. Centralized Authorization- Policy Enforcement Point (PEP), Policy Decision Point (PDP), Policy Administration Point (PAP), ITIL 5 Process. Data Security- Data in Transit, Data at Rest, Data in Processing, Data 5 Remanence, Encryption. Network Security- Firewall, UTM, Endpoint Detection and Response (EDR), Anti-Virus and End Point Protection, IPS and IDS. Module 2: Cloud Security2 : Web Security- SSL, Web Application Firewall VAPT, Real Time Monitoring and Scanning. E-mail Security- SSL, Spam 4 Protection, Email Filtering Gateway. DKIM , SPF and rDNS. Document Reference Revision No. / Date Prepared By Approved By SUN/SOCSE/COMP/PGDAC/2019 R0 23/10/2019 School of Computing Science and Engineering Module 1: Security Information and Event Management, Regulatory compliance - 6 [PCI-DSS,HIPAA,STQC,DIT ]. 3 Module 2: Business Continuity and Disaster Recovery. 3 Outcomes: At the end of this course students will be able to:- 1 Understanding of computer concepts and its applications. 2 Able to gain knowledge of basic networking and security concepts. Text Books 1. Networking and Security Concepts Handbook – ESDS L & D Team. Reference Book 1. COMPUTER NETWORKS 5th edition by ANDREW S. TANENBAUM. 2. COMPUTER NETWORKING A Top-Down Approach 6th edition by James F. Kurose. Document Reference Revision No. / Date Prepared By Approved By SUN/SOCSE/COMP/PGDAC/2019 R0 23/10/2019 School of Computing Science and Engineering Year: First Year Semester – I Course: Cloud Computing Concepts Course Code: ACC102 Teaching End Semester Scheme (Hrs. Continuous Internal Assessment (CIA) Examination Total /Week) L T P C CIA-1 CIA-2 CIA-3 CIA-4 Lab Theory Lab 3 0 2 3 10 20 10 10 -- 50 -- 100 Max. Time, End Semester Exam (Theory) -3Hrs. End Semester Exam (Lab) - 0Hrs. Prerequisites: Objectives: Students are able to:- 1 This course will actively engage students in learning, industry specific cloud knowledge. 2 Get hands on practices on Hypervisors and ESDS eNlight cloud platform. Unit Details Hours No Module1:Fundamental cloud computing terminology and concepts-Brief History/Definition of Cloud, Servers Vs Desktops, Basics of Virtualization, Type 1 & Type 2 Hypervisors (Bare metal/Native Hypervisor & Hosted Hypervisor), 4 Virtual Machines (Threading/ vCores /RAM/HDD), VM Access(Small demo 1 Win & Linux VM access). DNS (Domain Name System) - Small demo domain - IP pointing. Module 2: Cloud architecture- External Network - Server - Internal Network – Storage. Cloud Delivery Models- Infrastructure-as-a-Service (IaaS), Platform- as- 4 a-Service (PaaS), Software-as-a-Service (SaaS). Module1: Cloud Deployment Models- Public Cloud, Private Cloud, Hybrid Cloud & Community Cloud. Understanding Scalability- Horizontal - Vertical- 4 Multidimensional Scaling (Small demo of vertical scaling). 2 Module 2: Data Center Overview- Working & Functional model of Data Centers (DC Visit for Students). Cloud Storage System Basics- DAS, SAN, 4 NAS. Storage Levels (BLOCK, FILE, OBJECT). Module1: Backup & Disaster Recovery as a Service- Local vs Remote backup, 3 Types of Backup, Backup Policy, Retention. 2 Module 2: BCP Planning, RTO & RPO, Switch Over/Switch Back, Synchronous vs Asynchronous Replication, Types of DR - Hot DR, Warm DR & Cold DR, 4 DRM Tools(Small demo of DRM tool interface), DR Drills. Module 1: Connectivity to Cloud- MPLS / P2P / Internet-VPN. 2 4 Module 2: Cloud Security Basics- Cloud security components(Small demo of vFirewall interface), External (DC level) & Internal (Client Specific) Security. 4 Module 1: Business Cost Metrics- Billing of Cloud based resources, Capex, Opex, TCO, Cloud vs On-Prem. Service Level Agreements (SLAs)- For Cloud 4 Based IT resources. Document Reference Revision No. / Date Prepared By Approved By SUN/SOCSE/COMP/PGDAC/2019 R0 23/10/2019 School of Computing Science and Engineering 5 Module 2: Common Cloud Project Lifecycle Stages -