Embed Size (px)
Citation preview
KNOWLEDGE PARTNER
IInndduussttrriiaall TTrraaiinniinngg in
CCyybbeerr SSeeccuurriittyy
MMaannaaggeemmeenntt Course Code MPCEDIN406
MPCON CYBER EXCELLENCE DIVISION
About MPCON
MPCON is a Govt. Company under section 2(45) of the Companies Act 2013, being a
subsidiary of IFCI Limited , a PSU under the Ministry of Finance, Govt. of India, Dept. of
Financial Services.
MPCON Limited has been working in the field of education & livelihood promotion
since 1979 as part of its training and capacity building programmes. MPCON through
its franchisee centres runs industry-relevant courses in the field of IT, Management,
Leadership development etc. As part of its livelihood programmes, MPCON has
developed industry linkages for placement of our trained candidates in the field of IT/
marketing/sales and other sectors of the Industry. We also have a full-fledged MSME
cell which helps candidates for self-employment. We have developed our own
industry-relevant content in the various fields our team were also involved in
designing the NSQF framework in some sectors.
The courses designed by MPCON caters to the needs of industries and is accepted by
the industry for its relevance, specially the one designed for cyber security. We
constantly evolve our courses, catering to the changing needs of the industry.
About MPCED The Prime Objective of the MPCON is to establish a Professional Platform ' MPCON
Cyber Excellence Division' of understanding and thereby carrying out the
development of cyber defense skills which in-turn will protect citizens, businesses,
critical infrastructures of the state, and e-governance by establishing a collaborative
platform for cyber security to provide a secure cyberspace to the society.
MPCON Cyber Excellence Division has a winning combination of State of the art
infrastructure, highly-qualified faculty combined with a unique academic delivery of
domain knowledge, career advancement and employability skills. MPCON Cyber
Excellence Division also has a large contingent of respected professionals as visiting
faculty in the area of Cyber Security and Cyber Ethics. We engage the government,
industry and the general public on cyber security and privacy issues, and transfer
results into deployable platforms. Franchisee Centres providing various courses on
cyber security, Cyber Ethics , Cyber Crime Prevention & Solutions are run under the
MPCON Cyber Excellence Division.
About Course This Industrial training program is specially designed for engineering students. Which is
designed for the practice of information security and technical work in industries and
organization.
While there is no doubt that technology has changed the way we live, work, and play, there are
very real threats associated with the increased use of technology and our growing dependence
on cyberspace. For instance, cyber attacks on the Indian Government alone increased 480%
from 2013 to 2018. Also, the breach of the Top Most Companies in last year resulted in a leak of the
private information of Crores customers. Incidents like these reinforce the risks that exist in
cyberspace and their potential impact in the real world.
An area of information technology that is gaining a great deal of attention lately is cyber security.
While cyber criminals develop new ways to find and exploit vulnerabilities in computer systems,
organizations worldwide are reassessing their information security measures and increasingly
relying on the expertise of cyber security managers.
This industrial training program is focused on key jobs and working relating to
implementation of a cyber security framework in an organization.
Cyber security Management?
Cyber security management can be described as everything an organization does to protect its
information systems and computer networks from cyber attacks, intrusions, malware and
various types of data breaches. All businesses and government agencies are vulnerable to cyber
attacks that are growing in sophistication, as well as in number. Keeping networks running
smoothly and protecting sensitive data takes constant monitoring and proper cybersecurity
management.
Job responsibilities as Cyber Security Manager
Cybersecurity managers are responsible for knowing where a network’s possible vulnerabilities
lie. They stay on top of the methods cyber criminals use to infiltrate information systems and
they use their expertise and knowledge to avert these efforts. By performing their daily job
duties, cybersecurity managers protect organizations from losing data, such as customers’ credit
card information and valuable trade secrets, as well as the time and money lost when
information systems are brought to a halt.
Cybersecurity managers accomplish their responsibilities through planning and implementing
security measures on all information systems and networks. Typical job duties include
establishing network security policies and procedures, regulating access to information and
training staff on proper use of information systems. Cybersecurity managers often monitor
systems for security gaps, design effective solutions and provide reports to management and
executive staff. Running risk assessments, testing data processing systems and designing
firewalls are additional duties for these professionals. If an intrusion does take place, it is the
cybersecurity manager’s job to take care of it as quickly and effectively as possible. . Additionally,
managers may also be responsible for coordinating, supervising, managing or training others.
Course Objective
This course will navigate you through the foundations and skills necessary to
build a successful career in cyber security. In addition to basic security objectives,
you will also learn about major Security Breaches & Attacks, Cyber Security
Measures, Cyber Laws, IT laws, Networking etc.
'Cyber Security management' Certification training is quite popular, considering
enterprises are looking to secure their data and services across platforms. But
they hardly find enough workforces to support their concerns. The Certificate
'Cyber Security management' course, is not just a solution to all such problems
but a pathway for a Cyber Safe Generation building and implement a cyber
security framework in an organization.
To trained the candidates according to the need of working style of IT /
Corporate, Banking and E-Commerce organization.
Job Opportunities Cyber security is the new technological age is of greater importance than it has ever
been before because the entire globe is now involved and connected.
There is a tremendous scope of cyber law in India as the number of activities
through internet is on increase with the changing times, the requirement for cyber
laws and their application is gathering momentum and hence the career option as a
cyber-lawyer seems very lucrative option for students.
As for this branch of law is concerned, there are several job opportunities in private
& Government sector which are on its way for students who aspire to be into cyber
law.
Cyber Security Manager
Cyber consultant in an IT firm, police departments, Banks Etc.
Research assistants in a law firm/technology firms, or as Advisers
to web developers, in the ministry of information & technology,
Corporate houses and various law enforcement agencies Cyber Law
Professional.
Other Job Profiles: So many career options like, IT Officer/Head, Information
Security Officer, CISO, Security Analyst, Networking Analyst, Security Head, IT
Consultant Etc. in various Government/Private Organization/Society.
COURSE DETAILS
Course Name: “Cyber Security Management ”
Course code: MPCEDIN406
ELIGIBILITY
Engineering Students & Professionals
COURSE FEE CERTIFICATION 5,500/- (including Registration fee) Awarded by MPCON LIMITED
+ 18% (GST)
COURSE SCHEDULE Total 45 Days
EXAM FORMAT I) The examination formats multiple choice questions.
ii) Duration 90 minutes
iii) Question 100
iv) Marks 100
v) Passing marks 40
vi) Mode: Online
ASSESSMENT
The examination will be organized as
per MPCON Limited's Guideline is
available on our website
http://mpced.mpconsultancy.org
TRAINEE WILL LEARN
i. How to handle cybercrime - legal actions and procedures
ii. How to enter into valid international transactions online, involving cross-border
entities across multiple jurisdictions
iii. Negotiate, draft technology agreements and provide key strategic insights on
various technological transactions and contracts
iv. How to perform IT specific due diligence and compliance activities for online businesses
v. Networking because Networking is the base of information security
vi. Working in techno legal aspects because nowadays every companies needs this.
vii. Much aware about cyber crime, cyber law and IPR related issues and secure in cyber space with
legal approach.
viii. Website security: Vulnerability assessment and penetration testing & Audit aspects
ix. Implementation of Information security management system and compliance.
x. Network Vulnerability assessment and security implementation
xi. Cyber law and compliances related to computer & online business operation.
NETWORKING
MODULE-1
INTRODUCTION OF NETWORK AND NETWORKING DEVICES
WHAT IS NETWORKING
NETWORKING DEVICES ROUTER, MODEM, HUB, SWITCH, REPETER/ BOOSTER, CABLES, CONNECTOR.
INTRODUCTION OF IPADDRESS AND CLASS
WHAT IS IPADDRESS
CLASS OF IPADDRESS
IPV4/IPV6 INTRODUCTION
PUBLIC & PRIVATE IPADDRESS
INTRODUCTION IPV6
ROUTING PROTOCOLS
INTRODUCTION OF ROUTING PROTOCOL
STATIC ROUTING
DEFOULT ROIUTING
DYNIMIC ROUNTING
RIP PROTOCOL
IGRP PROTOCOL
OSPF PROTOCOL
CONFIGURING ROUTER
STATIC ROUTING
DEFOULT ROIUTING
DYNIMIC ROUNTING
RIP PROTOCOL
IGRP PROTOCOL
OSPF PROTOCOL
MODULE-2
WINDOWS OS & SERVER
INTRODUCTION OF WINDOWS OPERATING SYSTEAM
WINDOWS CLIENTAND SERVER
WINDOWS CONTROL PANNEL
Deploying Windows Server
Windows Server Update Services
Advanced File Services Configuration
Server Monitoring and Auditing
Remote Access Configuration
Network Policy Configuration
Domain Controller and Active Directory Management
User and Service Account Configuration
Group Policy Settings and Preferences
Managing Group Policies
Managing and Configuration DNS
WINDOWS SECURITY
LINUX Overview of Unix/Linux: -
MODULE-3
Concepts, Unix/Linux Installation Process,
Hardware Requirements for Unix/Linux,
Advantages of Unix/Linux,
Reasons for Popularity and Success of Linux/Unix Operating System,
Features of Linux/Unix Operating System,
Kernel,
Kernel Functions,
The Shell Basic Commands,
Shell Programming:-Shell Variables,
Branching Control Structures,
Loop-Control Structure,
Continue and break Statements,
Sleep Command,
Debugging Script.
Use of Linux as web-server,
File server,
directory server,
application server,
DNS server, SMTP server, Firewall, Proxy server.
File System: -
Definition of File System, Defining Geometry,
Disk Controller,
Solaris File System,
Disk Based File Systems,
Network-Based File Systems,
Virtual File systems,
UFS File System,
The Boot Block,
The Super Block,
The Inode, Tuning File System,
Repairing File System.
Process Control: -
Viewing a Process,
Command to display Process,
Process Attributes,
Process States, Process Fields,
PS Commands options, PGREP,
PRSTAT,
CDE Process Manager,
Scheduling Process,
Scheduling Priorities,
Changing the Priority of a time-sharing process
Killing Process.
MODULE-4
Subject-I : Cyber Jurisprudence and Introduction to Cyber law
Unit 1: Introduction to Cyberspace, Architecture and Digital divide
Introduction of Cyber Space
Characteristics of Cyber Space
Emerging issues from cyber space
Unit 2: Introduction to Cyber Law and Regulation of E-governance
Introduction of cyber law
Need of cyber law
Primary Law in India
Overview of the Information technology Act, 2000
Legal framework for E-governance in India
Intellectual Property Rights in Digital world
Unit 3: Jurisdiction issues in Cyberspace: Dispute resolution, Indian and International Approach
Concept of jurisdiction
Jurisdiction issues in cyberspace
Indian and international approach in cyber jurisdiction
Unit 4: Computer Wrongs & Cyber Crimes
Definition of Cyber Crime
Conventional Crimes through Computer
Category of Cyber Crime
Different forms of Cyber crimes and modus of operand
Offence defined under the Information technology Act, 2000
Case study on cyber crimes under the Information technology Act.
Unit 5: Electronic Evidence and relating Law
o Electronic evidence and Classification
o Digital Devices: Sources for Digital Evidences
o Searching and seizing of digital evidence and Devices
o Law relating to electronic evidence and Admissibility of electronic evidence
CYBER LAW AND CYBER CRIME
MODULE-5
Website & Network Security Implementation and audit
Unit 1: Introduction • Fundamentals and need of Vulnerability Assessment and Penetration Testing
• Difference Between Vulnerability Assessment and Penetration Testing
• VA life cycle and PT life Cycle classification
• Features and Characteristics of Penetration Testing Tools
• Security Patches & Updates
• Website security audit process
Unit 2: Vulnerability Assessment • Testing (White Box, Black Box, Gray Box)
• Assess the Vulnerabilities
• Virus and Trojan Detection
• Identify Vulnerabilities, Threats Etc.
• OWASP top 10 Vulnerability
• Vulnerability Assessment Tools
• Vulnerability Classification and Severity Table
Unit 3: Penetration Testing
• Information Gathering
• Exploitation
• Website Penetrate
• Network Penetrate
• Password Cracking Penetration Testing
• Fundamentals Internal and External Penetration Testing
• Penetration Testing Tools
Unit 4: Practical
Installation and Usage of Open Source VAPT Tools
Hands on practice on different tools like Acunetix Web Vulnerability Scanner, Burp Suite
WebSploit Toolkit, Penetration Testing Oriented Browser – Sandcat Browser, PHP
Vulnerability Hunter, OpenVAS, Wireshark, Zenmap
MODULE-6
Information Security Management Compliance
Unit 1: INFORMATION SECURITY MANAGEMENT SYSTEM
Understand the Information Security Management
Reasonable security practice and procedure defined under the Information
Technology Act, 2000.
Introduction of Information security management system Standard ISO
27001 Implementation and audit process
Access controls and security measures for secure management of computer
resources at workplace.
Key elements of Information security Policy
Internal Information security audit process
Ground Floor, Rajiv Gandhi Bhawan-2, 35, Shyamla Hills, Bhopal 462002, Web: www. http://mpconsultancy.org, http://mpced.mpconsultancy.org/Phone: 0755 4909829, 2666556
MIG 17 , BDA Complex 2nd Stop in Front of Diamond Plaza
Tulsi Nagar Bhopal (M.P) 462003+91 8770303862 , +91 7354133333Email: [email protected]
TRAINING
विशेषत
ाएं
n Digital Literacy & Cyber Security
n Information security & Cyber Law
n Computer Networking & Cyber Etiquettes
n Ethical Hacking & Cyber Etiquettes
n Certified Vulnerability Assessor and penetration tester
n Cyber Law
n Computer Application and Cyber Etiquettes
n Cyber Security & Cyber Etiquettes
n Computer forensics & Digital Evidence
n DTP & Cyber Etiquettes
n Financial Accounting, Taxation & Cyber Etiquettes
DIPLOMA IN
CERTIFICATE IN
CoursesOffered
MPCON Ltd. ¼Hkkjr ljdkj dk midze½ }kjk lapkfyrA MPCON Ltd. }kjk ekU;rk izkIr Aeksckby] baVjusV ,oa dEI;wVj ls gksus okys vijk/kksa rFk ?kks[kk/kMh+ ls cpkus esa ns'k vkSj lekt dks lg;ksx nsa Alwpuk izks|ksfxdh ea=ky; ds vuqlkj 5 yk[k ls T;knk flD;ksfjVh ,DliVZ izksQs’kuYl dh vko’;drk gksxh 2022 rd A
Hkfo";] jkstxkj Hkfo";] jkstxkj Hkfo";] jkstxkj ,oa lk;cj f’k{kk,oa lk;cj f’k{kk,oa lk;cj f’k{kk
Cyber Law Pioneers Pvt Ltd.
KNOWLEDGE PARTNER
