PROSPECTUS

Certification Scheme for I .T. SECURITY PROFESSIONALS

Certified Computer Forensic Professional [CCFP]

Or

Level3

Certified Information Systems Security Auditor [CISSA]

Or

Certified System Security Solution Designer [CSSSD]

Level2 Level1

Certified System Security Professional [CSSP] Certified System Security Analyst [CSSA]

NIELIT

Certification Scheme in Information Security At A Glance

Level-3 Certified Information Systems Security Auditor [CISSA]
Security Standards & Information Security Policy Auditing, Penetration Testing & Information Security Risk Management Public Key Infrastructure and Trust Management Cyber Law and IPR Issues Industrial Project [480 Hours] Industrial Project [480 Hours]

Level-3 Certified Computer Forensic Professional [CCFP]

Cyber Crime, Indian IT (Amendment) Act 2008 and Introduction to Computer Forensics Seizure & Imaging of Digital Evidence Analysis of Digital Evidence Computer Forensics for Windows & Linux Systems and Anti-forensics

Level-3 Certified System Security Solution Designer [CSSSD]

Application Security & E-Commerce Public Key Infrastructure and Trust Management Security Standards & Information Security Policy Cyber Law and IPR Issues Industrial Project [480 Hours]

Level-2 Certified System Security Professional [CSSP]

Cryptography and Network Security System and Device Security Mobile and Wireless Security Database and Web Application Security

Level-1 Certified System Security Analyst [CSSA]

Computer Fundamentals and Computer Networks Operating System Administration Information Security Concepts System Security

National Institute of Electronics And Information Technology

(NIELIT) (An Autonomous Scientific Society of Department of Electronics & Information Technology,Ministry of Communications & Information Technology, Government of India) ELECTRONICS NIKETAN 6, CGO COMPLEX,NEW DELHI-110 003

prospectus

CONTENTS
1. NIELIT - An Introduction 2. NIELIT, Gorakhpur Centre- An Introduction 3. Information Security Education & Awareness(ISEA) Project 4. Certification Scheme in Information Security 5. Course Objective 6. Course Structure 7. Eligibility Criteria 7.1 7.2 7.3 Certified System Security Analyst Certified System Security Professional Certified Computer Forensic Professional/Certified Information Systems Security AudItor/ Certified System Security Solution Designer 8. Mode of Admission 8.1. 8.2. Regular Course Direct Course (Distance Course) 05 05 05 05 05 06 06 06 06 07 07 07 08 08 10 13 14 14 14 01 01 01 02 02 03 05 05 05

9. Rules and Regulations for Candidates Seeking Certification 10.Training Centres 11. Course Fee 11.1. 11.2. Fee For Regular Course Fee For Direct Course

12. Registration 13. Calender of Events for Certification 14. Entrance Examination Pattern for Regular Candidates only 15. Certification Examination Pattern 16. Course Module 17. Guidelines for the Projects 18. Entrance Examination/Certification Examination Centres 19.Expert Committee for Certification Scheme in Information Security 19.1. Committee Members 19.2. Terms of the Reference of the Committee APPENDIX A : DETAILED SYLLABUS LEVEL 1 CERTIFIED SYSTEM SECURITY ANALYST 1.1. 1.2. 1.3. 1.4. Computer Fundamentals and Computer Networks Operating System Administration Information Security Concepts System Security

15 19 22 25

prospectus

CONTENTS
APPENDIX B : DETAILED SYLLABUS LEVEL 2 CERTIFIED SYSTEM SECURITY PROFESSIONAL 2.1. 2.2. 2.3. 2.4. Cryptography and Network Security System and Device Security Mobile and Wireless Security Database and Web Application Security 29 31 34 38

APPENDIX C : DETAILED SYLLABUS LEVEL 3 CERTIFIED SYSTEM SECURITY SOLUTION DESIGNER (CSSSD) 3.1. . 3.2. 3.3. 3.4. Application Security & E-Commerce Public Key Infrastructure and Trust Management Security Standards & Information Security Policy Cyber Law and IPR Issues 43 45 47 49

CERTIFIED INFORMATION SYSTEMS SECURITY AUDITOR (CISSA) 4.1. 4.2. 4.3. 4.4. Security Standards & Information Security Policy Auditing, Penetration Testing & Information Security Risk Management Public Key Infrastructure and Trust Management Cyber Law and IPR Issues 51 53 56 58

CERTIFIED COMPUTER FORENSIC PROFESSIONAL [CCFP] 5.1. 5.2. 5.3. 5.4. Cyber Crime, Indian IT (Amendment) Act 2008 and Introduction to Computer Forensics Seizure & Imaging of Digital Evidence Analysis of Digital Evidence Computer Forensics for Windows & Linux Systems and Anti-forensics 60 62 64 66

prospectus 1. NIELIT - An Introduction

IELIT (National Institute of Electronics And Information Technology ) is an autonomous scientific society of the Department of Electronics & Information Technology, Ministry of Communications & Information Technology, Government of India with Head Quarters at New Delhi. It is envisioned to bring the most updated global industry relevant computer education, within the reach of more and more in the areas of Information, Electronics and Communication Technology (IECT). NIELIT is implementing a joint scheme of All India Council for Technical Education(AICTE) and Department of Electronics & Information Technology [formerly Department of Information Technology (DIT)], Government of India. NIELIT was formed on the 9th November 1994 and is registered under the Societies Registration Act, 1860. The management and administration of the NIELIT is overseen by Governing Council, under the chairmanship of the Minister of State, Communications & Information Technology, Government of India. Members of the Council consist of eminent academia from IITs, Universities, etc. and professionals from the industry.

2.NIELIT, Gorakhpur Centre - An Introduction

IELIT, Gorakhpur Centre is a unit of NIELIT which is an autonomous body of Department of Electronics & Information Technology(DeitY), Ministry of Communications & Information Technology, Govt. of India. The Centre is a Premier Organization for Education, Training, R&D and Consultancy in IT and Electronics. The Centre offers courses in areas like Embedded Systems, VLSI, Instrumentation, BioInformatics, ITES-BPO, Information Security, Cyber Law, Networking and other areas of Information Technology.

3.Information Security Education & Awareness(ISEA) Project

nformation Security is an emerging area. At present there are not many Information security professionals in the country. Also, the Information Security awareness level is low in the country. This necessitates development of specialized manpower, both at high and low ends. Accordingly, Government of India (Department of Electronics & Information Technology) has launched Information Security Education and Awareness (ISEA) Project with the following broad aims to

i.

Introduce Information Security Curriculum at M.Tech. & B.Tech. level and Research Activity / PhD;

ii. iii. iv. v.

Train System Administrators/ Professionals; Train Government Officers on Information Security issues i.e.Computer networking, cyber hygiene, data security etc.; Bring Information Security Awareness in the country; and Education Exchange Programme.

Under the project, the activities of introduction of Information Security curriculum & training of System Administrators are being implemented through Resource Centres (RC - premier institutes like IITs and IISc.) and Participating Institutes(PI -NITs, Govt. Degree Engineering Colleges, IIITs, Societies of DeitY, etc.). The activity of training of Central and State Government officers are being implemented through six DeitY organizations viz. CDAC, ERNET India,NIELIT, CERT-In, STQC Directorate, & NIC. The Information Security awareness programme for the industry, educational institutes and the masses is being implemented through CDAC, Hyderabad, which is also developing Learning Material for the training of govt. officers. One of the activity envisaged is to launch a national level Certification Scheme for Information Security Professionals. This activity has been assigned to NIELIT.

01

prospectus
4.Certification Scheme in Information Security ne of the objectives of the ISEA project is to implement a robust certification mechanism in Information Security with technical experience and guidance from RC's (of ISEA Project) which will set the international acceptable standards with NIELIT as the implementing organization. With the above objective in the mind, the NIELIT has launched the following certification scheme in Information security with three levels of certification scheme as a part of Information security education and awareness project. NIELIT , Gorakhpur Centre is acting as nodal centre. However the national image of the scheme is being maintained by NIELIT , New Delhi as the implementing organization. 5.Course Objective

o implement a national level Certification Scheme in Information Security as part of the Information Security Education and Awareness Project of DeitY.

The Course structure has been designed to conduct examination for three levels of certification i.e.

Certified Computer Forensic Professional [CCFP] Or Level-3 Certified Information Systems Security Auditor [CISSA] Or Certified System Security Solution Designer [CSSSD] Level-2 Level-1 Certified System Security Professional [CSSP] Certified System Security Analyst [CSSA]

02

prospectus
6.Course Structure

Level-1 Certified System Security Analyst (6 Months)

S.No. 01. 02. 03.

Code IS-C1-01 IS-C1-02 IS-C1-03

Paper Computer Fundamentals and Computer Networks Operating System Administration Information Security Concepts

Theory (Hours) 60 60 60

Practical (Hours) 60 60 60

04.

IS-C1-04

System Security

60
TOTAL

60
480 HOURS

Level-2 Certified System Security Professional (6 Months)

S.No. 01. 02. 03. Code IS-C2-01 IS-C2-02 IS-C2-03 Paper Cryptography and Network Security System and Device Security Mobile and Wireless Security Theory (Hours) 60 60 60 Practical (Hours) 60 60 60

04.

IS-C2-04

Database and Web Application Security

60
TOTAL

60
480 HOURS

Level-3 Certified System Security Solution Designer [CSSSD]

S.No. 01. 02. 03.

Code IS-C3-D-01 IS-C3-D-02 IS-C3-D-03

Paper
Application Security & ECommerce Public Key Infrastructure and Trust Management Security Standards & Information Security Policy Cyber Law and IPR Issues Total

Theory (Hours) 60 60 60

Practical (Hours) 60 60 60

04.

IS-C3-D-04

60 240

60 240

+ Six Month Industrial Project (480 Hours)

03

Computer Forensics for Windows & Linux Systems and Anti-forensics Level-3 Certified Information Systems Security Auditor (CISSA)

prospectus

S.No. 01. 02.

Code IS-C3-A-01 IS-C3-A-02

Paper
Security Standards & Information Security Policy Auditing, Penetration Testing & Information Security Risk Management Public Key Infrastructure and Trust Management Cyber Law and IPR Issues Total

Theory (Hours) 60 60

Practical (Hours) 60 60

03.

IS-C3-A-03

60

60

04.

IS-C3-A-04

60 240

60 240

+ Six Month Industrial Project (480 Hours)

Level-3 Certified Computer Forensic Professional (CCFP)

S.No. 01. Code IS-C3-F-01 Paper
Cyber Crime, Indian IT (Amendment) Act 2008 and Introduction to Computer Forensics Seizure & Imaging of Digital Evidence Analysis of Digital Evidence

Theory (Hours) 60

Practical (Hours) 60

02. 03.

IS-C3-F-02 IS-C3-F-03

60 60

60 60

04.

IS-C3-F-04

Computer Forensics for Windows & Linux Systems and Antiforensics Total + Six Month Industrial Project (480 Hours)

60 240

60 240

04

prospectus 7.Eligibility Criteria

7.1.Certified System Security Analyst (Level - 1) Concurrently with B.E/ B.Tech (All streams) / MCA / 'B' Level/ MBA /M.Sc.(CS/IT/Mathematics/Physics/Electronics) or PGDCA/ NIELIT 'A' Level/ BCA/Diploma/ B.Sc. (CS/IT/Mathematics/Physics 7.2.Certified System Security Professional (Level - 2) Level-1(Certified System Security Analyst) or B.E/ B.Tech/ MCA/B Level/MBA/M.Sc.(CS/IT/Mathematics/Physics/Electronics) ` or PGDCA/ NIELIT A Level/BCA/ Diploma/ B.Sc.(CS/IT/Mathematics/Physics) with 2 years relevant experience. 7.3.Certified Computer Forensic Professional / Certified Information Systems Security Auditor / Certified System Security Solution Designer (Level - 3) Level-2(Certified System Security Professional) or B.E./B.Tech(All Streams)/MCA/NIELIT B Level/MBA/M.Sc(CS/IT/Mathematics/Physics/Electronics) with 2 years relevant experience oor PGDCA/NIELITALevel/BCA/Diploma/B.Sc. (CS/IT/Mathematics/Physics) with 3 years relevant experience.
Note : 1. Certification Scheme is free For NIELIT Employees(Satisfying the Eligilibilty Criteria for Particular Level). 2. NIELIT Employees Applying for the certification need to submit a letter from there employer indicating that they are in the job and given permission to appear in the certification. 3. Candidates taking admission in Level -3 can choose any one of the three specialization given for Level -3.

8. Mode Of Admission: Admission can be taken in one of the following mode : 8.1. Regular Course: Candidates will be provided classroom facilities, six months training will be provided at NIELIT Centres offering such training program. 8.2. Direct Course(Distance Course) : Direct mode is an option for candidates to enroll through self-study mode without attending regular course. 9. Rules and Regulations for Candidates Seeking Certification I. A candidate could take regular study by taking admission at the Institute offering such training programme at Level-1/Level-2/Level 3 as per eligibility criteria mentioned for

18 November, 2013.

th

05

prospectus
10. Training Centers Training is provided for Regular Students at following NIELIT Centres for Level-1, Level-2 and Level-3: 1.NIELIT, Gorakhpur Centre M.M.M. Engineering College Campus Deoria Road, Gorakhpur-UP Pin-273010 2.NIELIT, Imphal Centre Akampat,Post Box No.104, Imphal Manipur - 795001. 3.NIELIT, Jammu Centre New Campus University of Jammu, Dr. BR Ambedkar Road Jammu - 180006. 4.NIELIT, Kolkata Centre Jadavpur University Campus Kolkata - 700032 5.NIELIT, Srinagar Centre Sidco Electronics Complex Old Airport Road Rangreth,Srinagar - 190007

6.NIELIT, Calicut Centre Post Box No. 5, NIT Campus P. O., Calicut,Kerala - 673601.

11. Course Fee

11.1. Fee For Regular Course

11.2. Fee For Direct Course

Fee structure is same for Level- 1, Level-2 and Level-3

06

prospectus

12. Registration Registration is a pre-requisite for appearing in the certification examination. Some important aspects of registration are: (i) Registration No is unique and will remain same for a particular level. (ii) Registration will be valid for a period of 4 years for a particular level after which re- registration is required. After completion of a particular level successfully registration is allowed for next higher level after paying the prescribed fee. Registration is open throughout the year and valid for a specified number of consecutive eight examinations taking into account the cut-off date for the next immediate examination after registration. There is a cut-off date beyond which the registrants cannot take immediate examination. Registration Fee is 500/- + Service Tax(as applicable)

(iii)

(iv)

(v)

13. Calendar Of Events For Certification 13.1 For Regular Students

Schedule For August, 2013 Batch of Certification Scheme in Information Security Level-1, Level-2 and Level-3
Last date for submissio n of Entrance Exam Applicatio n 08th August 2013 Entrance Exam Date Admissio n Cut-off date Commen cement date of classes Last date for submiss ion of Registra tion Form 18th
Novembe r

Last date for submissio n of filledin Exam form

Last date for submissio n of filledin Exam form with late fee 10th January 2014

Date of Commence ment of exam

Date of Declaratio n of Results

25th August 2013

16th
September

16th
September

27th
December

2013

2013

2013

2013

First week of February 2014

Last week of March 2014

13.2 For Direct Students

Schedule For August, 2013 Batch of Certification Scheme in Information Security Level-1, Level-2 and Level-3
Last date for submission of Registration Form 18th November, 2013 Last date for submission of filled-in Exam form 27th December, 2013 Last date for submission of filled-in Exam form with late fee 10th January, 2014 Date of Commencement of exam First week of February, 2014 Date of Declaration of Results Last week of March, 2014

14. Entrance Examination pattern for Regular Candidates only

Wwww.nielitgkp.edu.in Wwww.nielit.in
169(150+19 Service Tax)

Demand draft drawn in favour of NIELIT, Gorakhpur Centre payable at Gorakhpur.

07

prospectus
15. Certification Examination Pattern The examination for Information Security Certification Scheme will be conducted on following pattern: i. Examination will be conducted two times in a year on last week of December/January and June/July. The theory examination of each paper will contain both objective as well as subjective questions. To qualify for a pass in a module, a candidate must have obtained at least 50% in each theory and practical examination. There will be a single application form for examination and for each examination the candidate has to fill in the said form. Examination form will be available for free download from our website (http://www.nielitgkp.edu.in) from 18 November, 2013. On successful completion of all modules (theory and practical) of levels 1&2 the candidate will be awarded certificate. But in the case of level 3 candidate have to clear all the theory papers, practical and viva corresponding to the industrial project.For Level -3 candidates have to choose one of the three specialization given for Level -3. Vi. The structure for the examination fee is as follows:

ii.

iii.

iv.

v.

Examination Fee

Fee structure is same for Level- 1, Level-2 and Level-3

16. Course Modules LEVEL-1 CERTIFIED SYSTEM SECURITY ANALYST

S.No. 1. 2. 3. 4. 5.

Code IS-C1-01 IS-C1-02 IS-C1-03 IS-C1-04 IS-C1-05

Paper Computer Fundamentals And Computer Networks Operating System Administration Information Security Concepts System Security Practical

Max. Marks 100 100 100 100 100

08

prospectus
Level-2 Certified System Security Professional (6 Months)

S.No. 01. 02. 03. 04. 05.

Code IS-C2-01 IS-C2-02 IS-C2-03 IS-C2-04 IS-C2-05

Paper Cryptography and Network Security System and Device Security Mobile and Wireless Security Database and Web Application Security Practical

Max. Marks 100 100 100 100 100

Level-3 Certified System Security Solution Designer ( 6 Months +6 Month Industrial project )

S.No. 01. 02. 03. 04. 05.

Code

Paper

Max. Marks 100 100 100 100 100

IS-C3-D-01 Application Security & E-Commerce IS-C3-D-02 Public Key Infrastructure and Trust Management IS-C3-D-03 Security Standards & Information Security Policy IS-C3-D-04 Cyber Law and IPR Issues IS-C3-D-05 Practical

Level-3 Certified Information Systems Security Auditor (6 Months +6 Month Industrial project)

S.No. 01. 02. 03. 04. 05.

Code

Paper

Max. Marks 100 100 100 100 100

IS-C3-A-01 Security Standards & Information Security Policy IS-C3-A-02 Auditing, Penetration Testing & Information Security Risk Management IS-C3-A-03 Public Key Infrastructure and Trust Management IS-C3-A-04 Cyber Law and IPR Issues IS-C3-A-05 Practical

09

prospectus
Level-3 Certified Computer Forensic Professional ( 6 Months +6 Month Industrial project )

S.No. 01.

Code IS-C3-F-01

Paper Cyber Crime, Indian IT (Amendment) Act 2008 and Introduction to Computer Forensics Seizure & Imaging of Digital Evidence Analysis of Digital Evidence Computer Forensics for Windows & Linux Systems and Anti-forensics Practical

Max. Marks 100

02. 03. 04. 05.

IS-C3-F-02 IS-C3-F-03 IS-C3-F-04 IS-C3-F-05

100 100 100 100

17.Guidelines for the Projects

In Level-3 there is an Industrial Project in the NIELIT Certification Scheme, in Information Security. This project is an an integral part of the Level3, to qualify for the certification at level3. The Project is identified by the student under guidance and support of faculty, management of the respective institute and through Industrial Interaction with the Industry in which student would undergo the project. The Project work should be of nature of Product/system design and development. The Or problem may be selected from an industry/institution. The project has to be done individually and no grouping is allowed. There is only one project to be submitted. Project is evaluated against 500 marks. Out of 500 marks 100 marks are earmarked for project guide from the centre,100 marks are earmarked for project guide/supervisor from the industry where student is undergoing the project and 300 marks are earmarked for viva-voice to be conducted by an external expert and it is necessary that student obtain 50% marks in each to pass the project part. In project one member committee expert sits for the evaluation at the external expert end. Project has to be submitted along with a fee of Rs 500 plus service tax as applicable(in the form of draft in the favour of NIELIT, Gorakhpur Centre and payable at Gorakhpur), along with certificate in the prescribed format . A viva-voce will be conducted by an expert nominated by the NIELIT Gorakhpur Centre for the evaluation by external expert, as far as possible near the candidate's location.In case of Direct Candidates 200 marks are earmarked for project guide/supervisor from the industry as there will be no internal guide. 1. Objective of the Project The aim of the project is to give the students an integrated experience in solving a real life problem by applying knowledge and skills gained on completion of theory papers up to level3. It provides an occasion for students to realize the importance of resource and time management, ownership of task towards deliverables, innovation and efficiency in task management. It also provides a good opportunity for students to build, enhance and sustain high levels of professional conduct and performance and evolves a problem solver frame of mind in student. It is also felt that taking up the project by a student prepares him for a job in industry and elsewhere. 2. Who could be a Supervisor/Guide: A guide for project should be a person with M.Tech or equivalent qualification and adequate experience in the area in which the student has chosen the Project.There will be two guides one from the centre at which the student is undergoing the course and other from the Industry at which the
10
Or

prospectus
student will do the project.Regarding guide from the Industry the Qualification for the guide could be B.Tech with five year of adequate experience in the area in which the student has chosen the project. The Institute concerned will render all help including the nomination of the guides.

3. Time of Submission of Project Students can submit the project only after clearing all papers at Level3. Projects would be approximately 480 man-hours and should be of about 50 pages (excluding coding) and carries a total of 500 marks(100 marks for project guide from the centre,100 marks for project guide /supervisor from the industry and 300 marks for viva-voice to be conducted by external expert).

4. Some important notes while preparing the project proposal The following suggested guidelines may by followed in preparing the Final project Report: a. Good quality white executive bond paper A4 size should be used for typing and duplication. Care should be taken to avoid smudging while duplicating the copies. b. Page Specification: (Written paper and source code) Left margin Right margin Top Bottom 3.0 cms 3.0 cms 2.7 cms 2.7 cms

Orbe numbered at the c. Page numbers All text pages as well as Program source code listing should bottom center of the pages. Or

5. Submission of Project Report to NIELIT Centres The student will submit his/her project report in the prescribed format. The Project Report should include: 1. Two hard Copies of the Project Report 2. Soft copy of project on Floppy/CD 3. The Project Report may be about 50 pages (excluding coding). 4.Draft of Rs 500+service tax as applicable in the favour of NIELIT , GORAKHPUR CENTRE payable at Gorakhpur.

11

prospectus
FORMAT FOR CERTIFICATE FROM NIELIT CENTRES FOR PROJECT AT LEVEL-3

This is to certify that this is a bonafide record of the Project Work (Titled __________________________ ) done satisfactorily at NIELIT Centre _______________by Mr./Ms ___________________________ having Registration Number ______________ in partial fulfillment of Certification at Level3 of NIELIT Certification Scheme in Information Security.

This report or a similar report on the topic has not been submitted for any other examination and does not form part of any other courses undergone by the candidate.

Place : Date :

Signature of Candidate

Signature of guide from the NIELIT CENTRE Name & Seal of NIELIT Centre

Signature of guide from the Industry Name &Seal of the Industry

12

prospectus
18.Entrance Examination / Final Examination Centres (with Alpha code) EXAMINATION IS PROPOSED TO BE CONDUCTED AT THE CENTRES ALL OVER INDIA AS GIVEN BELOW:

Jammu & Kashmir Jammu JKJAM Srinagar JKSNG Chandigarh Chandigarh CHCHA Manipur Imphal MNIMP

Delhi New Delhi DLNDL

Mahar ashtr a Aurangabad MHAUR

Or issa Bhubaneshwar ORBHU

Uttar Pradesh Lucknow UPLNW Gorakhpur UPGKP Bihar Patna BHPAT

Or Or

Ke rala Calicut KRCAL Andhra Pradesh Hyderabad APHYD

West Bengal Kolkata WBKKT Karnataka Bangalore KRBAN

Tamil Nadu Chennai TNCHN

Note : NIELIT reserves the right to change/cancel any centre mentioned above.In such case candidates who have applied for that centre will be allocated their second choice/nearest centre examination centre.

13

prospectus
19.Expert Committee for certification scheme in Information Security 19.1. Committee Members : There is an Expert Committee constituted for the certification scheme in Information Security with the approval of Secretary, Department of Information Technology. The following is the structure of the Committee:
i) ii) Prof. Sukumar Nandi,IIT,Guwahati Dr.M.S. Gaur, Malviya National Institute of Technology(MNIT),Jaipur iii) Dr. Kamlesh Bajaj, CEO Data Security Council of India (DSCI) ,New Delhi iv) Dr. Ajay Data CEO,Data Infosys Limited Jaipur v) Shri Sanjay Vyas, Joint Director, HRD Division, DeitY,New Delhi vi) vii) Viii) Representative of AICTE Representative of BSNL Shri Alok Tripathi, Joint Director NIELIT, Centre Gorakhpur IX) Shri Basab Dasgupta, Deputy Director NIELIT, Delhi

Chairman Member

Member Member

Member Member Member Member

Member Secretary

19.2. The Terms of the Reference of the Committee are as follows:-

14

prospectus

Appendix A
LEVEL-1 CERTIFIED SYSTEM SECURITY ANALYST IS-C1-01: Computer Fundamentals and Computer Networks Lecture Hours: 60 Hours Practical Hours: 60Hours

Sr.No. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18.

Topics Overview of PC architecture Different bus standards (ISA, PCI, PCMCIA) Different Add-on Cards like memory, Graphics etc. Operating system architecture Process Management Memory Management File system Management Introduction to Network OS Basics of Communication Systems Transmission Media OSI ,TCP/IP Models Local Area Networks Wide Area Networks Networking Protocols IP addressing & Routing Understanding & recognizing TCP, IP, UDP, ICMP, Ethernet Packets Internetworking Devices (Hub, Switch, Router etc.) Wireless Networks Total

Number of Hours 02 03 03 02 03 06 03 03 03 03 06 02 03 03 03 03 05 04 60

Detailed Syllabus Overview of PC Architecture 2 Hours

What is a Computer , How computers operate ,Types of computers , The computing environment,The Enterprise Computer Environment , Types of computers in the enterprise, Where the PC fits in the enterprise environment ,Computers and PC Hardware Architectural Components ,CPUs,

Chipsets,Memory ,I/O ,Component interaction ,PC Software ,CISC versus RISC computer models ,Software ,Assembly, interpreted, and compiled software, Mother Board Components ,CPU ,Chipsets ,Interrupt and DMA controllers and how they work ,Memory ,Static and dynamic RAM and their derivations BIOS ,CMOS RAM ,I/O subsystem ,Embedded and add-in devices Different BUS standards 3 Hours

Serial Interconnects and Layered Protocols ,Parallel models ,Serial models, Synchronous versus asynchronous operation , Physical Layer Function and Services , Logical Sub-Block , Expansions Slots
15

prospectus
and Add-In Cards , Bus evolution and the bus wars , ISA, EISA, MCA, PCI, PCI-X, PCI Express ,PCMIA, Video and Monitor Types , Ports Serial and parallel ,USB and FireWire , Ethernet , Mass Storage Devices , Floppy and hard drives , High and low level formatting , CDs and DVDs ,Types, speeds, and formatting Different Add-on cards Add-on Video Cards ,Add-on Memory Cards , Add-on Graphics Cards Operating System Architecture 2 Hours 3 Hours

Introduction to Operating Systems , OS Internals and Architecture , Memory management, processes and threads , Files, file systems and directory structure ,The Boot Process , POST , Windows boot process , Linux boot process , Basic OS Configuration Process Management 3 Hours

Types of Process ,Multitasking , Input, Output & Error redirection , Managing running process , Killing Started process, Understanding the init process , Parent processes , Tools for working with processes, Process scheduling , Inter process communication , Signals , Pipes , FIFO , Queues , Semaphores ,Shared Memory Memory Management 6 Hours What is Memory Management , Abstract Model of Virtual Memory , Demand Paging Swapping , Shared Virtual Memory , Physical & Virtual addressing Modes , Access Control, Caches , Buffer Cache, Page Cache , Swap Cache , Hardware Caches , Page Tables, Page Allocation & deallocation , Memory Mapping, Demand Paging, Page Cache , Swapping out & discarding Pages , Reducing Size of Page & buffer cache , Swapping out system shared memory pages, Swap, Cache , Swapping Pages in File System Management 3 Hours Types of file system, Comparison of file system , Virtual file System , Program used to manage file system , Making a file system, Checking a file system , File System Fragmentation , File Fragmentation , Free Space Fragmentation, Related file Fragmentation Introduction to Network operating System 3 Hours Networking OS Software ,Network basics and network models , Protocols , OSI and TCP Drivers Basics of Communication Systems 3 Hours Basic Telecommunication System ,Types of Communication , Transmission Impairments , Analog Versus Digital Transmission , Components, Data representation, Data Flow , Issues in Computer Networking , The Beginning of the Internet , Service and Applications , Packet Switching Concepts, Virtual Circuit , Datagram Service , Source Routing , Issues in Computer Networking

16

prospectus
Transmission Media 3 hours Twisted Pair Cable ,Coaxial Cable , Fiber Optic Cable , Unguided Media : Wireless Radio Waves , Micro Waves , Infrared OSI Model, TCP/IP Model 6 hours OSI Model , Layered Architecture , Peer to Peer Process, Encapsulation , Layers in the OSI Model , Physical Layer , Data Link Layer , Network Layer , Transport Layer , Session Layer , Presentation Layer , Application Layer , Summary of Layers , TCP/IP Protocol Suite , Physical and Data Link Layers , Network Layer , Transport Layer Local Area Networks 2 hours The Ethernet LAN , LAN Protocol , CSMA/CD protocol , Ethernet Addresses , Ethernet Frame Format , LAN Transmission Media , LAN Topologies , Medium Access Control Protocols in LANs, LAN Standards, LAN Bridge , Wireless LANs Wide Area Networks 3 hours Issues in Wide area Networking , X.25 Protocol , Overview of X.25 , A Satellite-Based X.25 Networks , Addressing in X.25 Networks Networking Protocols 3 hours

Internetworking, Need for Network Layer, Internet as a datagram network, Internet as a connection less network, IPv4, Datagram , Fragmentation, Checksum, IPv6, Advantages of Packet Format, Extension Headers

IP Addressing and Routing

3 hours

IPV 4 Address , Address Space, Notations, Classful Addressing, Classless Addressing, Network Address Translation (NAT), IPv6 Address, Structure, Address Space, Routing protocols, Direct Delivery, Indirect Delivery, Routing Tables and next-Hop Routing Adaptive routing, Routing within Autonomous systems, Open shortest path First (OSPF), Flooding, Routing between autonomous systems, Exterior gate way protocol, Border Gate way Protocol

Understanding and Recognizing TCP,IP UDP, ICMP,Ethernet Packets

3 hours

TCP (Transmission Control Protocol), Flow Control and Acknowledgments , Stop-and-wait Protocol , Sliding Window Protocol , Congestion Control, IP (Internet Protocol), Overview of IP, Internet Addressing Scheme , Dotted Decimal notation , Address Resolution Protocol , Reverse Address resolution protocol ,IP Datagram format , UDP (User Datagram Protocol), UDP Datagram format , Overview of ICMP, Overview of Ethernet Packets

17

prospectus
Internet Working Devices HUB, Switch and Routers Wireless Networks 4 Hours 5 Hours

Introduction to personal Area Networks, Overview of Blue tooth, Home RF , IRDA , IEEE 802.1X References 1. 2. 3. 4. A+ Jumpstart PC Hardware and O.S. Basics by Faithe Wemben,BPB. A+ Complete study Guide by Quentum Doctor.,BPB CCNA study Guide by Todd Lammale,BPB N+ study Guide 4th Edition David Groth,BPB

PRACTICAL ASSIGNMENTS

Total: 60 hrs

18

prospectus
IS-C1-02: Operating System Administration Lecture Hours: 60 Hours Practical Hours: 60Hours S. No. Topic WINDOWS OPERATING SYSTEM 1. 2. 3. 4. 5. Introduction to Windows Operating System Installation and Configuration Installation and Managing Active Directory Managing and Securing Resources Performance and Maintenance LINUX OPERATING SYSTEM 6. 7. 8. 9. 10. 11. 12. Introduction to Linux Linux Installation Booting Procedures Linux Commands and Shell Programming System Administration X Windows Performance Tuning Detailed Syllabus Windows Operating System Introduction to Windows Operating System 02hours Windows 2003 Server, System Requirement, Architecture, Groups, Domains and Active Directory. Installation and Configuration 07hours Hardware Requirement, Preparation for Installation, Disk Partitioning, Dual Booting Feature, Remote Installation Server, Troubleshooting during Installation. Installation and Managing Active Directory 02hours Understanding feature of Active Directory, Structure, Naming Convention, Window 2003 Domain Organizational Units, Installing Active Directory, Controlling Access to Active Directory, Locating Objects Inactive Directory and Administration of Active Directory Objects.
19

No. of Hours

02 07 05 12 05

02 03 03 07 10 02 02

prospectus
Managing and Securing Resources 12hours Configuration of Hardware Devices, APM, Working with File System, Upgradation of Hard Disk, Backup Strategy, Managing Users Account and Profiles, Managing Group Accounts, System Policy and Group Policy, Monitoring Disk Quotas, Auditing, Configuring and Scheduling Printer Tools, Setting Up of IIS Web Server, SQL Server and Exchange Server. Performance and Maintenance 05hours Monitoring Performance using System Monitor, Setting up of Services, Recovering from Disk Failure. LINUX OPERATING SYSTEM Introduction to Linux 02hours Development of Linux, Various Distribution of Linux, Linux System Concepts- Directory Structure and File Structure. Linux Installation 03hours System Requirement, Different types of Installation- CD ROM, Network and quick Start, Different types of Linux Installation Server, Workstation and Customs, Disk Partitioning Auto and Manual, Boot Loader, Packet Selection, Network and Authentication Support. Booting Procedures 03hours LILO / GRUB Configuration, Server Security, Run Level, Initialization Script, Devices Initialization and their Access, Set Down Procedures. Linux Commands and Shell Programming 07hours Concepts of Processes, Commonly used user Commands, vi Editor, Various Shells and Shell Programming. System Administration 10hours Services- Initialization and Status, Creating and Maintaining of User Account, and Group Account, Disk and Device Management, Backup Concepts, Installation and Maintenance of various Servers Apache, Squid, NFS, DHCP, NIS and Printer Server. Xwindows 02hours Introduction, Installation and Configuration of XWindows, Working with X- Windows GNOME, KDE, Window Manager. Performance Tuning 02hours Logrotate, Backup Strategy, Study of various Services for Performance Tuning, Enhancement and Optimization.

References: 1.Windows Server 2003 Network Security Design Study Guide by Reisman BPB Techmedia. 2.Windows Server 2003 Network security Administration Study Guide by Kaufmann BPB Techmedia. 3.Red Hat Linux Security and Optimization. Red Hat press. 4.Building Secure Server with Linux. O'Reilly Publishers 5.Linux Security by Hontanun. BPB Techmedia

20

prospectus
IS-C1-02: Operating Sysytem Administration PRACTICAL ASSIGNMENTS
Windows Practical List

Total: 60 hrs

21

prospectus
IS-C1-03: Information Security Concepts Lecture Hours: 60 Hours Practical Hours: 60Hours

No 1 2 3 4 5 6 7 8 9 10 11 12
Detailed Syllabus

Topic Basics of Information Security Security threats and Vulnerabilities Cryptography Identification and Authentication Network Security Security Tools and Techniques Internet Security E-mail Security Wireless Security Risk Assessment and Disaster Recovery Computer Forensics Information Security laws Total Hrs

Minimum No of Hours 10 8 6 2 8 2 5 2 5 6 4 2 60
10 hours

Basics of Information Security

Introduction to Information Security, History of Information Security, Need for computer security Confidentiality, Integrity, Availability, Authenticity, Accountability, non-repudiation, Authorization, Security threats, Intrusion, Hacking, Security mechanisms Prevention, Detection, Recovery, Anti virus, Encryption, Firewall, VPN, Access control, Smart card, Biometrics, Intrusion Detection, Policy management, Vulnerability Scanning, Physical security, Backup, Auditing, Logging ,National & International Scenario Security threats, Vulnerabilities 08 hours

Overview of Security threats, Vulnerabilities, Access Attacks Snooping, Eavesdropping Interception, Modification Attacks Changes, Insertion, Deletion, Denial-of-Service Attacks - Denial of Access to Information, Applications, Systems, Communications, Repudiation Attacks Masquerading, Denying an Event , Malicious code - Viruses, worms, Trojan horses, how they work and how to defend against them, Sniffing, back door, spoofing, brute force attack, Social Engineering, Vulnerable Configurations , Security of Hard drives, laptops & mobile devices Cryptography 06 hours

Symmetric versus asymmetric cryptography, Advantages & disadvantages of Symmetric versus asymmetric cryptography, How to mix and match both in practical scenario, Key management, Digital Signature & other application of cryptography, PKI CA, RA, Subscriber etc, PKI usage, From user side, CA/RA side etc, Type of PKI hierarchy, Single CA, trust models etc, Certificate managemen Identification and Authentication 02 hours Access Control models Mandatory Access Control, Discretionary Access Control, Role based Access Control, Methods of Authentication Kerberos, CHA, Certificates, Username/Password, Tokens, Biometrics, Multi-factor, Mutual Network Security 08 hours Network Infrastructure Security Workstation, Server, Router, Switch, Modem, Mobile devices, Firewalls and packet filtering, Proxy or application level gateways security devices, VPN, Intrusion detection System , Electronic payment System Introduction to IPSec, PPTP,L2TP

22

prospectus
Security Tools and Technologies 02 hours Network scanners, Vulnerability scanners, OS fingerprinting: nmap, nessus, MBSA, SAINT, John the Ripper, Forensic tools, Others. Internet Security 05 hours Recognize and understand the following Internet security concepts ,Customizing Browser Security Settings, Vulnerabilities Cookies, Java Script, ActiveX, Applets, Buffer overflows, Anonymous surfing, Phishing, HTTP/S, SSL/TLS and Certificates Internet use - best practices E-mail Security 02 hours POP3 vs.Web-based e-mail, Encrypting and signing messages, S/MIME, PGP, Vulnerabilities Spam, E-mail hoaxes , Email use - best practices Wireless Security 05 hours Wired/Wireless networks, Ad-hoc network and sensor networks, WTSL, 802.11 and 802.11x, WEP/WAP(Wired Equivalent Privacy /Wireless Access Protocol), Vulnerabilities , Site Surveys, DOS and DDOS attacks Risk Assessment and Disaster Recovery 06 hours Asset classification, Information classification, Organization level strategy, Process level strategy, Risk assessment methods, Risk classification, Business continuity plan , Business impact analysis, Event logs, Security Auditing , Disaster Recovery Plan , Backup, Secure Recovery- Alternate sites, Security Policies & Procedures Computer Forensics 04 hours Nature and types of cyber crime- Industrial espionage, cyber terrorism, Principles of criminal law, Computer forensic investigation Digital evidence, Forensic analysis Information Security laws 02 hours IT-Act, The rights the various parties have with respect to creating, modifying, using, distributing, storing and copying digital data. Concurrent responsibilities and potential liabilities, Intellectual property issues connected with use and management of digital data Recommended Books Main reading 1.Network Security Bible Eric cole and Ronald L KrutzWile dreamtech India Pvt Ltd, New Delhi 2.Fundamentals of Network Security by Eric Maiwald , Dreamtech Press 3.Absolute Beginner's Guide To: Security, Spam, Spyware & Viruses By Andy Walker, Publisher: Que 4.Computer Security Basics, 2nd Edition By Rick Lehtinen, Publisher: O'Reilly Supplementary Reading 1. Network Security Essentials: Applications and standards Stallings, Pearson Education Pvt Ltd, Delhi 2. Computer viruses, Computer Security, A Global challenge by Cohen Elsevier Press 3. Incident Response & Computer Forensics by Kevin Mandia, Chris & Matt Pepe TATA McGRAW Hill Edition 4. 802.11 Security Bruce Potter Bob Flick, O'Reilly 5. B.Schnier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2/e, John Wiley and Sons, New York, 1996. 6. Foundations of Computer Security by David Solomon, Publisher: Springer 7. Security+ In depth by Paul Campbell, Publisher: Vijai Nicol Imprints Chennai 8. Digital Security Concepts and Cases , ICFAI University Press, Hyderabad
23

prospectus

PRACTICAL ASSIGNMENTS

Total: 60 hrs

24

prospectus
IS-C1-04: System Security Lecture Hours: 60 Hours Practical Hours : 60Hours

Outline of the Syllabus Sr.no 01. 02. 03. 04. 05. 06. 07. 08. 09. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. Topic Design of Secure Operating System Design of Trusted Operating System Operating System Hardening Operating System Controls Internet Protocols and Security Application Security WWW Security SHTTP(Secure HTTP) SMIME ( Secure Multipurpose Internet Mail Extension) PGP SET (Secure Electronic Transaction) E-mail security and Instant Message Security Access Control Internet Security Protocols Managing Personal Firewall and Antivirus Remote Access Security Secure Configuration of Web Server Secure Configuration of Database Server Secure Configuration of Email Server Minimum no. of hours 04 04 06 04 04 02 02 02 02 02 02 02 04 04 06 04 02 02 02

25

prospectus
Detailed Syllabus Design of Secure Operating System 04 hours Introduction of a Secured System, Drawbacks of Existing Operating System (Bugs, Fault Isolation, Huge size Kernel Program etc.), Patching Legacy Operating System, Paravirtual Machines Concept, Future System Design of Trusted Operating System 04 hours Introduction, Security Assurance Evaluation, Need for Trusted Operating System Features of Trusted OSs Operating System Hardening 06 hours Function of Operating system , Types of OS ( Real time OS, Single User Single task OS, Single UserMulti tasking System, Multiuser System), Task of OS , Process Management, Memory Management, Device Management, Storage Management, Application Interface, User Interface, Security Weakness, Operating System, Windows Weakness, LINUX Weakness, Hardening OS during Installation, Secure User Account Policy, Strong User Password Policy, Creating list of Services and Programs running on Server, Patching Software, Hardening Windows, Selecting File System, Active Directory / Kerberos, General Installation Rules, Hardening Linux, Choose the correct installation procedure , different installation tools, Partitions and Security, Network Services, Boot Loaders, Reverse Engineering Operating System Controls 04 hours Introduction - How the Computer System Works, Purpose of an Operating System Types of Operating System, Wake up Call, Power on Self Test, BIOS, Boot Loader Task of an Operating System Internet Protocols and Security 04 hours Introduction of Internet Protocols, IPSec Operation, IPSec Implementation, IPV4 Network Versus IPV6 Network, Problems with IPSec Application Security 02 hours Hacking WEB Applications, How are the WEB applications attacked, Input Validation attack, Full Knowledge Analysis WWW Security 02 hours

Web Security Considerations, Hacking Web Platforms, Web Platform Security Best Practices, Web Authentication threats, Bypassing Web Authentication, (Token Relay, Identity Management, ClientSide Piggybacking), Attacking Web Authorization SHTTP(Secure HTTP) Introduction , Overview of SHTTP 02 hours

SMIME ( Secure Multipurpose Internet Mail Extension) 02 hours Introduction, Functionality, Digital Signature, Message Encryption, Triple-Wrapped Messages,S/MIME Certificates, Usage of S/MIME in various e-mail software, Obstacle of Deploying S/MIME, CAVEATS PGP 02 hours Introduction, Use of PGP , Encryption and Decryption in PGP, PGP Services, Message, Key Management SET (Secure Electronic Transaction) 02 hours Introduction of SET, SET Technology, Symmetric and Asymmetric encryption in SET, Transaction Authenticity, Importance of secure transactions

26

prospectus
E-mail security and Instant Message Security 02 hours Introduction, E-mail Attack, Use of Digital Certificate to prevent attack, Introduction to IM Security, Best Practices for IM security Access Control 04 hours Access Control Basics, Access Control Technique, Access Control Administration, Centralized Access Control, Decentralized Access Control, Accountability, Access Control Models, Identification and Authentication Methods, Biometric Authentication Internet Security Protocols 04 hours IP Security Architecture, Authentication Header, Encapsulating Security Payload Combining Security Associations, Key Management Managing Personal Firewall and Antivirus Managing Logs, Upgrades, SNMP, Internet Service Provider Issues, Defense in Depth 06 hours

Remote Access Security 04 hours Business Requirement of Remote Access, Remote Access Technologies, VPN, Extranet and Intranet Solution, Use of VPN for Remote Access Security, IPSec, Point to Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP), SSL Authenticated access of files through SAMBA for different OS, Overview of RAS Server for Small Enterprise Application, Overview of Remote Access through ISP, Remote Administration Secure Configuration of Web Server 02 hours Protecting Directories and Files against Profiling, IIS Hardening, Apache Hardening, Analyzing Security Logs, Web Authorization / Session Token Security, IE Security Zones, Low Privilege Browsing, Server Side countermeasure Secure Configuration of Database Server 02 hours Access control policy , Protecting Read Only Accounts, Protecting high risk stored procedures and extended functionality, Patch updates Secure Configuration of Email Server 02 hours Vulnerabilities of Mail Server, Improving the Security through appropriate planning Security Management Practices and Controls, Secured OS and Secured Application Installation, Improving the Security through Secured Network Infrastructures

References: 1) 2) 3) 4) Network Security Bible, Cole, WILEY Designing Security Architecture Solutions, Ramachandran, WILEY Network Security Essentials : Applications and Standards,William Stallings. Hacking Web Applications Exposed, TATA McGraw-HILL By Joel Scambray, Shema, Caleb Sima

Mike

27

prospectus

PRACTICAL ASSIGNMENTS

Total: 60 hrs

28

prospectus

Appendix B
LEVEL-2 CERTIFIED SYSTEM SECURITY PROFESSIONAL IS-C2-01: Cryptography and Network Security Lecture Hours: 60 Hours Practical Hours: 60Hours

Sr.No. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10.

Topics Introduction Classical Encryption Techniques Mathematics Fundamentals associated with cryptography Symmetric ciphers Asymmetric ciphers Internet Security Protocols User Authentication and Kerberos Electronic Mail Security IP Security Firewalls and Virtual Private Networks (VPN) Total

Number of Hours 02 04 06 08 10 08 06 04 06 06 60

2.

Detailed Syllabus 1. Introduction 02 hours

Active attacks, passive attacks, confidentiality, integrity, availability, Non-repudiation, plain text, encryption algorithm, secret key, text, decryption algorithm, cryptanalysis, brute force attacks.

2. Classical Encryption Techniques size. 3.Mathematics Fundamentals associated with cryptography

04 hours

Substitution Techniques, Transposition Techniques, Rotor machine, steganography key range and key

06 hours

Groups, Rings, Fields, Prime numbers, Euclid's Algorithm, Modular Arithmetic and Discrete logarithms, Finite Fields, Polynominal arithmetic, Fermat's Theorem Euler's Theorem, Chinese Remainder Testing for Primality Quadratic Residues, Legendr Symbol, Jacobi Symbol Hasse's Theorem, Quadratic Reciprocity Theorem, Masseyomura protocol, Inverse of a matrix.

4. Symmetric ciphers

08 hours

Block cipher principles, DES, Strength of DES, Differential and Linear cryptanalysis, Block cipher Design principles, International Data Encryption algorithm (IDEA), Steam cipher RC4, RC5, Blowfish, AES Evaluation criteria for AES, Triple DES, Traffic confidentiality key distribution, Random number generation

29

prospectus
5.Asymmetric chippers 10 hours

Brief history, overview, RSA algorithm, Key management, Diffie-Hellman key exchange, Elliptic curve cryptography, Difference between Asymmetric and Symmetric ciphers. Authentication message, Authentication codes, Hash functions, Security of Hash functions and MAC, Hash Algorithm Whirlpool, HMAC, CMAC. Digital Signature, Authentication protocols, Digital signature standard, Public-key Infrastructure, Models of PKI, Digital certifications private key management.

6.Internet Security Protocols

08 hours

Introduction,secure socket layer, Transport Security Layer (TLS), Secure Hyper Text Transfer Protocol (SHTTP), Time Stamping Protocol (TSP), Secure Electronic Transaction (SET), SSL Versus SET, 3D Secure Protocol, Electronic Money.

7.User Authentication and Kerberos

06 hours

Introduction, Authentication Basics, Passwords, Authentication, Biometric Authentication, Kerberos, Key Distribution Centre (KDC), Security Handshake Default, Single Sign (SSO) Approached .

8.Electronic Mail Security Introduction, E-mail headers and Body, Proxy SMTP, Pretty Good Privacy (PGP), S/MIME.

04 hours

9.IP Security

06 hours

IP Security overview, IP Security Architecture, Authentication Header, Encapsulating Security payload (ESP), Combining Security Associations, Key Management .

10.Firewalls and Virtual Private Networks (VPN) Firewalls, Firewall Design Principles, Virtual Private Network (VPN), Intrusion

06 hours

References : Detailed References are provided in the course material to be given to registered candidates.

Note: This paper is theoretical paper and consists mainly tutorials but few hands-on may be done using Crypto tool. Software may be downloaded from our website.

30

prospectus
IS-C2-02: System and Device security Lecture Hours: 60 Hours Practical Hours: 60Hours

Outline of the Syllabus Sr.no Topic Part - I (Operating System Threats) 1. 2. 3. 4. 5. Program Security Fascination of Malicious Code Analysis Malicious Code Environment Classification of Infection Strategies Strategies of Computer Worm Part - II (Securing OS from Threats) 6. 7. 8. Antivirus Techniques Advanced Antivirus Techniques Case Studies 4 6 4 2 4 4 3 3 Minimum no. of hours

Part - III (Device Security) 9. 10. 11. 12. 13 . 14. 15. Introduction to Network Infrastructure Security Switch Security Router Security DNS Security ADSL Security Cable Modem Security Protecting Network Infrastructure- A new approach 4 2 4 4 5 5 6

Detailed Syllabus Part-I (Operating System Threats) 1. Program Security 02 hours

Secure Program, Virus and other Malicious code, targeted malicious code,Control against Program threats 2. Fascination of Malicious Code Analysis 04hours Common pattern of virus research, antivirus defense development, terminology of malicious program, Computer malware naming scheme 3.Malicious Code Environment 04hours Computer architecture dependency, CPU dependency, OS dependency, File system and file format dependency, Network protocol dependency

31

prospectus
4. Classification of Infection Strategies Boot Viruses, File infection techniques, In depth look at WIN32 Viruses 03hours

5. Strategies of Computer Worm 03hours Generic structure of computer worms, Common worms code transfer and execution techniques

Part-II (Securing OS from threats) 6. Antivirus Techniques 04Hours Detection: Static Methods, Scanners, Static Heuristics, Integrity Checkers,Dynamic Methods, Behavior Monitors/Blockers, Emulation,Comparison of antivirus techniques 7. Advanced antivirus techniques 06hours Retroviruses, Entry point obfuscation, Anti-Emulation (outlast, outsmart, overextent) Armoring (Anti-Debugging, Anti-bisassembly), Tunneling (Integrity checkers attacks), Avoidance, Deworming, defense (User, host, perimeter), capture and containment (Honey pots, Reverse Firewalls, Throtting), Automatic Counter measures 8. Case Studies Linux/Unix Security Details, Trusted Operating Systems Part-III (Device Security) 9. Introduction to Network infrastructure security 04hours Internet infrastructure, key components in the internet infrastructure, internet infrastructure security 10 Switch Security Introduction, How switches can be attacked 02hours 04hours

11.Router security 04hours Over view of Internet routing, External and internal attacks, RIP attacks and countermeasures, OSPF attacks and countermeasures, BGP Attacks and countermeasures 12.DNS Security Introduction, DHCP attacks, DNS attacks 04hours

13.ADSL Security 05hours Introduction, DSL family tree, ADSL, ADSL benefits, security threats, countermeasures, topologies with ADSL modems, Topologies with ADSL routers, recommended topologies, using routers as a firewall, limitations, Features Risk, precautionary Measures. 14.Cable Modem security 05hours Working of cable Modem, Cable Modem security threats, different filtering techniques, DHCP server filter, Microsoft networking filter, Network isolation filter, static IP address filter, MAC address filter, comparing DSL and cable Modem security threats. 15.Protecting Network Infrastructure- A new Approach 06hours Analysis on security problems of network infrastructure, steps in hacking network infrastructure, Flat network design model and Masquerading, A new Model to protect network infrastructure. References :
Detailed References are provided in the course material to be given to registered candidates.
32

prospectus
IS-C2-02: System and Device Security PRACTICAL ASSIGNMENTS PL1 To study network/System scanning using nmap in details. PL2 To study ARP Cache Poisoning, MITM Attack & applying its countermeasures. PL3 To study IP Spoofing and Denial of Service attack on a web server & applying its countermeasures. PL4 To create a Trojan based application/utility to create backdoors on a system & applying its countermeasures. PL5 To study Code Injection & applying its countermeasures. PL6 Configuring IPTables firewall on a Linux system. PL7 To configure primary and secondary DNS Servers and configuring it for secure Zone Transfer. PL8 Configuring various security options available in an ADSL Modem PL9 Configuring SNORT IDS on a Linux system for generating alerts for incoming ICMP traffic. PL10 To study SELinux in a RHEL/Fedora Machine.

33

prospectus
IS-C2-03: Mobile and Wireless Network Security Lecture Hours: 60 Hours Practical Hours: 60Hours

Outline of the Syllabus

Sr.no Topic Minimum no. 0f hours

Part - I (Wireless Technology) 1. 2. 3. 4. Wireless Wireless Wireless Wireless Fundamentals Network Logical Architecture Network Physical Architecture LAN Standard 2 4 4 4

Part - II (Security for Mobility) 5. 6. 7. 8. 9. 10. 11. 12. 13. PKI in Mobile Systems Personal PKI Smartcard as a Mobile Security Device Secure Mobile Tokens-The Future Universal Mobile Telecommunications System(UMTS) Security Securing Network Access in Future Mobile System Security Issues in a MobileIPV6 Network Mobile Code Issues Secure Mobile Commerce 2 2 2 2 2 6 2 4 2

Part - III (Wireless Network Security) 14. 15. 16. 17. 18. Security in Traditional Wireless Network Wireless LAN Security Security in Wireless Ad-hoc Network Implementing Basic Wireless Security Implementing Advanced Wireless Security 2 2 2 2 2

Part - IV (Other Wireless Technology)

19. 20. 21. 22. 23.

Home Network Security Wireless Embedded System Security RFID Security Security Issues in Single Hop Wireless Networks Security Issues in Multi Hop Wireless Networks

2 2 2 2 4

34

prospectus
Detailed Syllabus Part-I (Wireless Technology) 1. Wireless Fundamentals 2hours Wireless Medium: Radio Propagation Effects, Exposed Terminal Problem, Bandwidth, Wireless Networking Basics: WLAN, working of WLAN, Current WLAN Standard. 2. Wireless Networking Logical Architecture 4hours OSI Network Model, Network Layer Technologies, Data Link Layer Technologies, Operating System Consideration 3. Wireless Network Physical Architecture 4hours Wired Network Topologies, Wireless Network Topologies, Wireless LAN Devices, Wireless PAN Devices, Wireless MAN Devices 4. Wireless LAN Standard 4hours THE 802.11 WLAN Standards, 802.11 MAC Layer, 802.11 PHY Layer, 802.11 Enhancements, other WLAN Standard Part-II (Security for Mobility) 5.PKI in Mobile Systems PKI overview, PKI in current Mobile Systems, PKI in Future Mobile System 2hours

6.Personal PKI 2hours Issues in Personal PKI, Personal PKI requirement, Personal CAs, Device Initialization, Proof of possession, Revocation in Personal PKIs 7. Smartcard as a Mobile Security Device 2hours Storage cards and Processor cards, Standardization data objects and commands, Smartcards and biometrics 8.Secure Mobile Tokens-The Future 2hours Security Modules, Current use of Security Modules, Security Module Technology, Current use of secure mobile tokens, Personal Security tokens 9.Universal Mobile Telecommunication System Security 2hours Building a GSM Security, UMTS access security, Network Security, IP Multimedia Subsystem Security 10.Securing Network Access in Future Mobile System 6hours Outline of Security Architecture, Design alternatives for authentication and establishment of Security association, IP Layer Security, Link Layer Security, Network Security options 11.Security Issues in a Mobile IPV6 Network Introduction to Mobile IP, MobileIPV6 Security Mechanisms, AAA (authorization, authentication and accounting) requirements for Mobile IP 2hours

12.Mobile Code Issues 4hours Agent and Multi-agent Systems, Security Implication, Security Measures for Mobile Agents, Security Issues for Downloaded code in Mobile phones 13.Secure Mobile Commerce 2hours M-Commerce and its security challenges, Security of the radio interface, Security of mcommerce
35

prospectus
Part-III (Wireless Network Security) 14. Security in Traditional Wireless Networks 2hours Security in First Generation TWNs, Security in Second Generation TWNs, Security in 2.5 Generation TWNs, Security in 3G TWNs 15. Wireless LAN Security 2hours Key Establishment, Anonymity, Authentication, Confidentiality, Data Integrity and Loopholes in 802.11 16. Security in Wireless Ad-hoc Network 2hours Bluetooth: Basics, Security Modes, Key Establishment, Authentication, Confidentiality, Integrity Protection, Enhancements 17.Implementing Basic Wireless Security 2hours Enabling Security Features on a Linksys WAP 11802.11b Access, Filtering by MAC Address, Enabling Security Features on a Linksys WRT54G 802.11 b/g, Configuring Security Features on Wireless Clients 18. Implementing Advanced Wireless Security 2hours Implementing WiFi Protected Access (WPA), Implementing a Wireless Gateway with Reef Edge, Implementing a VPN on a Linksys WRV54G VPN Broadband

Part-IV (Other Wireless Technology) 19. Home Network Security 2hours Basics of Wireless Security, Basics of Wireless Security Measures, Additional Hotspot Security Measures 20.Wireless Embedded System Security Wireless Technologies, Bluetooth, ZigBee, Wireless Technologies and the Future 2hours

21. RFID Security 2hours Introduction, RFID Radio Basics, RFID Architecture, Threat and Target Identification, Management of RFID Security 22.Security Issues in Single Hop Wireless Networks 2hours Cellular Network Security , Access Control and Roaming Issues, Mobile IP Security,Pervasive Computing Security 23.Security Issues in Multihop Wireless Networks 4hours Mobile Adhoc Network Security, Trust Management and Routing Issues, Wireless Sensor Network Security, Key Management, Sybil Attacks and Location Privacy, Vehicular Network Applications and Security, Wireless Metropolitan Area Networks(e.g. 802.11b)

References : Detailed References are provided in the course material to be given to registered candidates.

36

prospectus IS-C2-03: Mobile and Wireless Security

PRACTICAL ASSIGNMENTS Practical1 To study installation and Configuration of Access Point. Practical 2 To study WLAN Setup using ADHOC mode. Practical 3 To study WLAN Setup using Infrastructure mode. Practical 4 To study Security implementation in WLAN. Practical 5 Detecting Wireless Network activity and security lack using Netstumbler. Practical 6 Using Access Point as a DHCP Server. Practical 7 To implement WiFi Protected Access (WPA) security in WLAN. Practical 8 To implement wired Equivalent Privacy (WEP) Security in WLAN. Practical 9 To implement MAC Filtering security in WLAN. Practical 10 To study Hacking of a Wireless Network & implementing its Countermeasure.

37

prospectus
IS-C2-04: Database and Web Applications Security Lecture Hours: 60 Hours Practical Hours: 60Hours

Database Security 1. 2. 3. 4. 5. Integrity Access Control Database Auditing Network Access and Requirements Operating System

28 hours 06 hours 08 hours 06 hours 06 hours 02 hours

Web Applications Security 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. Fundamental of Web Application Security Core Defense Mechanisms Web Application Technologies Client-side Exploit Frame Work Bypassing Client-side Controls Web Based Malware Securing Authentication Securing Session Management Securing Access Controls Securing Application Architecture Web Server and Web Application Testing with Back Track Securing Web Based Services Database Security 1.Integrity

32 hours 02 hours 02 hours 03 hours 03 hours 02 hours 02 hours 03 hours 02 hours 02 hours 03 hours 03 hours 05 hours

06 hours

Software Integrity Current DBMS Version, DBMS Software/Object Modification, Unused Database Software/ Components Database Software Development Shared Production/Development Systems Ad Hoc Queries Multiple Services Host Systems Data Integrity Database File Integrity, Database Software Baseline, Database File Backup and Recovery

38

prospectus
2. Access Control 08 hours

Database Account Controls Authentication Password Guidelines, Certificate Guidelines Database Accounts Administrative Database Accounts, Application Object Ownership/Schema Account, Default Application Accounts, Application Non-interactive/Automated Processing Accounts, N-Tier Application Connection Accounts, Application User Database Accounts Database Authorizations Database Object Access, Database Roles, Application Developer Roles, Application Administrator Roles, Application User Database Roles Protection of Sensitive Data Protection of Stored Applications Protection of Database Files 3. Database Auditing 06 hours

Precautions to Auditing Audit Data Requirements Minimum Required Audit Operations, DBA Auditing, Required Audit Operations on Audit Data Audit Data Backup Audit Data Reviews Audit Data Access Database Monitoring 4. Network Access and Requirements 06 hours

Protection of Database Identification Parameters Network Connections to the Database Remote Administrative Database Access, Open Database Connectivity (ODBC), Java Database Connectivity (JDBC), Web Server or Middle-Tier Connections to Databases, Database Session Inactivity Time Out Database Replication Database Links 5. Operating System Database File Access Local Database Accounts Database Administration Accounts Database OS Groups Web Applications Security 02 hours

6. Fundamental of Web Application Security

02 hours

The core security problem, Key problem factors, immature security awareness, Deceptive Simplicity, Resource and Time constraints, Overextended Technologies, The new security perimeter, The future of Web Application Security.

39

prospectus
7.Core Defense Mechanisms 02 hours

Handling user Access, Handling user input, boundary validation, multistep validation and canonicalization, handling errors, Maintaining Audit logs, Altering Administrators, Reacting to attacks, Managing the application. 8.Web Application Technologies 03 hours

The HTTP Protocol, HTTP Headers, Cookies, Status codes, Web Functionality, Server-side Functionality, Client-side Functionality, State and Sessions, Encoding scheme (URL Encoding, Unicode Encoding, HTML Encoding, Base 64 Encoding, Hex Encoding). 9.Client-side Exploit Frame Work 03 hours

Attack API, BeEF (Installing, configuring and controlling), CAL 9000, overview of XSS-proxy, using XSS-proxy. 10.Bypassing Client-side Controls 02 hours

Transmitting Data via the client, Capturing user Data: HTML forms, Capturing user Data: Thickclient components, ActiveX Controls, Shockwave Flash objects, handling client-side data securely. 11.Web Based Malware 02 hours

Attacks on Web, Hacking into Web sites, Index Hijacking, DNS poisoning, Malware and the Web, Parsing and Emulating HTML, Browser vulnerabilities, Testing HTTP. 12.Securing Authentication 03 hours

Authentication Technologies, Design Flows in Authentication Mechanisms, Implementing Flows in Authentication, Securing Authentication, Strong credentials, handle credentials secretively, validate credentials properly, Prevent information leakage, prevent Brute-Force Attacks, log, monitor and notify. 13.Securing Session Management 02 hours

Weakness in Session Token Generation, Weakness in Session Token Handling, Securing Session Management, Generate strong Tokens, log, Monitor and Alert. 14.Securing Access Controls Common vulnerabilities, Attacking Access controls, Securing Access Controls, A multi-layered Privilege Model. 15.Securing Application Architecture 03 hours 02 hours

Tiered Architecture, Attacking tiered Architecture, Securing Tiered Architecture, Virtual Hosting, Shared Application services, Attacking shared Environments, Securing Shared Environment, Secure Customer Access, Segregate customer Functionality, Segregate components in a shared Application.

40

prospectus
16.Web Server and Web Application Testing with Back Track 03 hours

Introduction, Web Server Testing, CGI and Default Pages Testing, Web Application Testing, Core technologies, Open Source Tools, Scanning Tools, Assessment Tools, Exploitation Tools. 17.Securing Web Based Services 05 hours

Web Server Lockdown, Handling Directory and Data Structures, Eliminating Scripting vulnerabilities, Logging Activity, Stopping Browser Exploits, SSL and HTTP/S, Instant Messaging, Web Based Vulnerabilities, Making Browsers and E-mail client more secure, FTP Security, Directory Services and LDAP Security, Web Application Assessments, Source Code and Binary Analysis, Application threat modeling and Architectural Analysis, Web Services and Active X Analysis, Compliance Assessments for Visa CISP,,Mastercard SDP,GLBA,SOX,Web Server Security , Operating system specific Security, Permissions and Scripting, HTAccess prevention measures, Cross Site scripting, Cross Site request forgery, User Authentication Session management.

References : Detailed References are provided in the course material to be given to Registered candidates.

41

prospectus
IS-C2-04 : DATABASE SECURITY PRACTICAL ASSIGNMENTS 1. Practical on installation of MySql database server. 2. Practical on routine DBA job. 3. Practical on creation of user in MySql database. 4. Practical on Assigning Database roles to user. 5. Practical on password guidelines. 6. Practical on certificate guidelines. 7. Practical on Database backup and restore procedure. 8. Practical on Database Auditing (MySql to be used). 9. Practical on ODBC connectivity to MySql database. 10. Practical on JDBC connectivity to MySql database. WEB APPLICATION SECURITY PRACTICAL ASSIGNMENTS 01. 02. 03. 04. 05. 06. 07. 08. 09. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. Practical Practical Practical Practical Practical Practical Practical Practical Practical Practical Practical Practical Practical Practical Practical Practical Practical Practical Practical on on on on on on on on on on on on on on on on on on on study of HTTP protocol using wireshark packet capture tool. Attacking Authentication and Counter Measures. Attacking Access Control and Counter Measures. Session Hijacking and Counter Measures. Testing Password Quality. Buffer Overflow problem and Counter Measures. HTTP fingerprinting. Detecting Path Traversal Vulnerabilities. Cross site scripting. XSS Vulnerability. Banner Grabbing. Code Injection and Counter Measures. SQL Injection and Counter Measures. Web Spidering. codereview. log analysis. Vulnerability, Scanning using Nessus tool. Vulnerability Scanning of a web site. Attacking ActiveX controls and Counter Measures.

42 44

prospectus

Appendix C
Level 3 Certified System Security Solution Designer (CSSSD)
IS-C3-D-01: Application Security & E-Commerce Theroy Hours: 60 Hours Tutorial/Practical Hours: 60Hours Outline of the Syllabus S.No. 01. 02. 03. 04. 05. Application Security E-Commerce- Salient features E-Commerce Technology building blocks Security and Evidence of E-Commerce Taxation Issues in Cyber Space Topics 15 hours 10 hours 15 hours 10 hours 10 hours

Detailed Syllabus Application Security 15 hours

Application Environment and component overview, Critical Application Security Concepts-Input Validation and Encoding, Authentication, Authorization, Session Management, Error handling and logging, Encryption, confidentiality, Data protection, Data Access, Server configuration. Threat modeling ,Hackers interest area, Threat profiling, OWASP top ten, OWASC list of vulnerabilities, Functional Testing, Security Testing, Tools for Functional and Security Testing Secure Coding Techniques- Best Practices ,Secure J2EEE programming, Secure .NET programming, Secure PHP programming E-Commerce- Salient features 10 hours

Introduction to E-Commerce, Internal Retailing products and services consumer behavior customer service and advertising , Business to Business, E-Commerce, other E-Commerce Models and Application Intra-business, E-Government C2C E-learning and Mobile Commerce, Supporting E-Commerce applications, law, Ethics, Cyber Crime, payment and order fulfillment, Strategy and Implementation E-Strategy, Internet Communities, Global EC, EC Applications and Infrastructure. Online contracts, Mail box rule, Privacy of contracts, Jurisdiction issues in E-Commerce, Electronic Data Interchange, Supporting technologies and tools, Architecture (Java Commerce Solution), protocols and standards, security Business models, payment mechanism and case studies E-Commerce Technology building blocks 15 hours

Identify the features of the virtual store, Identify the characteristics of the UNIX operating system platform, Identify e-commerce advertising and sales strategies ,Identify online customer feedback functions, Identify options and schemes for e-commerce payment handling, Identify the features of the virtual organization, Identify the components of a well infrastructure, Identify the benefits of using extranets in a B2B e-commerce environment, Identify key issues affecting supply chain management in e-commerce, Identify systems architecture optional for the e-commerce interface, Identify ways in which e-commerce can use web infrastructure to advantage, Identify storefront application features, Identify the benefits of out sourcing web site hosting, Identify the feature of email and web mail, Identify mailing list and internet chat features, Identify ways of maximizing online enterprise visibility.
43

prospectus
Security and Evidence of E-Commerce 10 hours

Dual key Encryption, Digital Signatures, Security issues in E-Commerce, Evidence related issues, UNCITRAL model Law of E-commerce, Indian Legal position on E-Commerce, IT Act 2000/Indian Evidence Act/Draft law on E-Commerce-Banking and Legal Issues Electronic Money, Regulating etransactions role of RBI and Legal issues, Transactional. Transactions of E-Cash, Credit card and Internet, Laws Relating to internet credit cards, Secure Electronics transactions. Taxation Issues in Cyber Space 10 hours

Indian tax system Transactions in E-Commerce, Taxing Internet Commerce, Indirect taxes, Tax evasion in Cyber space. Understanding International Taxation, Fixed place vs website, permanent, Establishments, Double taxation, Role of ISPS, OECD initiatives in International Taxation.

References
1. Foundations of security: What every programmer needs to know Neil daswani, Christoph kern, Anita kesavan 2. Improving web Application Security Threats and Countermeasures by Microsoft corporation 3. Basics of E-Commerce legal and Security Issues by NIIT 4. E-Commerce an Indian Perspective by P.T.Joseph S.J Prentice-Hall of India Pvt. Ltd. 5. The Business of E-Commerce by May Paul Richard, Cambridge University Press 6. The Complete E-Commerce book by Jaincie Reynods, Focal Press

IS-C3-D-01: ASSIGNMENTS Application Security & E-Commerce PRACTICAL ASSIGNMENTS

1. 2. 3. 4. 5.

Practical on Secure code writing techniques in java. Practical on secure code writing in .NET Environment. Practical on Secure code writing in PHP. Practical case study of an e- commerce site. Practical Case Study on Secure Electronic transactions SET.

44

prospectus
IS-C3-D-02: Public Key Infrastructure and Trust Management Theory Hours : 60 Tutorial/Practical Hours :60 Outline of the Syllabus S.No. 01. 02. 03. 04. 05. 06. Topics Introduction to E-Security Public Key Cryptosystems Authentication and Digital signature Public key Infrastructure (PKI) Systems Biometrics-based security system Trust management systems 08hours 12hours 12hours 12hours 08hours 08hours

Detailed Syllabus
Introduction to E-Security 08 hours

Nature and impact of electronic attacks, Security services, Threats and vulnerabilities, Security policies, Protection of users and networks, Security panning Public Key Cryptosystems 12 hours

Symmetric encryption, Trapdoor function model, Conventional Public key encryption, Comparing cryptosystems, Public key main algorithm, Public key management, Attacks against Public key cryptosystems Authentication and Digital signature 12 hours

Weak authentication schemes, Strong authentication schemes, Attacks on authentication, Digital signature framework, Hash functions, Authentication applications, Network-based authentication services Public key Infrastructure (PKI) Systems 12 hours

PKIX architecture model, PKIX management functions, Public key certificates, Trust hierarchical model, Certification path processing, Deploying enterprise's PKI Biometrics-based security system 08 hours

Biometrics techniques, Characteristics of biometrics techniques, Accuracy of biometrics techniques, Issues and challenges Trust management systems 08 hours

Trust definition, Digital credentials and certificates, Authorization and access control systems, Trust management systems, Trust management applications

References
1. Public key cryptography: Theory and practice- Madhavan Pearson 2. Cryptography and Network Security: Principles and Practice William Stallings Pearson 3. RSA and Public key Cryptography Richard A. Mollin Chapman&Hall/CRC-2003

45

prospectus
IS-C3-D-02 Public Key Infrastructure and Trust Management PRACTICAL ASSIGNMENTS

1. 2. 3. 4. 5.

Practicals on Encryption /Decryption using crypto tool. Practicals on Authentication and Digital signature using crypto tool. Practical on Deploying PKI. Practicals on configuring SSL connection Practicals on configuring https.

46

prospectus
IS-C3-D-03: Security Standards & Information Security Policy Theory Hours : 60 Tutorial/Practical Hours :60 Outline of the Syllabus S.No. 01. 02. 03. 04. 05. Topics Security Policies and Procedures The Audit Process The Auditing Techniques International Standards Regulations 06hours 10 hours 12 hours 12 hours 20 hours

Detailed Syllabus
Security Policies and Procedures 06 hours

Security Policies and Procedures, DRP/BCP-Business impact analysis. Risk assessment Methodologies, Risk Classification, Asset Classification, Information Classification, Resource recovery strategy, Crisis management Plan, Incident Management, Communications PR and media, Policy, framework, audits, benchmarks, compliance, Best Practices Guidance on Data Protection for System Designers, Security Testing and Evaluation Criteria. The Audit Process 10 hours

Building an effective Internal IT Audit Function, Internal Controls, Types of Internal Controls, Internal Controls Examples, Determining what to Audit, Creating the Audit Universe, Ranking the Audit Universe, Determining what to Audit: Final Thoughts, The stage of an Audit, Planning, Fieldwork and Documentation, Issue discovery and validation, Solution development, Report drafting and Issuance, Issue Tracking The Auditing Techniques 12 hours

Auditing Entity-Level Controls, Data Center Auditing Essentials, Facility based controls, System and site resiliency, Data Center operations, Auditing data centers, Neighborhood and environment, Physical access controls, Environmental Controls, Power continuity, Alarm systems, Fire suppressions, Surveillance systems, Data Center operations, Auditing Disaster Recovery , System Resiliency, Data Backup and Restore, Disaster Recovery Planning, Auditing data centers, Auditing disaster recovery International Standards 12 hours

Frameworks and standards Frameworks and standards introduction to Internal IT controls, Frameworks and standards COSO COSO definition of Internal control key concepts of Internal control, Internal control- Integrated Framework Enterprise Risk Management Integrated Frame work COBIT COBIT concepts, IT Governance, IT Governance Maturity Model, The COSO- COBIT connection ITIL ITIL Concepts, ISO 27001/ISO 17799/ BS 7799 concepts NSA INFOSEC Assessment Methodology NSA INFOSEC Assessment Methodology concepts, Pre- assessment phase, on-site activities phase, Post assessment phase, Frameworks and standards Trends

47

prospectus
Regulations 20 hours

An introduction to legislation related to internal controls, Regulatory Impact on IT Audit, History of corporate Financial Regulation, Sarbanes-Oxley Act of 2002, Sarbanes-Oxley Impact on public corporations, core points of the Sarbanes-Oxley Act, Sarbanes-Oxley's Impact on IT departments, Sarbanes-Oxley's considerations for companies with multiple locations, Impact of third-party services on Sarbanes-Oxley compliance. Specific IT controls required for Sarbanes-Oxleys compliance. The Financial impact of Sarbanes-Oxley compliance on companies, Gramm-LeachBiley Act, GLBA requirements, Federal Financial Institutions Examination Council, Privacy regulations such as California SB 1386 , Impact on companies, SB 1386 Impact on internal controls, International privacy Laws, privacy Law Trends, Health Insurance Portability and Accountability Act of 1996, HIPAA Privacy and Security Rules, HIPAA's Impact on covered Entries, EU Commissions and Basel II, Basel II capital Accord, Payment card Industry (PCI) data Security standards, PCI Impact on the payment card Industry.

References
1. Information System: Control and Audit- Weber Pearson 2. IT Auditing Chris Davis,Mike Schiller and Kevin Wheeler Tata-McGraw-Hill Edition 3. Information Security Management Concepts and Practice Bel G. Raggad CRC Press 2010

IS-C3-D-03: Security Standards & Information Security Policy PRACTICAL ASSIGNMENTS

1. 2. 3. 4. 5. Building a security policy for an organisation or department taken as Case Study. Building a Security Audit process for an organisation or department taken as Case Study. Practicals on Data backup and restore for a file Server/Data base Server. Practicals on Data backup and restore for an Website/WebServer/Mail Server etc. Building a disaster Recovery plan for an organisation or department.

48

prospectus
IS-C3-D-04: Cyber Law and IPR Issues Theory Hours : 60 Tutorial/Practical Hours :60 Outline of the Syllabus S.No. 01. 02. 03. 04. 05. 06. 07. 08. 09. Topics Introduction to Information Technology Act 2000/2008 Jurisdictional Issues Digital Signature: Technical Issues and legal Issues Concept of Cyber Crime and the IT Cyber Crimes Protection of Cyber Consumers in India Evidence Law vis--vis IT Law IPR Issues in a nutshell Global Cyber Laws Case Studies 08 hours 06 hours 06 hours 08 hours 08 hours 08 hours 08 hours 06 hours 02 hours

Detailed Syllabus Introduction to Information Technology Act 2000 /2008 Object; Scope; Scheme of the Act; Relevancy with other laws. Jurisdictional Issues 06 hours 08 hours

Civil Jurisdiction; Cause of Action; Foreign Judgment; Exclusion clause of contract; Jurisdiction under IT Act 2000. Digital Signature: Technical Issues and legal Issues 06 hours

Digital Signature, Digital Signature Certificate; Certifying Authorities and liabilities in the event of Digital Signature compromise; E-Governance in India. Concept of Cyber Crime and the IT Cyber Crimes 08 hours

Technical Issues; Cyber Crimes: Legal issues; Penalty under the IT Act. Offences under the IT Act. Offences under IPC; cyber Crimes and Investigation Cyber Crimes and Adjudication. Contract in the InfoTech World status of Electronic Contracts click n wrap and shrink n wrap contract. Protection of Cyber Consumers in India 08 hours

Consumer protection Act and the Cyber consumers Goods and services, defect in goods and deficiency in services, Restrictive and unfair trade practical; Consumer Forum Jurisdiction and Implications on Cyber consumers in India. Evidence Law vis--vis IT Law 08 hours

Status of Electronic Record as Evidence proof and Management of Electronic Records. Relevancy Admissibility and probative value of E-Evidence; Proving of Digital signature; proving of Electronic Message. IPR Issues in a nutshell 08 hours

Copyright Issues; Patent Related Issues; Trade Mark Issues; Design Related Issues.European convention on Cyber Crime, Role of Interpol in Cyber Crime
49

prospectus
Global Cyber laws 06 hours

Cyber law in United States-Introduction to U.S. Legal system, Digital Evidence and U.S. Law, Searching and Seizing Computers, Criminal Investigations involving digital evidence Cyber law In Europe-Cyber Law in U.K. ,Cyber Law in Finland, Cyber law in Germany, Cyber Law in Sweden Cyber law In other major Countries-Cyber law in Australia, Cyber Law in Canada, Cyber Law in Japan, Cyber law in Malaysia,, Cyber Law in Singapore Case Studies UTI Hacking Case, VSNL Spam Case ,Red Fort Case,Rediff.com Case 02 hours

References
1. Cyber Law- Law Journals (The ICFAI University Press) 2. Draft of IT Act 2000/2008 3. Cyber Law-The Indian Perspective Pavan Duggal

IS-C3-D-04 : Cyber Law and IPR Issues PRACTICAL ASSIGNMENTS

This is theoretical paper but more case studies could be studied to have knowledge of Application of Cyber Laws.

50

prospectus
Level 3

Certified Information Systems Security Auditor (CISSA)

IS-C3-A-01: Security Standards & Information Security Policy Theory Hours: 60 Hours Tutorial/Practical Hours: 60Hours S.No. 01. 02. 03. 04. 05.

Outline of the Syllabus Topics

Security Policies and Procedures The Audit Process The Auditing Techniques International Standards Regulations

06hours 10 hours 12 hours 12 hours 20 hours

Detailed Syllabus Security Policies and Procedures 06 hours

Security Policies and Procedures, DRP/BCP-Business impact analysis. Risk assessment Methodologies, Risk Classification, Asset Classification, Information Classification, Resource recovery strategy, Crisis management Plan, Incident Management, Communications PR and media, Policy, framework, audits, benchmarks, compliance, Best Practices Guidance on Data Protection for System Designers, Security Testing and Evaluation Criteria. The Audit Process 10 hours

Building an effective Internal IT Audit Function, Internal Controls, Types of Internal Controls, Internal Controls Examples, Determining what to Audit, Creating the Audit Universe, Ranking the Audit Universe, Determining what to Audit: Final Thoughts, The stage of an Audit, Planning, Fieldwork and Documentation, Issue discovery and validation, Solution development, Report drafting and Issuance, Issue Tracking The Auditing Techniques 12 hours Auditing Entity-Level Controls, Data Center Auditing Essentials, Facility based controls, System and site resiliency, Data Center operations, Auditing data centers, Neighborhood and environment, Physical access controls, Environmental Controls, Power continuity, Alarm systems, Fire suppressions, Surveillance systems, Data Center operations, Auditing Disaster Recovery , System Resiliency, Data Backup and Restore, Disaster Recovery Planning, Auditing data centers, Auditing disaster recovery International Standards 12 hours Frameworks and standards Frameworks and standards introduction to Internal IT controls, Frameworks and standards COSO COSO definition of Internal control key concepts of Internal control, Internal control- Integrated Framework Enterprise Risk Management Integrated Frame work COBIT COBIT concepts, IT Governance, IT Governance Maturity Model, The COSO- COBIT connection ITIL ITIL Concepts, ISO 27001/ISO 17799/ BS 7799 concepts NSA INFOSEC Assessment Methodology NSA INFOSEC Assessment Methodology concepts, Pre- assessment phase, on-site activities phase, Post assessment phase, Frameworks and standards Trends
51

prospectus
Regulations 20 hours

An introduction to legislation related to internal controls, Regulatory Impact on IT Audit, History of corporate Financial Regulation, Sarbanes-Oxley Act of 2002, Sarbanes-Oxley Impact on public corporations, core points of the Sarbanes-Oxley Act, Sarbanes-Oxley's Impact on IT departments, Sarbanes-Oxley's considerations for companies with multiple locations, Impact of third-party services on Sarbanes-Oxley compliance. Specific IT controls required for Sarbanes-Oxleys compliance. The Financial impact of Sarbanes-Oxley compliance on companies, Gramm-LeachBiley Act, GLBA requirements, Federal Financial Institutions Examination Council, Privacy regulations such as California SB 1386 , Impact on companies, SB 1386 Impact on internal controls, International privacy Laws, privacy Law Trends, Health Insurance Portability and Accountability Act of 1996, HIPAA Privacy and Security Rules, HIPAA's Impact on covered Entries, EU Commissions and Basel II, Basel II capital Accord, Payment card Industry (PCI) data Security standards, PCI Impact on the payment card Industry.

References
1. Information System: Control and Audit- Weber Pearson 2. IT Auditing Chris Davis,Mike Schiller and Kevin Wheeler Tata-McGraw-Hill Edition 3. Information Security Management Concepts and Practice Bel G. Raggad CRC Press 2010

IS-C3-A-01 : Security Standards & Information Security Policy PRACTICAL ASSIGNMENTS

1. 2. 3. 4. 5. Building a security policy for an organisation or department taken as Case Study. Building a Security Audit process for an organisation or department taken as Case Study. Practicals on Data backup and restore for a Server/Data base Server . Practicals on Data backup and restore for an Website/WebServer/Mail Server etc. Building a disaster Recovery plan for an organisation or department.

33

52

prospectus
IS-C3-A-02: Auditing, Penetration Testing & Information Security Risk Management Theory Hours: 60 Hours Tutorial/Practical Hours: 60Hours Outline of the Syllabus S.No. 01. 02. 03. 04. 05. 06. 07. 08. 09. 10. 11. 12. 13. 14. 15. Intelligence gathering Target Discovery/Profiling Vulnerability Profiling System penetration Advanced Techniques Measuring Risk and Avoiding Disaster Identifying mission-critical continuity needs The four-step Business Impact Assessment (BIA) Designing Recovery Solutions Implementing a Project Management Approach Running the project Responding to Disaster Directing the disaster recovery teams Maintaining the business continuity plan Case Studies Topics 02 hours 04 hours 04 hours 06 hours 04 hours 04 hours 04 hours 04 hours 04 hours 04 hours 04 hours 04 hours 04 hours 04 hours 04 hours

Detailed Syllabus Intelligence gathering 02 hours

Discovering publicly available information about your organization and its systems and how it might be used by an attacker, Using open source intelligence to identify information about the target including hosts, routers, network architecture, ISP information, etc, Competitive intelligence gathering . Target Discovery/Profiling 04 hours

Tools and techniques for performing host discovery including advanced ICMP Mapping techniques ,Using passive information gathering including network sniffing ,Using Port Scanning techniques to ascertain services on offer ,Using System Fingerprinting and Operating System identification techniques, Enumerating system and application information from their banners ,Enumerating user accounts, Identifying targets behind a firewall ,Finding insecure remote access servers and modems (War Dialling tools and techniques) ,Finding Wireless Access Points Vulnerability Profiling 04 hours

Using target profiling information to identify potential vulnerabilities in the Systems including ,Windows systems, Unix Systems, Firewalls, Network routers, Web servers etc., Using public vulnerability databases, Developing your own vulnerability database, Using automated vulnerability scanners
53

prospectus
System penetration 06 hours

Exploiting configuration and design weaknesses including router and firewall filtering subversion, Using the domino effect for maximum system exploitation ,Using remote exploits to penetrate a system including UNIX and NT hosts, Using local system exploits including UNIX and NT hosts ,Privilege escalation techniques, Advanced network attacks including port redirection, session hijacking, switch sniffing, DNS and IP spoofing and tunneling, Further exploitation including password cracking, Trojans and backdoors, key loggers, exploiting trust ,Using common web server exploits, Exploiting common application database default installation weakness Advanced Techniques 04 hours

Poking holes in web applications including hidden tag manipulation, session ID prediction, cookie poisoning, logic alteration and forceful browsing, Using advanced database penetration techniques including common configuration weaknesses, SQL injection and backdoor passwords, Format string and input validation testing including exploiting stack and heap overflows, intrusion detection system testing and evasion techniques ,Penetrating wireless LANs, Using social engineering techniques, Physical penetration Introduction and Overview
Measuring Risk and Avoiding Disaster

04 hours

Business continuity vs. disaster recovery, Why a recovery plan is a crucial asset Sources of threat ,government codes and legislative requirements Assessing Risk in the Enterprise, Choosing the assessment method, The five-step risk process ,Matching the response to the threat Identifying mission-critical continuity needs 04 hours

Evaluating which functions are critical, Setting priorities based on time horizons, Prioritizing processes and applications, Implementing disaster avoidance, Avoiding disasters through effective preventive planning, Creating contingency plans for unavoidable threats The four-step Business Impact Assessment (BIA) 04 hours

Identifying the threat, Assessing the risk to the enterprise, Identifying business-critical activities ,Specifying required IT support from technical staff Designing Recovery Solutions 04 hours

Establishing a disaster recovery site, Site choices: configuration and acquisition, Choosing suppliers: in-house vs. third-party, Specifying equipment Selecting backup and restore strategies, Matching strategy to operational constraints ,Meeting the organization's storage requirements for vital records,Restoring communications and recovering users, Determining vital users with the BIA ,Rerouting voice, mail, goods delivery ,Eliminating network single points of failure ,Connecting end users ,Meeting varied user-recovery needs Implementing a Project Management Approach 04 hours

Managing and documenting and Planning Project, Identifying stakeholder needs, Obtaining the funding commitments Defining clear goals at the start Running the project Controlling the project via tracking, Managing risks and issues, Testing deliverables Responding to Disaster 04 hours 04 hours

Creating the recovery plan, Capturing the planning output, Creating recovery-team charters ,Defining roles and responsibilities, Responding to recovery scenarios ,Information directories and equipment inventories

54

prospectus
Directing the disaster recovery teams 04 hours

Planning and conducting Crisis Communications ,Connecting with emergency services ,Team actions following a disaster ,Assuring the Plan and Applying Document Management Rehearsing the business continuity plan ,The reasons for testing the plan, Considering the impact on the organisation's activities ,Using a step-by-step process to test the plan ,Developing test scenarios and using test results effectively Maintaining the business continuity plan 04 hours

Applying change control: why and how, Ensuring normal developments are accounted for in the plan, Scheduling regular reviews ,Applying document management discipline to the plan Case Studies 04 hours

Auditing Windows operating Systems, Auditing Linux Operating Systems, Performing the Mobile Device Audit

References
1. Hacking exposed Chris Devis (Tata McGRAW-HILL) 2. Inside Network perimeter Security North Cull Pearson 3. Introduction to Information Security Risk Management by NIIT 4. Information Security Management Handbook Harold F. Tipton, CRC Press 5. The Security Risk Assessment Handbook by Douglas J. Landoll, CRC Press 6. Information Security Management Concepts Bel G. Raggad CRC Press 2010

IS-C3-A-02 :Auditing, Penetration Testing & Information Security Risk Management

PRACTICAL ASSIGNMENTS
1. 2. 3. 4. 5. 6. 7. 8. 9. 10. Practical on Port scanning using Nmap. Practical on Operating System fingerprinting using Nmap winfinger print etc. Practicals on target enumeration using various open source tools Practicals on vulnerability scanning using Nessus . Practicals on SQL injection attacks and countermeasures. Practicals on Penetration testing using metasploit open source tool. Practicals on Backup/Restore procedure for file server/webserver/database Server/Mail Server. Practical on IP Spoofing and Countermeasures. Practical on Brute force attack for password cracking and Countermeasures. Practicals on Torjons, Backdoors and Countermeasures.

55

prospectus
IS-C3-A-03: Public Key Infrastructure and Trust Management Theory Hours: 60 Hours Tutorial/Practical Hours: 60Hours Outline of the Syllabus S.No. 01. 02. 03. 04. 05. 06. Topics Introduction to E-Security Public Key Cryptosystems Authentication and Digital signature Public key Infrastructure (PKI) Systems Biometrics-based security system Trust management systems 08 hours 12 hours 12 hours 12 hours 08 hours 08 hours

Detailed Syllabus Introduction to E-Security 08 hours

Nature and impact of electronic attacks, Security services, Threats and vulnerabilities, Security policies, Protection of users and networks, Security panning Public Key Cryptosystems 12 hours

Symmetric encryption, Trapdoor function model, Conventional Public key encryption, Comparing cryptosystems, Public key main algorithm, Public key management, Attacks against Public key cryptosystems Authentication and Digital signature 12 hours

Weak authentication schemes, Strong authentication schemes, Attacks on authentication, Digital signature framework, Hash functions, Authentication applications, Network-based authentication services Public key Infrastructure (PKI) Systems 12 hours

PKIX architecture model, PKIX management functions, Public key certificates, Trust hierarchical model, Certification path processing, Deploying enterprise's PKI Biometrics-based security system 08 hours

Biometrics techniques, Characteristics of biometrics techniques, Accuracy of biometrics techniques, Issues and challenges Trust management systems 08 hours

Trust definition, Digital credentials and certificates, Authorization and access control systems, Trust management systems, Trust management applications

References
1. Public key cryptography: Theory and practice- Madhavan Pearson 2. Cryptography and Network Security: Principles and Practice William Stallings Pearson 3. RSA and Public key Cryptography Richard A. Mollin Chapman&Hall/CRC-2003

56

prospectus
IS-C3-A-03 : Public Key Infrastructure and Trust Management PRACTICAL ASSIGNMENTS
1. 2. 3. 4. 5. Practicals on Encryption /Decryption using crypto tool. Practicals on Authentication and Digital signature using crypto tool. Practical on Deploying PKI. Practicals on configuring SSL connection Practicals on configuring https.

57

prospectus
IS-C3-A-04: Cyber Law and IPR Issues Theory Hours: 60 Hours Tutorial/Practical Hours: 60Hours Outline of the Syllabus S.No. 01. 02. 03. 04. 05. 06. 07. 08. 09. Topics Introduction to Information Technology Act 2000/2008 Jurisdictional Issues Digital Signature: Technical Issues and legal Issues Concept of Cyber Crime and the IT Cyber Crimes Protection of Cyber Consumers in India Evidence Law vis--vis IT Law IPR Issues in a nutshell Global Cyber Laws Case Studies 08 hours 06 hours 06 hours 08 hours 08 hours 08 hours 08 hours 06 hours 02 hours

Detailed Syllabus Introduction to Information Technology Act 2000 /2008 Object; Scope; Scheme of the Act; Relevancy with other laws. Jurisdictional Issues 06 hours 08 hours

Civil Jurisdiction; Cause of Action; Foreign Judgment; Exclusion clause of contract; Jurisdiction under IT Act 2000. Digital Signature: Technical Issues and legal Issues 06 hours

Digital Signature, Digital Signature Certificate; Certifying Authorities and liabilities in the event of Digital Signature compromise; E-Governance in India. Concept of Cyber Crime and the IT Cyber Crimes 08 hours

Technical Issues; Cyber Crimes: Legal issues; Penalty under the IT Act. Offences under the IT Act. Offences under IPC; cyber Crimes and Investigation Cyber Crimes and Adjudication. Contract in the InfoTech World status of Electronic Contracts click n wrap and shrink n wrap contract. Protection of Cyber Consumers in India 08 hours

Consumer protection Act and the Cyber consumers Goods and services, defect in goods and deficiency in services, Restrictive and unfair trade practical; Consumer Forum Jurisdiction and Implications on Cyber consumers in India. Evidence Law vis--vis IT Law 08 hours

Status of Electronic Record as Evidence proof and Management of Electronic Records. Relevancy Admissibility and probative value of E-Evidence; Proving of Digital signature; proving of Electronic Message. IPR Issues in a nutshell Copyright Issues; Patent Related Issues; Trade Mark Issues; Design Related Issues. European convention on Cyber Crime, Role of Interpol in Cyber Crime
58

08 hours

prospectus
Global Cyber laws 06hours

Cyber law in United States-Introduction to U.S. Legal system, Digital Evidence and U.S. Law, Searching and Seizing Computers, Criminal Investigations involving digital evidence,Cyber law In Europe-Cyber Law in U.K. ,Cyber Law in Finland, Cyber law in Germany, Cyber Law in Sweden,Cyber law In other major Countries-Cyber law in Australia, Cyber Law in Canada, Cyber Law in Japan, Cyber law in Malaysia,, Cyber Law in Singapore Case Studies UTI Hacking Case, VSNL Spam Case ,Red Fort Case,Rediff.com Case 02 hours

References
1. Cyber Law- Law Journals (The ICFAI University Press) 2. Draft of IT Act 2000/2008 3. Cyber Law-The Indian Perspective Pavan Duggal

IS-C3-A-04 : Cyber Law and IPR Issues PRACTICAL ASSIGNMENTS This is theoretical paper but more case studies could be studied to have knowledge of Application of Cyber Laws.

59

prospectus
Level 3

Certified Computer Forensic Professional (CCFP)

IS-C3-F-01: Cyber Crime, Indian IT (Amendment) Act 2008 and Computer Forensics Theory Hours: 60 Hours Tutorial/Practical Hours: 60Hours Outline of the Syllabus S.No. 01. 02. 03. 04. 05. 06. 07. Cyber Crime Indian Cyber Laws File System Data Storage Devices Data Hiding Techniques Computer Forensics First Responder Topics 10 hours 15 hours 10 hours 10 hours 05hours 05 hours 05 hours Introduction to

Detailed Syllabus Cyber Crime 10 hours

categorisation of cyber crimes, security policy violations, online financial frauds, elaboration of cyber crimes with techniques used by the cyber criminals, phishing, Cyber-stalking, Cyber Harassment, Cyber Frauds, Tampering with computer source documents, Hacking with computer system, Publishing of obscene information in Electronic form Indian Cyber Laws 15 hours

Indian IT (Amendment) Act 2008, Objective, Applicability, and Jurisdiction; Various Cyber crimes under Sections 43 (a) to (j), 43A, 65, 66, 66A to 66F, 67, 67A, 67B, 70, 70A, 70B, 80, etc. along with respective penalties, punishment and fines;, Protected System, Penalty for misrepresentation, Breach of Confidentiality and privacy, Penalty for publishing false Digital certificate, Publications for fraudulent purpose, offences or contravention committed outside India, File System 10 hours

Architecture, Importance of File systems Windows file structure FAT, NTFS, Unix File System ext2, ext3 Data Storage devices 10 hours

optical, magnetic, semiconductor, etc. and their interfaces with a computer system, Hard Disks IDE, SATA, SCSI; CD/DVD, Physical characteristics of Hard Disks sectors, clusters, cylinders, heads, formatting of Hard Disks, RAID Storage Data Hiding techniques 05 hours

Swap Files, Slack space, Unallocated and allocated space, alternative data streams (ADS) Computer Forensics 05 hours

Introduction, Need of computer forensic investigation of the cyber crimes, forensic investigation process, identification, seizing, imaging and analysis of digital evidence, report preparation
60

prospectus
First Responder 05 hours

Role of a First Responder, First Responder's Toolkit, use of digital camera with date & time imprint, First Responder's logbook, Common Mistakes by a First Responder, do's and don'ts for the First Responder at the site of cyber crime. 5hrs

References
1. Incident Response and Computer Forensics- Kevin Mandia, Chris and Mattpepe ((Tata McGRAW-HILL) 2. File System Forensic Analysis-Brian Carrier Addison-Wesley 3. WWW(World Wide Web)

IS-C3-F-01 : Cyber Crime, Indian IT (Amendment) Act 2008 and to Computer Forensics PRACTICAL ASSIGNMENTS
1. 2. 3. 4. 5. Practicals Practicals Practicals Practicals Practicals on on on on on studying the file system FAT. studying the file system NTFS. studying the file system ext2/ext3 etc. studying various characteristics of Data storage device. Data Hiding Techniques.

Introduction

61

prospectus
IS-C3-F-02: Seizure & Imaging of Digital Evidence Theory Hours: 60 Hours Tutorial/Practical Hours: 60Hours Outline of the Syllabus S.No. 01. 02. 03. 04. Digital Evidence Volatile & Nonvolatile Digital Evidence Seizing &Imaging of Non Volatile Data Integrity Verification Topics 15 hours 15 hours 20 hours 10 hours

Detailed Syllabus Digital Evidence 15 hours

Handling of digital evidence at the site of the crime, basic rules of digital evidence; safe & secure packing and transportation of digital evidence to a computer forensic laboratory, antistatic PVC covers, air bubble PVC covers, chain of custody forms Volatile & non volatile digital evidence 15 hours

Volatile data, order of volatility, importance of volatile data, Collecting Volatile Data, acquisition of RAM data and the tools to capture, steps to image the volatile data (RAM) and other volatile data from a live system, tools - dd, windd, FTK Imager Seizing & Imaging of Non-volatile Data 20 hours

Disk imaging software tools & hardware equipments, imaging vs copying of digital evidence, legal reasons for using an "image" and not a "copy" of the digital evidence for analysis; steps to image the non-volatile data; forensic boot CD/DVD, various methodologies to image the non-volatile data in different circumstances, Dead & Live Acquisition of digital evidence, imaging of virtual systems 20hrs Integrity verification 10 hours

Wiping of data in storage devices, data/disk wiping tools, write blockers, their need, software and hardware based write blockers, integrity verification of digital evidence using hashing algorithms md5 and sha1, tools for generating md5 & sha1 checksums / hash values 10 hrs

References
1. Incident Response and Computer Forensics- Kevin Mandia, Chris and Mattpepe ((Tata McGRAW-HILL) 2. www(World Wide Web).

62

prospectus
IS-C3-F-02 : Seizure & Imaging of Digital Evidence PRACTICAL ASSIGNMENTS
1. 2. 3. 4. 5. Practicals to capture volatile data from Live System. Practicals to capture Live data from RAM. Practicals to capture nonvolatile data from the system (imaging etc.) Practicals on wiping of data in storage devices. Using hashing algorithms md5 and sha1 for generating md5 and sha1 checksum/hash value.

63

prospectus
IS-C3-F-03: Analysis of Digital Evidence Theory Hours: 60 Hours Tutorial/Practical Hours: 60Hours Outline of the Syllabus S.No. 01. 02. 03. 04. 05. 06. 07. Recovery of Data Analysis of Digital Evidence Analysis of Media Files Log Analysis Analysis of Secured Documents Computer Forensics Tools and Tool Kit Report Preparation Topics 05 hours 10 hours 10 hours 05 hours 05 hours 15 hours 10 hours

Detailed Syllabus Recovery of data 05 hours

Deleted files, recovery of data from the hard disk, damaged FAT, using of file carving tools Analysis of Digital Evidence 10 hours

Methodology of analysis, preparation & updation of the list of relevant keywords, their search, timeline of files usage, analysis of RAM data to find user-ids, passwords, etc., analysis of CD/DVD and other memory cards, Tool LiveView, booting the system using the forensic image of a system using Liveview Analysis of media files 10 hours

Analysis of media files headers, manual analysis of graphics, audio, video files; Steganography in media files, process of hiding of data / data files in media files, steganalysis tools, steganographic detection Log analysis 05 hours Role of logs in forensic analysis, access logs from various sources, log analysis tools, logs using log analysis tools and manually Analysis of secured documents analysis of 05 hours

Tools for finding/ cracking/ bypassing of passwords, encryption keys for recovery of data from the password protected / encrypted documents; tools & techniques to find/reset passwords, brute force, rainbow tables Computer forensic tools and toolkit 15 hours

Well known commercial and freeware toolkits, their features, WinHex, advantages over other CLI/GUI tools, CyberCheck Suite, AccessData FTK, EnCase Forensics, Helix, The Sleuth Kit, Toolset BackTrack Report preparation 10 hours

Computer Forensic Analysis Reports, Executive Summary, Goals/Objective of the Analysis, case questionnaires with relevant findings, referring to annexing of supporting documents, screenshots, photographs; tools used, forensic analysts involved, Report writing Guidelines, organizing the Reports, Documenting Investigative Steps with sections & subsections, Conclusion, Expert witness, testimony by a forensic analyst and role of an expert witness in judicial courts
64

prospectus References
1. Incident Response and Computer Forensics- Kevin Mandia, Chris and Mattpepe ((Tata McGRAW-HILL) 2. File System Forensic Analysis-Brian Carrier Addison-Wesley 3. WWW(World Wide Web).

IS-C3-F-03 : Analysis of Digital Evidence PRACTICAL ASSIGNMENTS

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. Practicals on recovery of deleted files. Practicals on recovery of data from hard disk. Practical on steganography. Practical on steganography tools Practicals on analysis of media file headers. Practicals on analysis of graphic, audio, video files. Practicals on log analysis using various open source tools. Practicals on recovery of encryption key. Practicals on use of open source forensic tool kit, sleuth kit. Case Study on preparing forensic report.

65

prospectus
IS-C3-F-04: Computer Forensics for Windows & Linux Systems and Anti-forensics Theory Hours: 60 Hours Tutorial/Practical Hours: 60Hours

Outline of the Syllabus S.No. 01. 02. 03. 04. 05. Windows Forensics Linux Forensics Internet usage analysis Tracing the Source of E-mails Anti-Computer Forensics

Topics 15 hours 15 hours 10 hours 15 hours 05 hours

Detailed Syllabus Windows Forensics 15 hours

Examination of recycle bin INFO / INFO2, windows shortcut files, swap file pagefile.sys, hibernation file, print spool files, windows registry analysis, registry analysis tools, registry hives, knowing about USB devices used, typed URLs, files extracted using winzip, recently opened/ downloaded/ saved files, date of installation & version of software applications, time zone, last shutdown time, IP & MAC Address, autorun programs Linux Forensics 15 hours

Use of built-in command line tools for computer forensic investigation dd, dcfldd, fdisk, mkfs, mount, umount, md5sum, sha1sum, dmesg; mounting of the hard disk having forensic image, data recovery tools, use of search tool 'find' with various options to find specific files, Linux boot sequence, timeline analysis of files using find Internet usage analysis 10 hours

Websites in favourites, history, cookies, temporary internet files, data in cache, saved passwords, auto-complete feature, internet usage analysis tools Tracing the source of the e-mails 15 hours identification of mailbox in client system, recovery of deleted e-mails, e-mail headers, viewing &50 analysing the e-mail headers in popular e-mail software applications, Message-id, ESMTP-id, IP address of e-mail server & client system associated in sending emails, whois, etc. tools for finding location of an IP address; e-mail server access logs, spam/spoofed e-mails, phishing e-mails, use of tools and forensic toolkits in tracing e-mails Anti-Computer Forensics 05 hours

Challenges or bottlenecks in computer forensic investigation for a computer forensic analyst; encrypted, compressed, password protected documents

66

prospectus References
1. Windows Forensic Analysis , Harlon carvey , Syngress Publishing 2. Unix and Linux Forensic Analysis,Chris pogue,Cory Alttheide,Todd HaverKos ,Syngress publishing 3. WWW(World Wide Web)
51

IS-C3-F-04 : Computer Forensics for Windows & Linux Systems and Antiforensics PRACTICAL ASSIGNMENTS
1. Practical on windows forensics like recylebin examination, page file.sys registry analysis, IP/Mac Address detection, USB device used, recently opened/ downloaded saved files etc. and all other windows forensic methodology mentioned in syllabus. Practical on Linux Forensics dd,fdisk,mkfs,mount,umound,mmount,md5sum,shasum,mounting the hard disk having forensic image; use of find. Practical on internet usage analysis like history cookies temporary internet files, data in, cache, saved passwords etc. Practicals on tracing the source of the e-mails. Practicals on Anti Computer Forensics techniques like encryption, compression password protection etc.

2.

3. 4. 5.

67

Headquarter - NIELIT Electronics Niketan 6 CGO Complex New Delhi 110 003 Website : http://www.nielit.in Nodal Center - NIELIT , Gorakhpur Centre M. M. M. Engg. College Campus, Gorakhpur U.P.- 273 010. Website : http://www.nielitgkp.edu.in Other Training Centres
Srinagar Centre : Kolkata Centre : Sidco Electronics Complex Jadavpur University Old Airport Road Campus,Kolkata - 700032. Rangreth,Srinagar - 190007 Jammu Centre : Imphal Centre : New Campus University Akampat,Post Box No.104, of Jammu,Dr. BR Ambedkar Imphal Manipur - 795001. Road Jammu - 180006. Calicut Centre Post Box No. 5, NIT Campus P. O. Calicut,Kerala- 673601.

CONTACT US : Phone No. - (0551)2273872 , FAX - (0551) -2273873 , Email ID - isc@doeaccgkp.edu.in ,isc.doeaccgkp@gmail.com