Ethical Hacking (NEW)
Introduction
The explosive growth of the Internet has brought many good things: electronic commerce, easy access to vast stores of reference material, collaborative computing, e-mail, and new avenues for advertising and information distribution, to name a few. As with most technological advances, there is also a dark side: criminal hackers. Governments, companies, and private citizens around the world are anxious to be a part of this revolution, but they are afraid that some hacker will break into their Web server and replace their logo with pornography, read their e-mail, steal their credit card number from an on-line shopping site, or implant software that will secretly transmit their organization's secrets to the open Internet. With these concerns and others, knowledge in preventing hacking helps to avoid damages.
This technology provides the necessary skills required in defending the cyber crimes. By means gaining the practical exposure in the areas like:
-
Safe guarding the personal PC
-
Securing the corporate LAN
-
Maintaining the clean track of intrusions by malicious codes (virus, worms, spywares and even the Trojan horses).
-
Detecting the spam mails and by means of configuring the mail server.
-
Deploying the intrusion detection and prevention systems.
-
Creating the awareness of the attacks like ( Phishing, sql injection, DOS, XSS etc)
-
Remedies to exploits.
-
Patch management system
-
Information Security audit and frame work
-
Implementing the policies accordingly to the standard of ISO : 27001
-
Merge hands on cyber laws and forensic
Program Advantages
After the boom in Networking and Software jobs, the past two years have seen a sharp rise in the field of Information Security. Information Security and Ethical hacking is the latest buzzword in the industry. In the past five years, the percentage of hacking crimes, data thefts, data losses, viruses and other cyber crimes have increased exponentially.
“NASSCOM predicts requirement of 2, 64,000 professionals by the year 2009. Currently the number of security professionals in India is around 22,000.”
The current demand for Information Security jobs continue to grow. With information security increasingly becoming a boardroom level concern, training and certification are becoming increasingly important for candidates and companies alike.
The student will be equipped to handle the following:
-
Prevents data theft
-
Avoids legal consequences of not securing information
-
Maintains productivity
-
Foils cyberterrorism
-
Thwarts identity theft
-
Sophistication of attacks
-
Faster detection of weaknesses
-
Distributed attacks
-
Difficulties of patching
Course Modules
The Course consists of 75 Hours' Session which has 58 Hrs of theory and 17 Hrs practical sessions at the IOL platform. Broadly, the sessions cover the following
|
INTRODUCTION
|
DESKTOP & SERVER SECURITY
|
MALWARES, LAN SECURITY, FIREWALL SECURITY
|
- Introduction to Data, Information, Knowledge, and Intelligence.
- Security, and its need
- Operating System Basics.
- DBMS Basics
- Data Communication Basics.
- Basics of “Computer networking”
- OSI model.
- TCP/IP protocol suit
- Networking devices
- Types of Cyber Threats
- An approach for ethical hacking
- Types of Hackers.
- Anatomy of a Hacker
- Challenges for a hacker
- Don’t Get Caught
- Case Studies of Cyber Crime.
|
- Windows Security
- Registries
- Ports and Services
- Vulnerabilities in Windows
- Hacking into Windows
- Counter Measure & Securing Windows
- How to look for vulnerability?
- Deleted file recovery.
|
- Malwares and Firewall Security
- LAN Security and Port Filtering
- Case Studies and Practical.
|
| INTERNET SECURITY |
SCANNING, FINGERPRINTING,AND INFORMATION GATHERING |
TECHNICAL ATTACKS & PASSWARD CRACKING |
- Finding an IP Address
- Anonymous Surfing
- Proxies Servers
- Free Proxy servers
- Email Hacking
- How does Email work?
- Analysis of Email Headers
- Email Tracking
- IP Tracking using Email
- Microsoft Outlook Security
- Spam and its details
|
- Daemon-Banner grabbing
- Port Scanning
- Active Fingerprinting
- Passive Fingerprinting
- Attacking the System
- Types of attacks
- Non Technical Attack (Social Engg Attack)
- Pretexting Techniques
- Phishing Techniques.
|
- Technical Attacks
- DOS Attacks
- Ping of Death
- Land attack
- Smurf attack
- Tear drop attack
- Flood Attack
- Input Validation Attack
- XSS Attack
- Key logger Attack
- Sniffing Attack
- Password Cracking/ Enumeration
- Default password
- Dictionary based attack
- Brute force Attack
- Physical Security
|
| ART OF GOOGLING AND DATA BACKUP |
CRYPTOGRAPHY,STAGNOGRAPHY & CYBER FORENSICS |
IDS & IPS |
- Terminologies
- Basic Search Techniques
- Basic Keyword searching
- Phrase search
- + Operator search
- - Operator search
- Range search
- Advanced Search Techniques
- Data Backup
- Introduction
- Data Backup Strategies
|
- Cryptography
- Definition
- Goals
- Types Of Cryptography (SKCS, PKCS)
- Digital Signature
- Steganagraphy
- Cyber Forensics
|
- Introduction
- What is an Intrusion?
- Intrusion Detection
- Intrusion Detection System(IDS)
- Need of an IDS
- Components of an Intrusion
- Detection System
- Types of Intrusion Detection Systems
- Network Based Intrusion Detection
- Host Based Intrusion Detection Systems
- What is not an IDS?
- Detection Methodologies
- Factors Determining the Effectiveness of an IDS
- Various Tools Available
- Introduction to IPS
- What is an Intrusion Prevention System?
- Need for having an IPS
- Types of IPS
- Network Based IPS
- Counter Measures taken by an IPS
- Risks Involved
|
|
ACCESS CONTROL SYSTEM
|
VULNERABILITY ASSESSMENT AND PENITRATION TESTING
|
INFORMATION SECURITY AUDITING
|
- Introduction: What is Access Control
- Access Control in Physical Security
- Access Control in Information Security
- Need of an Access Control System
- The Essential Services provided by Access Control Systems
- Access Control Polices
- Discretionary Access Control (DAC)
- Limitations of Discretionary Access Control
Non-Discretionary Access Control
- Mandatory Access Control(MAC)
|
- Vulnerability Assessment
- Vulnerabilities
- Scope of Vulnerability Assessment
- Application Level Vulnerability Assessment
- Vulnerability Assessment Vs Risk Assessment
- Penetration Testing
- Automated Vulnerability Scanning
- Exploiting Services for Known Vulnerabilities
|
- ISO 27001
- What is Information Security
- History of ISO 27001
- Standards and International Organization for Standardization
- ISO 27001
- Domain of BS 7799-1
- Control Objectives & Control in ISO 27001 and Mandatory Requirements
- Selection and Implementation of Controls
- Developing and Adopting Policies
- Madatory Requirements
- Information Security Management System
- Management Responsibility
- Internal ISMS Audit
- Management Review of the ISMS
- ISMS Improvement
|
|
MANAGING SECURITY AWARENESS
|
RISK ASSESSMENT, BUSINESS CONTINITY AND DISASTER
|
SECURITY MANAGEMENT PRACTICES AND FRAMEWORK
|
- Information Security Management System
- Management Security
- Managing Security Awareness
- Need for Security Management
- Impact of a sound Security Management System
- Security awareness usually fails, WHY?
- ISO 27001 CERTIFICATION(27-end)
- ISO 27001 CERTIFICATION
- ROLE OF AUDITIORS
- Marketing ISO 27001 to Senior Management
- Preparing for Certification
- Compliance accreditation and certification
- The 6-step process for Certification
- Return On Investment
- Return On Investment
- Where to invest first
- Security Policies
- Training and Awareness
- System Administration
- Establish Effective Security
- Configurations
- Maintain Software
- Detect Security Breaches
- Respond intelligently to incidents
- Security Evaluations
|
- Risk Assessment
- What is Risk
- What is Risk Assessment
- Kind of Risk
- Stage of Risk Assessment
- Approaches To Risk Assessment
- Popular methodologies for Risk Assessment
- Business Continuity
- Business Continuity Planning
- Disasters
- Types of Disasters
- On the basis of area affected
- On the basis of the cause of origin
- Elements of a good Business Continuity Plan
- Building a Business Continuity Plan
- Assess Business Requirements
- Identify the IT requirements
- Building the Backup/recovery solution
- Select products to match the design of the solution
- Implement the solution
- Keep the solution up-to-date
|
- Security Management Practices
- The Big Three : CIA
- Security Management Practices
- Identification of Assets
- Determining Value of Assets
- Threats on Assets
- Safeguard Selection
- Data Classification
- Classification Criteria
- Information Classification Procedure
- Assets Protection & Approving Security Changes
- Monitoring Security Of the Networks
- OCTAVE Frame work
|
|
COMPUTER FORENSICS
|
CRIME SCENE MANAGEMENT & DATA RECOVERY
|
CYBER LAWS
|
- Cyber Forensic
- Cyber Crimes
- Preparing Before an Incident
- Recognizing signs of an incident
- Evidence Collection And Prevention
- Preliminary Response
- Documentation
|
- Crime Profiling Crime Scene Management
- Live System Data Gathering (Windows)
- Recovery of Deleted File
|
- e-Governance
- Impediments in Implementing e-Governance Projects from Legal Perspective
- Analysis of Problems – Repercussions
- Relevant Laws
- Information Technology Act, 2008*
- Prosecution of Cyber Crimes under Indian Cyber Laws (IT Act, 2000)
- Probable Solutions
|
Class Schedule
|
Batch Start Date
|
Class delivered on
|
Timings
|
Duration
|
Batch ends On
|
Last Date of
Application
|
Fees
|
|
To be announced
|
To be announced
|
To be announced
|
To be announced
|
To be announced
|
To be announced
|
To be announced
|
Eligibility and Evaluation
The program is for Undergraduates and Graduation in any stream.
Certification
An exam is held at the end of the program to ascertain the skill level achieved by the students. The Certification depends on the following
a) Performance in the final exam
b) Regular attendance of more than 90%
c) Submission of class assignments on a regular and timely basis
Program Delivery
The sessions will deliver on HughesNet interactive learning platform. The heart of the platform is a powerful user interface that enables large number of geographically distributed students to have a highly interactive ‘one to one'/ ‘one to many' exchange with a central faculty. The system incorporates live broadcast video; two-way audio and data interactivity to enable the students to watch and interact with the faculty live on their PC's.
Documents Required
- 2 Passport Size Photographs (Please write your Name, DD No and Program Name at the back)
- Educational Records:
o 12th Marksheet
o Graduation Degree/ 3rd Year Marksheet
o Diploma
- Identity Proof:
o Driving License, OR
o 10th Marksheet
How to Apply
- Participants may apply by filling up the online application form. The application form can be downloaded from the link given below.
- Download and Print the Form. Fill the form with all the necessary details as asked in the form.
- Submit the Duly filled Application Form and other documents to the nearest HughesNet Fusion Center.
- On getting selected the participant would be intimated by the center.
Terms and conditions (regarding the enrollment related areas)
- All the forms should reach HCIL Gurgaon by 4 PM on or before the last date of application.
- Fees once paid will not be refunded under any circumstances.
- Delay in bank loans etc will be individual's responsibility and no delay will be accepted on this account by HCIL / Institute
- No batch change is allowed under any circumstances and Institute's decision will be final in this regard.
- Any delay in reaching the forms due to postal or any other reasons will be individual's responsibility.
- Above is the net amount payable to HCIL.
- Other rules & regulations are part of the application form and are binding on the student
- Any changes in program dates are subject to the discretion of the Institute and HCIL shall not be held liable for the same.
|
