Modules to be covered
The Module is designed to give an introduction to the fundamentals of internet and its primary concepts from origin to the current trending concepts of information security world. For beginners course offers a complete knowledge of basic security concepts, principles, and the key terms associated with information security and cyber World. Intend of the module is to clear misbelieves and myths of cyber world and also to study recent trends as well as threats and modus operandi of cyber criminals and testers.
Networks are defined as medium for communication between two or multiple systems, i.e. it constitutes a mechanism of information that travels across multiple devices using various mediums, concepts of Domain name system, Servers, Connection mechanism. The module will cover in depth knowledge of OSI model and TCP/IP model and how data is transmitted through network, along with various Protocols used at each layer with focus on Networking Layers, Network design and implementation and what devices are used for the data transmission i.e. hardware associated with networking like switches, router, hub etc along with types of network, internet protocol v4 & v6, ports & protocols, sub netting concepts, domain name system and its working, Network architecture and standards.
The module at beginning will define the basic terminologies, introduction of operating systems and technical aspects will follow in the later part of module that includes how multiple operating systems are installed and configured in virtual box.
Course aims to implement understanding of how virtual machines are separated inside the same physical host and how they communicate with lower hardware levels, working of virtualization technology and components involved and the essentials to setup a lab for further modules in this course like web application hacking, malware analysis.
Open source intelligence (OSI) is focused on collecting as much information as possible about a target which can be organization, a person, website or a specific system.
The module is designed to give insight of OSI methods and techniques i.e. various ways to collect information from publically available resources like e-Mail spoofing, Fake mail Tracing by using various methods.
The module will provide elementary knowledge about advance search techniques in various search engines used by security professionals, cyber criminals. Introduction to social engineering technique like phishing for email id hacking, desktop phishing, remote phishing and how it is essential in information gathering.
For Information protection data security is essential and thus it need to be encrypted. The module begins with introduction of cryptography from its origin to traditional methods and modern techniques. Cryptography has important applications in information security and data protection techniques.
The second half of the module Explore and describe basic concepts of cryptography including secret key and public key systems, encoding and decoding. Difference between encryption and encoding along with techniques and methods of decryption also demonstrate how Hash Values are created using cryptographic hash function by studying hash techniques and also how to crack hash. Introduction to data hiding techniques like steganography. Understanding of how cryptography applies complex mathematics and logic to design strong encryption methods.
The module will begin with an introduction of loopholes in protected wi-fi networks and its testing. Students will be able to learn, how to test security of a protected wifi network. In the later phase module will include hands on demonstration of internal network attacks like sniffing, MITM, DNS cache poisoning. Introduction of misconfigurations and loopholes in router security.
Module will also incorporate various internal security concepts like firewalls,IDS,IDPS. Module will cover scanning networks for live systems and their open ports further it will include operating system finger printing and grabbing banners of running services on remote system.
It will also give insight on scanning of known vulnerabilities.
The course will cover basic terminologies and concept of Malware - definition, why and how it is affecting the network and the system, key tools and techniques of malware attacks. Students will be briefed about creating Malware and various types of malware (virus, worms, trojans, keyloggers etc. )
Concepts of antivirus and their working along with it techniques to identify Malwares which are not detected by AVs will be taught.
The module includes the basic fundamentals of web application including some client side and server side scripting and possible web application attacks like SQL Injection, cross site scripting, local file inclusions and remote file inclusions and also medium level attacks like click jacking etc. They will also be able to patch loopholes in web application.
Metasploit is a framework which allows a security tester to arrange their exploits and launch them easily and how metasploit cover different types of pre build exploits. The scope of exploitation after compromising a particular system and its effect on network and user. The module cover exploitation techniques for different types of systems like windows, android, MAC.
Almost every case of cyber crime involves a very strong element of system based evidence i.e phone, smart phones and computer etc. The module will cover basics of forensics and Introduction to basic concept of data recovery from different types of storage devices and image creation for any storage device for data recovery.
Clarity on concepts of data like data deletion possibilities of recovery and dependencies for the same.
In this module basic C and Python language will be discussed with students. This module will also cover the techniques used by testers to create exploits.
Participants will be able to create their own exploits using Buffer Overflow vulnerabilities
This session will include various cyber crime cases and criminal modus operands. Also will be discussed various cyber crime cases handled by cyberops along with investigation procedure.
Methods to handle cyber crime cases and Dos and Don’ts of handling cyber crime cases will be discussed. Indian IT act with reference to case studies from cyberops will be discussed.
Who should attend?
Course is designed to address the needs of:
- Those individuals who intend to explore cyber security field associated threats and countermeasures and are new to terminologies and concept of cyber security work.
- Non – Technical professionals who are looking for prospective career opportunities in cyber security.
- Chartered accountants dealing in information security.
- Technical background students who aim for advanced learning in cyber security field as this will help them to understand the basic concepts and terms of cyber world.
- The course is designed for all industry spectrums professionals who want to acquaint with the basics of concepts, terminologies of information security, networking, cryptography and all that aspects that frame the underlying concepts of cyber security and countermeasures.
Course provides the fundamental knowledge of information security concepts, designed for participants having basic knowledge of computers and technology which will enable to grasp the fundamentals of information security that will serve as the foundation for infosec skills and knowledge. The course covers everything from core terminology to basics. Thus the Course it highly recommended to:
- School students, parents, Teachers, Professors and individuals who aim to understand the cyber security aspects
- Corporate and government/ investigators and network security personnel.
- Individuals working in a data audit, policy enforcement, or network intrusion investigation role.
Participants should have basic knowledge of computer system and internet surfing.
Course Package includes:
- Cyberops Welcome Kit
- Advanced Software Toolkit
- Remote access to test beds for two weeks.
At the end of the course you will be able to:
The Course will help Participants to understand the security terminology .Participants will learn to design, implement, and support networked devices which will help them to understand how information and network security support cyber security and along with the installation of virtual servers and workstations.
In the later modules Course will discuss various security technologies, including anti-malware, firewalls, and intrusion detection systems. How cryptography applies complex mathematics and logic to design strong encryption methods. Methods to collect information from centralized database system like IP where the site is hosted, server information, mail server information
Exploitation techniques and capabilities for penetration testing how to conduct investigations to correctly gather analyze and present digital evidence to both business and legal audiences. Course will end with Cyber crime investigation will give an insight on various cyber crime cases and criminal modus operandi and live cases handling for real time experiencing.
The entire program covers basic outline of cyber security as well as methods and techniques of how attacks are performed and possible outcomes of attacks along with the detection and prevention methods for the same.
Thus the practical exam after the course is entitled for certification aiming at how participants use skills, expertise and knowledge gained throughout course to detect possible attacks and methods to penetrate, hence to be specialized for the modules covered candidates are required to clear the set performance criteria for certification.
We use Simulation test method to provide real time challenge which will help participants to use skills , expertise and knowledge acquired during the entire course.
Passing Criteria: 80% and above
Duration of test: 5 hrs
Performance Give outs:
Participant with highest Score in batch will be awarded with Cyberops award of performance Excellency – CAPE Medal and certification of Merit.
Participants scoring 80% and above will be awarded with Certification of Merit.
Terms & Conditions:
- No. of attempts :Two
- Verification method for certification: The certificate will incorporate a unique ID for every participant and the same can be used for verification from Our Website.