https://www.india.gov.in

Details for 2-Week Courses

Course Details for 2-Week Courses

Information Security A Practical Approach

Objective: To develop the skill sets of a professional in Assessing information security threats

Duration: 2-weeks

Course Contents

Topics

Information Security Fundamentals

  • Background, Importance, Statistics, National & International Scenario
  • Identification and Authentication, Confidentiality, Privacy Integrity, non-repudiation, Availability
  • Goals of Security-Prevention, Detection and Recovery
  • eCommerce Security

Security Threats & Vulnerabilities

  • Weaknesses-Buffer overflow, brute force attacks, protocol attacks, Cross site and other CGI vulnerabilities etc, Spoofing, Denial of Service

System & Network Administration and Security

  • Security Consideration in OS: OS Hardening
  • Internet Protocols and Security: SSL/TLS, IPSec
  • Application Security- WWW security, Secure Emails
  • Access Control-Physical and Logical

Tools & Technologies

  • Firewalls , IDS, AntiVirus, Log analysis
  • Cryptography
  • Security Infrastructure: PKI, VPN
  • Network Scanners
  • Forensics

Security Audits

  • Asset Classification and Risk Analysis
  • Audit Trails, Reporting

Security Management

  • Security Policies and Procedures
  • DRP/BCP
  • International Standards (CC/BS7799/ITSEC/GLB/HIPAA)

Total Effort: 60 hrs.

Perimeter Security Solutions

Objective: To develop the skill sets of a professional in the Perimeter security solutions

Duration: 2-weeks

Topics

Security Threats & Vulnerabilities

  • Overview of security threats
  • Authentication: Weak passwords
  • Insecure Internet Connection, Cookies
  • Viruses & other infections
  • Security of Hard drives, Security of laptops
  • Sniffers, Back doors and Trojans
  • Buffer overflow and other programming bugs
  • Common Attacks, Denial of Service, Man in the middle, Brute Force Attacks, Teardrop, Birthday

Information Security Solutions

  • Firewalls
  • Intrusion Detection Systems
  • Cryptography Encryption Technologies algorithms and their usage
  • Security Infrastructures: PKI, VPN
  • Licensing, Digital Signatures, Security Policies

Total Effort: 60 Hrs.

Public Key Infrastructure (PKI)

Objective: To develop the skill sets of a professional in the area of Public Key Infrastructure (PKI)

Duration: 2-weeks

Course Contents

Topics

Understanding PKI

Cryptography Basics and Cryptographic Algorithms

  • Talk about various algorithms, symmetric versus asymmetric cryptography, etc.
  • Pros and cons of symmetric key cryptography over asymmetric
  • How to mix and match both in a practical scenario
  • How this leads to digital signatures, and other applications of cryptography

Public Key Infrastructure Basics

  • What are the pieces that make up PKI (CA, RA, subscriber, etc)
  • What is the work flow of PKI usage (from the users side, from the CA/RA side, etc.)
  • What is the repository, CRL, etc.?

PKI Hierarchies

  • Types of PKI hierarchies (single CA, trust models, etc.)

PKI deployment

  • Operational requirements and sizing of the hardware/ software
  • Standards compliance and interoperability
  • Current legislation and legal issues

CA Functions, RA functions, and subscriber functions

  • Verification and validation procedures, etc.

Certificate Management

  • Revocation, suspension, cert lifecycle, backup and recovery of private keys etc.

Total Effort: 60 Hrs.

Security Administration Windows

Objective: To develop the skill sets of a professional in the secured Windows administration

Duration: 2-weeks

Course Contents

Topics

Microsoft Windows NT/2000 Server Administration

  • Introduction to Windows operating System
  • Administrative tasks & tools
  • Installations and configurations of windows OS
  • Configuration of DNS, DHCP, WINS services
  • Managing windows network
  • Configuring different clients with servers
  • Troubleshooting with windows 2000
  • IIS server configuration

System & Network Administration and Security

  • Design of Secure Operating System
  • Operating System controls
  • Trusted Operating Systems, Operating System Hardening
  • Internet Protocols and Security
  • Application Security WWW security SHTTP, SMIME, PGP, SET, E-mail and IM security
  • Access Control Physical and Logical Biometrics introduction
  • Internet security protocols: SSL/ TLS: SSL Process, SSL Issues, SSL Defenses, IPSec

Total Effort: 60 Hrs

Security Administration Linux

Objective: To develop the skill sets of a professional in the area of secured Linux administration

Duration: 2-weeks

Course Contents

Topics

Linux Administration

  • Systems concepts
  • Boot Processes on Linux
  • Installation of Sun Solaris & Linux
  • Initialization and Shutdown concepts
  • Linux user administration
  • Configurations of APACHE, SAMBA, NFS, DNS
  • FTP services and NIS Configuration
  • Systems, Disk Management, print services
  • Trouble shooting

System & Network Administration and Security

  • Design of Secure Operating System
  • Operating system controls
  • Trusted Operating Systems, Operating System Hardening
  • Internet Protocols and Security
  • Application Security WWW security SHTTP, SMIME, PGP, SET, E-mail and IM security
  • Access Control Physical and Logical Biometrics introduction
  • Internet security protocols: SSL/TLS: SSL Process, SSL Issues, SSL Defenses, IPSec.

Total Effort: 60 Hrs.

Information Security Threats Assessment

Objective: To develop the skill sets of a professional in Assessing information security threats

Duration: 2-weeks

Course Contents

Topics

Security Threats & Vulnerabilities

  • Overview of security threats
  • Authentication: Weak passwords
  • Insecure Internet Connection, Cookies
  • Viruses & other infections
  • Security of Hard drives, Security of laptops
  • Sniffers, Back doors and Trojans
  • Buffer overflow and other programming bugs
  • Common Attacks: Denial of Service, Man in the middle, Brute Force Attacks, Teardrop, Birthday
  • Overview of security threats

Security Tools

  • Network Scanners
  • Vulnerability Scanners
  • OS fingerprinting: nmap, nessus, MBSA, SAINT, John the Ripper
  • Forensic Tools
  • Others

Total Efforts: 60 Hrs.

Information Security Standards & Best Practices

To develop the skill sets of a professional in the following areas

Objective:

- Understanding various aspects of security management

- Understanding various standards and best practices

Duration: 2-weeks

Topics

Information Security Management

  • Security Policies and Procedures
  • DRP/BCP- Business impact analysis, Risk assessment Methodologies, Risk Classification
  • Asset classification, Information Classification Organization level strategy, Process level Strategy
  • Resource recovery strategy, Crisis management plan Incident mgmt, communications, PR and media Policy, framework, audits, benchmarks, compliance

Security Standards & Best Practices

  • Best Practices Guidance on Data Protection for System Designers
  • Security Testing and Evaluation Criteria
  • International Standards (CC/BS7799/ITSEC/GLB/HIPAA/COBIT)

Total Effort: 60 Hrs.

Application Security

Objective: To develop the skill sets of a professional in the area of Application Security

Duration: 2-weeks

Topics

Principles of Security

  • Policies
  • Firewalls and network segmentation
  • Host security
  • Application layer security
  • Reactive security
  • Host identification
  • Service enumeration

Web Hacking

  • Web reconnaissance
  • Web server vulnerabilities, ASP, CGI, Cold Fusion, Java server vulnerabilities, Scanning for web vulnerabilities
  • Retrieving application source code, Shifting through the source code for hidden secrets
  • Buffer overflows, Input sanitization issues
  • e-shoplifting, Impersonation using cookies
  • Hacking SSL-enabled sites

Secure Coding

  • Authentication and Authorisation
  • Buffer overflow attacks, Format string vulnerabilities
  • Input validation, SQL injection
  • Cross-site scripting, Canonicalization
  • Best practices, Security testing, Code reviews and Tools

Total Effort: 60 Hrs.

 

Content owned & provided by Ministry Of Electronics & Information Technology, Government Of India

GIGW Certificate  http://india.gov.in, The National Portal of India : External website that opens in a new window

  • Site Counter: 10,543,276