Cyber Security
Home Courses

Domain Track : Cyber Security

Domain Track : Cyber Security

Course Attendees

Still no participant

Course Reviews

Still no reviews

Cyber security is the practice of protecting computers, servers, mobile devices, critical electronic systems, networks, and data from malicious digital attacks.Cybersecurity measures are designed to combat threats against networked systems and applications, whether those threats originate from inside or outside of an organization.

This course gives students an insight into the basics of cloud computing along with virtualization, cloud computing is one of the fastest growing domain from a while now. It will provide the students basic understanding about cloud and virtualization along with it how one can migrate over it.

Track Total Credits ( T-P-P): 6-10-4

Courses Division:

  • CUCS2045 - Linux Sever Management and Security( 2-2-0)
  • CUCS2046 - Advanced Hacking Techniques (2-2-0)
  • CUCS2047 – IT Networking and Network Security (2-2-0)
  • CUCS2048 – Vulnerability Assessment & Penetration Testing (0+4+0)
  • CUCS2049 – Project (0-0-4)

Domain Track Objectives:

  • Develop skills to manage a Linux server and provide basic security to the server
  • Master hacking methodology to be used in penetration testing
  • Good understanding on network infrastructure and identify points of vulnerability in networks
  • Hands on experience on various tools & techniques of vulnerability assessment & penetration testing used in Linux and shall pursue a career in penetration testing domain

Domain Track Learning Outcomes:

  • Able to setup Linux server
  • Able to do client and server side configuration of different services
  • Able to provide security to the server
  • Perform different type of attack and find the vulnerabilities
  • Able to build networks and subnets
  • Able to configure network devices for switching and routing
  • Identify some of the factors driving the need for network security
  • Aware of the various ways through which hackers’ attempts to compromise an Application, Service, Desktop or a server and its countermeasures
  • Establishing a methodology for vulnerability assessment and penetration testing

Career Scope:

  • System/Network/App Penetration Tester
  • Security Architect - Leaders
  • System Administrator
  • Security Program Manager - Leaders
  • Incident Responder
  • Malware Analyst
  • Network Security Engineer
  • Security Analyst
  • Security Operations Analyst
  • Intrusion Analyst

Project Titles:

  • Hardening the Operating system
  • Website vulnerabilities and counter measures
  • Secure application development
  • SQL Injection Prevention System
  • Secure Data Transfer Over Internet Using Image Steganography
  • Secure Text TransferUsing Diffie Hellman Key Exchange Based on Cloud
  • Detecting Phishing Websites using latest technogies
  • IDS
  • Password Security
  • System Auditing

Domain Syllabus:

1. CUCS2045 - Linux Server Management and Security (52 HRs)
  • 1.1 Access the command line, Recovery of the root user password
  • 1.2 Managing files from the command line
  • 1.3 Creating,Viewing,and Editing Text Files
  • 1.4 Managing Local Linux Users and Groups
  • 1.5 Linux File System Permissions
  • 1.6 Monitoring and Managing Linux Processes
  • 1.7 Archiving and Copying Files Between Systems
  • 1.8 Installing and Updating Software Packages
  • 1.9 Accessing Linux File Systems
  • 1.10 Linux Networking
  • 1.11 Analyzing and Storing Logs
  • 1.12 Configuring and Securing OpenSSH Service
  • 1.13 Using Regular Expressions with grep
  • 1.14 Scheduling Future Linux Tasks
  • 1.15 ACLs
  • 1.16 SELinux Security
  • 1.17 Adding Disks, Partitions, and File Systems to a Linux System
  • 1.18 Managing Logical Volume Management (LVM) Storage
  • 1.19 Boot Process
  • 1.20 Managing different services using systemctl
  • 1.21 Planning and Configuring Security Updates
  • 1.22 Basics of System Auditing
  • 1.23 Security guidelines during installation
  • 1.24 Configuring firewalld
  • 1.25 Compliance Policy and Vulnerability Scanning With OPENSCAP
2. CUCS2046 -Advanced Hacking Techniques (56 HRs)
  • 2.1 What is zero day vulnerability and how it works.
  • 2.2 Replay attack, pass the hash
  • 2.3 Hijacking, Clickjacking, Session hijacking, URL hijacking
  • 2.4 Typo squatting, Manipulating Driver, Shimming
  • 2.5 Refactoring, Pivot, Initial exploitation, Persistence
  • 2.6 Techniques of Penetration Testing, vulnerability scanning
  • 2.7 Passively test Security Controls
  • 2.8 Identifying vulnerability, lack of security control, common misconfigurations
  • 2.9 Intrusive vs non-intrusive, Credentialed vs non- credentialed, False positive
  • 2.10Security using Firewall, ACL, Application based vs network based
  • 2.11 Stateful vs Stateless, Implicit deny
  • 2.12 Remote access vs site-to-site
  • 2.13 IPSec, Tunnel mode, Transport mode, AH, ESP
  • 2.14 Split tunnel vs full tunnel, TLS, Always-on VPN
  • 2.15 HIDS/HIPS,Antivirus
  • 2.16 File integrity check, Host based firewall
  • 2.17 Application whitelisting, Removable media control
  • 2.18 Advanced malware tools,Patch management tools
  • 2.19 Data execution prevention, web application firewall
  • 2.20 Network Segmentation, Blackholes, Sinkholes, and Honeypots
  • 2.21 System Hardening
  • 2.22 Google Dork
  • 2.23 Proxy
  • 2.24, Password Guessing
  • 2.25 Browser Password Hacking
  • 2.26 Application Password Hacking
  • 2.27 OS Password Hacking
  • 2.28 Server Password Hacking
3. CUCS2047 - IT Networking and Network Security (54 Hrs)
  • 3.1 Network Fundamentals
  • 3.2 OSI model
  • 3.3 TCP/IP protocol suite
  • 3.4 IP addressing- IPv4
  • 3.5 IP addressing- IPv6
  • 3.6 Subnetting
  • 3.7 Wireshark
  • 3.8 Packet capturing
  • 3.9 Analysis of packet
  • 3.10 DHCP
  • 3.11 DNS
  • 3.12 IP configuration
  • 3.13 WAN connectivity
  • 3.14 Authentication
  • 3.15 Basic switching
  • 3.16 Static routing
  • 3.17 Dynamic routing
  • 3.18 VLAN
  • 3.19 IPSec
  • 3.20 ACL
  • 3.21 Firewall
  • 3.22 SSL
  • 3.23 VPN
  • 3.24 NAT
  • 3.25, AAA
4. CUCS2048 - Vulnerability Assessment & Penetration Testing (44 HRs)
  • 4.1 To gain knowledge about how VAPT works, as well as network security protocols, devices, and controls.
  • 4.2 Initiate and manage incidents, as well as do penetration testing.
  • 4.3 Comprehend packet sniffing techniques.
  • 4.4 Learn about network penetration testing models and procedures, security analysis
  • 4.5 scanning and its types(network, port and vulnerability scanning)
  • 4.6 Nmap and live scanning on ports and networks
  • 4.7 Netcat usage on TCP/UDP ports
  • 4.8 Wireshark basics and capturing data
  • 4.9 NFS ,SMB ,SMTP enumeration
  • 4.10 Vulnerability scanning overview
  • 4.11 Different types of vulnerability scanning
  • 4.12 Nessus installation and configuration
  • 4.13 Vulnerability scanning with Nessus
  • 4.14 Web application assessment with nikto, burp suite and Vega
  • 4.15 Vulnerability analysis with Metasploit framework
  • 4.16 Application security testing using acunetix
  • 4.17 OWASP mobile vulnerability
  • 4.18 Tools for Mobile application vulnerability
  • 4.19 Identify and mitigate security issues using Microsoft TMT
  • 4.20 Automated software testing using VAF tool
  • 4.21 password security auditing and password recovery using John the Ripper
  • 4.22 Penetration testing using BeEF tool

Session Plan for the Entire Domain:

1.Linux Administration
Session 1 & 2 : Access the command line, Recovery of the root user password
Session 3 & 4: Managing files from the command line
Session 5 & 6:Creating,Viewing,and Editing Text Files
Session 7 & 8: Managing Local Linux Users and Groups
Session 9 & 10: Linux File System Permissions
Session 11 & 12: Monitoring and Managing Linux Processes
Session 13 & 14: Archiving and Copying Files Between Systems
Session 15 & 16: Installing and Updating Software Packages
Session 17 & 18: Accessing Linux File Systems
Session 19 & 20: Linux Networking
Session 21 & 22: Analyzing and Storing Logs
Session 23 & 24: Configuring and Securing OpenSSH Service
Session 25 & 26: Using Regular Expressions with grep
Session 27 & 28: Scheduling Future Linux Tasks
Session 29 & 30: ACLs
Session 31 & 32: SELinux Security
Session 33 & 34: Adding Disks, Partitions, and File Systems to a Linux System
Session 35 & 36: Managing Logical Volume Management (LVM) Storage
Session 37 & 38: NFS, SMB
Session 39 & 40: Boot Process
Session 41 & 42: Network Port Security and Firewall
Session 43 & 44: Managing DNS for Servers
Session 45 & 46: Providing Apache HTTPD Web Service
Session 47 & 48: Configuring Email Transmission
Session 49 & 50: Configuring Databases
2 Advanced Hacking Technique
Session 1 & 2 What is zero day vulnerability and how it works.
Session 3 & 4 Replay attack, pass the hash
Session 5 & 6 Hijacking, Clickjacking, Session hijacking, URL hijacking
Session 7 & 8 Typo squatting, Manipulating Driver, Shimming
Session 9 & 10 Refactoring, Pivot, Initial exploitation, Persistence
Session 11 & 12 Techniques of Penetration Testing, vulnerability scanning
Session 13 & 14 Passively test Security Controls
Session 15 & 16 Identifying vulnerability, lack of security control, common misconfigurations
Session 17 & 18 Intrusive vs non intrusive, Credentialed vs non- credentialed, False positive
Session 19 & 20 Security using Firewall, ACL, Application based vs network based
Session 21 & 22 Stateful vs Stateless, Implicit deny
Session 23 & 24 Remote access vs site-to-site
Session 25 & 26 IPSec, Tunnel mode, Transport mode, AH, ESP
Session 27 & 28 & 29 Split tunnel vs full tunnel, TLS, Always-on VPN
Session 30 & 31 HIDS/HIPS,Antivirus
Session 32 & 33 File integrity check, Host based firewall
Session 34 & 35 Application whitelisting, Removable media control
Session 36 & 37 Advanced malware tools, Patch management tools
Session 38 & 39 UTM, DLP
Session 40 & 41 Data execution prevention, web application firewall
Session 42 & 43 & 44 Network Segmentation, Blackholes, Sinkholes, and Honeypots
Session 45 & 46 System Hardening
Session 47 & 48 & 49 Group Policies and MAC, Endpoint Security, Network Access Control
Session 50 & 51 Identity Management, Context-based Authentication
Session 52 & 53 Single Sign On and Federations
Session 54 & 55 & 56 Vulnerability Management: Identification of requirements, Configure tools to perform scans
Session 57 & 58 Execute scanning, Generate reports, Analyze reports , Remediation
Session 59 & 60 Incident recovery planning and process
Session 61 & 62 & 63 Data acquisition, Preservation, Recovery, implementations of business continuity
Session 64 & 65 Understand the principles of forensics, Backing up a Server
3. System And Network Security
Session 1 & 2 Introduction to systems and networks
Session 3 & 4 Threats, Defense against online threats
Session 5 & 6 Threat modeling and risk assessments, malware, exploit kits
Session 7 & 8 & 9 Web application security principles, application design & development security
Session 10 & 11 Environment and controls, Essence of secure software development
Session 12 & 13 Foundations of operating system security and privacy functionality
Session 14 & 15 Windows 10 privacy issues
Session 16 & 17 OS Hardening
Session 18 & 19 Defense against tracking
Session 20 & 21 & 22 Zombie super cookies, browser fingerprinting and browser profiling
Session 23 & 24 Search engine privacy
Session 25 & 26 Browser security
Session 27 & 28 Authentication including passwords
Session 29 & 30 Multi-factor authentication - soft tokens and hard tokens
Session 31 & 32 HTTP Header Manipulation, Basics of Exception Management
Session 33 & 34 & 35 Introduction to configuration management & session management
Session 36 & 37 Unauthorized access to administration interfaces and configuration stores
Session 38 & 39 Retrieval of clear text configuration data, Lack of individual accountability
Session 40 & 41 Over-privileged process and service accounts
Session 42 & 43 Basics of Session Management
Session 44 & 45 Session replay attack
Session 46 & 47 Bypassing censors, firewalls, and proxies
Session 48 & 49 mitigating de-anonymization attacks
Session 50 & 51 & 52 Defenses against phishing, SMShing, vishing, identity theft, scam,
Session 53 & 54 Defenses against social engineering threats
Session 55 & 56 Network Protocol Analyzer and it’s advantages
Session 57 & 58 Network Protocol Analyzer Tools
Session 59 & 60 Internet Content Filter and it’s advantages
Session 61 & 62 & 63 UTM and NAC, NAC solutions
Session 64 & 65 DMZ, RADIUS and S/MIME
4. IT Data Security
Session 1 & 2 Data security – background, Data security – a need, Data security – its importance
Session 3 & 4 Factors for implementing a robust data security, Data security processes, Data security threats
Session 5 & 6 Network Driven Threats to Data Security, Phishing, Identity Theft.
Session 7 & 8 More Network based Threat types, Cryptographic Threats, Threats to database security, Banking frauds
Session 9 & 10 Threats to web- application, Physical security threats, Hacking and social engineering
Session 11 Threats – wireless network, Threats – blue tooth devices
Session 12 &13 Threats in Current technological environment, Data security -benefits
Session 14 & 15 Threat techniques - an introduction, Malware threat techniques, Network based threat techniques -botnet
Session 16 & 17 Network Based Threat Techniques - PHISHING, Network Based Threat Techniques - SNIFFING
Session 18 & 19 Network Based Threat Techniques – PASSWORD ATTACK, Transmission interception
Session 20 Cryptographic Threat Techniques, Database Threat Techniques
Session 21 & 22 Threat technique - sql injection, More Database Threat Techniques
Session 23 & 24 Banking Fraud Techniques, Web-application Threat Techniques
Session 25 & 26 Webapplication Threat Techniques – More, Cross-site Scripting Forgery - XSS
Session 27 & 28 Physical security threat techniques, Wireless network threat techniques
Session 29 & 30 DoS attack, Bluetooth device threat techniques
Session 31 & 32 Introduction to Countermeasures, Importance of data protection, Evolution of mitigation techniques
Session 33 Countermeasures, Malware counter measures, Network threats - counter measures
Session 34 & 35 Cryptography threats - counter measures, Database threats – countermeasures
Session 36 & 37 Banking frauds - countermeasures, Web application - countermeasures
Session 38 & 39 Physical barrier: - a countermeasure for Physical Threat
Session 40 & 41 Mantrap and perimeter security, Hardware security
Session 42 & 43 Security zone, Partitioning, Biometric and power system, Emi shielding, Hot and cold aisles
Session 44 & 45 Fire suppression, Natural and manmade countermeasures, Insider threat countermeasures
Session 47 & 48 Hacking and social networking - countermeasures,
Session 49 & 50 Wireless Network Security Countermeasures, Bluetooth Device Countermeasures.

List of Projects to be done in domain:

  • Hardening the Operating system
  • Website vulnerabilities and counter measures
  • Secure application development

Student Projects & Intership

Domain student have done a project on Centralized User Authentication using AAA server. This model ensure prevention of unauthorized access to the server.

Students deigned a site to site VPN using GRE tunnel to ensure secure and encrypted packet transmission .

Six students of cyber security domain has undergone internship where they have done real time penetration testing on CUTM website and its subdomains to find vulnerabilities and counter measures.

Latest News & Student Testimonials

Cyber Security domain student participated and bagged gold and silver medal in ODISHA SKILLS – 2021

Cyber Security domain student participated and bagged gold and silver medal in ODISHA SKILLS – 2021 Pranab Kumar Mohanta and Srinivas Rout – Gold Medal Rohan Kar and AbhigyanAbhisekham – Silver Medal

Cyber Security domain student participated in regional and INDIA SKILLS – 2021

Cyber Security domain student participated in regional and INDIA SKILLS – 2021

Skill In Odisha - Odisha Skill Development Authority | Cyber Security | CUTM

QnA Raches Mohapatra Success Story | Cyber Security | CUTM

Media

Our Main Teachers

He is currently working as an Assistant Professor in the Department of Computer Science and Engineering under Centurion University of Technology and Management, Odisha. He is pursuing his Ph.D. in the field of Information Security at Centurion University of Technology & Management and received, MTech (CS) Degree from Berhampur University in the year 2009. He […]

Dr.Shreela Dash

Assistant Professor
VIEW PROFILE

She is currently working as an Assistant Professor in the Department of Computer Science and Engineering under Centurion University of Technology and Management, Odisha. She has completed her Ph.D. in the field of Information Security from KIIT Deemed to be University in 2021, MTech (CSE) Degree from KIIT Deemed to be University in the year […]

He is currently working as an Assistant Professor in the Department of Computer Science and Engineering under Centurion University of Technology and Management, Odisha. He is continuing his Ph.D. in the field of Opinion mining in BPUT,Rourkela, MTech (CSE) Degree from College of Engineering,Bhubaneswar in the year 2009. He is having 16+ years of experience […]