RESOURCE PERSON PROFILE

Program Name: cyBER RISK MANAGEMENT (cscRM21)

Resource Person 1

NAME : MTS.D.RAJASELVI

DESIGNATION : Assistant Professor

Department : Computer Science

College : SriAkilandeswariWomen's College,Vandavasi

Phone Number : 86108t377t

Emailld : tharuntharshini@gmail.com

Qualification : M.Sc., M.Phil

Experienee : 10 years

Address 32, M.S. Nagar,

Noolmi! Opposite,

Vandavasi-504 408.

f. nciPal,
I ndo-American Collegle,

CheYYar '604 4O7,

 CYBER RISK MANAGEMENT

MODUTE 1:

!ntroduction: Definition of cyber security risk and associated terminology, the position of risk analysis
and management in relation to the other components of a cyber security program. Principles:
Assets,

vulnerabilities, threats, threat actors, likelihood. Management of risks compared to simple acceptance
Risk treatment qptiQnS: avoidance, mitigation, transfer, acceptance'

MODULE 2:

f
Assets: Tangibte and intangible assets in the cyber world (hardware / softwa re data, classificatfon,
criticality based on the importance and value to organization (not just monetary), dependencies,
potential for critical national infrastructure. Vulnerabilities: Sources of cyber vulnerability, complexity
of modern software, attack surface of modern systems, development of software for functionality and
not with security considerations, existing known and zero-day system vulnerabilities, vulnerability
databases and open information

MODULE 3

Threats: Cyberthreat categorization, sources, motivation, type, technicalvs. non technical(e.g. attacks
to cooling systems to disrupt cyber systems), threat actors, exBtoitation of cyber vulnerabilities leading
to impact.and associated likelihood. Risk management: Risk evaluation and associated selection of risk
(or a
treatment options, effects and selection of risk avoidance, mitigation, transfer, acceptance
combination thereof), risk management as an iterative process, risk profile stemming from modifications
from
in an organization's environment, building an organization's cyber security control environment
the results of risk analysis, introductioir to basic cyber security controls'

upon successful completion of this course students should be able to:

/ Describe the underlying principles of risk analysis and management and the
purpose and

benefits behind such activities

./ Explain the terms used, such as risk, management, vulnerability, threats, actors, impact,
risk

matrix, etc.
,/ Recognize the difference between vulnerabilities and threats'
,/ Classify and describe a number of different risk assessment/management methodologies.
./ Classify and describe different assets and their values (including tangible and intangible
assets).
,/ ldentify and explain various threat sources'and the impacts that their materialization may -4-
' .manifest.
,/ Describe the risk management process, as it pertaihs to the protection of assets.
I Evaluate and select appropriate risk treatment options according to the combination
of impacts
and probabilities that the ris

4 t6h'-
PrinciPal'
,'t1lfi;l':k3""?'l"r*'
 Department of Computer Science
Academic Yea r :2020 -2021
Course Schedute - CSCRM21
30 Hours Training Schedule

Day &Date Session &Time Speaker Name Session Topics

DAY 1
Mrs.D.Raj aselvi,A sst.Prof, Introduction: Definition of cyber
&, 2,45 pm to 3.45 prn
SAWE Co llege,Van liavasi security risk and associated terminology
ts.02.202r
DAY 2 The position of risk analysis and
f,
Mrs. D. Raj aselvi,A sst. Pro
& 2.45 pm to 3.45 pm management in relation to the other
SAWE College,Vandavasi components of a cyber security
16.02.202t
DAY 3 Principles: Assets, vulnerabilities,
f,
Mrs. D. Raj aselvi,A sst. Pro
& 2.45 pm to 3.45 pm threats, threat actors, likelihood
SAWE College,Vandavasi
Management of risks compared to
t7.02.2021
DAY 4 Assets: Tangible and intangible assets
Mrs. D.Raj ase I v i,A sst.Pro f,
8. 2.45 pm to 3.45 pm in the cyber world (hardware / software
SAWE College,Vandavasi
t8.02.2021 / data, classification

DAY 5 Criticality based on the imporlance and

Mrs.D.Raj aselvi,Asst.Prof,
& 2.45 pm to 3.45 pm value to organization (not just
SAWE College,Vandavasi monetary), dependencies, potential for
t9,02.2021
DAY 6 Vulnerabilities: Sources of cyber
lvi,A s st. Pro f,
Mrs. D.Raj ase
complexity of modern
& 9.00 am to 2.45 pm vulnerability,
SAWE College,Vandavasi software, attack surface of modern
20.02,2021
DAY 7 Threats: Cyber threat categorization,
Mrs. D.Raj ase lvi,Asst. Prof,
& 9.00 am to 2.45 pm sources, motivation, type, technical vs
SAWE College,Vandavasi non technical (e.g. attacks to cooling
27.02.202t
DAY 8 Risk management: Risk evaluation and
lvi,As st. Pro f,
Mrs. D.Raj ase
& 9.00 am to 2.45 pm associated selection of risk treatment
SAWE College,Vandavasi options, effects and selection ofrisk
06.03.2021
DAY 9 Building an organization's cyber
Mrs. D.Raj Prof,
ase lv i,As st.
& 9.00 am to 2.45 pm security control environment from the
SAWE College,Vandavasi results of risk analysis, introduction to
t3.03.2021
DAY IO
Mrs. D.Raj Prof,
ase lv i,As st.
& 9.00 am to 2.45 pm Assessrnent
SAWE College,Vandavasi
20.03.2021

d&- -=514"{F€'ryt-a- t: -.
6-
Coordinator Principal
3 Prin cipal,
Ph: i2I@6 m ndo-American Colle$€,
* *
I

CheYYar'604 4Q7"
 DEPARTMENT OF COMPUTER SCIENCE
ACADEMIC YEAR : 2021-2022
PROGRAM NAME: Cyber Risk Management
l. What does cyber security protect?
a) Cyber security protects criminals b) Cyber security protects internet-connected
systems
c) Cyber security protects hackers d) None of the mentioned
2. Who is the father of computer security?
a) August Kerckhoffs b) Bob Thomas c) Robert d) Charles
3. Which of the following is a type of cybei security?
a) Cloud Security b) Network Security c) Application Security d) All of the
above
4. Which of the following is an objective of network security?
a) Confidentiality b) Integrity c) Availability d) AII of the above
5. Which of the following is not a cybercrime?
a) Denial of Sen-ice b) Man in the Middle c) Malware d) AES
6. Which of the following is a component of cyber security?
a) Internet Of Things b) AI c) Database d) Attacks
7. Which of the follpwing is a type of cyber attack?
a) Phishing b) SQL Injections c) Password Attack d) All of the
above
8. "Cyberspace" was coined by --
a) Richard Stallman b) William Gibson c) Andrew Tannenbaum d) Scott
Fahlman
9. In which year has hacking become a practical crime and a matter of concern in the field of
cyber technology?
a) 1991 b) 1983 c) 1970 d) 1964
10. Which of the following act violates cyber security?
a) Exploit b) Attack c) Threat d) Vulnerability

11. Which of the following is not atype of peer-to-peer cyber-crime?

a) MiTM b) Injecting Trojans to a target victim
c) Credit card details leak in the deep web d) Phishing
12. _is the tool used for this purpose.
a) Powersploit b) Aircrack - ng c) Snort d) Nmap
13. Which of the following hacking tools and techniques hackers' do not use for maintaining
access in a system?
a) Rootkits b) Backdoors c) Trojans d) Wireshark
14. Which of them is not a track clearing technique?
a) Altering log files b) Port Scann ing d) Foo@rint
removing

+
Ph:
ee2OO6 5 cipal,
* lndoAmerlcan College,
- 604 Cheyyar- 604 4Ol
 Firewalls can be of ---- kinds'
15 .
c)3 d)4
a) I b)2
16. Which of the following is
not a software'firewall?
Firewall Pro c) Endian Firewall d) LinksYs
a) Windows Firewall b) Outpost
Firewall
17. A firewall protects which
of the following attacks?
of Service (DoS) d) Shoulder
Phishing
a) b) DumPster diving c) Denial
surfing
18. There are tYPes of firewall'
d)2
b)4 c)3
a)5
19. Packet filtering firewalls are deployed on d)
bi switchts c) hubs
a) routers
rePeaters
20. ACL stands for
b) Anti-Control List
a) Access Condition List
d) Access Control List
c) Access Control Logs various details from its
web scripting languages dre used by attackers to fetch
21. What common

c) HrML and Pvthon d) Perl

and JavaScript
;;lilt"nT; b) c++ and HrML
22 is the first phase of ethical hacking'
c) ARP-poisoning d) Enumeration
a) DNS poisoning b) Footprinting
on which of the foilowing services?
23 Enumeration does not dlpend
a) DNS enumeration b) SNMP
enumeration c) NTP enumeration d) HTTPS
enumeration .-- ^^ L-, .,^:^- cN,,Tp ser.
24,i-isusedthattriesforguessingtheusemamesbyusingSMTPServlce.
c) snmp-enum
d) snmp-user-enum
a) smtp-user-enum b) smtp-enum o'n a
finding of or devices
,-----_-----
25. Network enumeration is the
-- cloud'network'
c) network connection d)
storage
uinou, b) servers

+
a i
*
 DEPARTMENT OF COMPUTER SCIENCE
-Larnhr
ACADEMIC YEAR: 2021_2022
PROGRAM NAME: CYBER RISK MANAGEMENT_ CSCRM21
REG. No:LOf q PlT,
I o NAME: V'l P )i1 lA l:ini
YEAR/SEM: I DArE: ZO I '9
lV )'t-.a

security protects criminals B. Cyber security protects internet-connected

6bybe,
c. cyber security protects hackers ' "
D. None of the mentioned
2. Which of the following is a type of cyber'security?
(QCloud Security;4 B. Netrvork Security. C. Application Security D. All of the
above
3.which of the following is an objective of nerwork security?
A. confidentiality B.Integrity
{9 Availability { D. All of the above
4. Which of the following is not a cybercrime?
A. Denial of Service B. Man in the Middle C. Malware
5. Which of the following is a component of cybef security?
paes
A. Internet Of Things B. AI C. Database ! r' Attacks
6. Which of the fo llowing is a type of cyber attack?
@Yhitting B. SQL Injections C. Password Attack
above @"uor*e<f
7 ' In which year has hacking become a practical crime and a matter of concern
in the field of
cyber technology?

8.
A. 1991 B. 1983
Which of the fo llowing:ct violates clber security?
g.rrrd D.1964

A. Exploit C. Threat
@ttackr,/ D. Vulnerability

9. which of the following is not a type of peer-to-peer cyber-crime?

A. MiTM
'
B. Injecting Trojans to atargetvictim
/\
$Credit card details leak in the deep web r D. Phishing
10. Which of the following hacking tools and techniques hackers' do not use for maintaining
access in a system?
A. Rootkits B. Backdoors
I l. Which of them is not a track clearing technique?
C. Trojans
ffi,n*r,.
A. Altering log files B. Tunnelling
removing
@eort Scanning D. Footprint

12. Firewalls can be of

_ kinds.
A. I 8.2 D,4

*
'u!
(5 sootrde
.rfd i {
PrinciPal,
I ndo-Arire rica
n Coll eEle"
,U7
CtreYyar - 604 4Al
13. Which of the following is not a software firewall?
A. Windows Firewall B. Outpost Firewall Pro y(@e"Oian Firewall D. Linksys
Firewall
14. A firewall protects which of the following attacks? ' ./
A. Phishing B. Dumpster diving of Service (DoSy'D. Shoulder
@eniat
surfing
i5. There are types of firewall.
A.5 @- c.3 D.2
1 6. Packet filteringffialls are deployed on
I
@. routers
V B. switches C. hubs D
repeaters
17. What common web scripting languages are used by attackers to fetch various details from its
strfing useis?
A. Tcl and C# B. C++ and HTML C. HTML and and JavaScript
18 is the first phase of ethica].hacking.
A. DNS poisoning @nootp.inting \/ C. ARP-poisoning D. Enumeration
19. Enumeration does not depend on which of the following services?
A. DNS enumeration B. SNMP enumeration C. NTP enumeration @K,
enumeration
20. is used that tries for guessing the usernames by using SMTP service.
B. smtp-enum ' C. . snmp-enum D. snmp-user-enum
 DEPARTMENT OF COMPUTER SCIENCE
ACADEMIC YEAR: 2021-2022
PROGRAM NAME: CYBER RISK MANAGEMENT_ CSCRM21
REG" ; 11? ITDD I
NO: LD . NAME, ?aofft'\
YEAR/sEM: E
/g
DArFI: 2A I l) ao z-l

,,/
l. Wly,f?oes cyber security protect?
-.g{CyU.r r."u.ity p.ot"ct. security protects systems
a
".i ^ir*K€Cyber
. C. Cyber security protects hackers D. None of the mentioned
2. Which of the following is a type of cyber security?
A. Cloud Security B. Network Security C. Application Security I of the
above
3. Which of the following is an objective of network security?
A, Confidentiality B.Integrity C. Availability All above-]
4. Which of the following is not a cybercrime?
A.Dentz(of Service B. Man in the Middle C. Malware
./
5. Wh)zl of the following is a component of cyber security?
\ffitemet Of Things B. AI C. Database D. Attacks
6. Which of the following is a type of cyber attack?
A. Phishing B. SQL Injections C. Password Attack of the
above
7. In which year has hacking.become a practical crime and a matter of concern in the field of
'gy?
A 99
8. Which of the.following
983
cyber security?
c.1970 D.1964

A. Exploit ffack C. Threat D. Vulnerability

9. Which of the following is not a type of peer-to-peer cyber-crime?

A B. Injecting Trojans to a target victim

card details leak in the deep web

D. Phishing
10. Which of the following hacking tools and techniques hackers' do not use for
access in a system?
A. Rootkits B. Backdoors
11. Which of them is not a track clearing
A. Altering log files B. Tunnelling Scanning D. Footprint
. removing
12. Firewalls can be of kinds.
A. 1 D.4
t
(o
o
()
tul ft
ft
ft
a.
I f ,Eh-
Principal,
i ndo-American ColleElG
l* Cheyyar'604 4O7
13. Which of the following is not a software firewall?
A. Windows Firewall B. Outpost Firewall Pro firhiunFirewalt{ D. Linksys
Firewall
14. A firewall protects which of the following attack$,r'"
A. Phishing B. Dumpster'divine ffienial of Service (DoS) D. Shoulder
surfing
I 5. There are _ types of
A.5 ./ c.3 D.2
l6.Pacp{frltering firewalls are deployed on _
}/6d.'r.ers B. switches C. hubs D
repeaters
17. What common web scripting languages are used by attackers to fetch from its
surfing users?
A. Tcl andC# B. C++ HTML C. HTML and and JavaScript
18. is the of ethical hacking.
A. DNS poisoning
19. Enumeration does not depend on
A. DNS enumeration B. SNMP

20 is used that tries for guessing the usernames by using SMTP service.
B. smtp-enum C. snmp-enum D. snmp-user-enum
 DEPARTMENT OF COMPUTER SCIENCE
ACADEMIC YEAR: Z,OZL-ZOZZ

PROGRAM NAME: CYBER RISK MANAGEMENT_ CSCRM2I

REG. No: Z o -; lol f l!-o c' J NAME: I ., r"... {yo
,/2
lq
YEARiSEM, ir lfr" DATE: '\ C' I '+ lt
tl
,-

l. W,kat does cyber security protect?

r..u rity protects crim inal s B. Cyber security protects systems
1@!vu.r
*f. Cyber security protects hackers D. None of the
2. Which of the following is a type of cyber qecurity?
A. Cloud Security B. Network Security C. Application Security
@irrofthe
above
3. Which of the following is an objective of network security?
A. Confidentiality B. Integrity C. Availability @) All of the above
4. Which of the following is not a cybercrime?
A. Denial of Service B. Man in the Middle C. Malware
.@ aps
5. Which of the following is a component of cyber security?
A. Internet Of Things B. A.I C. Database D. Attacks
6. Which of the.following is a type of cyber attack?
A. Phishing
above
B. SQL Injections C. Password Attack d,,,*
7 . In which year has hacking become a practical crime and a matter of concern in the field of
.cyber
technology?
A. 1991 .1983 {,,0 D.1964
8. Which of the followin cybersecurity?
A. Exploit Attack C. Threat D. Vulnerability

9. Which of the following is not a type of peer-to-peer cyber-crime?

@frAifVf 21 B. Injecting Trojans to atargetvictim

C. Credit card details leak in the deep web D. Phishing

10. Which of the following hacking tools and techniques hackers' do not use for maintaining
access in a system? //
A. Rootkits B. Backdoors C. ans dwiresta.t
1L Which of them is not a track clearing technique?
A. Altering log files B. Tunnelling Scanning D. Footprint
removing
12. Firewalls can be of kinds.
A. 1 8.2 c.3 X@o
co
I
+
E {
o I
tE ncipal,
I ntlo-American Collegle'

$ CheYYar - 604 4OT

13. Which of the following is not a software firewall?
A. Windows Firewall B. Outpost Firewall Pro C. Endian Firewall
lStiruwt
.Firewall
14. A firewall protects which of the
A. Phishing B. Dumpster diving of Service (DoS) D. Shoulder
surfing
i5. There are _ types of firewall.
A.5 ,@. + c.3 D,2
16.Paclpt filtering firewalls are deployed on _
-r'

@routers
' B. switches C. hubs D
' repeaters
17. What common web scripting languages are used by attackers to fetch various details from its
surfing users? ,/
A. Tcl-andC# B. C++ and HTML C. HTML and Pytho@derl and JavaScript
18.
n. ONS poi*ring @no*printing C. ARP-poisoning D. Enumeration
which of the following services?
19. Enumeration does not depend on
A. DNS enumeration B. SNMP enumeration C. NTP S
enumeration
20. is used that tries for guessing the usernames by using SMTP seruice.
B. smtp-enum C. snmp-enum D. snmp-user-enum
 xne$:ct*&fryr &r$tr *#1 ffierl$ffi#ffi
3t ailf ;{r.nsf or.s?,{}*,.*qc.sr r*il*g6x
$:rxr &r*rn*n$.[3r &S]tr$Bttsd
ti] ?h{
$fqL$\^trAt*L c.i\dd{fq U f1$ $'tEf t
S$T' "d_ \Jx $linre.
J\**.rl}dlt{3$ $3y f*lL_S* r*i$lh 'ffi- {irsrd*
f{ eq sgfrliet*{, {..}ndef, SBstSsn:{&e**{k}or
*",3fiS&rt

FEEDBACK FORM
COURSI ; ",,'.., ,,i. 1t'ir;-[-H CODE cTbe;- t'isn gS c-kv\ Ll
DEPARI\,I[,,.
z
,
: C4uEut ScraltuLt-
DURATIuI,T i ..,;_,,iS
DATE O$- C$i,,i.".[; iON
: 3o
z 2-o-t;LoLl
STUDEN"| i,i, .i;,iil &i REG NO
: I. Ast^rrrnr\ r LoF tq F t5O q I
SIGNATL,i'i;i: .; lf'l-l DATE
.,-o\et 2-\
1. How ;,,ii: i,:sliEiaj Was the cOUfsg is?
./
a/SriorLell'.':r.gice b. Agree c. Moderate
d. Disagree e. strongly Disagree
2. How ttr"iis cur){..{r"se useful for you?
e./st;,,::"-:r.r' Asree b. Agree c. Moderate d. Disagree e. Strongly
Disagree
3. Hov,; it;* ri,*i:lisiicat support hetped.in
this course?
/./
a/ s[; rus.j', A,.r.i'ee b. Agree c. Moderate d. Disagree e. strongly
Disagree
4. How iir t irrstructor teach the course?
a. sir"ri::,ly Agree {Agre" c. Moderate d. Disagree e. strongly
Disagree
5. i{ouv i.i;i",: uofit€nt of the course herped in your
knowredge upgradation?
a. stror;glyAgree {Agree c.Moderate d.Disagree
e. StronglyDisagree
6. Hovu'ii;+ i*structor provide information
about the course?
a' si1:.;1''lyAgree fuAgree .c. Moderate d. Disagree e. stronglyDisagree
7. Hovt;",,.: course help in your career?
g,4rr'c*gly Agree b..Agree c. Moderate d. Disagree e. strongly
Disagree
8. How L; .),{3u rate this overalt programme?
a. Sl,..,r:gly Agree
1," e c. Moderate d. Disagree e. Strongly Disagree
c

i
6 I

pal,
Pri
",+ lndoAmerican Colle$e'
CheYYar - 604 4OZ
 Ir"lc*tp*&trYt& r$rcxn ffi *fr**6m
,?d*a. fu;s:r &q?***r{.r *:rxf {.*gg*
fu rnrsneorfiy,&ffffu tsd tr) T** *ffi *n"f&LL{,$l.di{#t
e-**,.j }tl.Effi srT K \qsllmr
,&.e*,ri?ij{**{r
hy e{}\*{* wffh rB- {},raarx er

S*x**gn *d {.Jmder S*,el}i&dx

.......

{& & t;* (ts) $f e".3d3* *k*{_

FEEDBACK FORM
COURSI ,,riE W;TH CODE c$ Wl rqR
DEPARI,, ;"
nerft. Cs cK {z/
C" sc-ua1c-
DURATi- ,i\.I HoUFTS
3A
'"1 !,*[a+
DATE C;. ;MPLETION iz.<a* 3 - Z-oZ-S
STUDEI]"I ,.\ME & REG NO 'cr-K Y ^rl 2-6fl g(rr-ocS
,
slGNAl"i , wtTHDATE
.-...,,.',.,,
1. Hor. . ,.i,€sti ng was the course is?
g bla
a. i, i. 51y Agree . p/egr""
c. Moderate d. Disagree e. Strongly
Disagree
2. Hor,,' ; course useful for you?
,/
? i' 1ly Agree vAg,"" c. Moderate d, Disagree e. strongly
Disagree
3. Ho, iechnical support helped in this couise?
a.
"rly Agree VAgr"" c. Moderate d. Disagree e. strongly Disagree
!iir
4. Hov .. instructur teach the
course?
/,
&/ t, rrlyAgree b.'Agree c. Moderate Disagree
d. e. Strongly Disagree
5. Hor rontent of the course hetped in your knowtedge
./ upgradation?
a/ 1,. ri1'Agrec b.'Agree c. Moderate d. Disagree
e. Strongry Disagree
5. Hov
' i*structor: provide information about the course? l

.a.S ,ly Agree '{Agr"" c. Moderate d. Disagree e. strongly

Disagree
7. l--lor,, course irelp in your career?
'/ /
d 5i, ;iy Agree b. Agree c. Moderate d.'Disagree e. strongly
Disagree
8. Hov. , ou rate this overall programme?
u. u riy Agreu bAgr"" c. Moderate d. Disagree e. strongly
Disagree

cAl{

5-Pri n
pal,
Z Ph:2220O6 *
I r ndo-America n Collefle,

Cheyyar, 604 4Al

 DEPARTMENT OF COMPUTER SCIENCE
INDO - AMERICAN COLLEGE,
CHEYYAR

Program Name: CYBER RISK MANAGEMENT (CSCRM21)