9 M.Sc. Cyber Forensics and Information Security

LEARNING OUTCOME BASED CURRICULUM FRAMEWORK (LOCF)
M. Sc. CYBER FORENSICS AND INFORMATION SECURITY
UNIVERSITY OF MADRAS
(A State University, Accredited with “A” Grade by NAAC)
CENTRE FOR CYBER FORENSICS AND INFORMATION SECURITY
Chepauk Campus, Chennai – 600 005, India

M. Sc. Cyber Forensics & Information Security
UNIVERSITY OF MADRAS
CENTRE FOR CYBER FORENSICS & INFORMATION SECURITY
Programme M. Sc. CYBER FORENSICS & INFORMATION SECURITY
Duration 2 years
1. To acquire a broader Perspective in the areas of cyber forensics and also

getting a conceptual understanding in the same.
2. To get specializes in the areas of cyber, network and application and

information security in the field and its application.
3. Understanding the procedures of collecting the digital evidence from the

Scene of Crime and knowing the various mechanisms in Analyzing it using
various forensics tools.
4. Building up a strong foundation in the fundamental concepts, psychological

factors of Cyber Crime along with the Investigation of the Cyber Crimes
with various Act related to Indian Law.
Programme 5. Ability to come up with risk assessment and vulnerability assessment for
Outcomes securing the information in an organization.
6. The Different Information Security Framework and Compliance that are

followed in maintaining the effective governance in an organization.
7. Understanding the various Threats like virus worms etc. and also in
analyzing the malware with various Cyber Threat intelligence tools.
8. Learning in integrating the enterprise with the security features and

technically knowing in configuration of various devices for enhancing the
security.
9. Identify, choose, and apply proper techniques, resources, and protocols to

handle attacks in various sectors.
10. Design and develop secure architecture for an organization
Page 2 of 90
1. Analyze and resolve security issues in networks and computer systems to

secure an IT infrastructure.
2. Develop an intensive perception on the theoretical and practical concepts
related to cyber forensics and information Security.
3. Approach with various tools, techniques and models to implement the
security features.
4. Understand and develop the security policies and procedures for an effective
Programme
Specific Outcomes governance in minimizing the occurrence of risk and also to improve the
policy structure in various organization ranging from small scale to
international cooperates.
5. Work as an investigator in collecting the evidence and malware samples from
the victims and analyzing the Cybercrimes.
6. Obtain field experience in cyber forensics through dissertation, internship and
visits to various other organizations.
Page 3 of 90
List of Courses:
Core/Elective/
Semester Course Code Title of the Course Credits
Soft Skill
Fundamentals to Cyber Crime and Police

I SSS C 201 Core Paper-I 4
Administration
Fundamentals of Hardware, Operating System and
I SSS C 202 Core Paper-II 4
Networking
I SSS C 203 Fundamentals of Information Security Core Paper-III 4
I SSS C 204 Fundamentals of Cyber Forensics Core Paper-IV 4

Practical (Networking and Fundamentals of Cyber
I SSS C 205 Core Paper-V 3
Forensics)
I SSS E 201 Frauds in Baking, Insurance and Telecom Sectors Elective Paper-I 3
I SSS E 202 Cyber Law and IPR Elective Paper-II 3
I UOM S *** Soft Skill Soft Skill -I

Advanced Cyber Forensics (OS, Memory and
II SSS C 206 Core Paper-VI 4
NW Forensics)
Advanced Information Security and Applied
II SSS C 207 Core Paper-VII 4
Cryptology
II SSS C 208 Application and Database Security Core Paper-VIII 4
II SSS C 209 Network Security Core Paper-IX 4
II SSS C 210 Practical- II – (Cyber Forensics) Core Paper-X 3
II SSS E 203 Introduction to data Privacy Elective Paper-III 3

Security & Forensics oriented Python
II SSS E 204 Elective Paper-IV 3
Programming
II UOM S *** Soft Skill Soft Skill -II
Security & Forensics of Email, Social Network &
III SSS C 211 Core Paper-XI 4
Mobile Devices
III SSS C 212 Enterprise Infrastructure Integration and Security Core Paper-XII 4
III SSS C 213 Governance, Risk and Compliance Core Paper-XIII 4
III SSS C 214 Practical (E-Mail & Mobile Forensics) Core Paper-XIV 3
III UOM I 001 Internship Internship 2
III SSS E 205 Embedded System and Security and Forensics Elective Paper-V 3
III SSS E 206 PCI, PoS and ATM Security Elective Paper-VI 3
III UOM S *** Soft Skill Soft Skill -III
Page 4 of 90
IV SSS C 215 Enterprise Incident Response Core Paper-XV 4
IV SSS C 216 Malware Analysis and Cyber Threat Intelligence Core Paper-XVI 4
IV SSS C 217 Vulnerability Assessment and Penetration Testing Core Paper-XVII 4
IV SSS C 218 Practical - IV Core Paper-XVIII 3

IV SSS C 219 Project Core Paper-XIX 4
IV SSS E 207 Business Continuity Planning Elective Paper-VII 3
IV UOM S *** Soft Skill Soft Skill -IV
Page 5 of 90
1. Understand the principle concepts of Cybercrime and Cyber criminology.

2. Illustrating and acquire the knowledge on different forms of Cybercrime.
Course
Outcomes 3. To Obtain an Insight on the psychological factors of the Cybercriminals
4. Outline the various institutions of the criminal justice system and its sub-systems.
5. Analysing the crimes with the sociological and Criminological perspective.
Course Core Paper I

Title of the
Fundamentals to Cyber Crime and Police Administration
Course
Credits 4
Course
Objectives 1. To define the concepts and principles of Criminology
2. To give a brief hierarchy of the criminal justice system and its sub-systems.
3. To know the nature and scope of Contemporary forms of Crime.
4. To possess a good understanding in tools and techniques used by Cyber-Criminals
5. To gain insight in various Criminological and social theories for Cyber Crime.
Units
Principles and Concepts of Cyber Criminology
I Crime, Tort & Misdemeanor - Cyber Space, Cyber Crime & Cyber Criminology- Information
Security - Conventional crimes vs Cyber Crimes.
Contemporary Forms of Crimes
II White Collar Crimes - Economic Offences - Organized Crimes – Terrorism - Crime and Media
and other contemporary forms of crimes.
Psychology of Cyber Criminals
Types of Cyber Criminals - Modus Operandi of Cyber Criminals - Profiling of Cyber Criminals
III
- Tools and Techniques adopted by Cyber Criminals - Psychological theories relating to cyber
criminals.
Criminal Justice System
Cyber Crime – Sociological and Criminological Perspectives - Causes of Cyber Crimes -
IV
Criminological Theories and Cyber Crime - Routine Activity Theory, Social Learning Theory -
Differential Association Theory, Differential Opportunity Theory
Criminal Justice Administration and Cyber Crimes
Police - Organizational structure of Police in India - Different wings in the States and Districts
V
and their functions - Police & Law Enforcement - F.I.R. - Cognizable and non-cognizable
offences - Bail-able and non-Bail-able offences – Arrest – Search – Seizure -Interrogation of
Page 6 of 90
suspects and witnesses - Charge sheet - Cybercrime cells - Structure & investigation of cybercrime
cases.
Judiciary - Different types of courts – Cyber Appellate Court / Tribunals - Powers – Proceedings
in the court before trial, after trial - Plea of guilty - Sentencing.
The Role of N.G.O.s in the Prevention of Cyber Crimes - The Role of Victims of Cyber- Crimes
in the Criminal Justice Administration
Crime Prevention - Crime and sense of security - Social control and crime prevention -
Community and crime prevention - Contemporary crime prevention strategies.
1. Goodman, S., & Soafer, A. (ed.) (2002).The Transnational Dimensions of
cybercrime.Washington: Hoover institution Press.
2. Reyes, A. (2007). Cybercrime investigations bridging the gaps between security
professionals, law enforcement and prosecutors. Rockland, MA: Syngress Pub.
3. Owens, C. L. (1997). Computer crimes and computer related or facilitated crimes. Federal
Bureauof Investigation.
References 4. Walker, C. (1998). Crime, criminal justice and the Internet. London: Sweet & Maxwell.
5. Swanson, Charles, R. (1983). Police administration: Structure, processes and behaviour.
New York: MacMillan Publishing Co., Inc.
6. Diaz, S. M. (1976). New dimensions to the police role and functions in India. Hyderabad:
National Police Academy.
7. Gautam, D. N. (1993). The Indian police: A study in fundamentals. New Delhi: Mittal
Publications.
8. Mathur, K. M. (1994). Indian police: Role and challenges. New Delhi: Gyan
Page 7 of 90
Method of Evaluation:
End Semester
Sessional I Sessional II Total Grade
Examination
20 20 60 100
Mapping with Programme Outcomes:
PO 1 PO 2 PO 3 PO 4 PO 5 PO 6 PO 7 PO 8 PO 9 PO 10
CO 1 S S S S S M M M M M
CO 2 S S S S M M M M L L
CO 3 S S S M S L M M M L
CO 4 S S S S S S S M M M
CO 5 S S S S M S M M M M
CO - Course Outcomes PO - Programme Outcomes S - Strong M - Medium L - Low
Page 8 of 90
1. Acquires a wider knowledge of layered approach in networks with its protocols.

2. Ability to frame out the working of VLAN in switched LAN.
Course
Outcomes 3. Ability to analyze the role of MPLS in Routing.
4. Gains insight about the functioning process of server- client operating system
5. To acquire knowledge about the working of the hardware devices.
Course Core Paper II

Title of the
Fundamentals of Hardware, Operating System and Networking
Course
Credits 4
Course 1. To describe how computer networks are organized with the concept of layered
Objectives
approach.
2. To visualize how routing protocols work.
3. Describe how the CPU processes data and instructions and controls the operation of
all other devices.
4. To provide hardware and software issues in modern distributed systems.
5. To get knowledge in distributed architecture, naming, synchronization, consistency

and replication, fault tolerance, security, and distributed file systems.
Units
Computer Hardware Basics
Basics of Motherboard including CMOS and BIOS - Working of processors and types of
processors - System memory - Introduction to RAM - System storage devices : Types of hard
I disks - FAT, NTFS, RAID etc., Optical drives, Removable storage devices, Tape drives and
backup systems - Common computer ports – Serial – Parallel - USB ports etc. - Different input
systems - Key Board - Mouse etc. - Display arrays – VGA – SVGA – AGP - Additional display
cards - Monitors and their types - Printers and their types.
Operating Systems
Operating system basics: Functions of operating system, Functions of Client Operating System,
II Functions of Server operating system - Introduction to Command line operation - Basics on
files and directories - Details about system files and boot process - Introduction to device
drivers
Computer Principles and a Back Box Model of the PC
III Memory and processor - Address and data buses - Stored program concept - Physical
components of the PC and how they fit together and interact - Basic electrical safety -
Page 9 of 90
Motherboards and the design of the PC - Dismantling and re-building PCs - Power On Self Test
and boot sequence: Architecture of real mode, Interrupts, Start of boot sequence, Power On
Self Test (POST)
Introduction to Networking
What is networking? - Need for computer networks - Network Topologies - Types of networks
- Hardware needed for setting up simple LAN - Wireless networks and inter-connecting LANs
and WAN - Communication media - Network topologies and access methods - IEEE 802 series
standards - Wireless technology: Spread spectrum, WAP and WML - Access points, Service
IV
Set ID (SSID), Authentication methods (OSA, SKA) - Devices used in networking – Hubs –
Switches – Routers - Wireless Access Points etc - Physical connectivity between systems -
Types of Cables: Ethernet, Optical Fiber - Introduction to MAC address - Introduction to IP
address: IPv4, Classes of IP address, Need for subnetting, Basics of IPV6, Introduction to
Unicast, Multicast and Broadcast
Routing
Fundamentals of routing - Link State Routing - Distance Vector Routing – RIP – EIGRP –
V OSPF - Configuring Routers - Understanding the router architecture - Assigning IP address to
the routers - Configuring routing protocols
Packet Switched Connection
VI Types of connections – Circuit switched, Packet switched - Why packet switched is preferred
- Types of protocols and need for protocols - Packet switched Protocols - TCP/ IP
OSI Layers
Interconnecting disparate systems/ networks – issues - Open Systems Interconnect - Seven
layers and their functionality - Introduction to TCP/ IP: Origins of TCP/ IP and evolution of
VII
Internet - IP Layers Vs OSI - IP number concepts - Network address - Classes of Networks -
Subnet masking - Static and dynamic IP numbers – UDP - Establishing a TCP session (Three
way handshake) - Name to address translation - Domain Name System
Enterprise Networking
Configuring Server for enterprise networking - Introduction to Domains and Work groups -
Understanding DNS and configuring DNS - Introduction to ADS (Active Directory Service) -
VIII
File sharing within network - Understanding DHCP - Introduction to Mail Exchange server and
ISA server - Network operating system - Client Server applications - Peer to Peer Applications
- Measuring performance - Monitoring tools.
Page 10 of 90
 Computer Networks (5th Edition), Andrew S.Tanenbaum David J. Wetherall, 2014.

 Network Protocols Handbook (2nd Edition), Javvin Technologies Inc, 2004.
 Comer & Douglas. “Internetworking with TCP/IP, Volume 1: Principles, Protocols and
References Architecture”, 5th Ed., Prentice Hall India (PHI)

 Hassan M, Jain R., “High Performance TCP/IP Networking: Concepts, Issues and
Solution”, Prentice Hall India (PHI)
 PC hardware: a beginner's guide. Osborne/McGraw-Hill.. 5th Ed.,
 “Operating System Concepts”, Avi Silberschatz and Peter Galvin, (7th edition), 2004.
End Semester
Examination
20 20 60 100
CO 1 M M L M S S S S S S
CO 2 L L L M S S S S S S
CO 3 M L M M S S S S S S
CO 4 M M L M S S S S S M
CO 5 L L L S S M M S S S
Page 11 of 90
1. To Enterprise the thinking on information security.

2. Employ the information asset classification in the organization.
Course 3. Handle the risk management process.
Outcomes
4. Identify the assets that need to be protected and to develop physical security in the
organizational premises
5. Observe the system access control and privilege management.
Course Core Paper III

Title of the Fundamentals of Information Security
Course
Credits 4
Course 1. To acknowledge the basic information security concepts.
Objectives
2. To familiarize with the asset classification.
3. To interpret the risk analysis and management process.
4. To critically assess in access control and privilege management.
5. To conceive the knowledge on emerging technologies.
Units
Overview of Information Security
What is Information and why should be protect it? - Information Security: Threats, Frauds,
Thefts, Malicious Hackers, Malicious Code, Denial of Services Attacks, Social Engineering -
I
Vulnerability – Risk: Risk definition, Types Risk – an introduction Business Requirements
Information Security - Definitions Security Policies: Tier1 (Origination Level), Tier2 (Function
Level), Tier3 (Application/Device Level), Procedures, Standards, Guidelines
Information Asset Classification
Why should we classify information? - Information Asset: Owner, Custodian, User -

II Information Classification: Secret, Confidential, Private, Public, Declassification,
Reclassification, Retention and Disposal of Information Assets, Provide Authorization for
Access - Owner Custodian User
Risk Analysis & Risk Management
Risk Analysis Process - Asset Definition - Threat Identification - Determine Probability of

III Occurrence - Determine the Impact of the Threat - Controls Recommended Risk Mitigation -
Control Types – Categories - Cost/Benefit Analysis
.
Page 12 of 90
Access Control
User Identity and Access Management - Account Authorization - Access and Privilege
IV Management System - Network Access Control - Operating Systems Access Controls -
Monitoring Systems Access Controls - Intrusion Detection System Event Logging –
Cryptography
Physical Security
Identify Security Issues to Assets and Protection mechanism: Security aspects – Security of
man, material, Information such as file, Commercial formula & technical information,
Design, sketches, models, cassettes etc., Information security, Computer hardware, software
and liveware security, Computer based financial frauds and computer viruses and worms,
V Current and future danger posing corporate executives. - Perimeter Security - Fire Prevention
and Detection - Safe Disposal of Physical Assets - Security devices: Access Control System –
Identity, screening, movement control, computer security systems; Security alarm systems,
Fire alarm systems – Fire prevention and precautions, protective equipment; Deployment of
Dog squad, Emergency preparedness plan, Security guards – Duties and responsibilities -
Modern Sophisticated equipment’s.
Emerging Technologies
Introduction to Cloud Computing: Concepts - Fundamentals of Cloud Computing - Types

of clouds - Security Design and Architecture - Cloud Computing Service Models - The
Characteristics of Cloud Computing - Multi Tenancy Model - Cloud Security Reference
Model Cloud Computing Deploying Models
Cloud Identity and Access Management: Identity Provisioning – Authentication - Key

Management for Access Control – Authorization - Infrastructure and Virtualization Security -
VI
Hypervisor Architecture Concerns
Internet of Things: Overview of IoT - Key Features of IoT - IoT Architecture - Impact of
IoT on Business - Examples of IoT - Advantages and Disadvantages of IoT - IoT Hardware:
IoT Sensors, Wearable Electronics, Standard Devices - IoT Software - IoT technology and
Protocols - IoT Common Issues - IoT applications Domains - IoT Liability - IoT Security and
Threats: Mitigation
Page 13 of 90
Blockchain & Crypto currency
Blockchain - Introducing Block chain - Public Vs. Private Blockchains - Data storage: What
is a Blockchain - Data Distribution: How is new data communicated? - Consensus: How do
you resolve conflicts? - Write Access: How do you control who can control your data? -
Defence: How do you make it hard for hackers? - Incentives: How do you pay validators?
Crypto currency: Introduction to Cryptography and Crypto currencies - How Bitcoin

Achieves Decentralization - Mechanics of Bitcoin - How to Store and Use Bitcoins - Bitcoin
Mining - Bitcoin and Anonymity - Community, Politics, and Regulation - Alternative Mining
Puzzles - Bitcoin as a Platform - Altcoins and the Crypto currency Ecosystem - Decentralized
Institutions: The Future of Bitcoin?
SCADA Security: Introduction to SCADA: SCADA Systems, Evolution of SCADA

Systems, Objectives of SCADA SYSTEMS, Functions and usage of SCADA, Components of
SCADA - SCADA in Process Control - SCADA in Applications - Real-time monitoring and
control using SCADA - Exploitation of SCADA - Industrial Control System, Controllers and
RISK - ICS Security Architecture - Applying security controls to ICS - Regulatory
Compliance
 CISSP All-in-One Exam Guide by Shon Harris and Fernando Maymi, 7th Edition, McGraw-
Hill Education, 1 June 2016
 Information Security Management handbook, 6th Edition, Harold F Tipton, Micki Krause,
Auerbach Publications, 5 April 2012
References
 The CISSP Prep Guide: Gold Edition by Ronald L. Krutz, Russel Dean Vines, Gold Edition,
Wiley Publication, 31 Oct 2002
 Certified Information Systems Security Professional, Study Guide by Ed Tittel, Mike Chapple,
James Michael Stewart, 6th Edition, Sybex Publication, 06 July 2012 5. ISO/ IEC 27002: 2005,
First Edition
End Semester
Examination
20 20 60 100
Page 14 of 90
CO 2 L L M M S S S S S S
CO 3 M S M M S S S M S S
Page 15 of 90
1. Handle the crime scene and to implement the best practices to find the cybercriminal.
Course 2. Collect and analyses the evidence from various operating systems and network devices.
Outcomes 3. Get the legal context in handling the evidences of cybercrime.
4. Practically know the workflow of the forensics analysis.
5. Understanding various cybercrimes and case studies related to it.
Course Core Paper IV

Title of the
Fundamentals of Cyber Forensics
Course
Credits 3
Course
Objectives 1. To define the concepts and principles of collecting and analyzing the digital evidence.
2. To get an adequate knowledge on the technology and laws needed to do digital forensics.
3. To get the basics understanding of information.
4. To understand the best practices and examination guidelines for handling a crime scene.
5. To know the artifacts of the cybercrimes.
Units
Digital Investigation
Digital Evidence and Computer Crime - History and Terminology of Computer Crime
I
Investigation - Technology and Law - The Investigative Process - Investigative Reconstruction
- Modus Operandi, Motive and Technology - Digital Evidence in the Courtroom.
Understanding information
Methods of storing data: number systems, character codes, record structures, file formats and
file signatures - Word processing and graphic file formats - Structure and Analysis of Optical
II
Media Disk Formats - Recognition of file formats and internal buffers used by the most
common CD and DVD writing applications - Extraction of forensic artifacts with a view to
establishing possible provenance of a CD or DVD
Computer Basics for Digital Investigators
Computer Forensic Fundamentals - Applying Forensic Science to computers - Computer
III
Forensic Services - Benefits of Professional Forensic Methodology - Steps taken by computer
forensic specialists.
Types of Computer Forensics Tools and Technology
Tools and Types of Military Computer Forensics Technology - Tools and Types of Law
IV
Enforcement Computer Forensic Technology - Tools and Types of Business Computer
Forensic Technology
Page 16 of 90
Standards, Guidelines and Best Practices

V Handling the Digital Crime Scene - Digital Evidence Examination Guidelines – ACPO – IOCE
– SWGDE – DFRWS – IACIS – HTCIA - ISO 27037
Operating System Forensics
Windows Systems Forensics: Introduction, NTFS Overview, Forensic Analysis of NTFS and
MFT, Metadata, Artifacts of user activities, Deletion and Destruction, Windows internet and
communication artifacts, BitLocker and Encrypting Files System, RAID and Dynamic Disk -
VI Unix System Forensics: Introduction to UNIX - Boot Process, Forensic Duplication, File
System, User Accounts, System Configuration, Artifacts of user activities, Internet
communication, Cache - Macintosh Systems forensics : Introduction, Imaging and File system,
Property Lists, User Accounts, Applications, System Forensics, User Folders, User Folders:
Media Files, User Folders Application
Digital Evidence collection
Why Collect Evidence? - Collections Options – Obstacles - Types of Evidence - The rules of
VII
Evidence - Volatile Evidence - General Procedure - Collections and Archiving - Methods of
Collection – Artifacts Collection Steps - Controlling Contamination - The Chain of custody.
Electronic Discovery
Introduction to Electronic Discovery - Legal Context - Case management - Identification of
VIII
Electronic Data - Forensic Preservation of Data - Data Processing - Production f electronic data
- Case studies
Network Forensics
Introduction - Overview of Enterprise Network - Overview of protocols - Evidence
IX
preservation on networks - Collecting and interpreting network device configuration - Forensic
examination of network traffic - Network correlation
Building a forensically sound workflow
Choices: tools and approach - Forensic issues within the workflow including repeatability and
X
validity - Managing and preserving evidence - Other examination options - Review other
workflow tools and options and the circumstances in which they are useful.
Page 17 of 90
1. Computer Forensics: Cyber Criminals, Laws and Evidence by Marie-Helen Maras, 1st edition,
Jones and Bartlett Publishers, 1 February 2011
2. Computer Forensics, Computer Crime Scene Investigation by John.R.Vacca, 2nd Edition,
Charles River Media Publication, 15 June 2002
3. Handbook of Digital Forensics by Eoghan Casey, 2010, Elsevier
References 4. NIST guidelines on digital forensic processes
5. Cyber Forensics: A field manual for collecting, Examining, preserving evidence of computer
crimes by Albert Marcella, Jr., Doug Menendez, Second Edition, CRC Press 2007
6. Guide to Computer Forensics and Investigations, Processing Digital Evidence by Bill Nelson,
Amelia Phillips, Christopher Steuart, 4th edition, Delmar Cengage Learning, 28 Oct 2009
7. Digital Forensics for Legal Professionals - Understanding Digital Evidence from the Warrant to
the Courtroom by Larry Daniel, Lars Daniel, 1st edition, Syngress, 14 October 2011
End Semester
Examination
20 20 60 100
CO 1 S S S S S M M M M M
CO 3 S S S M S L M M M L
CO 4 S S S S S S S M M M
CO 5 S S S S M S M M M M
Page 18 of 90
1. Gain experience in utilizing Wireshark tool for packet sniffing and analysis tool.
2. Able to understand and have hands on experience in utilizing open source forensic tools.
3. To gain practical knowledge on Image hiding and recover using Steganography tools,
Metadata analysis using EXIF viewer - Image (jpg) and Video (MP4) and Time analysis
Course
Outcomes using Decode and Time Lord
4. To obtain experience in the process of Digital Forensics through Forensic Imaging using
a Write-blocker, Forensic Duplicator, Mounting Disk Images, Examination with
Autopsy and FTK.
5. Ability to handle the Digital Evidence
Course Core Paper V

Title of the
Practical – I (Networking and Fundamentals of Cyber Forensics)
Course
Credits 4
1. Know about Digital Crime Scene by outlining the range of situations where
Digital Forensics may be applicable
2. Learn how to investigate a Digital Crime Scene
Course
Objectives 3. To Identify the Evidence and evaluation of Digital Evidence
4. To Learn the issue of Data Acquisition and Data Recovery
5. Develop and maintain a precise documentation
Networking Practical:
Configure the Following in CISCO Packet Tracer:
1. Static Routing
2. Routing information protocol (RIP)
3. Interior gateway protocol (IGRP)
4. Enhanced interior gateway routing protocol (EIGRP)
5. Open shortest path first (OSPF)
List of 6. Exterior Gateway Protocol (EGP)
Exercises
7. Border gateway protocol (BGP)
8. Immediate system-to-immediate system (IS-IS)
9. Dynamic Host Configuration Protocol (DHCP)
Forensics Practical:
Digital Forensics:
1. Digital Forensics Process ( Standards and Best Practices )
2. Identification of evidence
i. Photography
Page 19 of 90
ii. Chain of Custody

iii. Documentation
3. Evidence handling principles
4. Forensic Significance of Hashing
i. Integrity of Evidence
ii. Digital Finger print of Evidence
5. Order of volatility
6. Evidence Preservation
7. Forensic Imaging Basics using FTK
i. Imaging
ii. Exporting of Directory listing
iii. Exporting hash list
iv. Finding protected files
v. RAM capture
8. Understanding hexadecimal values
Open-Source Forensic Tools :
1. Image hiding and recover using Steganography tools
2. Metadata analysis using EXIF viewer - Image (jpg) and Video (MP4)
3. Time analysis using Decode and Time Lord
End Semester
Examination
20 20 60 100
CO 1
CO 2
CO 3
CO 4
CO 5
CO - Course Outcomes PO - Programme Outcomes S - Strong M - Medium L – Low
Page 20 of 90
1. Identify the organization vulnerability to fraud and detect the countermeasures to these
occurrences.
2. Improvise the security in IT and Telecom Sectors.
Course
Outcomes 3. Enhance the use of technology and data analytics to mitigate fraud and misconduct risks
4. Evaluate the effectiveness of compliance program.
5. Preserve and create value from corporate governance and compliance programs
6. Acquiring the conceptual idea on frauds happening in the IT and Telecom Sectors.
Course Elective Paper- I

Title of the
Frauds in Banking, Insurance and Telecom Sectors
Course
Credits 3
Course
Objectives 1. To define the concepts and principles of Cyber Criminology
2. To conceptualize the theories in Sociological and Criminological Perspectives.
3. To know the different categories of telecommunication frauds.
4. To familiarize the fraud management system.
5. To know the countermeasures of the IT and Telecommunication frauds.
6. To be aware of the telecom laws.
Units
Introduction to BFSI
Banking: Introduction & Concept - Types of banks: RBI, Commercial, Cooperative, Regional
and Rural, Development banks, Small banks, Payment banks etc - Banking Regulations Act
1949 with specific reference to sec 5(c), - Forms of banking business - Ancillary services like
Trade Finance, Remittances, etc. - Types of deposits and accounts: Demand Deposits and types
- Current account and Savings account - Other savings account – salient features and benefits -
I
Kiddy bank, Daily Deposit Collection, Insurance linked Accounts, Jan Dhan account etc: Term
Deposits and types - Fixed Deposits, Recurring Deposits, Cumulative Deposits & Flexi
Deposits etc. - Loans and Advances: Demand Loan, Term Loan, Over Drafts & cash Credits,
Trade Finance, Bill purchase & Discount - Core Banking Solution – Salient features,
advantages and Risks - E-Banking services like – NEFT, RTGS, IMPS, UPI, USSD, E wallets-
Features and risks - Introduction to ATM Networks and how ATM services are managed
Banking Regulations and Basel Accord
II Need for Banking Regulations - Basel Committee - Basel Capitol Accord (BASEL I) - Salient
features and short comings - Basel II Accord: Three Pillar Concepts, Core Capital &
Page 21 of 90
Supplementary Capital - Risks and categories of risk: Credit Risk, Market Risk, Operational
Risk, Capital Adequacy Risk, Risk Adjusted Asset, Risk Weighted Asset
Frauds in BFSI
Definition of a fraud in banking and financial sector - Categories of fraud: Account related
fraud, Cheque related fraud, Advance related fraud, Alternate channel frauds - Internet Banking
related - Social Engineering, Phishing tactics - Some common frauds with ATMs: Frauds by
III
banking employees, Account related frauds - Input & output manipulation, User rights
escalation methods - Reporting of frauds - Frauds in insurance sector: Policy holder & claims
fraud, Intermediary fraud, Assessment related frauds - IRDA – Introduction, functions and
responsibilities
Money Laundering and Anti Money Laundering
Money laundering Definition: Common factors in money laundering - Stages of money
laundering: Placement, Layering, Structuring, Integration - Money Laundering Reporting
Officer (MLRO): The duties and responsibilities of the - The role of the MLRO, Generating
management information, Common MLRO problems
Recognition, handling and reporting transactions: The legal obligation to report - Designing
an effective internal reporting system - The MLRO’s evaluation process
Post-reporting considerations
Handling the risk of committing the tipping off offence - Constructive trusteeship - Responding
to discovery and enforcement orders - Terminating relationships - Subsequent client review
IV techniques - Secure record retention - Dealing with the authorities - Customer Due Diligence
and Risk Profiling - Understanding anti-money laundering tools and strategies in Banks
Security Controls typically available and Case studies
Log of User activities in the application - Logging exceptional events - Audit tools to analyze
data for exceptions - Change management procedures - Internal data consistency checks
Anti-money laundering and legal frameworks
International and regional bodies - International initiatives - Terrorist financing - The US Patriot
Act - The UK Model – The Jersey Strategy on Terrorist funding and money laundering -
National anti money laundering frameworks - PMLA 2002- Objectives and salient features -
Financial Intelligence Unit India (FIU-IND) - Financial Action task Force (FATF) -
Enforcement Directorate - Serious Fraud Investigation Office (SFIO) - KYC
V Introduction to Telecommunication Technologies
Page 22 of 90
Telecommunication Technologies and architecture referred - Analog & Digital Networks,

GSM, CDMA, GPRS, PBX, NGN Networks - 2G, 3G & 4G, VoLTE - Important terminologies
- IMEI, Ki, IMSI, TMSI, PIN, PUK, LAI, SIM etc
Telecommunication Fraud
Organizational or Non-Technical Fraud (involving Administration services, processes)
People Driven - Insider Fraud, Call-sell Fraud, Facilitation Fraud, Creeping Fraud, Chaining
Fraud, Calling-Card Fraud, Phantom Account, Partnership Fraud, Identity theft, Eavesdropping
etc.
Product/ Process driven – Ghosting, Abuse of test or emergency lines or accounts,
Unauthorized Feature/Service Activation, Accounting - Dealer or Reseller Fraud, Subscription
VI Fraud - Roaming Subscription Fraud - Premium-Rate Services Fraud
Technical frauds (involving Network Systems, Billing Systems): Physical attacks on networks,
PBX Hacking, Line Tapping, Clip-on Fraud, War Dialing, Threat of SS7 attacks, TDOS -
Handset Fraud, Subscription Fraud, Premium rate fraud, PBX/DISA fraud, Calling-Card Theft,
Toll Fraud (call theft), Content and Value-Added Services (VAS) Fraud - Roaming
Subscription Fraud, Cloning, Tumbling, Voice-mail Hacking, Ghosting, IMEI Duplication,
SIM Stuffing, Vishing
Controls & Fraud Management

Controls & Security Policy - Managing the Risks - Awareness Training - Controlling Physical Access
& Logical Access - Fraud Detection and Prevention - Telecom Laws – Domestic and International -
VII Data mining applied to Fraud Detection and Prevention - Data Warehouse Data Modeling - Fraud
Training, Fraud Awareness - Profiling a Fraud & Identifying the Fraudster - Fraud Management System
- Architecture & solution - Illustrative Cases
1. Gaur, K. D. (1987). Taxation, black money and the law. New Delhi: Deep & Deep
Publications.
2. Insurance Act, 1938.
3. Pitchandi N., &Sivamurthy A. (eds.). Prevention and detection of crimes in banks.
Madras: Institute of Criminological Research, Education & Services.
References
4. Reserve Bank of India (2009). Fraud risk management systems in banks – Role of
Chairman/Chief Executive Officers.
5. Reserve Bank of India (2011). Frauds: Classification and reporting. RBI/2011-12/74,
dated July 01, 2011.
6. Reserve Bank of India (2013). Master circular: Know Your Customer (KYC) norms/
Anti-Money Laundering (AML) Standards/Combating of financing of terrorism
Page 23 of 90
(CFT)/Obligation of banks under PMLA, 2002. RBI/2013 14/94, DBOD.

AML.BC.No.24/14.01.001/2013–14, dated July 01, 2013.
7. Roberds, W. (1998).The impact of fraud on new methods of retail payment.Federal
Reserve Bank of Atlanta.Econmic Review.
8. Srinivasan, M. (2014).Extent and modus operandi of bank frauds: Role of the police in
handling bank frauds in the state of Tamil Nadu.(Unpublished report) submitted to the
Bureau of Police Research and Development (BPR&D), New Delhi.
End Semester
Examination
20 20 60 100
CO 1 L M L M S S S S S S
CO 2 L L M M S S S S S S
CO 3 M S M S S S S M S S
CO 4 M M L M S S S S M M
CO 5 L L L S S M S S S S
Page 24 of 90
1. Conduct Cyber Investigation that is admissible by the Courtroom.

2. Have a clear idea on International Law and Regulation of Cyberspace
Course
Outcomes 3. Know the necessity of protection and concept of Intellectual Property Rights.
4. Familiar with Copyright act and recent amendments.
5. Know the Industrial Designs in terms of Security.
Course Elective Paper II

Title of the
Cyber Laws and IPR
Course
Credits 3
Course 1. To identify the provisions relating to E-Governance and E- Commerce.
Objectives
2. To critically assess legal issues relating to courtroom practices.
3. To familiar with the laws dealing with the cyber crimes.
4. To brief the salient features of Patents and Trade Mark.
5. To discuss International Law and Regulation of Cyberspace.
Units
Fundamentals of Cyber Law
Introduction on cyber space - Jurisprudence of Cyber Law - Scope of Cyber Law - Cyber law
I
in India with special reference to Information Technology Act, 2000 (as amended) and
Information Technology Act, 2008.
E- Governance and E – Commerce
Electronic Governance - Procedures in India - Essentials & System of Digital Signatures - The
II
Role and Function of Certifying Authorities - Digital contracts - UNCITRAL Model law on
Electronic Commerce - Cryptography – Encryption and decryption
Cyber Crimes Investigation
III Investigation related issues - Issues relating to Jurisdiction - Relevant provisions under
Information Technology Act, Evidence Act - Indian Penal Code - Cyber forensics - Case studies
Trademark, IPR and Patent laws
Definitions and concepts
Trademark: Introduction to Trademarks, Functions and types of Trademarks, Madrid

IV
Agreements, Trademarks Law Treaty (Geneva), Indian Trademark Act, Registration of
Trademarks, Rights conferred by Registration of Trademarks, Infringement of Registered
Trademark, Defenses, Trademarks dilution, International Applications and Case Studies
Page 25 of 90
Copyright: Basics - Copyright Law - Terms of Copyright - Registration of Copyrights -

Transfer of Ownership of Copyright – Infringement: Liability, Exemptions, Defenses, Case
Studies, Copyrights Laws in India
Intellectual Property Rights: Concept of IPR - Global Scenario with Case Laws - IPR
infringements - Secrecy and Confidentiality in IPR - Civil and Criminal liabilities in IPR -
International Applications and its advantages - Important international conventions and
Treaties: Paris Industrial Property, Berne convention literary and artistic work, WIPO copyright
Treaty, ROME Convention for protection of Performers, producers and broadcasting
organization, PRIPS Agreement on Trade related aspects of IPR, Brussels satellite convention
- IPR and Criminal Jurisprudence
Patent Law: Basics - Conditions of Patentability - WIPO Patent Co-operation Treaty - Geneva
convention on Patent Law - Software and Business Method Patents - Indian Patent Act -
Infringement - Defenses
1. Raman Mittal.(2004).Legal Dimension on Cyber Space, Indian Law Institute, New
Delhi
2. Anupa P Kumar.(2009).Cyber Law,Volume 1.Create space Independent Publishers
3. Vakul Sharma.(2017).Information Technology -Law and Practice.5th Edition,
Universal Law Publishing, NewDelhi
4. Laws on Cyber Crime: P.K.Singh (2007), Book Enclave Jaipur, Page 131
5. Dr. Gupta & Agrawal.(2016). Cyber Laws. Premier Publishing Company
6. Seth Kamika.(2013).Computers Internet and New Technology Law
References 7. Cyber law by Nandan kamath, Fifth Edition, Universal law Publication, 01 Jan 2012
8. Intellectual property by Robert P Merges, 3rd Edition, Aspen Publication, 2003
9. Computers , Technology and the new internet laws by Karnika Seth, Updated
Edition, Lexis nexis Publication, 01 Jan 2013
10. Legal dimensions of cyber space by S.K.Verma, Volume 1, Ashgate Publication, 01
Jan 2001
11. Law relating to patents, trademarks, copyright, design and geographical indications
by Dr. B.L. Wadehra, 5th edition, Universal law Publication, 2012
12. Law of Intellectual Property by Dr. S.R. Myneni, 6th Edition, Asia Law House
Publication, 01 Jan 2013
Page 26 of 90
13. International Property by David I. Bainbridge, 9th Edition, Pearson Education

Publication, 24 May 2012
14. Intellectual Property, Patents, Copyright, trademarks and allied rights by W.R.
Cornish, D Llewelyn, 6th Edition, sweet and Maxwell Publication, 18 June 2007
End Semester
Examination
20 20 60 100
CO 1 S S S S S S S M M L
CO 2 S S S S S S S S M L
CO 3 S S S S S M M M L L
CO 5 S S S S S M M L L L
Page 27 of 90
1. Recognize various AI domains and identify problem solving techniques to

apply them in real time applications.
2. Analyze and formalize the problem as a state space, graph, design heuristics
and select amongst different search or game-based techniques to solve them.
Course Outcomes 3. Represent Knowledge in propositional calculus and Predicate calculus.
4. Demonstrate working knowledge of reasoning in the presence of incomplete
and/or uncertain information.
5. Get wide exposure about strong and weak slot & fillers available.
6. Gain an in-depth understanding of the computational properties of natural
languages and the techniques for processing linguistic information.
Course Soft skill I
Title of the Course Artificial Intelligence
Credits 2
1. Acquires idea on intelligent systems and agents.

2. Ability to formalize knowledge on Artificial intelligence
Course Objectives 3. Capable of reasoning with and without uncertainty

4. Understand machine learning and applications at a basic level
5. Stability to perform problem solving, reasoning, planning, natural language
understanding, computer vision, automatic programming, machine learning.
Units
Unit 1 Introduction to AI and intelligent agents, Problem Solving : Solving Problems by

Searching, heuristic search techniques, constraint satisfaction problems, stochastic
search methods, Game Playing : minimax, alpha-beta pruning.
Unit 2 Knowledge and Reasoning : Building a Knowledge Base : Propositional logic, first
order logic, situation calculus. Theorem Proving in First Order Logic, Planning, partial
order planning, Uncertain Knowledge and Reasoning, Probabilities, Bayesian
Networks.
Unit 3 Overview of different forms of learning, Learning Decision Trees, Neural Networks,
Introduction to Natural Language Processing.
References 1. Deepak Khemani. A First Course in Artificial Intelligence, McGraw Hill Education
(India), 2013.
Page 28 of 90
End Semester
Examination
20 20 60 100
Page 29 of 90
1. Diagnose and investigate the cybercrimes in various domains.

2. Extract the evidence from volatile and non-volatile memory.
Course 3. Ability to Analyze the network logs.
Outcomes
4. Ability to Examine and analyze the data from cloud environment.
5. Ability to Image the files from virtual machines. Gain an insight to familiarize the
Psychology of offenders and witnesses.
Course Core Paper VI

Title of the
Advanced Cyber Forensics
Course
Credits 4
Course 1. To brief the concept of forensics in various domain.
Objectives
2. To give an advanced knowledge on evidence collection and analysis.
3. To analyze the network protocols using various network forensic tools.
4. To illustrate the concept of memory forensics.
5. To conceptualize principles in collecting the digital evidence from Cloud and virtual
machines.
Units
Windows Forensics
Volatile Data Collection - Memory Dump - System Time - Logged On Users - Open Files -
Network Information (Cached NetBIOS Name Table) - Network Connections - Process
Information - Process-to-Port Mapping - Process Memory - Network Status - Clipboard
Contents - Service / Driver Information - Command History - Mapped Drives – Shares - Non-
I Volatile Data Collection: Disk Imaging (External Storage such as USB and Native Hard Disk),
Registry Dump, Event Logs, Devices and Other Information, Files Extraction, Write-Blocking
port - Registry Analysis - Browser Usage - Hibernation File Analysis - Crash Dump Analysis
- File System Analysis - File Metadata and Timestamp Analysis - Event Viewer Log Analysis
- Timeline Creation
Linux Forensics
Volatile Data Collection: Date and time information, Operating system version, Network
interfaces, Network connections, Open ports, Programs associated with various ports, Open
II Files, Running Processes, Routing Tables, Mounted file systems, Loaded kernel modules,
Users past and present - Non-Volatile Data Collection: Disk Imaging(External Storage such as
USB and Native Hard Disk) - Getting Log Files - Collecting File Hashes - Getting File Metadata
- User Command History - Hardware and Software Write Blocking(udev rules) - Mouting
Page 30 of 90
Images: MBR Partitions, Extended Partitions, GUID Partitions- File System Analysis - Files
Metadata and Timestamp Analysis - Log Analysis - Timeline Creation
Mac Forensics
Understanding Macintosh and HFS File System Architecture - Macintosh GPT Structure -
III Imaging a Mac - Directory Structure – Finding Evidences - Safari and other browser artefacts
analysis - iChat and Apple Mail analysis
Network Forensics
Understanding Protocols with Wireshark: TCP, UDP, HTTP(S), SSH, Telnet, SMTP, POP /
IV POP3, IMAP, FTP, SFTP, ARP - Packet Capture using Wireshark, tshark and TCP dump -
Packet Filtering - Extraction of Data from PCAP file - Netflow vs Wireshark - Analysis of logs:
CISCO logs, Apache Logs, IIS Logs, Other System Logs
Memory Forensics
History of Memory Forensics - x86/x64 architecture - Data structures - Volatility Framework
& plug-in - Memory acquisition - File Formats – PE/ELF/Mach-O - Processes and process
injection - Windows registry - Command execution and User activity - Networking; sockets,
V
DNS and Internet history - File system artefacts including $MFT, shell bags, paged memory
and advanced registry artefacts - Related tools – Bulk Extractor and YARA - Time lining
memory - Recovering and tracking user activity - Recovering attacker activity from memory -
Advanced Actor Intrusions
Virtual Machine Forensics
Types of Hypervisors - Hypervisor Files and Formats - Use and Implementation of Virtual Machines in
Forensic Analysis - Use of VMware to establish working version of suspect's machine - Networking
VI and virtual networks within Virtual Machine - Forensic Analysis of a Virtual Machine: Imaging of a
VM, Identification and Extraction of supporting VM files in the host system, VM Snapshots, Mounting
Image, Searching for evidence
Cloud Forensics
Introduction to Cloud computing - Challenges faced by Law enforcement and government
agencies - Cloud Storage Forensic Framework - Evidence Source Identification and
preservation in the cloud storage - Collection of Evidence from cloud storage services -
VII Examination and analysis of collected data: Cloud Storage Forensic Analysis, Evidence Source
Identification and Preservation, Collection of evidence from cloud storage devices,
Examination and analysis of collected data - Drop box analysis: Data remnants on user
machines, Evidence source identification and analysis - Collection of evidence from cloud
storage services, Examination and analysis of collected data - Google Drive: Forensic analysis
Page 31 of 90
of Cloud storage and data remnants, Evidence source identification and analysis - Collection of
evidence from cloud storage services, Examination and analysis of collected data – Issues in
cloud forensics - Case Studies.
 Windows Registry analysis by Harlan Carvey,2010
 Network Forensics by Ric Messier, 2017
 ShaguftaRajguru, AayushPathak, Danish K. Chaus, Akshay J. Boramani“Design of Tool for
Digital Forensics in Virtual Environment” International Journal of Computer Applications
,Volume 163 – No.4,April-2017
 Computer Forensics: Investigating File and Operating Systems, Wireless Networks, and Storage
(CHFI), 2nd Edition (Computer Hacking Forensic Investigator), EC-Council.
 Alomirah, N. (2016). Forensics Analysis of Residual Artefacts Acquired During Normal and
Private Web Browsing Sessions (Doctoral dissertation, Auckland University of Technology).
 EC-Council. (2009). Computer Forensics: Investigating Network Intrusions and Cyber Crime:
Cengage Learning.
 Girard, J. E. (2013). Criminalistics: Forensic Science, Crime, and Terrorism: Jones & Bartlett
References
Learning, LLC.
 Gogolin, G. (2012). Digital Forensics Explained: CRC Press
 Practical Windows Forensics Kindle, Ayman Shaaban, Konstantin Sapronov, PACKT Publishing.
 Ligh, M. H., Case, A., Levy, J., & Walters, A. (2014). The art of memory forensics: detecting
malware and threats in windows, linux, and Mac memory. John Wiley & Sons
 Alam, N. (2009). Survey on hypervisors. Indiana University, Bloomington, School of Informatics
and Computing.
 Khangar, S. V., Nagpur, E., & Dharaskar, R. V. (2012). Digital Forensic Investigation for Virtual
Machines. International Journal of Modeling and Optimization, 2(6), 663.
 Riaz, H., & Tahir, M. A. (2018, March). Analysis of VMware virtual machine in forensics and
anti-forensics paradigm. In 2018 6th International Symposium on Digital Forensic and Security
(ISDFS) (pp. 1-6). IEEE
 Cloud Storage Forensics 1st Edition, by Darren Quick, Ben Martini, and Raymond Choo.
Page 32 of 90
End Semester
Examination
20 20 60 100
CO 1 S S S M L L M M M M
CO 2 S S S M M M M L L L
CO 3 S S S S M M M L M S
CO 4 M M M L S S S S M M
CO 5 S S S S M M M L L L
Page 33 of 90
1. Develop an idea on information security.

2. Critically assess the network security.
3. Conceptualize IP Security in network layer.
Course
Outcomes 4. Evaluate the security attacks.
5. Identify the assets that need to be protected and to develop physical security
in the organizational premises
6. Monitor the system access control and privilege management.
Course Core Paper VII

Title of the
Advanced Information Security and Applied Cryptology
Course
Credits 4
Course 1. To list the basic information security concepts.
Objectives
2. To familiarize with the asset classification.
3. To interpret the risk analysis and management process.
4. To equip the knowledge on different authentication protocols.
5. To learn the security techniques used in cryptography.
Units
Fundamentals of Information Security Compliance and Standards
COSO – Overview, Objective, Requirements and Target Domains or Industries, COBIT–
Overview, Objective, Requirements and Target Domains or Industries, ITIL– Overview,
Objective, Requirements and Target Domains or Industries, ISO 27001– Overview, Objective,
Requirements and Target Domains or Industries, ISO 22301– Overview, Objective,
I
Requirements and Target Domains or Industries, PCIDSS– Overview, Objective, Requirements
and Target Domains or Industries, HIPAA– Overview, Objective, Requirements and Target
Domains or Industries, HITRUST– Overview, Objective, Requirements and Target Domains
or Industries, SOCR (ISAE and SSAE)– Overview, Objective, Requirements and Target
Domains or Industries, Other Standards and their objectives (NIST etc.)
Information Security Auditing and Auditing Methodology
Introduction to Auditing Terminologies (Population, Evidence, Sampling , SLA etc) - Lifecycle
of an Audit - Legal and Contractual Obligations, Liabilities and Accountability of involved
II
parties - Control Objectives and Controls - Validating and Verifying Population- Sampling
Methodology - Evidence Validation Methodology – Completeness and Accuracy - Analysing
Observations and provision of weightage - Communication of the findings and Reporting
III System Development Life Cycle
Page 34 of 90
SDLC concepts - Different SDLC and cost estimation models - Testing: types, methods and
issues - Program coding and security to be built into system - Software maintenance and change
control processes - Configuration management - Software Capability Maturity model (CMM)
Applied Cryptology
Classical Encryption Techniques : Substitution Techniques, Transposition Techniques,
Steganography, Permutation Methods - Confidentiality using conventional encryption -
Placement of Encryption - Traffic Confidentiality - Random Number Generation - Certificate
Authority - Key Management (Transfer, Verification, Usage, Updation, Storage, Backup and
IV Destruction of Keys): Generating Keys, Key Distribution, Key Lifetime, Compromise of a Key
Scenario - Nonlinear Key spaces - Public-Key Management - Criminal Code Systems Analysis
- Sports Bookmaking Codes - Horse Race Bookmaking Codes - Other Application of
Cryptography: Code Signing, Authentication and Authorisation of a Personnel / Device and
Two Factor Authentication,SSL
Digital Rights Management

Meaning of Digital Rights Management (DRM) - Need for DRM and preventing illegal file
V sharing on the Internet - DRM schemes - Microsoft DRM 2.0 - Content Scrambling System -
Requirements for a good DRM scheme - Secure hardware, secure software, and an efficient
legal system - Reasons why DRM schemes have been unsuccessful
 Catherine A.Lemmer, Carla P.Wale, “Digital Rights Management: The Librarian guide”, 2016.
 Joan Van Tassel, “Digital Rights Management: Protecting and Monetizing Content”, 2006
 The World Beyond Digital Rights Management by Jude Umeh, 1st edition, BCS - The
Chartered Institute for IT, 2009
 Ertem Osmanoglu, “Identity and Access Management: Business Performance Through
Connected Intelligence” 1st Edition, 2013.
 Sidnie Feit, “TCP/IP: Architecture, Protocols, and Implementation with IPv6 and IP Security”,
References McGraw-Hill; Subsequent edition, 1996.
 Naganand Doraswamy, Dan Harkins, “The new Security standard for Internet, Intranet and
Virtual Private Network”, Second Edition, 2012.
 Network Protocols Handbook (2nd Edition), Javvin Technologies Inc, 2004.
 Cryptography and Network Security: Principles and Practice (6th Edition), William Stallings,
Prentice Hall Press, 2013.
 CompTIASecurity+ Guide to Network Security Fundamentals (6th Edition), Mark Ciampa,
CENGAGE, 2017.
 Network Security Assessment (2nd Edition), Chris McNab, O’REILLY, 2008.
Page 35 of 90
 Official (ISC)2 Guide to the CISSP CBK by Adam Gordon, Fourth Edition, (ISC)2 Press, 23
April 2015
End Semester
Examination
20 20 60 100
CO 1 M M M L L S S S S S
CO 2 L L L M S S M S S S
CO 3 L L M L M S S M S S
CO 4 L L L M M M S S S S
Page 36 of 90
1. Understand the functionalities of an operating system and its processes

2. How to perform mobile application penetration testing.
Course
Outcomes 3. Performing the mitigation techniques in web application security.
4. To obtain an insight on various models in database security.
5. Analyzing the data threats risks and vulnerabilities.
Course Core Paper VIII

Title of the
Application and Database Security
Course
Credits 4
Course 1. To define the fundamentals of database security
Objectives
2. To Explain the concept of database security lifecycle and operating system security
3. To possess a good understanding in SQL and Oracle.
4. To know the nature of architecture of Data warehouse applications.
5. To have an overview of web application security and mobile security
Units
Fundamentals of Databases
What is a Database? - DBMS - Purpose of DB and Users of DB - Components of DB -
Concepts of RDBMS - Basic SET Concepts (SET, Subset) - Set of Ordered Tuples - Relations
I
as a DB (Concepts of PK, FK, Surrogate Keys, Composite Keys, Candidate Keys)- Relational
DB Operators (Cartesian Product, Union, Intersect, Difference) - Relational DB Normal Forms
(1NF, 2NF, 3NF) - E-R Model.
Database Security Lifecycle
Concept of DB Security Lifecycle - Creating Data Risk Assessment - Analyzing data threats,
II risks & vulnerabilities - Need for database security architecture - Implementing feedback
mechanisms - Adjusting policies & practices based on feedback mechanisms using different
security models
Database Security
Models: Access Matrix Models, Objects & Subjects, Types of Objects & Subjects, Access
III Modes (Static & Dynamic),Access Levels - Issues in Database Security - Database Access
Control - Security Logs and Audit Trails – Encryption - SQL Data Control Language - Security
in Oracle - Statistical Database Security - SQL Injection - Database Security and the Internet
Application Types
IV Client/Server Applications - Components of Client/Server Applications (Logical & Physical
Architecture) - Web Applications: About Web Applications, Technologies used to create Web
Page 37 of 90
Applications, Components of Web Application Architecture - Data Warehouse Applications:

About DW Applications, Uses, Physical & Logical Architecture - Management Information
Systems
Web application security
Introduction to web application: Primer, OWASP Top 10 vulnerabilities, Mitigation
techniques - Security Fundamentals: Input Validation, Blacklist Validation, Defense in depth
approach, Attack surface reduction, Classifying and prioritizing threats: STRIDE – IIMF –
CIA – CVE – DREAD – CVSS - Web Application Security Principles: Authentication,
Authorization, Browser security principles - Database security principles - File security
V
principles - Secure Development and Deployment - Mobile Platforms: Top issues facing
mobile devices, Secure Mobile application development, Android security, iOS Security,
Windows, Blackberry & Java Mobile Security, Symbian OS security, Web OS security,
WAP and mobile HTML Security, Blue tooth security, SMS Security, Mobile Geo location,
Enterprise Security on Mobile OS, Mobile Malwares, Mobile application penetration test,
Encryption and authentications
Operating System and Security
Overview of operating systems - Functionalities and characteristics of OS - Concept of a
process: Operations on processes, Process states, Concurrent processes, Process control block,
Process context, Interrupt processing - Operating system organization - Job and processor
scheduling - Scheduling algorithms - Process hierarchies - Problems of Concurrent Processes -
Critical Sections - Mutual exclusion Synchronization – Deadlock -Inter-process
VI
Communication (IPC) - Message Passing - Direct and Indirect - Deadlock: prevention,
detection, avoidance - Memory organization and management - Virtual memory concepts,
paging and segmentation - File organization and directory structure - Operating System and
Security - Security breaches - Types of attacks - Attack prevention methods - Access control
lists - Support for Internet and General network security.
1. Garcia-Molina, H. (2008). Database Systems: The Complete Book. India: Pearson Education.
2. Taylor, A. G. (2000). Database Development For Dummies. United Kingdom: Wiley.
3. Zgola, M., Basta, A. (2011). Database Security. United States: Cengage Learning.
References
4. Castano, S., Fugini, M. G., Martella, G. (1995). Database Security. United Kingdom: ACM
Press.
5. Thuraisingham, B. (2005). Database and Applications Security: Integrating Information
Security and Data Management. United Kingdom: CRC Press.
Page 38 of 90
6. Hoffman, A. (2020). Web Application Security: Exploitation and Countermeasures for

Modern Web Applications. (n.p.): O'Reilly Media.
7. Stuttard, D., Pinto, M. (2011). The Web Application Hacker's Handbook: Discovering and
Exploiting Security Flaws. Germany: Wiley.
8. Andress, J. (2014). The Basics of Information Security: Understanding the Fundamentals of
InfoSec in Theory and Practice. Netherlands: Elsevier Science.
9. Mobile Security and Privacy: Advances, Challenges and Future Research Directions. (2016).
United States: Elsevier Science.
10. Meghanathan, N. (2010). Recent Trends in Network Security and Applications: Third
International Conference, CNSA 2010, Chennai, India, July 23-25, 2010 Proceedings.
Germany: Springer.
End Semester
Examination
20 20 60 100
CO 3 L L M L M S S S M S
CO 4 L L L M M M S S S M
Page 39 of 90
1. Ability to identify the security issues in the network and resolve it.
2. Analyze the vulnerabilities in any computer system and able to design security solution.
3. Acquire the knowledge of advanced security issues and technologies
Course
Outcomes 4. Demonstrate various network security applications, IPsec, Firewall, IDS, Web Security,
Email Security and Malicious software etc.,
5. Evaluate security mechanism using rigorous approaches by key ciphers and Hash
functions.
Course Core Paper IX

Title of the
Network Security
Course
Credits 3
Course 1. To gain knowledge about various authentication and real-world protocols of a network
Objectives
2. To know the Different types of network layer attacks to protect against the threat in
the network.
3. To ensure the Network Security using Virtual Private Network
4. To handle the issues in large-scale Application using RFID Security
5. To maintain the pillars of network security – CIA triangle
Units
Introduction to Network Security
Networking Devices (Layer1,2,3) - Different types of network layer attacks - Firewall (ACL,
I
Packet Filtering, DMZ, Alerts and Audit Trials) - IDS, IPS and its types (Signature based,
Anomaly based, Policy based, Honeypot based).
Common Authentication Protocols
Authentication concepts - Various authentication protocols: Password Authentication Protocol
II (PAP), Challenge Handshake Authentication Protocol, MS Chap - Extensible Authentication

Protocols, Remote Access with RADIUS and TACACS, Single Sign on, Kerberos, SEASAME,
Authentication in Wireless networks
Real World Protocols

Introduction to IPsec - IPsec building blocks - Security Associations (SAs) - Security
III Parameter Index (SPI) - IPsec Architecture - IPsec Protocols: Authentication Header (AH),
Encapsulation Security Payload (ESP) - Tunnelling and Transport Mode - Internet Key
Exchange (IKE) – ISAKMP - TLS and SSL
IV Virtual Private Networks
Page 40 of 90
VPN and its types - Tunnelling Protocols - Tunnel and Transport Mode - Generic Routing
Encapsulation (GRE)
MPLS and MPLS VPN
V WAN Topologies - Standard IP based Switching - CEF based Multi-Layer switching - MPLS
Characteristics - Frame Mode MPLS Operation - MPLS VPN.
Securing Wireless Networks
Overview of Wireless security - Scanning and Enumerating 802.11 Networks - Attacking
VI 802.11 Networks - Attacking WPA protected 802.11 Networks – Bluetooth - Scanning and
Reconnaissance - Bluetooth Eavesdropping - Attacking and Exploiting - Bluetooth and Zigbee
Security - Zigbee Attacks
Ad-hoc Network Security
Security in Ad Hoc Wireless Networks - Network Security Requirements - Issues and
VII
Challenges in Security Provisioning Network Security Attacks - Key Management in Ad-hoc
Wireless Networks - Secure Routing in Ad-hoc Wireless Networks
RFID Security
Introduction - RFID Security and privacy - RFID chips Techniques and Protocols - RFID anti-
counterfeiting - Man-in-the-middle attacks on RFID systems - Digital Signature – Transponder
- Combining Physics and Cryptography to Enhance Privacy in RFID Systems - Scalability
VIII
Issues in Large-Scale Applications - An Efficient and Secure RFID Security Method with
Ownership Transfer - Policy-based Dynamic Privacy Protection Framework leveraging
Globally Mobile RFIDs - User-Centric Security for RFID based Distributed Systems -
Optimizing RFID protocols for Low Information Leakage - RFID: an anti-counterfeiting tool.
1. Network Protocols Handbook (2nd Edition), Javvin Technologies Inc, 2004.
2. Cryptography and Network Security: Principles and Practice (6th Edition), William Stallings,
Prentice Hall Press, 2013.
3. CompTIASecurity+ Guide to Network Security Fundamentals (6th Edition), Mark Ciampa,
CENGAGE, 2017.
References 4. Network Security Assessment (2nd Edition), Chris McNab, O’REILLY, 2008.
5. Official (ISC)2 Guide to the CISSP CBK by Adam Gordon, Fourth Edition, (ISC)2 Press, 23
April 2015
6. CISSP All-in-One Exam Guide by Shon Harris and Fernando Maymi, 7th Edition, McGraw-
Hill Education, 1 June 2016
7. Information Security Management handbook, 6th Edition, Harold F Tipton, Micki Krause,
Auerbach Publications, 5 April 2012
Page 41 of 90
8. The CISSP Prep Guide: Gold Edition by Ronald L. Krutz, Russel Dean Vines, Gold Edition,
Wiley Publication, 31 Oct 2002
9. Certified Information Systems Security Professional, Study Guide by Ed Tittel, Mike Chapple,
James Michael Stewart, 6th Edition, Sybex Publication, 06 July 2012
End Semester
Examination
20 20 60 100
CO 3 L L M L M S S S M S
CO 4 L L L M M M S S S M
Page 42 of 90
1. Able to understand and have hands on experience in the carving of deleted content,
tracking web browser history, identifying files accessed.
Course 2. able to understand and have hands on experience in acquisition and analysis of a phone,
Outcomes
acquisition and analysis of volatile memory, extraction of chat and other artefacts from
Volatile memory.
3. Acquire practical knowledge on Volatile memory acquisition
Course Core Paper X

Title of the
Practical- II – (Cyber Forensics)
Course
Credits 4
1. To Explore the Networking in Cyber Forensics
2. Learn to Analyze and Validate Forensic Data
3. Able to be familiar with Forensic Tools and Case studies
Course 4. Achieve adequate perspectives of Digital Forensic Investigations in various
Objectives
applications/devices like Windows, UNIX, mobile, email etc.
5. Able to work on Forensic Analysis with Autopsy such as Forensic Imaging,
Analyzing the image, Searching Options, Report generation.
1. Advanced Cyber Forensics:
 Forensic Analysis with Autopsy
o Forensic Imaging
o Analyzing the image
o Searching Options
o Report generation
 Encase Forensic Tool
o Demonstration of the acquisition, analysis, searching, exporting images, filters
& conditions and reporting
2. Windows Disk Analysis
 File System Forensics
List of  Techniques for filtering and searching
Exercises
 Mapping of investigative questions to artefacts
 Carving deleted content
 Email activity of the user
 Web browsing historic activity of the user
 Chat room activity of the user
 Evidence of Access and Execution
 Registry analysis
o Identifying the Computer name
o Time zone information
o Recent Documents/activity
o Network list
Page 43 of 90
o Network profile
o USB devices accessed
o Wireless network access
o Cloud access
o Remote Desktop
3. Advanced Cyber Forensics and Extraction of data from Mobile Devices
 Gleaning evidence from page file and random-access memory
 Identifying and dealing with encryption
 Identifying and preserving cloud services
 Mobile phone Acquisition methods
4. Network Forensics
 Protocol Analysis using Wire Shark
o ICMP
o IP
o TCP
o DNS
o FTP
o Other Protocols
 Gmail Header analysis
 Active Directory (Demo)
 NMap
 Log analysis
 authentication logs
o Windows logs
 System logs
 Application logs
 Security logs
 Firewall logs
 Network miner
Page 44 of 90
End Semester
Examination
20 20 60 100
CO 1 S S S M L L M M M M
CO 2 S S S M M M M L L L
CO 3 S S S S M M M L M S
CO 4 M M M L S S S S M M
Page 45 of 90
1. Review an idea on Data Privacy.

2. Know the responsibilities of organizations when sharing data internally, externally, and
Course across borders.
Outcomes
3. Build the strong data protection with the help of regulatory framework.
4. Make law enforcement agencies to familiar with data protection and privacy.
5. Implement and Monitor privacy in the cloud and IOT environment.
Course Elective Paper III

Title of the
Introduction to Data Privacy
Course
Credits 3
Course 1. To know the key concepts related to Data Privacy.
Objectives
2. To be familiar with the data privacy in the context of Police and criminal justice.
3. To know the data privacy across the border.
4. To familiarize the legal framework related to data privacy.
5. To know the privacy in Cloud Computing and IOT.
Units
Introduction to Privacy
Data Protection & Privacy Terminologies - Data Protection Principles and Approaches to
I
Privacy - Code for protection of Personal Information - Information Life Cycle - Data
Security Threats and Mitigation - Data Storage Security Issues in Cloud Computing
Data protection principles and Safeguards
Principle 1 – fair and lawful, Principle 2 – purposes, Principle 3 – adequacy, Principle 4 –
accuracy, Principle 5 – retention, Principle 6 – rights, Principle 7 – security, Principle 8 –
international Conditions for processing - Subject access request Damage or distress -
Preventing direct marketing - Automated decision taking - Correcting inaccurate personal
data - Compensation, Exemptions & Complaints - Big data - CCTV & Data sharing - Online
II
& apps Privacy by design - Guidance Note on Protecting the confidentiality of Personal Data
- Safeguarding Personal Information: Using Personal Information on Websites and with
Other Internet-related Technologies - Privacy considerations for sensitive online information,
including policies and notices, access, security, authentication identification and data
collection - Data Privacy in online data collection, email, searches, online marketing and
advertising, social media, online assurance, cloud computing and mobile devices.
Page 46 of 90
Data Privacy Management

Data Privacy Management controls & Plan - Data Privacy Management Reference Model –
ISTPA - Data Protection in the context of Police and Criminal Justice - Cross Border data
transfer - Do not Track Privacy Policy - Developing Privacy Management Tools -
Information security practices for data privacy - Developing a privacy management plan:
Privacy management program controls, Processing operations – Collection to destruction,
III Responsibilities –Controller, Processor, Recipient, Third party - Rights of the Data Subject -
Documenting the privacy baseline of the organization - Data processors and third-party
vendor assessments - Physical assessments; mergers, acquisitions and divestures - Privacy
threshold analysis; privacy impact assessments - Privacy Monitoring and Incident
Management (MIM) - Auditing your privacy program; creating awareness of the
organization’s privacy program - Compliance monitoring; handling information requests; and
handling privacy incidents.
Privacy Program Governance and Compliance
Privacy Organization and Relationship (POR): Creating a vision for privacy program,
Establishing a privacy program that aligns to the business, Structuring the privacy team,
Developing organizational privacy policies, Standards and guidelines, Defining privacy
program activities and defining program metrics - Privacy Policy and Processes (PPP):
Designing privacy policy and processes, Deploying policy - communicating policy to relevant
stakeholders - monitoring of policy implementation & enforcement, Policy review
IV
mechanism for identifying and improving deficiencies - Regulatory Compliance Intelligence
(RCI): Privacy legislations - applicability and interpretation - Regulatory requirements -
Aligning organization’s privacy initiatives to regulatory landscape - Organizational efforts for
employee awareness vis-à-vis their responsibilities - Liabilities of non-compliances -
Management of compliance related knowledge - Privacy Awareness and Training (PAT):
Creating privacy awareness and training program - Mechanisms to measure effectiveness of
such programs.
Privacy in cloud computing and IOT
Introduction to Privacy in cloud computing - Cloud computing paradigm and privacy -
Challenges to privacy in cloud computing: Complexity of risk assessment,Emergence of new
V business models and implications for consumer privacy, Regulatory compliance - Using PETs
to implement privacy by design: Description of data processing flows, Using PETs -
Standardization activities: International Telecommunication Union (ITU), International
Organization for Standardization (ISO), Organization for the Advancement of Structured
Page 47 of 90
Information Standards (OASIS), Cloud Security Alliance (CSA) - IOT Governance - IOT
Security & Privacy Issues - IOT Privacy challenges - IOT Privacy solutions
Legal Framework for Data Protection, Security & Privacy norms
Data Protection - Security & Privacy: Privacy and Legal Approaches to privacy protection,
Privacy Principles & Concepts, Privacy Laws – brief facts - Recent International Privacy
issues - Privacy and Self-Regulation - Privacy Codes - Privacy Standards - Privacy in Indian
VI
Context - Existing Privacy laws in India - National Security and Privacy - Data Security
Council of India (DSCI) - Trans-border Data Flow – Outsourcing Environment - Privacy
Debate: Issues - Proposed Privacy Act – DSCI Recommendations - The Future of Privacy
Standards in India - GDPR
 Data privacy principles and practice – Nataraj Venkataramanan, Ashwin Shriram
 Cannon, J.C. Privacy: What Developers and IT Professional Should Know. (Addison
Wesley, 2004)
References  Cranor, Lorrie Faith. I Didn't Buy it for Myself, in Clare-Marie Karat, Jan O. Blom, and
John Karat (ed.), Designing Personalized User Experiences in eCommerce. Kluwer
Academic Publishers. 2004.
 Microsoft Corporation. Privacy Guidelines for Developing Software Products and Services
(Microsoft, 2007)
 Data Security Council of India, Data Certified Privacy Lead Assessor Course Material
End Semester
Examination
20 20 60 100
CO 1 M M L L L S S S S S
CO 3 M L M L M S S S S S
Page 48 of 90
1. Setting up an effective python scripting Environment to provide security.

2. Apply the Core capabilities built in to python.
Course
Outcomes 3. Leveraging the python standard library to ensure data protection
4. Solving hard digital investigation challenges through hands on practical exercise.
5. Working with various files data base & e-mails with python tools
Course Elective Paper IV

Title of the
Security and Forensics Oriented Python Programming
Course
Credits 3
Course 1. To Give a Brief definition of python history Evolutions and Versions
Objectives
2. To better understand file handling variables threading in python
3. To illustrate programming with scapy.
4. To possess a good flexibility on Automation with python.
5. To Work with python tools
Units
Introduction to Python
Python History and Evolution - Need for Python in Information security - Different Versions
and Releases of Python (Iron Python, Jython – Python 2.7, Python 3.0) - Python Installation
and Setting up of environment (Linux and Windows) - Setting up of Virtual Environment
I (Virtual environment) - Data types: Strings, Numbers, Lists, Dictionaries, Tuples, Set, Boolean
- String Operations and Methods - List Operations - Dictionary Operations - Conditional
Statements: If- Else loop combinations, For Loops, While Loops – Functions - Classes and
Objects – Inheritance – Modules – Packages - Exception Handling
System Programming
II File Handling: Open, Read, Write, Close, Rename,Delete - Directory Navigation - Process
Creation - Threading and Queuing – Multiprocessing - Signals and IPC - Sub process
Network Security and Forensics

TCP based Client-Server Programming - Socket server Framework - Packet Sniffing with Raw
Sockets - Raw Socket Creation - Understanding Packet Headers - Extracting binary data into
III variables - Packet injection with raw sockets - Packet Sniffing with Scapy (Wired and Wireless)
- Packet Capture File Parsing -Packet Injection with Scapy(Wired and Wireless) - Injected
Packet Routing - Programming with Scapy
Page 49 of 90
Crawling and Parsing

Fetching webpage - Parsing HTML, XML (Beautiful soup , LXML, HTML Parser) - Regular
IV
Expressions - Parsing Text Files using “re” package - Scripting a web crawler - Scripting a
basic log parser to parse log files
Automation with Python
Automated SSH login - Dictionary based attack on SSH, Web Login etc. - Browser Emulation
V
- Web Request and Response Automation - Security Tools Automation: Nmap, Metasploit,
Integration of Multiple tools
Forensic Analysis on Files, Databases and Mail
Working with SQL Databases (SQLite , MySQL , MSSQL) - Parsing Outlook PST Database -
VI Exporting output to CSV and SQLite files - Metadata extraction from Image files - Working
with Windows Registry - Working with pre-existing python tools: Volatility, Log2timeline,
DShell
1. Severance, C. R. (2016). Python for Everybody: Exploring Data Using Python 3. Poland:
Charles Severance.
2. Reitz, K., Schlusser, T. (2016). The Hitchhiker's Guide to Python: Best Practices for
Development. Japan: O'Reilly Media, Incorporated.
3. Lutz, M. (2010). Programming Python. United States: O'Reilly Media.
4. Hosmer, C. (2014). Python Forensics: A Workbench for Inventing and Sharing Digital
Forensic Technology. Netherlands: Elsevier Science.
References
5. Spreitzenbarth, D. M., Uhrmann, D. J. (2015). Mastering Python Forensics. India: Packt
Publishing.
6. Miller, P., Bryce, C. (2017). Python Digital Forensics Cookbook: Effective Python
Recipes for Digital Investigations. United Kingdom: Packt Publishing.
7. Hosmer, C. (2016). Integrating Python with Leading Computer Forensics Platforms.
Netherlands: Elsevier Science.
8. Hosmer, C. (2015). Python Passive Network Mapping: P2NMAP. United States:
Elsevier Science.
Page 50 of 90
End Semester
Examination
20 20 60 100
CO 2 L M L M S S S S S S
CO 3 M L M L M S S S M S
CO 4 M L L M M M S S S S
CO 5 M L L S S M M S S S
Page 51 of 90
1. Understand the basic concepts of data warehouse and data mining.

2. Apply pre-processing techniques for data cleansing.
Course Outcomes 3. Identify and design multidimensional models for data warehousing.
4. Analyze and Evaluate performance of algorithms for Association Rules,
Classification and Clustering techniques.
5. Develop research interest towards advances in data mining.
Course Soft skill II

Title of the Course Data Mining
Credits 2
1. Understand the basic concepts and techniques of Data Mining

2. Develop skills of using recent data mining algorithms for solving problems
3. Develop and apply critical thinking, problem – solving, and decision-making
Course Objectives skills

4. To discover structure inside unstructured data, extract meaning from noisy data,
discover patterns in apparently random data.
5. Get a better understanding on trends, patterns, correlations, and ultimately
predict customer behaviour, market and competition trends
Units
Unit 1 Introduction, Data Preprocessing , Association Rule Mining , Classification Basics
Unit 2 Decision Tree, Bayes Classifier, K nearest neighbor, Support Vector Machine, Kernel
Machine, Clustering, Outliner detection, Sequence mining
Unit 3 Evaluation, Visualization, Case studies
References 1. Introduction to Data Mining, Tan, Steinbach and Vipin Kumar, Pearson
Education,2016.
2. Data Mining: Concepts and Techniques, Pei, Han and Kamber,Elseiveir, 2011.
End Semester
Examination
20 20 60 100
Page 52 of 90
CO 2 L L L M M S S S S S
CO 3 M L M M S S M S S S
CO 5 L L L S S M M S M S
Page 53 of 90
1. Forensic analysis of acquired mobile data.

2. Acquiring Familiarization on how to implement the security in wireless devices
Course 3. Learning about social media privacy and security.
Outcomes
4. Assessing various vulnerabilities in web mail systems and performing E mail
forensics.
5. To process a good understanding in mail infrastructures.
Course Core Paper XI

Title of the
Security and Forensics of E-mail, Social Network & Mobile Devices
Course
Credits 4
1. To know the nature of Email & mail infrastructures.
2. To gain knowledge on various attacks against e mail crimes.
3. To give brief hierarchy of social network.
Course
Objectives 4. Proliferations of mobile and wireless devices.
5. To provide cryptographic security to email and mobile devices.
6. To define various concepts of mobile phone Forensics.
Units
Fundamentals of E-Mail and Mail Infrastructure
How email works - The role of Mail User Agent - Mail Delivery Agent - Mail Transfer Agent
and DNS servers - An overview of various protocols (SMTP, POP, POP3, IMAP) - SMTP
model including the basic structure as well as the extension model - The SMTP terminology -
I SMTP procedures (session initiation, mail transaction, forwarding mail, relaying, mail
gatewaying, support for mailing lists as well as aliases, termination etc) - Important SMTP
commands including their sequencing as well as the corresponding replies / response codes -
Commands for debugging addresses- SMTP trace information - Address resolution & mail
handling - Problem detection & handling - Security considerations (SPF Records etc.)
Focused attacks against email systems

Common attacks against SMTP, POP3 and IMAP services - Vulnerabilities in web mail
II systems - Exploits targeting the supporting infrastructure - Cryptographic techniques to protect

against email eavesdropping and masquerading attacks - Architectural guidelines for secure
mail infrastructure - Hardening email infrastructure
Page 54 of 90
Spam and Phishing

History of Spam - Harvesting email addresses - Anonymous emails - Forging headers, using
open relays & proxy servers - Employing proxy chaining techniques – Botnets - Sending Spam
III - Tools of trade - Historical anti-spam approaches - Language classification and statistical
filtering anti-spam techniques - Anti-spam solution offerings - Intro to phishing - Email
security issues that aid in phishing - Role of emails in common types of phishing attacks
(impersonation, forwarding and popups) - Anti-phishing solution offerings
E-mail Forensics
Understanding message headers - Forging message headers and identifying forged headers -
IV General approaches to tracking the email sender - General approaches to inspect attachments -
Spam and steganography - Understanding different formats of Mail Databases and working
(Exchange Server, IBM Lotus Server)
Social Network – Privacy and Security
Introduction - Social Network Privacy Policy - Data Collection by Social Media for targeted
advertisements - Phishing and Malware propagation through Social Network – Social Media
based botnet and C&C Servers - Cyber Bullying and Online Harassments (Case Studies –
Objectives, Modus Operandi, Vulnerabilities, Conclusion) - Social Media Analytics, Open
V Source Intelligence (OSINT) , Social Media Policing: Sentimental / Emotional Analysis and
their Applications (Election , Product and Branding), Stalking, Information Gathering,
Geospatial Social Data mining - Social Media Security and Privacy Settings: Password,
Password recovery settings, Enabling / Disabling Integration of Applications with Social Media
Account, Targeted public of a post, Block, Activity Logging and monitoring, Authorised
Devices, Two factor authentication, Security Breach Notification
Security and Forensics of Mobile & Wireless Devices
Introduction - Types of Mobiles and wireless devices and their functionalities - Proliferation of
Mobile and Wireless Devices - Trends in Mobility, Credit Card Frauds in Mobile and Wireless
Computing - Types and Techniques of Credit Card Frauds - Security Challenges Posed by
Mobile Devices - Registry Settings for Mobile Devices Authentication Service Security -
VI Mobile phone camera and microphone hacking - On-Screen Keyboard keyloggers -
Cryptographic Security for Mobile Devices - LDAP Security for Hand-Held Mobile Computing
Devices - RAS Security for Mobile Devices - Media Player Control Security - Networking API
Security for Mobile Computing Applications - Attacks on Mobile/Cell Phones - Mobile Phone
Theft - Mobile Viruses - Mishing, Vishing, Smishing, - Hacking Bluetooth (Bluesnarf attack)
- Mobile Devices: Security Implications for Organizations - Managing Diversity and
Page 55 of 90
Proliferation of Hand-Held Devices - Unconventional/Stealth Storage Devices Threats through

Lost and Stolen Devices - Protecting Data on Lost Devices - Importance of Security Policies
relating to Mobile Computing Devices - Operating Guidelines for Implementing Mobile Device
Security Policies - Organizational Policies for the Use of Mobile Hand-Held Devices - Laptops:
Physical Security Countermeasures
Smart Phone Forensics
Introduction(includes evolution of Android , iOS and Blackberry) - Smart Phone Architecture
(Android, iOS, Blackberry) - Native application formats - Rooting and Jail breaking - Tools of
VII
trade - ADB and Fastboot – (Android) - iTune , iCloud (iOS) - Blackberry Cloud Storage - Data
Extraction Methods (Android , iOS and Blackberry) - Application Data Storage Locations -
Forensic Analysis of the acquired data - Forensic Limitations
1. Blokdyk, G. (2020). Email Security a Complete Guide - 2020 Edition. (n.p.): Emereo Pty
Limited.
2. Orman, H. (2015). Encrypted Email: The History and Technology of Message Privacy.
Germany: Springer International Publishing.
3. Crypt & N/W Security. (2008). India: McGraw-Hill Education (India) Pvt Limited.
4. Cross, M. (2013). Social Media Security: Leveraging Social Networking While Mitigating
References
Risk. Netherlands: Elsevier Science.
5. Oxley, A. (2013). Security Risks in Social Media Technologies: Safe Practices in Public
Service Applications. United Kingdom: Elsevier Science.
6. Shen, X., Lin, X., Lu, R., Liang, X. (2013). Security and Privacy in Mobile Social
Networks. Netherlands: Springer New York.
7. Security Designs for the Cloud, IoT, and Social Networking. (2019). United States: Wiley.
8. Security and Privacy in Social Networks. (2013). Ukraine: Springer New York.
Page 56 of 90
End Semester
Examination
20 20 60 100
CO 2 S S S M M M M M L L
CO 4 S S S S M M M L L M
Page 57 of 90
1. Improvement in management and sharing of data.

2. Understanding Enterprise Infrastructure architecture increases interoperability between the
Course several departments of an organization
Outcomes
3. Helps to maintain Automation workflow
4. Familiarization of topics such as active directory, Internal Administrative applications.
5. Acquires Knowledge about data center construction, site selection data recovery techniques
Course Core Paper XII

Title of the
Enterprise Infrastructure Integration and Security
Course
Credits 4
1. Overview of Enterprise Infrastructural Integration, architecture and components.
2. To understand the Active Directory Infrastructure with the standard authentication
protocols (LDAP, Kerberos)
3. To acquire knowledge on reducing network congestion and increase performance
Course through network segmentation
Objectives
4. To handle DRPs that allows organizations to ensure that they meet all compliance
requirements
5. To resolve data loss and recover system functionality so that it can perform in the
aftermath of an incident, even if it operates at a minimal level.
Units
Introduction
I Overview of Enterprise Infrastructure Integration - Requirement to understand the Enterprise
Infrastructure - Enterprise Infrastructure Architecture and it’s components
Active Directory Infrastructure
Overview of Active Directory (AD) - Kerberos – LDAP - Ticket Granting Ticket {TGT} –
Forest – Domain - Organization Unit (OU) - Site Topology of a Forest - Trust Relationships -
Object – Creation, Modification, Management and Deletion: User, Group, Computer, OU,
Domain - Group Policy (GPO) Management: Structure of GPO, Permissions and Privileges -
II GPO Security Settings: Password Settings, Account Lockout Settings, Account Timeout
Settings, USB Enable/ Disable Settings, Screen Saver Settings, Audit Logging Settings,
Windows Update Settings, User Restriction Settings - Creation of GPO - Linking a GPO -
Application of GPO : Linking a GPO , Enforcing a GPO, GPO Status - Inclusion / Exclusion
of Users/ Groups in a GPO: Precedence of GPO, Loopback Processing of GPO, Fine-Grain
Policy / Fine-Grain Password Policy - Addition of Windows Workstations to Domain and
Page 58 of 90
Group Policy Synchronisation - Addition of Non-Windows Workstations in AD Environment

- Integrating Finger-Print, Smart Card, RSA or secondary authentication source to Active
Directory - Single-Sign On Integration - Active Directory Hardening Guidelines
Network Infrastructure
Introduction to Network Infrastructure - Network Zones: Production, Development or Test /
Quality, DMZ - Types of Network: Data, VoIP, Media (IP TV etc.) - Widely Used Devices in
Enterprise Network: L2 / L3 Switches, Wired and Wireless Routers, TACACS, Firewall , Load
Balancers, IDS and IPS, Network Proxy Device, MUX, SDN - VLAN Segregation - Terminal
Access Control Access Control System (TACACS) and RADIUS Servers: TACACS /
TACACS +Authentication, RADIUS Authentication, Integrating Active Directory
Authentication in TACACS / RADIUS/ Network Devices, AAA (Authentication,
III Authorisation and Accountability) in Network Devices (Router, Switches, Firewalls etc.), -
Administrative and User Level Privileges: VPN, MPLS, Configuring Internet Connectivity
from ISP, Network Monitoring: Performance, Throughput, Security, Other monitoring
parameters - Understanding and Configuring Access Lists / Traffic Rules in Routers / Firewalls
/ L3 Switches - Understanding Network Device Configuration Report - Best practices of
placement of various network devices across various Network Zones in a Network
Infrastructure - Network Infrastructure Designing - Designing and Understanding a Network
Diagram - Network Device Configuration Backup & Restoration - Network Device Hardening
Guidelines
Internal &Administrative Applications Integration

Enterprise Resource Planning (ERP) - Widely Used ERPs and their purpose – SAP - Oracle –
PeopleSoft - Sales force - Other ERPs - ERP Security Configuration: SSO Configuration / AD
IV Integration, Audit Logging, Account Lockout, Default Credentials Disabled - IT Service Desk
Ticketing Tools - Employee Self Service Portals (Timesheets, Travel Desk, Grievance Portal,
Self-learning portal etc.) - Custom IT Portals and Interfaces.
Information Systems Architecture

OS Update Infrastructure: Client Software,Update Server - WSUS (Windows) - GFI LANguard
(Windows) - Software Update Server (Mac) - SCOM (Windows) - Local Repository (Linux):
V Push and Pull Configurations - Anti-Virus Infrastructure: Client Software, Update Server, Push
and Pull Configurations - E-Mail Infrastructure: E-mail Anti-Virus Filter, Spam Filter, Mail
Server, Mail Client, Integration of E-Mail ID with AD – DLP - IDS,IPS and Honeypots - DPI
(Deep packet Inspection) devices - Security Operation Centre (SOC): End-Point Log Forward
Page 59 of 90
Agent, Log Collection Server, Threat Monitoring, Rule Configuration, Threat Alert - Physical
Access Control System: Bio-metric / Access Card System Network Integration, Physical
Access Control Server Configuration - CCTV System Integration (IP based and Analog Based)
- Backup Management Server - Storage Management: SAN, NAS, File Server, Share Drive -
Network Management and Maintenance Server (Network Monitoring System) - Bastion / Jump
Servers or Hosts - Secondary Authentication System (RSA Token Server etc.) - HVAC,
Temperature and Smoke Detection Monitoring System Integration - BYOD (Bring Your Own
Device):Integration with Corporate Infrastructure,Security Considerations - Best Practices
Data Centre Disaster Recovery and Backup
Data Centre: Basic Design Practices on construction of Data Centre (From Information Security
standpoint) - Site Selection - Energy use and Electricity Wiring - Floor Planning - Temperature
Control Systems - Fire Protection – Security: Secondary / Backup Data centre Criteria, Co
VI
location Data centres, Types of Data Centres: Tier-1, Tier-2, Tier-3, Tier-4 - Backup and
Storage Management: Tape Storage and Management, Data Recovery Test, Date Retention
Policy - Corporate Mass Communication Channels (For Broadcast of Disaster Alert / BCP
Invocation to employees and other staffs)
1. Minoli, D. (2008). Enterprise Architecture A to Z: Frameworks, Business Process Modeling,
SOA, and Infrastructure Technology. Ukraine: CRC Press.
2. Blokdyk, G. (2019). Enterprise Infrastructure Software Spending a Complete Guide - 2019
Edition. (n.p.): Emereo Pty Limited.
References 3. Blokdyk, G. (2019). Enterprise Infrastructure a Complete Guide - 2019 Edition. (n.p.):
Emereo Pty Limited.
4. Niemann, K. D. (2007). From Enterprise Architecture to IT Governance: Elements of
Effective IT Management. Germany: Vieweg+Teubner Verlag.
5. Hanschke, I. (2009). Strategic IT Management: A Toolkit for Enterprise Architecture
Management. Germany: Springer Berlin Heidelberg.
Page 60 of 90
End Semester
Examination
20 20 60 100
CO 1 M M L M M S S S S S
CO 3 M L M M M S S M S S
CO 4 M M L M M S S S S S
CO 5 L L L S S S S S S S
Page 61 of 90
1. Identify high-risk areas and compliance in the organization

2. Apply the risk-based approach by identifying the roles and responsibilities
Course 3. Implement governance, risk management and compliance processes that are effective
Outcomes
and efficient
4. Develop and implement a governance, risk management and compliance strategic plan
5. Able to use the best security practices and minimize the risk for IT Governance.
Course Core Paper XIII

Title of the
Governance, Risk and Compliance
Course
Credits 4
1. To know the risk management process for all organizations.
2. To learn the Security Standards, Compliance, Security Controls and access controls.
Course 3. To learn the best security practices for IT Governance.
Objectives
4. To learn the risk based audit approach.
5. To be familiar with the role of compliance officer and his team.
Units
Introduction to GRC
I
Governance, Risk & Compliance definition - Scope and Objectives - IT Governance Metrics
& Framework - BASEL – OECD
Best Practices for IT Governance
II ITIL - ISO/IEC 27001 - Control Objectives of Information and Related Technology (COBIT)
- The Information Security Management Maturity Model - Capability Maturity Model - Any
other latest standards and compliance technologies.
Information Security Governance
Effective Information Security Governance - Importance of Information Security Governance

III
- Outcomes of Information Security Governance - Strategic alignment - Value Management -
Risk Management - Performance Measurement - Information System Strategy - Strategic
Planning - Steering Committee - Policies and Procedures
Information Security Management Practices
IV Personnel Management - Financial Management - Quality Management - Information

Security Management - Performance Optimization - Roles and Responsibilities - Auditing IT
Governance Structure - Evaluation Criteria & Benchmark – Assessment Tools - Case Study
Page 62 of 90
Analysis - Risk Management Process : Developing a Risk Management Program, Risk

analysis methods – Qualitative, Semi quantitative, Quantitative - Risk Management
framework – COSO, The Internal environment - Objective Setting - Event Identification -
Risk assessment - Risk Response - Control activities - Information & communication:
Monitoring – NIST, Risk Assessment, Risk Mitigation, Evaluation & Assessment, Case
Study Analysis
Compliance
Introduction to Information Technology and Security - Evolution of Information systems -

Roles and responsibilities - Audit, Assessment and review - The Role of the Compliance
Officer - The duties and responsibilities of the compliance officer and the function of
compliance - Compliance officer activities - The requirements of a Compliance Officer -
Drafting compliance reports - Designing an Internal Compliance System - Regulatory
V
principles - Issues - Developing high-level compliance policies – Defining responsibility for
compliance - The compliance function - Specific internal compliance control issues -
Information System Audit: Scope of System Audit, Audit Planning, Audit Manual, Audit
check lists, Audit Reports, Best Practices for IT compliance and Regulatory Requirements, IT
Compliance requirements under clause 49 of SEBI Listing agreement, IT Compliance
requirements under Sarbanes Oxley Act of USA, Control Objectives in Information
Technology of ISACA
 Information Security Governance: Guidance for Information Security Managers by W.
KragBrotby, 1st Edition, Wiley Publication, 13 April 2009
 Information Security Governance: Guidance for Boards of Directors and Executive
Management, 2nd Edition by W. KragBrotby, 2nd Edition, ISACA Publication, 01 Mar
2006
References  Security Governance Checklists: Business Operations, Security Governance, Risk
Management, and Enterprise Security Architecture by Fred Cohen, Large Print Edition,
Fred Cohen &Assosciates Publication, 2005
 CISSP All-in-One Exam Guide by Shon Harris and Fernando Maymi, 7th Edition,
McGraw-Hill Education, 1 June 2016
 IT Compliance and Controls: Best Practices for Implementation by James J., IV DeLuccia,
Illustrated Edition, Wiley Publication, 2008
Page 63 of 90
 The IT Regulatory and Standards Compliance Handbook: How to Survive Information

Systems Audit and Assessments by Craig S. Wright, Brian Freedman, Dale Liu, 1st
Edition, Syngress Publication, 2008
 Auditor's Guide to Information Systems Auditing by Richard E. Cascarino, 2nd Edition,
Wiley Publication, 03 Apr 2012
 Adam Gordon, Official (ISC)2 Guide to the CISSP CBK, Apple Academic Press Inc.,
Fourth Edition,2015
 COBIT 4.1 – Available at www.isaca.org
End Semester
Examination
20 20 60 100
Page 64 of 90
1. Upon completion of the course students will be able to:

2. CO1: Know the basic structure and working of an email
3. CO2: Analyse the email header evidence collected from victim and identify if it has
been compromised
Course
Outcomes 4. CO3: Apply different tools and techniques to enumerate email accounts from public
sources
5. CO4: Understand the basic architecture of android devices and its file system
6. CO5: Critically access the data from an android device
7. CO6: Design a systematic approach to recover deleted files from external devices
Course Core Paper XIV

Title of the
Practical – III (E-Mail & Mobile Forensics)
Course
Credits 4
1. To provide a fundamental knowledge in the working of an email
2. To collect and analyze the email evidence from victim PC
3. To interpret the different tools available for email forensics and select the appropriate
Course
Objectives tools
4. To evaluate the approach towards mobile forensics
5. To conceive the idea behind deleted file recovery
1. Analyze the email header to find the original sender
2. Gathering email accounts and subdomain names from public sources using theHarvester
3. Email Harvesting using Metasploit Framework
List of
Exercises 4. Traverse into the shell of the android device and list the files found in the shell. Find
the directory which contains android installed packages and .apk files
5. Logical data extraction from android devices
6. Recover deleted files from external devices like USB using SleuthKit
Page 65 of 90
End Semester
Examination
20 20 60 100
CO 1 S M S L M S S L L M M
CO 2 S L S L M S S L L L L
CO 3 S M S M M S S M M M M
CO 4 S M S L M S S L L M M
CO 5 M L M L S S M L L L L
Page 66 of 90
1. Explore career alternatives prior to graduation and to Integrate theory and practice.
2. Assess interests and abilities in their field of study and learn to appreciate work and its
function in the economy.
Course 3. Develop work habits and attitudes necessary for job success.
Outcomes
4. Develop communication, interpersonal and other critical skills in the job interview
process and to build a record of work experience.
5. Acquire employment contacts leading directly to a full-time job following graduation

from college.
Course UOM I 001

Title of the
Internship
Course
Credits 4
End Semester
Examination
20 20 60 100
CO 1 S M S L M S S S S M
CO 2 S S S S M S S S S S
CO 3 S M S M M S S M M M
CO 4 S M S S M S S S S M
CO 5 M S M S S S M L S S
Page 67 of 90
1. Understanding various types and constraint of embedded system.

2. Illustrating the application of embedded system security and threat classification
Course
Outcomes 3. Security vulnerability aspects of Drones, EVM and smart watches
4. Advance embedded system data recovery and data analysis techniques
5. Working with embedded devices interfaces
Course Elective Paper V

Title of the
Embedded System Security and Forensics
Course
Credits 3
1. To know the nature of various embedded system and gaurs against intrusion by
cybercriminals
2. Describing the advantages if embedded systems.
Course 3. Having a good understanding on microprocessors and micro controllers
Objectives
4. To gain insight of various hardware and software requirements for secure digital data
5. To define the concept of drones, RPV and smartwatches
6. Forensic traces in embedded devices
Units
Introduction to Embedded Systems
What is embedded system? - Components of embedded system.(Block diagram) - Uses of
embedded system - Function of embedded systems - Different types of embedded systems
(Based on performance and functional requirements): Real time embedded systems, Stand
alone embedded systems, Networked embedded systems, Mobile embedded systems -
Characteristics of Embedded System - Embedded system constrains: General characteristics of
embedded system in the real-time computation of system - How embedded system software
embedded into computer hardware makes a system dedicated to be used for variety of
I application - How embedded system used for specific task that provide real-time output on the
basis of various characteristics of an embedded system - Embedded system used for serving
more specific application to perform variety of task using hardware-software intermixing
configuration - How it provides high reliability and real-time computation ability:
Characteristics of Hardware and Software Interfacing in the real world of Embedded Systems
with some of the examples - Advantages of Embedded System: Same hardware can be used in
variety of application, Lesser power requirement, Lower operational cost of system, Provide
high performance and efficiency- Disadvantages of Embedded System: Developing a system
required more time. Due to functional complexity, Skilled engineers required because one
Page 68 of 90
mistake may result in destroying of complete project - Comparison between embedded systems
and general purpose computing.
Microprocessors and Microcontrollers
Processor and its type - General Purpose processor (GPP) – Microprocessor – Microcontroller
- Embedded Processor - Digital signal Processor: Application Specific System Processor
(ASSP), Multi Processor System using GPPs - IC technology - Introduction to VLSI -
II Programmable logic device (PLD) - Microcontrollers and types of microcontrollers -
Comparison between micro processor and microcontroller - Applications of an embedded
system: Navigation tools like global positioning system (GPS), Automated teller machines
(ATMs), Networking equipment, Digital video cameras, Mobile phones,
Aerospace applications, Telecom applications, Others.
Security in Embedded Systems
Introduction - Need for increased embedded security: Striking an appropriate balance : balance
of business requirements with security, Increasing Complexity and Connectivity, Cyber-
security and information assurance - Attack and threat classification - Guidelines for Improving
Embedded Systems Security: Conduct an end-to-end threat assessment - Complete product life
cycle analysis to be performed - Possible entry paths for attacks into the system to be defined
and described - Risk matrix to be built - Mitigation strategy to be created based on the priority
list - Creation of a design specification that includes security needs based on the previous
assessments: Leverage existing advanced security designs, Select an appropriate run-time
platform, Secure the applications, Adopt comprehensive life cycle support- Practical design
solutions: Enclosure - External interfaces - Tamper mechanism - Emissions & immunity :
III
Circuit board - Physical access to components - PCB design and routing - Memory devices -
Power supply - Clock and timing - I/O port properties - Cryptographic processors and
algorithms – Firmware: Programming practices, Storing secret components, Run time
diagnostics and failure modes, Field programmability, Obfuscation - Security needs in
embedded systems (Hardware and software security requirements in an embedded device that
are involved in the transfer of secure digital data) - Security needs for data transfer: Data
Encryption, Public-key Key Agreement Algorithm, Digital Signature, Digital Certificate,
Certificate Hierarchy, Examples of Key Agreement algorithm - Security needs within the
device: Secure SoC, Secure ROM, Internal RAM and Secure Processes, Secure Boot-Loader
and Code Signing, Encryption and decryption engine, System Time - Software security issues
in embedded systems
IV UAVs, EVMs and Smart Watches
Page 69 of 90
Introduction to Flight Systems: Unmanned Aerial Vehicles (UAV) - Remotely Piloted

Vehicle (RPV) - Unmanned Aerial System (UAS) – Drone: What is a drone?, Operational
categories of Drones, Functional size categories, General Airframe technologies-UAVs - Legal
issues: Commercial, Governmental and Private uses – Implications: Public Policy & Risk
Mitigation, Privacy issues related to civil drones, Drones and the Harvesting of Information
and Resources, Defence Approaches against Intruding Drones - Security, vulnerability &
Safety aspects of civil drones: Cyber physical threats, Physical challenges and vulnerabilities,
Security requirements, Intrusion detection
EVM: Introduction - The Journey of EVMs in India - Socio-Political Feedback - Legal
Interventions & Court Cases - Indian EVM : Design and Manufacturing Protocol - EVM safety
and Security: Technical & Administrative, Vulnerability analysis, Countermeasures -
Technical Experts Committee (TEC) - Evolution and Incorporation of Technology in EVMs -
International Comparison - VVPAT - Recent Issues and Controversies - Present Status.
Smart Watches: Introduction - Smart watch model - Security vulnerabilities - Mitigations
Embedded Device Forensics
Introduction, Embedded Device Interfaces - Joint Test Action Group (JTAG) - Universal
Synchronous Receiver-Transmitter (UART) - Inter-Integrated Circuit (I2C) - Serial Peripheral
Interface (SPI) - Enhanced Synchronous Serial Interface (ESSI)- Control Area Network (CAN)
- Local Interconnect Network (LIN) - Background Debug Mode (BDM) - Test Access Port
(TAP) - Communication Port (COM) - Parallel Peripheral Interface (PPI) - Secure Digital Input
V
Output (SDIO) - Other Interfaces - GSM/GPRS/EDGE/UMTS technology basics- Forensics
traces in embedded devices: Digital traces in mobile systems - Mobile phone examination
workflow - Examination steps: Preservation, Repair, Type determination, Logical/physical data
acquisition, Data analysis, Reporting - Dutch Layered Model for Digital Forensic Examinations
- Advanced embedded systems data recovery and data analysis techniques - UAV & EVM
Forensic Investigations - Forensics in smart watches
1. Lee, E. A., Seshia, S. A. (2014). Introduction to Embedded Systems - a Cyber Physical
Systems Approach - Second Edition. United States: Lulu Enterprises Incorporated.
2. Fan, X. (2015). Real-Time Embedded Systems: Design Principles and Engineering Practices.
References
Netherlands: Elsevier Science.
3. Noergaard, T. (2005). Embedded systems architecture: a comprehensive guide for engineers
and programmers. Boston: Elsevier Science.
4. Gebotys, C. H. (2010). Security in Embedded Devices. Netherlands: Springer US.
Page 70 of 90
5. Russell, B., Van Duren, D. (2016). Practical Internet of Things Security. United Kingdom:
Packt Publishing.
6. Secure Smart Embedded Devices, Platforms and Applications. (2013). Netherlands: Springer
New York.
7. Mohay, G. M., Collie, B., de Vel, O. (2003). Computer and Intrusion Forensics. United
Kingdom: Artech House.
End Semester
Examination
20 20 60 100
CO 1 M M L M S M S S S S
CO 3 M L M M S S M S S S
CO 5 L L M S S S M S S S
Page 71 of 90
1. Having a better understanding of PCI POS & ATM security.

2. Gained knowledge on how to secure cloud and data center security solution.
Course
Outcomes 3. Able to analyze different type of payment card frauds and can define the risks.
4. Describing the security risks and providing security to PCI POS & ATM
5. Maintain Security network against breaches
Course Elective Paper VI

Title of the
Payment Card Industry (PCI), Point of Sale (PoS) and ATM Security
Course
Credits 3
1. A brief introduction to all digital payments
2. Security controls of PCIDSS and Compliance
3. To gain knowledge on risk management to emerging retails payment.
Course
Objectives 4. Learn out security breaches frauds and mitigation.
5. How to mitigate security in online and mobile payments
6. To give a good understanding on the attacks of POS and how to provide security
Units
Introduction to Payment Cards and Digital Payments
The Origin of Payment Cards - Payment Card Networks and Systems - Getting a Bank Card -
Types of Payment Cards and usage: Key Card Features, Credit Cards - What a credit card is -
How a credit card works- Fees associated with credit cards
Types of credit cards – Advantages & Disadvantages, Standard credit card, Secured credit
card, Unsecured credit card, Retail credit card, Charge Cards - How credit card processing
I
works - Credit Limit and Annual Percentage Rate (APR): Debit Cards, Prepaid Cards - Single
purpose prepaid cards - Multipurpose prepaid cards - Anatomy of Payment Card Numbers -
Point of Sale (PoS) and Card Steps - Unstructured Supplementary Service Data (USSD) based
Mobile Banking - Activation and Registration - Transfer of funds: Transfer to other bank
accounts, Aadhaar Enabled Payment System (AEPS), Micro ATM Transaction, Unified
Payment Interface (UPI), e – Wallets, PoS Types: Physical PoS, MPOS, V-POS
Payment Card Industry Data Security Standard
PCI DSS Introduction: Protecting Cardholder Data with PCI Security Standards - Overview of
PCI Requirements: The PCI Data Security Standard (DSS), PIN Transaction Security
II
Requirements (PTS), Payment Application Data Security Standard (PA-DSS) - Security
Controls and Processes for PCI DSS Requirements: Building and Maintaining a Secure
Network, Protecting Cardholder Data, Maintaining a Vulnerability Management Program,
Page 72 of 90
Implementing Strong Access Control Measures, Monitoring and Testing Networks,

Maintaining an Information Security Policy, Compensating Controls for PCI DSS
Requirements - Compliance with PCI DSS: Choosing a Qualified Security Assessor, Choosing
an Approved Scanning Vendor, Scope of Assessment for Compliance, Using the Self-
Assessment Questionnaire (SAQ), Reporting - About the PCI Security Standards Council -
Maintaining Payment Card Industry (PCI) Compliance in the Cloud
Understanding Risk Management in Emerging Retail Payments
Fraud and Operational Risks in Payment Innovations: Telemarketing Fraud, Transaction Fraud
and Data Security Breach - Major Risks in Emerging Payments: Risk of financial loss,
Operational Risk, Legal Risk, Risk Containment, Difficulties in Containing Fraud and
III
Operational Risks, Confronting Fraud and Operational Risks, Containment Techniques -
Concerns for Emerging Payments Systems: Data Integrity and Privacy, Illicit Use of payment
systems - Informal Case Studies of Risk and Its Management in Emerging Payments: General-
Purpose Prepaid Cards, Electronic debit transactions (E-Cheques), Online Balance-Transfer
Systems - Lessons Learned: Recognize the Problem, Maintaining a Perimeter
PCI Security Breaches, Frauds and Mitigation
Data Compromise & Indicators - Current Issues - What is a breach or compromise? - Effects
of a breach - What happens during a breach? - Data Breach Indicators & Current Processes -
IV What are attacking techniques? - Lost or Stolen cards -Counterfeit cards - Spotting a bad card
- Mail/Telephone Order and Internet Fraud - Card Not Present - Loss of Payment Card –Actions
to be taken - Unauthorized use of payment card by third party - PCI Security Standards Council
(PCISSC) – Common Practices
Online and mobile payments: Supervisory challenges to mitigate security
Introduction: Payments in the digital age, Digital payments in the international agenda - Online
and mobile payment services : Categorization of payment services, Online payments, Mobile
payments, Barriers to the use of innovative payment services - Payment providers : Overview,
V Financial vs. non-financial - Security risks : Overview , Main security incidents, Causal drivers
of security risk, Risk mitigation initiatives - Regulatory framework: Overview, National
framework, International guidance, Self-regulation initiatives - Supervisory framework:
Overview, The scope of supervision, A collaborative supervisory approach, Supervisory tools,
Enforcement powers, Financial education initiatives - Conclusions
Page 73 of 90
Point of Sale (PoS) System Architecture and Security

Introduction to PoS-Overview - PoS Flow Chart - PoS Hardware - PoS Setup Fundamentals -
PoS- How it works - PoS Architecture & Framework components – Overview - PoS System
Security - Attacks on PoS System: PoS Device and Network Setup Weaknesses, Hacking PoS
Devices, Hacking Network Communications, Targeting Specific Servers, Point of Entry and
Lateral Movement in a Network, Data Exfiltration, Common PoS Device Malware and How
VI
they Scrape and Send Credit Card Information Back to Attackers – ALINA – vSkimmer –
Dexter – FYSNA – Decebel – BlackPoS - Impact of PoS Hacks to Industry and Consumer
Public - What Should Consumers Do?: Bank and Credit/Debit Card Statements, Chip-and-PIN
Card - Securing Networks Against PoS System Breaches - Securing PoS Devices -Securing
Networks - Cloud and Data Center Security Solutions - What to Check in Third Party
Agreement
Automatic Teller Machine (ATM)
How ATM Works - ATM Architecture - Financial Networks - Settlement Funds - Transactional
Secrecy and Integrity - Customer Security & Reliability - ATM Security - ATM Frauds –Modus
VII Operandi (Card Fraud, Operational Fraud, Equipment Fraud, Digital Fraud): Card Reader Bezel
-Skimmers (Overlay Skimmer, Partial Overlay Skimmers & Insert Skimmers; Shimming
Devices), Cash Trapping, Card trapping, Eavesdropping, Concealed Camera, Pin pad overlays,
Shoulder surfing, Vandalizing - Counter measures
1. Montague, D. A. (2010). Essentials of Online Payment Security and Fraud Prevention.
Germany: Wiley.
2. Shanley, T., Anderson, D. (1995). PCI system architecture. United Kingdom: Addison-
Wesley.
3. Chuvakin, A., Williams, B. R. (2014). PCI Compliance: Understand and Implement Effective
PCI Data Security Standard Compliance. Netherlands: Elsevier Science.
References 4. Seaman, J. (2020). PCI DSS: An Integrated Data Security Standard Guide. United States:
Apress.
5. Virtue, T. M. (2008). Payment Card Industry Data Security Standard Handbook. Germany:
Wiley.
6. Gomzin, S. (2014). Hacking Point of Sale: Payment Application Secrets, Threats, and
Solutions. Germany: Wiley.
7. Tarman, T. D., Witzke, E. L. (2002). Implementing Security for ATM Networks. United
Kingdom: Artech House.
Page 74 of 90
End Semester
Examination
20 20 60 100
CO 1 M M M S S M S S S S
CO 3 M L M S S S M S S S
CO 4 M M L S M M S S S M
Page 75 of 90
1. To understand the purpose, the benefits, the concepts of and vocabulary of

SecDevOps
2. To elicit the difference between SecDevOps practices and other security
Course Outcomes practices

3. To know Security Goals and Metrics
4. To appreciate the business driven security strategies and best practices
5. To recognize the key security elements of a cloud service architecture and some
mature security frameworks
Course Soft skill III

Title of the Course Sec Dev Ops
Credits 2
1. To apply security to devOps pipeline
2. To help to learn to build, test and maintain coherent software releases
3. To develop a continuous integration/continuous delivery pipeline
Course Objectives 4. To collaboratively utilize tools and techniques in creating a SecDevOps
5. To appreciate Threat Modeling Practices and Secure Design
6. To understand Secure Coding Best Practices
Units
Unit 1 Security Architecture and Design Principles
Cloud service security architecture reference, Security Framework, Web readiness for privacy
protection, Login protection, Cryptographic molecules, Input Validation and sanitization, Data
Masking, Data Governance, Third-party open source management.
Unit 2 Threat Modeling Practices and Secure Design

Threat modeling practices, threat modeling with STRIDE, Diagram designer tool, Card games,
Threat library references, Secure Design, CASE STUDY.
Unit 3 Secure Coding Best Practices

Secure coding industry best practices, Establishing secure coding practices, Secure coding
awareness training, Tool evaluation, Tool optimization, High risk module review, Manual code
review tools, Secure code scanning tools, Secure compiling, Common issues in process
References TEXTBOOK
1.Hands – On Security in DevOps by Tony Hsu
Page 76 of 90
End Semester
Examination
20 20 60 100
Page 77 of 90
1. Manage the incident by following the stages of incident management.

2. Improving and developing security polices after an incident
Course 3. Implementing the tools and technique for handling the incident
Outcomes
4. Documenting and reporting the evidence to get the corrective measures to minimize the
occurrence of an incident.
5. Know the enterprise setup and various incident to be responded.
Course Core Paper XV

Title of the
Enterprise Incident Response
Course
Credits 4
1. To know the concepts of handling and managing an incident.

2. To get a brief of analyzing the incidence and providing a response to it.
Course
Objectives 3. To handle the incident and understand the concepts of post incident activity.
4. Learn the practices to recover the information after an incident.
5. To have better insight in incident managements and recovery.
Units
Incident Management
Introduction to incident response & management - Incident management perspectives -
Information Technology Infrastructure Library (ITIL): Control Objectives for Information and
I
Related Technologies (COBIT), National Institute of Standards and Technology (NIST SP 800-
61), Computer Emergency Response Team (CERT), Computer Security Incident Response
Team (CSIRT) - Stages in Incident management
Organizing a Computer Security Incident Response Capability
Events and Incidents - Need for Incident Response - Incident Response Policy, Plan, and
II Procedure Creation: Policy Elements, Plan Elements, Procedure Elements, Incident Response
Team, Structure, Models, Model Selection, Team Personnel – Roles and responsibilities -
Team Services
Handling an Incident
Preparation: Preparing to Handle Incidents, Incident Handling Checklist, Preventing Incidents
III - Detection and Analysis: Attack Vectors, Signs of an Incident, Sources of Precursors and
Indicators, Incident Analysis, Documentation, Incident Prioritization, Incident Notification -
Containment, Eradication, and Recovery: Choosing a Containment Strategy, Evidence
Page 78 of 90
Gathering and Handling, Identifying the Attacking Hosts, Eradication and Recovery - Post-
Incident Activity: Lessons Learned, Using Collected Incident Data, Evidence Retention.
Collecting Digital evidence
Forensic analysis methodology: Introduction to Digital Evidence, Investigative process,
Incident reconstruction - Identifying the methodology & technology involved for carrying out
attacks - Identifying the motive behind the attacks - Preparing evidence for courtroom -
IV
Guidelines for Digital evidence handling and examination - Collecting evidence from windows
system - Collecting evidence from Linux and other systems - Collecting digital evidence from
the internet - Investigating routers and network topology - Investigating servers and end user
PCs, mobile devices etc.
Recovering After an Incident
Recovery best practices - Gathering information for reporting - Creating a Lessons Learned
V report - Improving security policies after learning from an incident – Honeypots:
Introduction, Types of honeypots, Tools used for setting up honeypots, collecting evidence
from honeypots, Looking out for attack signatures
1. Siegel, S. G., Donaldson, S. E., Aslam, A., Williams, C. K. (2015). Enterprise Cybersecurity:
How to Build a Successful Cyberdefense Program Against Advanced Threats. United Kingdom:
Apress.
2. Fry, C., Nystrom, M. (2009). Security Monitoring. United Kingdom: O'Reilly Media.
3. Woody, A. (2013). Enterprise Security: A Data-Centric Approach to Securing the Enterprise.
United Kingdom: Packt Publishing, Limited.
References 4. Johansen, G. (2017). Digital Forensics and Incident Response. United Kingdom: Packt
Publishing.
5. Allen, B., Loyear, R. (2016). The Manager’s Guide to Enterprise Security Risk Management:
Essentials of Risk-Based Security. United States: Rothstein Publishing.
6. Anson, S. (2020). Applied Incident Response. United Kingdom: Wiley.
7. Schnepp, R., Vidal, R., Hawley, C. (2017). Incident Management for Operations. (n.p.):
O'Reilly Media. 8. Bradley, J. (2016). OS X Incident Response: Scripting and Analysis. United
States: Elsevier Science
End Semester
Examination
20 20 60 100
Page 79 of 90
CO 1 M M M S S M S S M S
CO 3 M L M S S M S M S S
CO 4 M M L S M M S S S M
CO 5 M L M L S S M S S S
Page 80 of 90
1. Possess the skills necessary to carry out independent analysis of modern malware samples
using static, dynamic, memory analysis
2. To investigate the malware samples and collect the evidence to track the attack.
Course 3. Have an intimate understanding of various executable formats, analysis and techniques.
Outcomes 4. Apply the tools and techniques for cyber threat intelligence
5. Achieve understanding on individual tools including IDA Pro, WinDBG, and PE Explore,
etc.
6. Implement the concept of unpack, decrypt, and extract the technique in future malware
samples
Course Core Paper XVI

Title of the
Malware Analysis and Cyber Threat Intelligence
Course
Credits 4
1. To get insight on various malware and its behaviour.

2. To bring out the tools and techniques used for analysis of malware
Course
Objectives 3. To get an overview on module of Cyber Threat Intelligence
4. To get conceptual understanding of the malicious forums in dark web & Deep web
5. To build up the understanding of examining the malicious file.
Units
Introduction to Malware Analysis
I Types of Malwares and their behavior - Computer Infection Program - Life Cycle of a Malware
- Virus Nomenclature - Worm Nomenclature - Tools used in Computer Virology
Implementation of Covert Channel
Non-Self-Reproducing Malware - Working Principle of Trojan Horse - Implementation of
II
Remote Access and File Transfer - Working Principle of Logic Bomb - Case Study – Conflicted
C Worm
Virus Design and Its Implications
III Virus Components: Function of Replicator, Function of Concealer, Function of Dispatcher -

Trigger Mechanisms - Testing Virus Codes - Case Study: Brute force logical bomb
Malware Design using Open Source
IV Computer Virus in Interpreted Programming Language - Designing Shell bash virus under
Linux - Fighting over infection – Polymorphism - Case Study – Companion Virus
Page 81 of 90
Analysis of a Malware Specimen

Guidelines for Examining a Malicious File Specimen - Establishing the Environment Baseline
S – Pre-Execution Preparation - System and Network Monitoring - Execution Artefact Capture
- Digital Impression and Trace Evidence: Executing the Malicious Code Specimen, Execution
Trajectory Analysis: Observing Network, Process, Api, File System, and Registry Activity -
V
Automated Malware Analysis Frameworks - Online Malware Analysis Sandboxes - Defeating
Obfuscation - Interacting with and Manipulating the Malware Specimen - Exploring and
Verifying Functionality and Purpose - Event Reconstruction and Artefact Review - Post-Run
Data Analysis - Digital Virology: Advanced Profiling Through Malware Taxonomy and
Phylogeny – Conclusion - Pitfalls to Avoid3
Cyber Threat Intelligence
VI Introduction - CTI and CTI terminologies - Life Cycle - Perceptions and Priorities - Roles of
the various CTI analysts - Indicators of Compromise
Tactical Threat Intelligence
Elements of Cyber Security - Formal Threat intelligence Process - Cyber Hunting Readiness -
VII
Advanced persistent threats - Strategic threat intelligence - Tactical threat intelligence -
Threat campaigns
Models of Cyber Threat Intelligence
VIII The Cyber Kill Chain Model - The Diamond Model for Process Visualization - Hunting
Maturity Model
Tools and Techniques for Cyber Threat Intelligence
Open Threat Exchange (OTX) - Structured Threat Information Expression (STIX) -
Collective Intelligence Framework (CIF) - Open Indicators of Compromise (OpenIOC)
IX framework - Trusted Automated eXchange of Indicator Information (TAXII) - Cyber
Observable eXpression (CybOX) - Traffic Light Protocol (TLP) - Incident Object Description
and Exchange Format (IODEF) - Vocabulary for Event Recording and Incident Sharing
(VERIS) - Open-source CTI
Proactive CTI - Understanding dark web malicious forums: Introduction, Background,
Forum Structure and Community Social organization, the content of observed forums -
X Understanding the products and vendors in Malicious hacking markets - Proactive
Intelligence beyond Deep web and Dark web - Automatic mining of cyber threat intelligence
from the darkweb
Page 82 of 90
Cyber Threat Intelligence sharing through National and Sector oriented communities
Importance of sharing and numerous dimensions to circumvent incidents and mitigate cyber
XI threats - The promise of intelligence communities - CTI community structures -
Organizational context of CTI community - Tooling and infrastructure - Case studies -
Community enrichment and enhancement - Legal implications of information sharing
1. Michael Sikorski, Practical Malware Analysis: The Hands-On Guide to Dissecting
References
Malicious Software, 2012, No Starch Press.
2. Learning Malware Analysis, K A Monnappa, Packt Publishing Limited.
End Semester
Examination
20 20 60 100
CO 1 M M M S S S S S S S
CO 2 M L L M S S S S S S
CO 4 M M L S M M S S S S
CO 5 M L M S S S M M S S
Page 83 of 90
1. Understanding the principle concept of ethical hacking and its process.

2. Working with OSINT tools and web application scanners
Course Outcomes 3. Learning about language specific vulnerabilities
4. Able to identify vulnerabilities and exploiting of services
5. Have an idea on anti-forensics methods.
Course Core Paper XVII

Title of the Course Vulnerability Assessment and Penetration Testing
Credits 3
1. To know the nature and scope of ethical hacking
2. To understand various information gathering methodologies
3. To learn about attacks and defensive mechanism
Course Objectives
4. Have a good command on various tools and techniques in network and
system penetration testing
5. To provide an overview of network and system hardening
Units
Introduction to Ethical Hacking Terms and Concepts
I Ethical Hacking Terminology - Five Stages of Hacking - Vulnerability Research - Legal

Implications of Hacking - Impacts of Hacking - Case Studies
Reconnaissance and Social Engineering

Information Gathering Methodologies - OSINT Framework (includes Google dorks) - DNS
Enumeration - Social Engineering Attacks: Mass Phishing, Spear Phishing, Other social
network attacks - Working with OSINT Tools - Reduction of OSINT Footprint – A preventive
II mechanism - Active Reconnaissance using tools: Web Application Scanners (Nikto, Whatweb,
Acunetix, Burp etc..), Network Scanners (Nmap, Metasploit, Massscan etc), Local System
Scanners (Patch Check , Misconfigured Ownership and Rights for identifying Privilege
Escalation Vulnerabilities, Vulnerability Check).
Web Application Penetration Testing

OWASP Top 10 – Attack and Defensive Mechanism - Web Shells - Language Specific
III Vulnerabilities (NodeJS , Python, J2EE, PHP etc.): Template Injection, Object Injection,
Evaluation method Vulnerability leading to Remote Code Execution (RCE), Other
vulnerabilities, Countermeasures - Case Studies - Web Service Hardening.
IV Network and System Penetration Testing
Page 84 of 90
Understanding Network Ports and Services - Working with Network Scanners: Port Knocking,
Service and OS Fingerprinting, Working with various types of Network Service Scans,
Countermeasures - Identifying Vulnerabilities and Exploiting Services: Scanning Services,
Verification and usage of open exploit sources to query exploits, Metasploit for exploitation,
Password Cracking Techniques, Counter measures - Man-in-the-Middle Attack: ARP
Poisoning, Session Hijacking, DNS Spoofing, Counter measures - Types of Payloads: Shell -
Reverse Shell - Applications , Advantages and Limitations - Bind Shell – Applications ,
Advantages and Limitations: Post Exploitation Modules - Privilege Escalation - Identifying
mis-configurations - Identifying System Vulnerabilities - Tools of trade - Data Exfiltration
Techniques - File Hiding using Steganography - Key loggers - Webcam and Audio Recorder -
Custom Shell Commands - Custom Modules: Custom Payload creation & AV Evasion, and
Countermeasures - Achieving Persistence - Covering Tracks / Anti-Forensics Methods -
Overview of Network and System Hardening
Exploitation using Buffer Overflow
Overview of Process and Memory Management - Understanding Registers - Working with
debuggers - Crashing a test application - Controlling Extended Instruction Pointer (EIP) - Shell
V coding - Discovering Bad Characters - Finding a Return Address - Payload Injection - Counter
Measures - Other Exploitation Terminologies, Methods and Countermeasures: Stack
Overflow, Heap Spray, Return Oriented Programming (ROP), Use After Free, Structured
Exception Handler (SEH), Null Pointer Dereference, Integer Overflow
1. Weidman, G. (2014). Penetration Testing: A Hands-on Introduction to Hacking. United
States: No Starch Press.
2. Kalsi, T. (2017). Finding and Exploiting Hidden Vulnerabilities. (n.p.): Packt Publishing.
3. Allsopp, W. (2017). Advanced Penetration Testing: Hacking the World's Most Secure
References Networks. Germany: Wiley.
4. Prasad, P. (n.d.). Mastering Modern Web Penetration Testing. United Kingdom: Packt
Publishing.
5. Engebretson, P. (2013). The Basics of Hacking and Penetration Testing: Ethical Hacking
and Penetration Testing Made Easy. Netherlands: Elsevier Science.
6. Shimonski, R. (2020). Penetration Testing For Dummies. United Kingdom: Wiley
Page 85 of 90
End Semester
Examination
20 20 60 100
CO 1 M M M S S S S S S S
CO 4 M M L S S S S S S S
Page 86 of 90
Upon completion of the course students will be able to:

1. Test and run exploits to identify vulnerabilities in websites
2. Identify and analyze exposures and weakness
Course 3. Apply appropriate tools (automated/ manual) to carry out penetration testing
Outcomes
4. Provide reports in standard format
5. Document all the steps and finding of analysis performed in vulnerability assessment
and penetration testing
6. Investigate the security issues by applying port scanning tools
Course Core Paper XVIII

Title of the
Practical – IV (Vulnerability Assessment and Penetration Testing)
Course
Credits 4
1. To define the characteristics of each VAPT tool
2. To perform vulnerability assessment to analyse the web applications and system
security
3. To analyse the results of vulnerability assessment and prioritize them according to
Course severity
Objectives
4. To interpret the different tools available for vulnerability assessment and penetration
testing
5. To understand about the importance of documenting the results obtained after VAPT
analysis
1. Perform vulnerability Analysis for the websites given and submit the report.
Hosting OWASP to analyse injection vulnerability
using any one of the tools below.
2. Qualys
3. Nessus
4. Netsparker
List of
Exercises 5. OWASP
6. Nmap
7. Burp Suite
8. Hosting OWASP to analyse remote code execution
using Qualys or Nessus to generate and submit report.
9. Hosting OWASP to analyse SSL attack
vulnerability using Netsparker tool to generate and submit report.
Page 87 of 90
10. Hosting OWASP to analyse private API key

disclosure and XSS using burp suite and NMAP tool to generate and submit the
report.
End Semester
Examination
20 20 60 100
CO 1 L M M S S S S S M S
CO 2 M L L M S M S S S S
CO 4 M M L S S S S S S S
CO 5 M L M S S S S S S S
Page 88 of 90
 Developing a project is to implement all the security features that have been taught
during the course
 To Enrich innovative technological ideas in building an application
Course
Outcomes  To make sure all the parts of project serve as an outcome of the end goal of the
preferred topic
 To produce a sustainable option as an output
 Learn to manage the inevitable changes while handling a project
Course Core Paper XIX

Title of the
Project
Course
Credits 4
End Semester
Examination
20 20 60 100
CO 1 S M M S S S S S M S
CO 2 M S S M S M S S S S
CO 3 M S M S S S M S S S
CO 4 M M S S S S S S S S
CO 5 M S M S S S S S S S
Page 89 of 90
1. Develop an appropriate Disaster Recovery / Business Continuity (DR/BC)

implementation plan.
2. Construct a Business Continuity Management structure which contains a Business
Continuity Plan, a Crisis Communication Plan, an Emergency Response Plan, and a
Course
Outcomes Contingency Plan appropriate for a small to medium size business.
3. Identify data storage technologies appropriate for secure data backups.
4. Create the steps in Disaster Recovery Plan.
5. To choose the right fail over solution.
Course Elective Paper VII

Title of the
Business Continuity Management
Course
Credits 3
1. To know the value of business continuity management to an organization.
2. To learn the impact of business disruption on an organization and how long disruption
should be tolerated
Course
Objectives 3. To learn Disaster recovery strategy and the importance of disaster recovery planning.
4. To be familiar with Different standby systems and how these relate to recovery time.
5. To know the importance of robust documentation and testing of the plan
Units
Introduction to Continuity Management (BCM) and Disaster Recovery (DR)
Introduction to Business Continuity Management (BCM) and Disaster Recovery (DR) - What
is business continuity management BCM? - What is the purpose of a business continuity plan?
- BCM principles - BCM lifecycle: BCM programme management, Understanding the
I organization, Determining business continuity strategy, Developing and implementing a BCM
response, BCM exercising, Maintaining and reviewing BCM arrangements, Embedding BCM
in the organization’s culture - Drivers of Business Continuity Management - Roles and
responsibilities - Developing effective BCM Capabilities - BCM in business: Benefits and
consequence, Contemporary landscape: Trends and directions - Current developments in BCM
Risk Management
BCM and DR – The relationship with Risk Management - Risk Management concepts and
framework: Concepts of threat, vulnerabilities and hazard, Risk Management process, Risk
II
assessment, Risk control options analysis, Risk control implementation, Risk control decision,
and risk reporting - Business Impact Analysis (BIA) concept, benefits and responsibilities - BIA
methodology - Assessment of financial and operational impacts: Identification of critical IT
Page 90 of 90
systems and applications, Identifications of recovery requirements and - BIA reporting -

Relationship between BIA and Risk Management
Business Continuity Strategy and Business Continuity Plan (BCP) Development
Business continuity strategy development framework: Executive Management Support &
Sponsorship, Risk Assessment & Business Impact Analysis, Business Continuity Strategy, Plan
Development & Strategy Implementation, Training & Awareness, Testing & Plan Maintenance
III - Types of testing - Business Continuity Plan Testing - Plan maintenance requirements and
parameters - Change management and control - Business Continuity Plan Audits - Linking
strategy to plan: Coordinating with External Agencies, Business continuity plan contents,
Information Systems aspects of BCP, Crisis Management, Emergency response plan and crisis
communication plan
Disaster Recovery in Information Security
Introduction and Definitions: Backup and recovery, Threat and risk assessment - Understanding
cost and impact of disaster - Recovery Time objective (RTO) & Recovery Point Objective
(RPO) - Disaster recovery scenario and strategy - Disaster Recovery Phases - Disaster Recovery
Roadmap - Disaster Recovery Plan (DRP): Scope and objectives, Development of plan, Roles
IV and responsibilities, Maintenance of plan & review, Disaster Recovery Testing & Simulation,
Post test review, Education & training
The eight R’s of a successful recovery plan: Reason for planning, Recognition, Reaction,
Recovery, Restoration, Return To Normal, Rest and Relax, Re-evaluate and Re-document -
Benefits of DRP - Analysis framework of DRP: Cost benefit analysis, Technical feasibility,
Manpower & planning - Difference between BCP and DRP
 Business Continuity Planning: A Step-by-Step Guide With Planning Forms on CD-
ROM by Kenneth L. Flumer, 3rd edition, Rothstein Associates Publication, 04 Oct 2004
 A Risk Management Approach to Business Continuity: Aligning Business Continuity
with Corporate Governance by Julia Graham, David Kaye and Philip Jan Rothstein,
Illustrated edition, Rothstein Associates Publication, 31 Jan2006
References
 Business Continuity Planning – Protecting Your Organization’s Life by Ken Doughty,
Illustrated edition, Taylor & Francis Publication, 2000
 CISSP All-in-One Exam Guide by Shon Harris and Fernando Maymi, 7th Edition,
McGraw-Hill Education, 1 June 2016
 The Definitive Handbook of Business Continuity Management by Andrew Hiles, 3rd
Edition, John Wiley & Sons Publication, 22 Oct 2010
Page 91 of 90
 The CISSP Prep Guide: Gold Edition by Ronald L. Krutz, Russel Dean Vines, Gold
Edition, Wiley Publication, 31 Oct 2002
 Certified Information Systems Security Professional, Study Guide by Ed Tittel, Mike
Chapple, James Michael Stewart, 6th Edition, Sybex Publication, 06 July 2012
End Semester
Examination
20 20 60 100
CO 1 M M M L M L S S S S
CO 2 M M L M S L S S S S
CO 3 M L M S M S M S S S
CO 4 M M L S L M S S S S
Page 92 of 90
1. Acquire the basic technologies that forms the foundations of Big Data.
2. Understand the programming aspects of cloud computing with a view to rapid
prototyping of complex applications.
3. Implement the specialized aspects of big data including big data application, and
Course Outcomes
big data analytics.
4. Study different types Case studies on the current research and applications of the
Hadoop and big data in industry
5. Gain knowledge about the basic technologies that forms the foundations of Big
Data
Course Soft skill - IV
Title of the Course Big Data
Credits 2
1. To utilize the building blocks of Big Data

2. To articulate the programming aspects of cloud computing
3. To understand the specialized aspects of big data with the help of different big
Course Objectives data applications
4. To represent the analytical aspects of Big Data
5. Know the recent research trends related to Hadoop File System, MapReduce
and Google File System etc
Units
Unit 1 The Power of Big Data in Cyber Security
Introduction to Big Data Analytics, Difference between Traditional Analytics and Big Data
Analytics, The Need for Big Data Analytics in Cyber Security , Limitation of Traditional
Security Mechanism, The Evolving threat landscape requires new security approaches, Big
Data analytics offers new opportunities to Cyber Security, The Category of current solutions,
Big Data Security analytics Architecture, Challenges to big data Analytics for Cyber Security.
Unit 2 Big Data for Network Forensics

Introduction to network forensics, Network forensics: Terms and Process, Network Forensic
Process : Data Collection, Data Examination, Data Analytics, Visualization and Reporting,
Most Popular Network Forensics Tools, Applying Big Data Analysis for Network Forensics,
Big Data Software Tools, Design Consideration, state-of-the-Art Big Data Based Cyber
Analysis Solutions
Page 93 of 90
Unit 3 Big Data Analytics for Mobile App Security

Introduction to Mobile App Analysis, Applying Machine language in triaging App
Security Analysis, State-of-the-Art ML for Android Malware Detection, Challenges in
Applying ML for Android Malware Detection.
References TEXT BOOK
1. Big Data Analytics in CyberSecurity, Edited by Onur Savas and Julia Deng
End Semester
Examination
20 20 60 100
CO 1 M M M M S S S S S S
CO 2 M M S M M S S S S S
CO 4 M M S M S S S S S S
CO 5 L L L S S S M S M S
Page 94 of 90

9 M.Sc. Cyber Forensics and Information Security

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

9 M.Sc. Cyber Forensics and Information Security

Uploaded by

Copyright:

Available Formats

LEARNING OUTCOME BASED CURRICULUM FRAMEWORK (LOCF)

M. Sc. CYBER FORENSICS AND INFORMATION SECURITY

(A State University, Accredited with “A” Grade by NAAC)

CENTRE FOR CYBER FORENSICS AND INFORMATION SECURITY

Chepauk Campus, Chennai – 600 005, India

Programme M. Sc. CYBER FORENSICS & INFORMATION SECURITY

1. To acquire a broader Perspective in the areas of cyber forensics and also

2. To get specializes in the areas of cyber, network and application and

3. Understanding the procedures of collecting the digital evidence from the

4. Building up a strong foundation in the fundamental concepts, psychological

6. The Different Information Security Framework and Compliance that are

8. Learning in integrating the enterprise with the security features and

9. Identify, choose, and apply proper techniques, resources, and protocols to

10. Design and develop secure architecture for an organization

1. Analyze and resolve security issues in networks and computer systems to

Fundamentals to Cyber Crime and Police

I SSS C 204 Fundamentals of Cyber Forensics Core Paper-IV 4

I SSS E 202 Cyber Law and IPR Elective Paper-II 3

I UOM S *** Soft Skill Soft Skill -I

II SSS C 209 Network Security Core Paper-IX 4

II SSS C 210 Practical- II – (Cyber Forensics) Core Paper-X 3

II SSS E 203 Introduction to data Privacy Elective Paper-III 3

III SSS C 213 Governance, Risk and Compliance Core Paper-XIII 4

III UOM I 001 Internship Internship 2

III UOM S *** Soft Skill Soft Skill -III

IV SSS C 215 Enterprise Incident Response Core Paper-XV 4

IV SSS C 217 Vulnerability Assessment and Penetration Testing Core Paper-XVII 4

IV SSS C 218 Practical - IV Core Paper-XVIII 3

1. Understand the principle concepts of Cybercrime and Cyber criminology.

Course Core Paper I

Mapping with Programme Outcomes:

1. Acquires a wider knowledge of layered approach in networks with its protocols.

Course Core Paper II

4. To provide hardware and software issues in modern distributed systems.

5. To get knowledge in distributed architecture, naming, synchronization, consistency

Packet Switched Connection

 Computer Networks (5th Edition), Andrew S.Tanenbaum David J. Wetherall, 2014.

References Architecture”, 5th Ed., Prentice Hall India (PHI)

Mapping with Programme Outcomes:

1. To Enterprise the thinking on information security.

Course Core Paper III

Why should we classify information? - Information Asset: Owner, Custodian, User -

Risk Analysis Process - Asset Definition - Threat Identification - Determine Probability of

Introduction to Cloud Computing: Concepts - Fundamentals of Cloud Computing - Types

Cloud Identity and Access Management: Identity Provisioning – Authentication - Key

Blockchain & Crypto currency

Crypto currency: Introduction to Cryptography and Crypto currencies - How Bitcoin

SCADA Security: Introduction to SCADA: SCADA Systems, Evolution of SCADA

Mapping with Programme Outcomes:

Course Core Paper IV

Standards, Guidelines and Best Practices

Mapping with Programme Outcomes:

Course Core Paper V

ii. Chain of Custody

Mapping with Programme Outcomes:

Course Elective Paper- I

V Introduction to Telecommunication Technologies

Telecommunication Technologies and architecture referred - Analog & Digital Networks,

Controls & Fraud Management

(CFT)/Obligation of banks under PMLA, 2002. RBI/2013 14/94, DBOD.

Mapping with Programme Outcomes:

1. Conduct Cyber Investigation that is admissible by the Courtroom.

Course Elective Paper II

Trademark: Introduction to Trademarks, Functions and types of Trademarks, Madrid