Transcription
Post Graduate Certification inCyber Security and EthicalHackingBy E&ICT MNIT, Jaipur in collaboration with EC-CouncilPG Certification Program in Cyber Security and Ethical Hacking1 Page
Table of Contents1.About the Program2.About E&ICT MNIT, Jaipur3.Collaborating with EC-Council4.About Intellipaat5.Key Features6.Placement & Career Services7.Eligibility Criteria & Application Process8.Learning Path9.Course Advisors10.Program Curriculum11.Certification12.Success Stories13.Contact UsPG Certification Program in Cyber Security and Ethical Hacking2 Page
About the ProgramThis PG certification in Cyber Security & Ethical Hacking by E&ICT Academy, MNIT Jaipurin collaboration with the EC-Council aims to provide extensive training on Cyber Securityconcepts including risk analysis and mitigation, data security, cloud-based security, ethicalhacking, etc. The course is designed by the top faculty at MNIT & Industry expert to helpyou gain relevant skills required by the Industry and land you in your dream job!PG Certification Program in Cyber Security and Ethical Hacking3 Page
About E&ICT Academy MNIT, JaipurElectronics & ICT Academy MNIT, Jaipur (E&ICT MNIT, Jaipur) is an initiative supported byMeitY, Govt of India. The courses provided by us lay an emphasis on bridging the gapbetween industry demand and academic approach to learning and provide a foundation tobuild your career in top IT companies.In this program, you will: Get Live Lectures from the MNIT faculty Receive PG Certificate from E&ICT, MNIT & Intellipaat Alumni status of E&ICT, MNIT JaipurKey Achievement of MNIT, Jaipur: Ranked 35 in NIRF 2020 Ranking among top engineering colleges Ranked 23 by the Week in 2020 for engineeringPG Certification Program in Cyber Security and Ethical Hacking4 Page
About the EC-CouncilThis American organization offers education, training, and services on Cyber Security. Thecertification by the EC-Council validates the various cybersecurity skills that the learners willbe trained in through the programme.Benefits for students from EC-Council Student kit containing e-books, exam voucher Certified Ethical Hacker certificate from EC Council 6 months free access to CEH v11 iLabs 24 Hacking Challenges from EC CouncilAbout IntellipaatIntellipaat is one of the leading online training providers with more than 600,000 learnersacross 53 countries. We are on a mission to democratize education as we believe thateveryone has the right to quality education.Our courses are delivered by subject matter experts from top MNCs and our world-classpedagogy enables to quickly learn difficult topics in no time. Our 24/7 technical supportand career services will help learners jump-start their careers in their dream companies.PG Certification Program in Cyber Security and Ethical Hacking5 Page
Key Features7 MONTHS OF LIVE CLASSES24/7 SUPPORT20 REAL-TIMEINDUSTRY PROJECTS18 CASE STUDIESPG CERTIFICATION PROGRAMFROM E&ICT MNIT, JAIPURPROGRAM IN COLLABORATIONWITH EC-CouncilINDUSTRY- RECOGNIZEDCERTIFICATION FROM EC-COUNCILPG Certification Program in Cyber Security and Ethical HackingLEARN FROM MNITPROFESSORS ANDINDUSTRY EXPERTS6 Page
Career ServicesDedicated Learning ManagerGet mentored by experts, receive personalized feedback onyour performance, and clarify your doubts in no timePersonalized Industry MentorWe match your profile with the right industry mentor based on yourpast skills. Your mentor’s guidance will help you get preparedyourself for your dream jobMock InterviewsMock interviews to make you prepare for cracking interviews bytop employers3 Guaranteed InterviewsUpon completion of the assignments and projects, learners will beable to attend interviews arranged by Intellipaat with the hiringpartners that includes top startups and MNCs.Resume Preparation & LinkedIn Profile BuildingGet assistance in creating a world-class resume from ourcareer services teamPG Certification Program in Cyber Security and Ethical Hacking7 Page
Eligibility Criteria & the Application ProcessThose wishing to enroll in the Post Graduate Certification in Cyber Security andEthical Hacking will be required to follow the admission process mentioned below.Eligibility CriteriaFor the admission to the Post Graduate Certification in Cyber Security and Ethical Hacking,candidates should: Have a bachelor’s degree with an average of 50% or higher marks Be working professionals with zeal to build a career in Cyber Security and EthicalHackingApplication ProcessThe application process consists of three simple steps. Candidates have to submittheir application. An offer of admission will be made to the selected candidates, andtheir application will be accepted upon the payment of the admission fee.SUBMIT APPLICATIONTell us a bit about yourself and why you want to join this programAPPLICATION REVIEWHave a personal interview with the interview panelADMISSION LETTERShortlisted candidates would be offered the admission letterPG Certification Program in Cyber Security and Ethical Hacking8 Page
Learning PathPG Certification Program in Cyber Security and Ethical Hacking9 Page
Course Advisors & FacultyMurli NambiarSenior VP - Head Cyber security at Reserve Bank of IndiaHaving worked in companies like ICICI, Reliance, Apollo, Murli carries ground levelexpertise in Information security and Risk management, and has been instrumental insetting up Information security divisions for premier institutions in India.Vinod RamakrishnaDirector & Product Manager at Standard CharteredVinod carries 18 years of experience specifically in Identity and AccessManagement, Cyber Security, Digital Security and Cyber Law. He is also a CertifiedCISSP, CISA, CISM, and has worked in organizations like PWC, Oracle, TCS andStandard Chartered.Dhruva Raj PudelAssociate Director-Cyber Security at KPMG IndiaCertified in CISSP and CCSP by (ISC)², and Cyber security Risk management byHarvard University,he carries 14 yrs of experience with a focus on SIEM solutions &Host Based instruction detection systems,etc. and has worked with top MNCs likeWipro, IBM.PG Certification Program in Cyber Security and Ethical Hacking10 Page
Program CurriculumCore Curriculum:Module 1 – Preliminary Course - Linux FoundationIn this preliminary Linux Foundation course, you will get to learn all the fundamentals of Linux thatwill help you to move ahead and complete the Cyber Security and Ethical Hacking coursesuccessfully.1. Introduction to Linux Introduction to Linux Shell Kernel CentOS 8 installation and VBox additionsHands-on Exercise – Executing basic Linux commands, installing CentOS 8 on VirtualBox and addingguest additions to the installed OS.2. File Management Text editors and file creation Users, groups and processes Root and Linux file hierarchy File hierarchy File permissions Editing a file using VIMHands-on Exercise – Using VIM, creating users and groups, creating files and directories, assigningfile permissions and ownership using chmod and chown, editing files in VIM.3. Files and Processes Process control commandsHands-on Exercise – Executing ps and kill commands on running services, monitoring the OS usingtop.4. Introduction to Shell Scripting What is shell scripting? Types of shellPG Certification Program in Cyber Security and Ethical Hacking11 Page
Creating and writing a shell script Changing the permission of the shell script Executing the script Environment variables Defining a local and a global variable User input in a shell scriptHands-on Exercise – Creating a shell script, writing and executing the shell script, creating a local anda global variable, taking input from the user in a shell script.5. Conditional, Looping Statements and Functions What are Conditional statements IF, IF-ELSE, Nested IF statements What are Looping statements WHILE, UNTIL and FOR statements Using the case esac statement FunctionsHands-on Exercise – Executing IF, IF-ELSE, Nested IF statements, executing WHILE, UNTIL andFOR statements, executing the case .esac statement, creating a function in multiple ways, calling afunction in a file, calling a function from another file.6. Text Processing Using GREP, SED, and AWK commands Mounting a file to the virtual box Mounting a folder SORT command and pipes to combine multiple commandsHands-on Exercise – Executing commands using GREP, executing commands using SED, executingcommands using AWK, mounting a folder in the Windows OS to the Linux OS, installing VirtualBoxguest additions on CentOS 8, extracting zipped files.7. Scheduling Tasks Daemons Task scheduling in Linux Scheduling a job in Linux Cron and Crontab Using the AT commandPG Certification Program in Cyber Security and Ethical Hacking12 Page
Hands-on Exercise – Starting, stopping and restarting Daemon processes, scheduling jobs using cronand crontab, scheduling a one-time task using AT, managing scheduled tasks using ATQ and ATRM.8. Advanced Shell Scripting Why monitoring Process monitoring Top vs HTop What does PGREP do File and folder monitoring Monitoring tool inotifywait inotifywait options for folder monitoring Events of a folder in inotify FREE commandHands-on Exercise – Using Top to monitor the OS, installing Htop, using Htop to monitor the OS,filtering and sorting using Htop, installing inotify tools, monitoring a folder using inotifywait, monitoring afolder only for certain events, using the FREE command.9. Database Connectivity Installing and configuring MySQL Securing MySQL Running queries from terminal Running queries from a shell scriptHands-on Exercise – Downloading and installing MySQL, connecting to MySQL from terminal,querying directly from the terminal, pushing the query result inside a file, CRUD operations from a shellscript.10. Linux Networking What is networking in Linux Why do we need networking Using networking commands Learning Firewall toolsHands-on Exercise – Executing all the networking commands, using iptables and firewalld, addingand removing ports, resolving IP address in /etc/hosts, looking into a websites IP and nameserversusing nslookup and dig.PG Certification Program in Cyber Security and Ethical Hacking13 Page
Module 2 – Certified Ethical Hacking by EC Council2.1 Introduction to Ethical Hacking Information Security Threats and Attack Vectors Motives, goals, and objectives of information security attacks Top information security attack vectors Information security threat categories Types of attacks on a system Information warfare Hacking Concepts What is hacking? Who is a hacker? Hacker classes Hacking phases Ethical Hacking Concepts What is Ethical Hacking? Why is Ethical Hacking necessary? Scope and limitations of Ethical Hacking Skills of an Ethical Hacker Information Security Controls Information Assurance (IA) Information security management program Enterprise Information Security Architecture (EISA) Network security zoning Defense-in-Depth Information security policies Physical security What is risk? Threat modeling Incident management Security Incident and Event Management (SIEM) User Behavior Analytics (UBA) Network security controls Identity and Access Management (IAM) Data leakage, backup, and recovery The role of AI/ML in Cyber Security Penetration Testing Concepts Why penetration testing? Security auditPG Certification Program in Cyber Security and Ethical Hacking14 Page
Vulnerability assessment Blue Teaming/Red Teaming Types and phases of penetration testing Security testing methodology Information Security Laws and Standards Payment Card Industry Data Security Standard (PCI-DSS) ISO/IEC 27001:2013 Health Insurance Portability and Accountability Act (HIPAA) Sarbanes Oxley Act (SOX) The Digital Millennium Copyright Act (DMCA) Federal Information Security Management Act (FISMA) Cyber law in different countries2.2 Footprinting and Reconnaissance Footprinting through Search Engines Footprinting through search engines Footprint using advanced Google hacking techniques Information gathering using Google Advanced Search and Image Search Google Hacking Database VoIP and VPN footprinting through Google Hacking Database Footprinting through Web Services Finding the company’s Top-level Domains (TLDs) and sub-domains Finding the geographical location of the target People Search on social networking sites and people search services Gathering information from LinkedIn Gather information from financial services Footprinting through job sites Monitoring target using alerts Information gathering using groups, forums, and blogs Determining the OS VoIP and VPN footprinting through SHODAN Footprinting through Social Networking Sites Collecting information through social engineering on social networking sites Website Footprinting Website Footprinting Mirroring the entire website Extracting website information Monitoring web pages for updates and changesPG Certification Program in Cyber Security and Ethical Hacking15 Page
Email Footprinting Tracking email communications Collecting information from the email header Email tracking tools Competitive Intelligence Whois Footprinting Whois Lookup Whois Lookup result analysis Whois Lookup tools Finding IP geolocation information DNS Footprinting Extracting DNS information DNS interrogation tools Network Footprinting Locate the network range Traceroute Traceroute analysis and tools Footprinting Through Social Engineering Footprinting through social engineering Eavesdropping Shoulder surfing Dumpster diving Footprinting Tools Maltego Recon-ng FOCA Recon-Dog OSRFramework Additional footprinting tools Footprinting Countermeasures Footprinting Pen Testing2.3 Scanning Networks Introduction to Network Scanning Scanning tools: Nmap, Hping2 / Hping3, and Hping commands Scanning Techniques ICMP scanningPG Certification Program in Cyber Security and Ethical Hacking16 Page
Ping sweep ICMP echo scanning TCP connect / full-open scan Stealth Scan / half-open scan Inverse TCP flag scanning Xmas scan ACK flag probe scanning IDLE/IPID header Ssan UDP scanning SSDP and list scanning Port scanning countermeasures Scanning Beyond IDS and Firewall IDS/Firewall Evasion Techniques Packet fragmentation Source routing IP address decoy IP address spoofing Proxy servers Anonymizers Banner Grabbing How to identify target system OS Banner grabbing countermeasures Draw Network Diagrams Drawing network diagrams network discovery and mapping tools network discovery tools for mobile Scanning Pen Testing2.4 Enumeration Enumeration Concepts What is Enumeration? Techniques for enumeration Services and ports to enumerate NetBIOS Enumeration NetBIOS enumeration tools Enumerating user accounts Enumerating shared resources using Net ViewPG Certification Program in Cyber Security and Ethical Hacking17 Page
SNMP Enumeration SNMP (Simple Network Management Protocol) enumeration Working of SNMP Management Information Base (MIB) SNMP enumeration tools LDAP Enumeration LDAP Enumeration LDAP Enumeration tools NTP Enumeration NTP Enumeration NTP Enumeration tools SMTP and DNS Enumeration SMTP enumeration SMTP enumeration tools DNS enumeration using zone transfer Other Enumeration Techniques IPsec enumeration VoIP enumeration RPC enumeration Unix/Linux User enumeration Enumeration Countermeasures Enumeration Pen Testing2.5 Vulnerability Analysis Vulnerability Assessment Concepts What is vulnerability assessment? Vulnerability classification and research Vulnerability-Management Life Cycle Vulnerability Assessment Solutions Vulnerability scanning solutions Types of vulnerability assessment tools Choosing a vulnerability assessment tool Vulnerability Scoring Systems Common Vulnerability Scoring System (CVSS) Common Vulnerabilities and Exposures (CVE) National Vulnerability Database (NVD) Resources for Vulnerability ResearchPG Certification Program in Cyber Security and Ethical Hacking18 Page
Vulnerability Assessment Reports Vulnerability assessment reports Analyzing vulnerability scanning report2.6 System Hacking System Hacking Concepts CEH Hacking Methodology (CHM) System hacking goals Cracking Passwords Password cracking Types of password attacks Password recovery tools Password salting Password cracking tools Escalating Privileges Privilege escalation techniques How to defend against privilege escalation? Executing Applications Tools for executing applications Keylogger Spyware Hiding Files Rootkits NTFS Data Stream What is steganography? Covering Tracks Covering tracks Disabling auditing: Auditpol Clearing logs Clear online tracks Covering BASH shell tracks, Covering tracks on the network and OS Covering tracks tools2.7 Malware Threats Malware ConceptsPG Certification Program in Cyber Security and Ethical Hacking19 Page
Introduction to malware Components of malware Trojan Concepts What is a trojan and its types? Trojan horse construction kit Wrappers Crypters Evading anti-virus techniques Virus and Worm Concepts Introduction to viruses Stages of virus life Different types of viruses Virus hoaxes Fake antiviruses Ransomware Creating virus Computer worms Worm makers Malware Analysis Introduction to malware analysis What is Sheep Dip Computer? Anti-virus sensor systems Malware analysis procedure Countermeasures Trojan countermeasures Backdoor countermeasures Virus and worms countermeasures Anti-Malware Software Anti-trojan software Antivirus software Malware Penetration Testing2.8 Sniffing Sniffing Concepts Network sniffing Types of sniffing Hardware protocol analyzersPG Certification Program in Cyber Security and Ethical Hacking20 Page
SPAN port Wiretapping Lawful interception Sniffing Technique: MAC attacks DHCP attacks ARP poisoning Spoofing attacks DNS poisoning Sniffing Tools Wireshark Wireshark filters Sniffing tools Packet sniffing tools for mobile Countermeasures How to Defend Against Sniffing Sniffing Detection Techniques How to detect sniffing Promiscuous detection tools Sniffing penetration testing2.9 Social Engineering Social Engineering Concepts What is social engineering? Phases of a social engineering attack Social Engineering Techniques Types of social engineering Human-based social engineering Computer-based social engineering Mobile-based social engineering Insider Threats Insider threat/insider attack Types of insider threats Impersonation on Social Networking Sites Social engineering through impersonation on social networking sites Social networking threats to corporate networks Identity TheftPG Certification Program in Cyber Security and Ethical Hacking21 Page
Countermeasures Social engineering countermeasures Insider threats countermeasures Identity theft countermeasures Detect phishing emails Anti-phishing toolbar Common social engineering targets and defense strategies Social Engineering Pen Testing Social engineering pen testing Social engineering pen testing tools2.10 Denial-of-Service DoS/DDoS Concepts What is a Denial-of-Service attack? What is distributed Denial-of-Service attack? DoS/DDoS Attack Techniques Basic categories of DoS/DDoS attack vectors UDP, ICMP, and SYN flood attack Ping of death and smurf attack Fragmentation attack HTTP GET/POST and slowloris attacks Multi-vector attack Peer-to-peer attacks Permanent Denial-of-Service attack Distributed reflection Denial-of-Service (DRDoS) Botnets Organized cyber crime: organizational chart Botnet ecosystem Botnet Trojans DDoS Case Study DDoS attack Hackers advertise links to download botnet Use of mobile devices as botnets for launching DDoS attacks DDoS Case Study: Dyn DDoS Attack DoS/DDoS Attack Tools DoS/DDoS attack tools DoS and DDoS attack tool for mobilePG Certification Program in Cyber Security and Ethical Hacking22 Page
Countermeasures Detection techniques DoS/DDoS countermeasure strategies DDoS Attack countermeasures Techniques to defend against botnets DoS/DDoS protection at ISP Level DoS/DDoS Protection Tools Advanced DDoS protection appliances DoS/DDoS protection tools DoS/DDoS Penetration Testing Denial-of-Service (DoS) Attack Pen Testing2.11 Session Hijacking Session Hijacking Concepts What is session hijacking? Session hijacking process Types of Session hijacking Packet analysis of a local session hijack Session hijacking in OSI Model Spoofing vs. hijacking Application Level Session Hijacking Application level session hijacking Compromising session IDs using sniffing and by predicting session token Man-in-the-Middle attack Man-in-the-Browser attack Client-side attacks Client-side attacks: Cross-site script attack Compromising session IDs Session fixation Session hijacking using proxy servers CRIME attack Forbidden attack Network Level Session Hijacking TCP/IP hijacking IP spoofing: source routed packets RST hijackingPG Certification Program in Cyber Security and Ethical Hacking23 Page
Blind hijacking UDP hijacking MiTM attack using forged ICMP and ARP spoofing Session Hijacking Tools Session hijacking tools Session hijacking tools for mobile Countermeasures Session hijacking detection methods Protection against session hijacking Session hijacking detection and prevention tools IPSec Penetration Testing2.12 Evading IDS, Firewalls, and Honeypots IDS, Firewall and Honeypot Concepts Intrusion Detection System (IDS) Firewall Honeypot IDS, Firewall and Honeypot Solutions Intrusion detection tool Firewalls and honeypot tools Evading IDS IDS/firewall evasion tools and techniques Packet Fragment Generator Tools Detecting Honeypots Detecting and defeating honeypots Honeypot detection tool: Send-Safe Honeypot Hunter IDS/Firewall Evasion Countermeasures How to defend against IDS evasion How to defend against firewall evasion Firewall/IDS Penetration Testing2.13 Hacking Web Servers Web Server Concepts Web server operations Open source web server architecturePG Certification Program in Cyber Security and Ethical Hacking24 Page
IIS web server architecture Web server security issue Web Server Attacks DoS/DDoS attacks DNS server hijacking DNS amplification attack Directory traversal attacks Man-in-the-Middle/sniffing attack Phishing attacks Website defacement Web Server misconfiguration HTTP response splitting attack Web cache poisoning attack SSH brute force attack Web server password cracking Web application attacks Web Server Attack Methodology Information gathering Web server footprinting/banner grabbing Website mirroring Vulnerability scanning Session hijacking Web server passwords hacking Using application server as a proxy Web Server Attack Tools Metasploit Web server attack tools Countermeasures Web servers in separate secure server security segment Countermeasures Detecting web server hacking attempts Defend against web server attacks HTTP response splitting Web cache poisoning DNS hijacking Patch Management What is patch management Patches and hotfixes Installation of a patchPG Certification Program in Cyber Security and Ethical Hacking25 Page
Patch management tools Web Server Security Tools Web application security scanners Web server security scanners Web server security tools Web Server Pen Testing Web server penetration testing Web server pen testing tools2.14 Hacking Web Applications Web App Concepts Introduction to web applications Web application architecture Web 2.0 applications Vulnerability stack Web App Threats OWASP Top 10 Application Security Risks Web app hacking methodology Footprint web Infrastructure Attack web servers Analyze web applications Bypass client-side controls Attack authentication mechanism Attack authorization schemes Attack access controls Attack session management mechanism Perform injection/input validation attacks Attack application logic flaws Attack database connectivity Attack web app client Attack web services Web App Hacking Tools Countermeasures Web application fuzz testing Source code review Encoding schemes Defend against injection attacksPG Certification Program in Cyber Security and Ethical Hacking26 Page
Web application attack countermeasures Defend against web application attacks Web App Security Testing Tools Web application security testing tools Web application firewall Web App Pen Testing Web application pen testing Web application pen testing framework2.15 SQL Injection SQL Injection Concepts What is SQL injection? SQL injection and server-side technologies HTTP POST Request Normal SQL Query SQL Injection Query Code Analysis Types of SQL Injection SQL Injection Methodology SQL Injection Tools SQL power injector and SQLmap The mole and SQL injection SQL injection tools for mobile Evasion Techniques: Evading IDS Types of signature evasion techniques: In-line comment Char encoding String concatenation Obfuscated codes Manipulating white spaces Hex encoding Sophisticated matches URL encoding Null Byte Case variation Declare variablePG Certification Program in Cyber Security and Ethical Hacking27 Page
IP fragmentation Countermeasures Defend against SQL injection attacks SQL injection detection tools2.16 Hacking Wireless Networks Wireless Concepts Wireless terminologies, networks, and standards Service Set Identifier (SSID) Wi-Fi authentication modes Wi-Fi authentication process using a centralized authentication server Types of wireless antennas Wireless Encryption Types of wireless encryption WEP vs. WPA vs. WPA2 WEP issues Weak Initialization Vectors (IV) Wireless Threats Rogue access point attack Client mis-association Misconfigured access point attack Unauthorized association Ad hoc connection attack Honeypot access point attack AP MAC spoofing Denial-of-Service attack Key Reinstallation Attack (KRACK) Jamming signal attack Wireless Hacking Methodology Wi-Fi discovery GPS mapping Wireless traffic analysis Launch wireless attacks Crack Wi-Fi encryption Wireless Hacking Tools WEP/WPA cracking tools WEP/WPA cracking tool for mobilePG Certification Program in Cyber Security and Ethical Hacking28 Page
Wi-Fi sniffer Wi-Fi traffic analyzer tools Other wireless hacking tools Bluetooth Hacking Bluetooth stack Bluetooth hacking Bluetooth threats How to blueJack a victim Bluetooth hacking tools Countermeasures Wireless security layers How to defend against WPA/WPA2 cracking, KRACK attacks, wireless attacks, and bluetoothhacking How to detect and block rogue AP Wireless Security Tools Wireless intrusion prevention systems Wireless IPS deployment Wi-Fi security auditing tools Wi-Fi predictive planning tools Wi-Fi vulnerability scanning tools Bluetooth security tools Wi-Fi security tools for mobile Wireless Pen Testing Wireless Penetration Testing, Wireless Penetration Testing Framework2.17 Hacking Mobile Platforms Mobile Platform Attack Vectors Vulnerable areas in mobile business environment OWASP top 10 mobile risks Anatomy of a mobile attack Mobile attack vectors Mobile platform vulnerabilities Security issues arising from App stores App sandboxing issues Mobile spam SMS Phishing Attack (SMiShing)PG Certification Program in Cyber Security and Ethical Hacking29 Page
Hacking Android OS Android OS and rooting Blocking Wi-Fi access using NetCut Hacking with zANTI Hacking networks using Network Spoofer Launching DoS attack using Low Orbit Ion Cannon (LOIC) Performing session hijacking using DroidSheep Hacking with Orbot Proxy Android-based sniffers Android trojans Securing android devices Android security tools Android device tracking tools Hacking iOS Apple iOS Jailbreaking iOS iOS trojans Guidelines for securing iOS devices iOS device security and tracking tools Mobile Spyware mSpy Mobile Device Management Mobile Device Management (MDM) MDM solutions Bring Your Own Device (BYOD) Mobile Security Guidelines and Tools General guidelines for mobile platform security Mobile device security guidelines for Administrator SMS phishing countermeasures Mobile protection tools Mobile anti-spyware Mobile Pen Testing Android Phone Pen Testing, iPhone Pen Testing, Mobile Pen Testing Toolkit: Hackode2.18 IoT HackingPG Certification Program in Cyber Security and Ethical Hacking30 Page
IoT Concepts What is IoT? How does IoT work? IoT architecture IoT application areas and devices IoT technologies and protocols IoT communication models Challenges of IoT Threat vs opportunity IoT Attacks IoT security problems OWASP top 10 IoT vulnerabilities and obstacles IoT attack surface areas IoT threats Hacking IoT devices IoT attacks Case Study: Dyn Attack IoT Hacking Methodology What is IoT device hacking? IoT hacking methodology IoT hacking tools Information gathering tools Sniffing Tools Vulnerability scanning tools Countermeasures How to defend against IoT hacking General guidelines for IoT device manufacturing companies OWASP Top 10 IoT vulnerabilities solutions IoT framework security considerations IoT security tools IoT Penetration Testing2.19 Cloud Computing Cloud Computing Concepts Introduction to cloud computing Separation of responsibilities in cloud Cloud deployment modelsPG Certification Program in Cyber Security and Ethical Hacking31 Page
NIST cloud deployment reference architecture Cloud computing benefits Virtualization Cloud Computing Threats Cloud Computing Attacks Service hijacking using social engineering attacks Service hijacking using network sniffing Session hijacking using XSS attack Session hijacking using session riding Domain Name System (DNS) attacks Side channel attacks or cross-guest VM breaches SQL Injection attacks Cryptanalysis attacks Wrapping attack DoS and DDoS attacks Man-in-the-Cloud attack Cloud Security Cloud security control layers Cloud computing security considerations Placement of security controls in the cloud Best practices for securing cloud NIST recommendations for cloud security Organization/Provider cloud security compliance checklist Cloud Security Tools Cloud Penetration Testing What is cloud pen testing? Key considerations for pen testing in the cloud Recommendations for Cloud Testing2.20 Cryptography Cryptography Concepts Cryptography Types of cryptography Gover
Ethical Hacking will be required to follow the admission process mentioned below. Eligibility Criteria For the admission to the Post Graduate Certification in Cyber Security and Ethical Hacking, candidates should: Have a
