WIXLIB

Draft syllabus of Cyber Security Course for Undergraduate and Post-Graduation alongwith Credit schemeIntroductionThe evolution of Information Communication Technology (ICT) and growing securityconcerns demands flexible and generally comprehensive approach to the issue of CyberSecurity. The rapid growth of ICT has raised various complex questions which need to beaddressed. A need has been felt to address Cyber Security broadly but in sufficient depth sothat even students from non-technical streams will develop a more complete picture of theCyber Security issues. The syllabus has been prepared with an aim to create more aware,responsive and responsible digital citizens, thereby contributing effectively to overall healthyCyber Security posture and ecosystem. This course attempts to make the students familiarwith Indian cyber eco-system to understand international developments in the area of cybersecurity.Terms of Reference2.Terms of Reference (TOR) for drafting the proposed syllabus.(a) Cyber Security as a subject need to be incorporated at Graduation and Post-Graduationlevel in all the streams.(b) A separate syllabus for Graduation and Post-Graduation program to be prepared.(c) The syllabus should incorporate all the essential elements of Cyber Security so thestudents at the Graduation and Post-Graduation level understand the essence and conceptof Cyber Security as a whole.(d) The syllabus of Cyber Security at Graduation level to be pitched at basic and mid-levelwhile the syllabus at Post Graduation level should cover mid and advanced level concept,duly considering the fact that Post Graduation students would have exposure to the basicconcepts of Cyber Security in the preceding degree.(e) The syllabus should have sufficient depth so that even students from the non-technicalstreams can develop a complete picture of the Cyber Security.Essentials Components of Cyber Security3.People, Process and Technology are the important pillars of the Cyber Security, as tohow, effectively the aspects related to these components fit into the curriculum considering thecyber threat landscape forms part of the content structuring and syllabus formation. With thisbackdrop, the following aspects, as tabulated below, have been taken into consideration in thesyllabus formation: -Page 1 of 10

Sl. )(q)ContentEssential components of Cyber SecurityCyber Security threat landscapeCybercrime and its typesRemedial and mitigation measuresReporting of CybercrimeCyber LawData privacy and securityE-Commerce, Digital payments and its securityOverview of Social media and its securityCyber Security of digital devicesTools and technology for Cyber SecurityCyber Security plan and crisis managementSecurity controlsRisk based assessment, audit and complianceCyber Security best practices and do’s and don’tsPlatforms to report and combat cybercrimePractical hands-onLevelBasicBasicBasic – AdvancedAdvancedAdvancedMediumBasicBasic-Medium andAdvancedProgram Educational Objectives (PEOs)4.The exposure of the students to cyber Security program at Graduate and Post Graduatelevel should lead to the following: (a)Learn the foundations of Cyber Security and threat landscape.(b)To equip students with the technical knowledge and skills needed to protect anddefend against cyber threats.(c)To develop skills in students that can help them plan, implement, and monitorcyber security mechanisms to ensure the protection of information technology assets.(d)To expose students to governance, regulatory, legal, economic, environmental,social and ethical contexts of Cyber Security.(e)To expose students to responsible use of online Social media network.(f)To systematically educate the necessity to understand the impact of cybercrimesand threats with solutions in a global and societal context.(g)To select suitable ethical principles and commit to professional responsibilitiesand human values and contribute value and wealth for the benefit of the society.Program Specific Outcomes (PSOs)Page 2 of 10

5.Upon completion of the degree program, students will be able to:a. Understand the Cyber Security threat landscape.b. Develop a deeper understanding and familiarity with various types ofcyberattacks, cybercrimes, vulnerabilities and remedies thereto.c. Analyse and evaluate existing legal framework and laws on Cyber Security.d. Analyse and evaluate the digital payment system security and remedialmeasures against digital payment frauds.e. Analyse and evaluate the importance of personal data its privacy and security.f. Analyse and evaluate the security aspects of social media platform and ethicalaspects associated with use of social media.g. Analyse and evaluate the cyber security risks.h. Based on the Risk assessment, plan suitable security controls and audit andcompliance.i. Evaluate and communicate the human role in security systems with an emphasison ethics, social engineering vulnerabilities and training.j. Increase awareness about cyber-attack vectors and safety against cyber-frauds.k. Take measures for self-cyber-protection as well as societal cyber-protection.Syllabus for Undergraduate Program6.The proposed syllabus for Graduation level academic program is as under: -ModuleModule-IModule-IICyber Security Program at Graduation LevelModule NameModule ContentIntroduction toDefining Cyberspace andCyber SecurityOverview of Computer and Webtechnology, Architecture ofcyberspace, Communication andweb technology, Internet, Worldwide web, Advent of internet,Internet infrastructure for datatransfer and governance, Internetsociety,Regulationofcyberspace, Concept of CyberSecurity, Issues and challengesof Cyber Security.Cybercrime and Classification of cybercrimes,Cyber lawCommoncybercrimescybercrime targeting computers ,cybercrime against woman andchildren, financial frauds, socialengineering attacks, malware andransomware attacks, zero dayandzeroclickattacks.,Cybercriminals modus-operandi, Reporting of cybercrimes,RemedialandmitigationPage 3 of 10LearningOutcomesAfter completion ofthis module, studentswould be able tounderstandtheconcept of CyberSecurity and issuesandchallengesassociated with it.Students, at the endof this module,should be able tounderstand thecybercrimes, theirnature, legalremedies and as tohow report thecrimes throughavailable platformsand procedures.

PracticalModule-IIIPracticalModule IVmeasures, Legal perspective ofcybercrime, IT Act,2000 and itsamendments, Cybercrime andoffences, Organisations dealingwith Cybercrime and CyberSecurity in India, Case studies1.Checklist for reporting cybercrime at Cybercrime Police Station.2.Checklist for reporting cybercrime online.3.Reporting phishing emails.4.Demonstration of email phishing attack and preventive measures.SocialMedia Introduction to Social networks. On completion ofOverviewand Types of Social media, Social this module, studentsSecuritymedia platforms, Social media shouldappreciatemonitoring, Hashtag, Viral various privacy andcontent, Social media marketing, security concerns onSocialmediaprivacy, online Social mediaChallenges, opportunities and and understand thepitfalls in online social network, reporting procedureSecurity issues related to social ofinappropriatemedia, Flagging and reporting of content, underlyinginappropriate content, Laws legal aspects andregardingpostingof best practices for theinappropriate content, Best use of Social mediapractices for the use of Social platform.media, Case studies1.Facebook privacy security settings.2.Basic checklist, privacy and security settings for popular Socialmedia platforms.3.Reporting and redressal mechanism for violations and misuse ofSocial media platforms.E-Commerce and Electronic Commerce definition, After the completionDigital Payments Main componentsof E- of this module,Commerce, Elements of E- students would beCommercesecurity,E- able to understandCommerce threats, E-Commerce the basic conceptssecuritybestpractices, relatedtoEIntroduction to digital payments, CommerceandComponents of digital payment digitalpayments.and stake holders, Modes of They will becomedigitalpaymentsBanking familiar to variousCards,UnifiedPayment digitalpaymentInterface(UPI),e-Wallets, modes and relatedUnstructuredSupplementary CyberSecurityService Data (USSD), Aadhar aspects,RBIenabledpayments,Digital guidelinesandpayment related common frauds preventive measuresand preventive measures. RBI againstdigitalguidelines on digital payment payment frauds.and customer protection inPage 4 of 10

unauthorisedbankingtransactions.Relevent Configuring security settings in Mobile Wallets and UPIs.2.Checklist for secure net banking,Module V DigitalDevices End Point device and Mobile Students,afterSecurity,Tools phone security, Password policy, completion of thisand Technologies Security patch management, module will be ableforCyber Data backup, Downloading and to understand theSecuritymanagement of third party basicsecuritysoftware, Device security policy, aspects related toCyber Security best practices, ComputerandSignificance of host firewall and Mobiles. They willAnt-virus, Management of host be able to use basicfirewall and Anti-virus, Wi-Fi toolsandsecurity, Configuration of basic technologiestosecurity policy and permissions. protect their devices.Practical1.Setting, configuring and managing three password policy in thecomputer (BIOS, Administrator and Standard User).2.Setting and configuring two factor authentication in the Mobilephone.3.Security patch management and updates in Computer andMobiles.4.Managing Application permissions in Mobile phone.5.Installation and configuration of computer Anti-virus.6.Installation and configuration of Computer Host Firewall.7.WiFi security management in computer and mobile.References1.Cyber Crime Impact in the New Millennium, by Marine R. C,Auther Press.2.Cyber Security Understanding Cyber Crimes, ComputerForensics and Legal Perspectives by Sumit Belapure and NinaGodbole, Wiley India Pvt. Ltd.3.Security in the Digital Age: Social Media Security Threats andVulnerabilities by Henry A. Oliver, Create Space IndependentPublishing Platform.4.Electronic Commerce by Elias M. Awad, Prentice Hall of IndiaPvt Ltd.5.Cyber Laws: Intellectual Property & E-Commerce Security byKumar K, Dominant Publishers.6.Network Security Bible, Eric Cole, Ronald Krutz, James W.Conley, 2nd Edition, Wiley India Pvt. Ltd.7.Fundamentals of Network Security by E. Maiwald, McGraw Hill.Page 5 of 10

TEACHING SCHEMECyber Security Program at Undergraduate LevelTeaching SchemeSl. No1Course TitleCyber SecurityTotalCreditsL33T P Total- 14- 14Legend:L: LecturesT: TutorialsP: Practical/ProjectsC: CreditsNotes:1 C: 1 Hour for Lecture/Tutorial1 C: 2 Hour for Practical/ProjectsTerms of Reference for Credit Scheme ( 3 1) There are total of 90-96 working days (15 -16 Weeks) in a semester.1 Credit 15 Hours, therefore 3 Credits 45 hours (3*15 45)In a week, 3 lectures of theory, each period of one hour duration and 1 practicalsession of two hoursTeaching (3x15) 45 hoursPractical (2x15) 30 hoursTotal 75 hoursNOTE : As far as transaction of these courses at UG and PG level in HEIs is concerned,HEIs may invite /Cyber Security/ Computer/ IT qualified faculty or else Experts fromIndustry/ Subject Matter Experts to take the lectures , practical and tutorials . Theproposed syllabus gives broad guidelines and teachers who would teach the subject willhave enough flexibility to strike the balance between time vis-a-vis depth of coverage.Page 6 of 10