Day - 1 1. INTRODUCTION 1.1 What is Security? 1.2 What is Cyber Security? 1.3 What is Information Security? 1.4 What are the Layers of Security? 1.5 What are the Classification of Security? 1.6 What are the Issues in Information Security? 1.7 Security Analyst 1.7.1 Who? 1.7.2 What if there is none? 1.7.3 Responsibilities 1.7.4 Essential Skills 1.7.5 Knowledge Base 1.8 Common Man Perspective 1.8.1 Adware 1.8.2 Spyware 1.8.3 Virus 1.8.4 Trojan 1.8.5 Worm 1.8.6 Malware 1.8.7 Firewall 1.8.8 Antivirus 2. BASICS OF COMPUTERS AND OPERATING SYSTEMS 2.1 Basic Computer Hardware 2.1.1 Microprocessor 2.1.2 Motherboard 2.1.3 BIOS 2.2 Computer Memory 2.2.1 Read-Only Memory (ROM) 2.2.1.1 Programmable Read-Only Memory (PROM)
2.2.1.2 Erasable Programmable Read-Only Memory (EPROM) 2.2.1.3 Electrically Erasable Programmable Read-Only Memory (EEPROM) 2.2.2 CMOS 2.2.3 Random Access Memory (RAM) 2.2.4 Cache Memory 2.2.5 Common Memory Errors 2.2.6 Hard Disks 2.2.6.1 IDE Interface 2.2.6.2 SCSI Interface 2.2.6.3 System Bus Interface 2.2.7 Expansion Cards 2.2.8 Formatting Disks 2.2.9 Partitioning Disks 2.3 Operating Systems 2.3.1 Computer System Operation 2.3.2 Operating System Operations 2.3.2.1 Dual-Mode Operation 2.3.2.2 Timer 2.3.3 Process Management 2.3.4 Memory Management 2.3.5 Storage Management 2.3.5.1 File-system Management 2.3.5.2 Mass-storage Management 2.3.5.3 Caching 2.3.5.4 I/O Systems 2.3.6 Protection and Security 2.3.7 Client-Server Computing 2.3.8 Peer-to-Peer Computing 2.3.9 Operating System Services
2.3.10 System Calls 2.3.10.1 Process Control 2.3.10.2 File Management 2.3.10.3 Device Management 2.3.10.4 Information Maintenance 2.3.10.5 Communication 2.3.10.6 Protection 2.3.11 System Programs 2.3.12 Free Software and Proprietary Software Day - 2 2.4 File Concept 2.5 File Systems 2.5.1 FAT 2.5.2 NTFS 2.5.3 UFS 2.5.4 EXT2, EXT3 3. INTRODUCTION TO NETWORKING 3.1 What is a Network? 3.2 History of Networking 3.3 OSI Model 3.3.1 Physical Layer 3.3.2 Data Link Layer 3.3.3 Network Layer 3.3.4 Transport Layer 3.3.5 Session Layer 3.3.6 Presentation Layer 3.3.7 Application Layer 3.3.8 Summary of Layers 3.4 TCP/IP Model 3.4.1 The Link Layer
3.4.2 The Internet Layer 3.4.3 The Transport Layer 3.4.4 The Application Layer 3.5 Network Topologies 3.5.1 Mesh Topology 3.5.2 Star Topology 3.5.3 Bus Topology 3.5.4 Ring Topology 3.6 Transmission Media 3.6.1 Guided (Wired) Media 3.6.1.1 Twisted Pair Cable 3.6.1.2 Coaxial Cable 3.6.1.3 Fiber Optic Cable 3.6.2 Unguided (Wireless) Media 3.6.2.1 Radio Waves 3.6.2.2 Microwaves 3.6.2.3 Infrared 3.7 Types of Networks 3.7.1 Personal Area Network (PAN) 3.7.2 Local Area Network (LAN) 3.7.3 Metropolitan Area Network (MAN) 3.7.4 Wide Area Network (WAN) Day - 3 3.8 Network Devices 3.8.1 Categories of Connecting Devices 3.8.2 Passive Hub 3.8.3 Repeater 3.8.4 Active Hub 3.8.5 Bridge 3.8.5.1 Transparent Bridge
3.8.5.2 Source Routing Bridge 3.8.6 Switch 3.8.7 Router 3.8.8 Gateway 3.8.9 Network Interface Card 3.9 Modes of Transmission 3.9.1 Unicasting 3.9.2 Multicasting 3.9.3 Broadcasting 3.10 Modes of Communication 3.10.1 Simplex 3.10.2 Half Duplex 3.10.3 Full Duplex 3.11 Crimping 3.12 Standards 3.12.1 International Organization for Standardization (ISO) 3.12.2 National Institute of Standards and Technology (NIST) 3.12.3 Institute of Electrical and Electronics Engineers (IEEE) 3.12.4 American National Standards Institute (ANSI) 3.12.5 World Wide Web Consortium (W3C) 3.12.6 Open Web Application Security Project (OWASP) 3.12.7 Open Source Security Testing Methodology Manual (OSSTMM) 3.12.8 SysAdmin, Audit, Network and Security (SANS) 3.12.9 Payment Card Industry Data Security Standard (PCI DSS) 3.13 Addressing 3.13.1 Physical Address 3.13.2 Logical Address 3.13.2.1 IPv4 Address
3.13.2.1.1 Classful Addressing 3.13.2.1.2 Classless Addressing 3.13.2.1.2.1 Two-level Hierarchy: No Subnetting 3.13.2.1.2.2 Three-level Hierarchy: Subnetting 3.13.2.1.2.3 Multiple-level Hierarchy 3.13.2.1.2.4 Network Address Translation (NAT) 3.13.2.2 IPv6 Address 3.13.3 Port Address 3.13.4 Application-Specific Address Day - 4 3.14 Virtual LANs 3.15 Network Protocols 3.15.1 BOOTP: Bootstrap Protocol 3.15.2 DHCP: Dynamic Host Configuration Protocol 3.15.3 DNS: Domain Name System (Service) protocol 3.15.4 FTP: File Transfer Protocol 3.15.5 HTTP: Hypertext Transfer Protocol 3.15.6 S-HTTP: Secure Hypertext Transfer Protocol 3.15.7 IMAP & IMAP4: Internet Message Access Protocol (version 4) 3.15.8 NTP: Network Time Protocol 3.15.9 POP and POP3: Post Office Protocol (version 3) 3.15.10 SMTP: Simple Mail Transfer Protocol 3.15.11 SNMP: Simple Network Management Protocol 3.15.12 TELNET: Terminal emulation protocol of TCP/IP 3.15.13 TFTP: Trivial File Transfer Protocol 3.15.14 RDP: Reliable Data Protocol 3.15.15 TCP: Transmission Control Protocol
3.15.16 UDP: User Datagram Protocol 3.15.17 IP: Internet Protocol (IPv4) 3.15.18 IPv6: Internet Protocol version 6 3.15.19 ICMP: Internet Message Control Protocol 3.15.20 IGMP: Internet Group Management Protocol 3.15.21 ARP: Address Resolution Protocol 3.15.22 RARP: Reverse Address Resolution Protocol 3.15.23 SSH: Secure Shell Protocol 3.15.24 TLS: Transport Layer Security Protocol Day - 5 4. OVERVIEW OF NETWORK SECURITY 4.1 What is Network Security? 4.2 What is Perimeter Security? 4.3 What is Gateway Security? 4.4 What is SIEM? 4.5 What is Monitoring? 4.6 What is Incident Response? 4.7 What is Support? 4.8 What is Forensics? 4.9 What is Backup Process? 4.10 What is Disaster Recovery? 4.11 What is Policies & Procedures? 4.12 What is VA & PT? 5. OVERVIEW OF APPLICATION SECURITY 5.1 What is Web App Security? 5.2 What is Mobile App Security? 5.3 What is Code Review? 5.4 What is Code Analysis? 5.5 What is Threat Modelling? 5.6 Understanding Algorithms?
5.7 Understanding Programming? 5.8 Understanding OWASP and SANS? 5.9 What is SDLC? 5.10 What is DevOps? 5.11 What is API? 5.12 What is VA & PT? Day - 7 6. Host Configuration 6.1.1 Kali Linux Installation 6.1.2 IP address Configuration 6.1.3 Windows Defender Configuration 6.1.4 Firewall Configuration 6.1.5 Backup and Restore 7. Server Configuration 7.1.1 Server OS installation 7.1.2 IP Address Configuration 7.1.3 Domain Creation and Configuration 7.1.4 User Creation and Permissions 7.1.5 Workgroup Creation 7.1.6 DNS Configuration 7.1.7 DHCP Configuration 7.1.8 Active Directory 7.1.9 Groups and Policies 7.1.10 Web Server Installation 7.1.11 Webpage Hosting Day 8 8. Backup and Restore 9. Configuring Network Devices 9.1 Configuring Switches 9.1.1 802.1 X
9.1.2 Authentication, Authorization 9.1.3 Access Control List 9.1.4 MAC Address table 9.1.5 DHCP relay and DHCP server 9.1.6 DHCP Snooping 9.1.7 DNS 9.1.8 Denial of Service 9.1.9 Energy Efficient Ethernet (EEE) 9.1.10 Ethernet port configuration Commands 9.1.11 IGMP Snooping 9.1.12 IP Addressing 9.1.13 Link Aggregation Control protocol(lacp) 9.1.14 Link layer Discovery Protocol(LLDP) 9.1.15 Loopback Detection 9.1.16 RMON (Remote Network Monitoring) 9.1.17 SNMP protocol 9.1.18 Virtual LAN Day 9 10. Windows Server Configuration 10.1 Installing windows server 10.2 NTFS file system and its features file permissions, quota, VSS, offline files 10.3 DHCP Deployment and configuration 10.4 DNS Forward and reverse lookup, primary/secondary/stub zone, forwarders, root hints, caching only DNS, Dynamic DNS. 10.5 Installing Active Directory domain controllers 10.6 Active Directory user, group management 10.7 Create and manage Group Policy objects (GPOs) Day 10 10.8 Configure security policies 10.9 Configure application restriction policies
10.10 Configure Windows Firewall 10.11 Configure file and disk encryption 10.12 Configure routing 10.13 Configure NAT 10.14 Configure VPN 10.15 Configure RADIUS servers 10.16 Configure Network Access Protection Day 11 Day 12 Day 13 9.2 Configuring Routers 9.3 Configuring Firewalls 9.4 Gateways 9.5 IDS/IPS 9.6 VPNs 9.7 Proxy Day 14 10.17 FSMO roles 10.18 Active Directory backup and restoration 10.19 Active Directory object and container level recovery 10.20 Advance Group Policy Object configuration and management 10.21 Configure Network Load Balancing (NLB) 10.22 Manage Virtual Machine (VM) 10.23 Implement Dynamic Access Control Day 15 10.24 Advanced DHCP 10.25 Advanced DNS 10.26 Active Directory Forest trust relationship 10.27 Active Directory sites and services 10.28 Active Directory Certificate services Day 16
9.8 DMZ 9.9 Honeypots 9.10 Load balancers 9.11 Log Analyzer 9.12 UTM Day 17 11. Information/Cyber Security - Profiling 11.1 Essential Terminologies 11.2 Information Security Threat Categories 11.3 Information Warfare 11.4 Categories of Hackers 11.5 Network Vulnerability Assessment 11.6 Penetration Testing 11.7 Types of Security Policies 12. Web Application Security Standards & Technologies - Profiling 12.1 Web Application Technologies 12.2 Web Application Threats and Security 12.3 OWASP Top 10 12.4 SANS Top 25 Day 18 13. Hacking Perspective & Defensive Attacks 13.1 Common Issues in a Network 13.2 Types of Threats 13.2.1.1 Internal Threats 13.2.1.2 External Threats 13.2.1.2.1 Structured Threats 13.2.1.2.2 Unstructured Threats 13.3 Network Security Attacks 13.3.1 Reconnaissance Attacks 13.3.1.1 ICMP Scanning
13.3.1.2 DNS Footprinting 13.3.1.3 Network Information Extraction using Nmap Scan 13.3.1.4 Port Scanning 13.3.1.5 Social Engineering Attacks 13.3.1.6 Password Attacks Day 19 14. Linux Server Configuration 14.1 Basics of Linux 14.2 Linux Administration 14.3 User and Group Administration Day 20 14.4 File and Directory Management 14.5 Networking with Linux Day 21 13.3.2 Access Attacks 13.3.2.1 Network Sniffing 13.3.2.2 Man-in-the-Middle Attack 13.3.2.3 Replay Attack 13.3.2.4 Privilege Escalation 13.3.2.5 DNS Poisoning 13.3.2.6 DNS Cache Poisoning 13.3.2.7 ARP Poisoning 13.3.2.8 DHCP Starvation 13.3.2.9 DHCP Spoofing 13.3.2.10 Switch Port Stealing 13.3.2.11 MAC Spoofing 13.3.2.12 MAC Flooding 13.3.2.13 Xmas Attack
13.3.3 Denial of Service Attacks 13.3.3.1 Ping of Death 13.3.3.2 IP Header Manipulation 13.3.3.3 Smurfing 13.3.3.4 Distributed Denial of Service (DDoS) Day 22 13.3.2 Malware Attacks 13.3.2.1 Virus 13.3.2.2 Worm 13.3.2.3 Trojan 13.3.2.4 Adware 13.3.2.5 Spyware 13.3.2.6 Backdoor 13.3.2.7 Rootkit 13.3.2.8 Botnet 13.3.2.9 Logic Bomb 13.3.2.10 Ransomware 13.3.2.11 Armored Virus 13.3.2.12 Polymorphic Malware Day 23 15. Wireless LANs 15.1 Wireless concepts 15.2 Encryption standards 15.3 Threats 15.4 Different ways of hacking wireless network 15.5 Tools for hacking 15.6 Countermeasures 15.7 Bluetooth and other wireless 15.8 Bluetooth hijacking
Day 24 14.6 Linux Package (Application) Management 14.7 Task Scheduling with cron 14.8 Linux Network Services Day 25 14.9 Integrating Linux with Linux 14.10 Integrating Linux with Windows Systems 14.11 Disk Management Day 26 16. Cryptography 16.1 Introduction to cryptography 16.2 History of cryptography 16.3 Steganography 16.4 Cryptograph concepts 16.4.1 Symmetric encryption 16.4.2 Asymmetric encryption 16.4.3 Government access key (GAK) 16.5 Encryption Algorithms 16.5.1 Ciphers 16.5.2 Data encryption standards(des) 16.5.3 Advanced encryption standards(aes) 16.5.4 RC4,RC5,RC6 algorithms 16.5.5 RSA 16.5.6 MD5 16.5.7 SHA 16.5.8 SSH 16.6 Tools 16.7 Public key infrastructure PKI 16.8 Email encryption
16.8.1 SSL 16.8.2 TLS 16.8.3 PGP 16.9 Disk encryption 16.10 Cryptographic attacks 16.11 Cryptanalysis tools Day 27 17. Network Infrastructure 17.1 Physical Security 17.2 Host-based Security 18. Network Security Controls 18.1 Access Control 18.2 Identification 18.3 Authentication 18.4 Authorization 18.5 Accounting 18.6 Cryptography 18.7 Security Policy 19. Footprinting 20. Reconnaissance Day 28 21. Scanning 21.1 Wireshark Day 29 21.2 Nmap Day 30 22. Port Scanners 23. Vulnerability Scanners
24. Enumeration Day 31 25. Real-Time Hacking 25.1 System Hacking 25.2 Mobile Hacking 25.3 Social Engineering Day 32 26. Network Incident Response and Management 27. Computer Forensics 28. Documentation and Reporting