Modules to be covered:
The Module is designed to give an introduction to the fundamentals of internet and its primary concepts from origin to the current trending concepts of information security world. For beginners course offers a complete knowledge of basic security concepts, principles, and the key terms associated with information security and cyber World. Intend of the module is to clear misbelieves and myths of cyber world and also to study recent trends as well as threats and modus operandi of cyber criminals and testers.
Networks are defined as medium for communication between two or multiple systems, i.e. it constitutes a mechanism of information that travels across multiple devices using various mediums, concepts of Domain name system, Servers, Connection mechanism. The module will cover in depth knowledge of OSI model and TCP/IP model and how data is transmitted through network, along with various Protocols used at each layer with focus on Networking Layers, Network design and implementation and what devices are used for the data transmission i.e. hardware associated with networking like switches, router, hub etc along with types of network, internet protocol v4 & v6, ports & protocols, sub netting concepts, domain name system and its working, Network architecture and standards.
The module at beginning will define the basic terminologies, introduction of operating systems and technical aspects will follow in the later part of module that includes how multiple operating systems are installed and configured in virtual box.
Course aims to implement understanding of how virtual machines are separated inside the same physical host and how they communicate with lower hardware levels, working of virtualization technology and components involved and the essentials to setup a lab for further modules in this course like web application hacking, malware analysis.
Open source intelligence (OSI) is focused on collecting as much information as possible about a target which can be organization, a person, website or a specific system.
The module is designed to give insight of OSI methods and techniques i.e. various ways to collect information from publically available resources like e-Mail spoofing, Fake mail Tracing by using various methods.
The module will provide elementary knowledge about advance search techniques in various search engines used by security professionals, cyber criminals. Introduction to social engineering technique like phishing for email id hacking, desktop phishing, remote phishing and how it is essential in information gathering.
For Information protection data security is essential and thus it need to be encrypted. The module begins with introduction of cryptography from its origin to traditional methods and modern techniques. Cryptography has important applications in information security and data protection techniques.
The second half of the module Explore and describe basic concepts of cryptography including secret key and public key systems, encoding and decoding. Difference between encryption and encoding along with techniques and methods of decryption also demonstrate how Hash Values are created using cryptographic hash function by studying hash techniques and also how to crack hash. Introduction to data hiding techniques like steganography. Understanding of how cryptography applies complex mathematics and logic to design strong encryption methods.
The module will begin with an introduction of loopholes in protected wi-fi networks and its testing. Students will be able to learn, how to test security of a protected wifi network. In the later phase module will include hands on demonstration of internal network attacks like sniffing, MITM, DNS cache poisoning. Introduction of misconfigurations and loopholes in router security.
Module will also incorporate various internal security concepts like firewalls,IDS,IDPS. Module will cover scanning networks for live systems and their open ports further it will include operating system finger printing and grabbing banners of running services on remote system.
It will also give insight on scanning of known vulnerabilities.
The course will cover basic terminologies and concept of Malware - definition, why and how it is affecting the network and the system, key tools and techniques of malware attacks. Students will be briefed about creating Malware and various types of malware (virus, worms, trojans, keyloggers etc. )
Concepts of antivirus and their working along with it techniques to identify Malwares which are not detected by AVs will be taught.
The module includes the basic fundamentals of web application including some client side and server side scripting and possible web application attacks like SQL Injection, cross site scripting, local file inclusions and remote file inclusions and also medium level attacks like click jacking etc. They will also be able to patch loopholes in web application.
Advancement in technology has brought us to a phase where mostly operations are performed using mobile devices. In this module we will be discussing about security issues related to android and its application.
By the end of this module students will be able to perform reverse engineering on android applications. The will be able to root android devices and test for the securities and permissions.
Metasploit is a framework which allows a security tester to arrange their exploits and launch them easily and how metasploit cover different types of pre build exploits. The scope of exploitation after compromising a particular system and its effect on network and user. The module cover exploitation techniques for different types of systems like windows, android, MAC.
Almost every case of cyber crime involves a very strong element of system based evidence i.e phone, smart phones and computer etc. The module will cover basics of forensics and Introduction to basic concept of data recovery from different types of storage devices and image creation for any storage device for data recovery.
Clarity on concepts of data like data deletion possibilities of recovery and dependencies for the same.
In this module basic C and Python language will be discussed with students. This module will also cover the techniques used by testers to create exploits.
Participants will be able to create their own exploits using Buffer Overflow vulnerabilities
This session will include various cyber crime cases and criminal modus operands. Also will be discussed various cyber crime cases handled by cyberops along with investigation procedure.
Methods to handle cyber crime cases and Dos and Don’ts of handling cyber crime cases will be discussed. Indian IT act with reference to case studies from cyberops will be discussed.
Who should attend?
Course is designed to address the needs of:
- Anyone from Computer engineering background, Students pursuing BCA/MCA.
- Professionals working in information security domain and web development domain.
- Chartered accountants dealing in information security.
- Individuals who aim to work with law enforcement and learn how to design an incident response strategy.
- Government officials of IT sector, officials from law enforcement agencies (police / intelligence agency like intelligence bureau, military intelligence, national investigating agency etc.
Course is suitable for those who are looking to get a foothold in information security and join field of Web Penetration Testing as a profession or aim to explore new career opportunities. It is the most intensive course offered by Cyberops training which will provide a unique prospective into the intricate world of information and Cyber security. Thus the Course it highly recommended to:
- Corporate and government/ investigators and network security personnel.
- Individuals working in a data audit, policy enforcement, or network intrusion investigation role.
- Professionals who are looking for prospective career opportunities in cyber security field.
- Law enforcement officers, computer forensic examiners, corporate and private investigators, and network security personnel.
Technical Participitants Should have basic knowledge of programming languages like C /C++ and web development, programming language like PHP/ASP, HTML.
Course Package includes:
- Cyberops Welcome Kit
- Advanced Software Toolkit
- Remote access to test beds for practice till the exam.
- Challenges of penetration testing.
At the end of the course you will be able to:
The Course is designed to make participants able to design, implement, and support networked devices to take advantage of the growing demand for network security professional with networking fundamentals and advanced concepts and design strong encryptions with various cryptography methods. Recognize and be able to discuss various security technologies, including anti-malware, firewalls, and intrusion detection systems.
Techniques and methods to detect malicious program and understand the ground lying principle of reverse engineering malicious software using network and system utilities, Frame methods and strategies to assess the security posture of multiple web applications. Conduct an in-depth analysis of android file system for security assessment with reverse engineering tools for android applications. Perform regulatory or compliance requirements that mandate regular penetration testing and vulnerability assessments.
Discover essential computer / digital forensic tools and techniques for investigation and incident response and use forensic skills to handle real world incidents. Understand the process of exploit development along with C and python language and also create and customize exploits for penetration testing and vulnerabilities. Cyber crime investigation will give an insight on various cyber crime cases and criminal modus operandi and live cases handling for real time experiencing.
The entire program covers basic outline of cyber security as well as methods and techniques of how attacks are performed and possible outcomes of attacks along with the detection and prevention methods for the same.
Thus the practical exam after the course is entitled for certification aiming at how participants use skills, expertise and knowledge gained throughout course to detect possible attacks and methods to penetrate, hence to be specialized for the modules covered candidates are required to clear the set performance criteria for certification.
We use Simulation test method to provide real time challenge which will help participants to use skills , expertise and knowledge acquired during the entire course.
Passing Criteria: 80% and above
Duration of test: 5 hrs
Participant with highest score in batch will be awarded with Cyberops award of performance Excellency – CAPE Medal and certification of Merit.
Terms & Conditions:
- No. of attempts :Two
- Verification method for certification: The certificate will incorporate a unique ID for every participant and the same can be used for verification from Our Website.