राष्ट्रीय इलेक्ट्रॉनिकी एवं सूचना प्रौद्योगिकी संस्थान ,कालीकट

National Institute of Electronics & Information Technology,Calicut

Ministry of Electronics & Information Technology
Government of India
Course Calendar

SW600 - PG Diploma in Information System Security

Course : PG Diploma in Information System Security
Code : SW600
Starting Date : 20 March,2017
Last Date To Apply : 08 March,17
Course Coordinator :

SW600 Course Coordinator 0495 – 2287266 (239)

Course Preamble

Business @ the speed of thought has moved from a buzzword to a business reality owing to the integration of business and technology. Digital infrastructures and information networks have become central to any business activity. The information residing on these computers, networks and in cloud are an essential asset and due care should be taken for its security. The impact of any loss of this asset or any downtime of the infrastructure is quite high with the proliferation of easy-to-use tools and open how to- discussions, the number of people aiming to hack in to or bring down the network is high, both in this country and abroad. Hence, there is a need for heightened security measures to protect both infrastructure and data.

Course Objective

The Course is a 24 weeks program aimed at molding candidates to Skilled Information System Security knowledge to maintain the Security of Systems and Networks in today’s scenario.

Course Outcome

This skill-oriented course provides candidates with information required for configure and administration of OS Server, Networks, Database, Wireless & its Security and equip them with the skills required to protect & recover the computer systems & networks from various security threats in dedicated or virtual environment.

Course Structure

  • Computer Fundamentals and Computer Networks with Practical
  • Operating System Administration with Practical
  • Information Security Concepts with Practical
  • System Security with Practical
  • Mini Project in Basic Security
  • Cryptography & Network Security with Practical
  • System & Device Security with Practical
  • Mobile & Wireless Security with Practical
  • Database & Web Application Security with Practical
  • Mini Project in Advanced Security

Course Contents

INFORMATION SYSTEM SECURITY – BASICS (3 Months)

Module – I: Computer Fundamentals and Computer Networks (2 weeks)

  • To study various motherboards.
  • To study various data bus, slot and connectors.
  • To study assembling and disassembling of a PC.
  • To install Windows XP/Client operating system.
  • To study DOS commands.
  • To study CMOS setup.
  • To install hard disk drive in master slave mode.
  • To study and configure running process using task manager.
  • To configure virtual memory
  • To study file system such as FAT16, FAT32 and NTFS.
  • To install network card (Ethernet based NIC) and configuring TCP/IP.
  • To analyze various transmission media and it connectors.
  • To study different connectivity and internetworking devices such as Hub, Switch & Router.
  • To construct a Straight through and Cross over cable.
  • To connect two PC using Cross over cable.
  • To connect two or more PC using 8/16 port Hub/Switch.
  • To share files and folders and accessing it over network.
  • To study various TCP/IP troubleshooting utilities.
  • To study wireless networking using Ad-hoc mode.
  • To study wireless networking using infrastructure mode using Access Point.
  • To configure a PC for Internet connection.
  • To configure a Router on a multihomed PC.

Module – II: Operating System Administration (3 weeks)

WINDOWS OPERATING SYSTEM

  • Installation of WINDOWS 2012 Server.
  • Creation and administration of user and group accounts
  • Understanding files and folder permission w.r.t FAT32 and NTFS
  • Configuring Disk quotas and EFS
  • To study backup types (Normal, Copy, Incremental, Differential) and recovery.
  • Managing and Configuring file sharing, printer, network printer.
  • Installing and managing Domain Name System (DNS) server (primary and Secondary)
  • Installing and Uninstalling Active directory verifying installation and managing it.
  • Configuring Win2012 as DHCP Server (Scopes, Super scope and authorization).
  • Creating and configuring DFS roots links and configure client computer to use DFS
  • Configuring and managing Win2012 as Win Server.
  • Managing Disks/volume their creation and conversion, recovering from disk failure.
  • To study IIS and configuring its component (http, ftp) for web and ftp server.
  • To create Terminal server and terminal services clients in application server mode and remote administration mode.
  • To study Internet connection sharing (ICS)
  • To Install and configure RIS (Remote Installation Service)
  • Using the Emergency Repair Disk to restore a System.
  • T o monitor Windows Server 2012 performance using system and Network Monitor.

LINUX OPERATING SYSTEM

  • To Install RHEL (Red Hat Enterprise Linux).
  • To study basic commands in Linux.
  • To study various shell interfaces in Linux.
  • To study GNOME desktop.
  • To study KDE desktop.
  • To manage RPM packages.
  • To study user and group management.
  • To study Network Configuration (IP Addressing, TCP/IP).
  • To configure and manage Telnet.
  • To configure and manage FTP (file transfer protocol).
  • To configure and manage DHCP server using dhcpd daemon.
  • To configure and manage DNS server (Domain Name System).
  • To configure and manage SQUID (proxy Server) and proxy clients.
  • To configure and manage NFS file server.
  • To configure and manage NIS (Network Information Service) server and clients.
  • To configure and manage SAMBA server.
  • To configure and manage APACHE Server (web server).
  • To configure and manage E-mail services.
  • To configure and manage a print server (CUPS).
  • To configure Linux system for using Internet.
  • To Configure Open LDAP Server
  • To Configure ISCSI Server
  • To Configure RADIUS Server
  • To Configure DNS

Module – III: Information Security Concepts (2 weeks)

  • Practical on Packet Sniffing tool Ethereal.
  • Practical on Discovery and scanning techniques (who is domain search query, ping, nslookup, traceroute, visual traceroute, DNS query).
  • Configuring IPsec on Windows.
  • Configuring Kerberos
  • Configuring SSH
  • Configuring SSL
  • Practical on password cracking tools john crack, Lophtcrack.
  • Practical on Denial of Service, IP spoofing.
  • Practical on network vulnerabilities assessment tools likejakal, NetRecon, NMAP.
  • Managing web and certificate services.
  • Installation and configuration of wireless NIC.
  • Installation and configuration of Access Point.
  • Setup of WLAN using infrastructural mode.
  • Security Implementation in WLAN.
  • Configuration of Access point as a Bridge.
  • Point to Point and Point to Multipoint configuration.
  • Detecting wireless Network activity and security lack using Netstumbler.
  • Implementing WEP.
  • Using Access point as a DHCP server. 

Module – IV: System Security (2 weeks)

  • Practical on OS finger printing using NMAP.
  • Practical on operating system Hardening tool Bastille.
  • Practical on secure E-mail PGP.
  • Secure Configuration of web server like APACHE, IIS.
  • To study viruses, worms, trozen horses and viruses protection, detection and recovery.
  • Installation and secure configuration of E-mail server like send mail, Microsoft Exchange server.
  • Practical on useful utility for Security Administrator like Netcat, TCPdump, LSOf, Ngrep.
  • Practical on monitoring system processes.
  • Practical on Access control in Linux.
  • Practical on Access control in Windows.
  • Practical on SHTTP, SMIME and SET (Secure Electronic Transaction).
  • Installation and Secure configuration of Database Server Oracle /MYSQL/Postgres.
  • Configuring a Personal Firewall like Zone Alarm.
  • To study CISCO Router and its interface.
  • To bring up a Router first time logging in to a router, basic commands saving NVRAM configuration.
  • To configure a Router for different LAN segments.
  • To study IP Routing by creating static Routes.
  • To study IP routing by using RIP (Routing Information Protocol).
  • To study IP Routing by using IGRP (Interior Gateway Routing Protocol).
  • To study IP Routing by using EGRP (Enhanced IGRP).
  • To study IP Routing by using OSPF (Open Shortest Path first).
  • To study VLANS and Routing between VLANS.
  • To study Inter-VLAN Routing.
  • To backup Router IOS (Internetworking Operating System).
  • To upgrade or restore Router IOS.
  • To perform password recovery in Router.
  • To backup Router configuration and restoring it.
  • Using Telnet for configuring Router.
  • Configuring a Firewall. (Linux/Windows).
  • Configuring and securing VPN (Virtual Private Network).
  • Practical on Intrusion Detection System using Snort/Tripwire.
  • Practical on Firewall Testing using NMAP.
  • Practical on NAT (Network Address Translation).
  • Configuring a Proxy Server. (Linux/Windows).
  • Practical on Network vulnerabilities, assess ment tools like Jakal, NetRecon, NMAP.

Module - V: Mini Project on System Security (3 weeks)

INFORMATION SYSTEM SECURITY – ADVANCED (3 Months)

Module - I: Cryptography and Network Security (2 weeks)

  • Symmetric Algorithm Analysis using Crypto tool
  • Asymmetric Algorithm Analysis using Crypto tool
  • Hash Algorithm Analysis using Crypto tool
  • Digital Signature using Crypto tool
  • Password Meter using Crypto tool

Module - II: System and Device security (2 weeks)

  • To study network/System scanning using nmap in details.
  • To study ARP Cache Poisoning, MITM Attack & applying its countermeasures.
  • To study IP Spoofing and Denial of Service attack on a web server & applying its countermeasures.
  • To create a Trojan based application/utility to create backdoors on a system & applying its countermeasures.
  • To study Code Injection & applying its countermeasures.
  • Configuring IPTables firewall on a Linux system.
  • To configure primary and secondary DNS Servers and configuring it for secure Zone Transfer.
  • Configuring various security options available in an ADSL Modem
  • Configuring SNORT IDS on a Linux system for generating alerts for incoming ICMP traffic.
  • To study SELinux in a RHEL/Fedora Machine. 

Module - III: Mobile and Wireless Security (2 weeks)

  • To study installation and Configuration of Access Point.
  • To study WLAN Setup using ADHOC mode.
  • To study WLAN Setup using Infrastructure mode.
  • To study Security implementation in WLAN.
  • Detecting Wireless Network activity and security lack using Netstumbler.
  • Using Access Point as a DHCP Server.
  • To implement Wi-Fi Protected Access (WPA) security in WLAN.
  • To implement wired Equivalent Privacy (WEP) Security in WLAN.
  • To implement MAC Filtering security in WLAN.
  • To study Hacking of a Wireless Network & implementing its Countermeasure.

Module - IV: Database and Web Application Security (3 weeks)

DATABASE SECURITY

  • To study installation of MySQL database server.
  • To study routine DBA job.
  • To study creation of user in MySQL database.
  • To study Assigning Database roles to user.
  • To study password guidelines.
  • To study certificate guidelines.
  • To study Database backup and restore procedure.
  • To study Database Auditing (MySQL to be used).
  • To study ODBC connectivity to MySQL database.
  • To study JDBC connectivity to MySQL database

WEB APPLICATION SECURITY

  • To study HTTP protocol using Wireshark packet capture tool.
  • To study Attacking Authentication and Counter Measures.
  • To study Attacking Access Control and Counter Measures.
  • To study Session Hijacking and Counter Measures.
  • To study Testing Password Quality.
  • To study Buffer Overflow problem and Counter Measures.
  • To study HTTP fingerprinting.
  • To study Detecting Path Traversal Vulnerabilities.
  • To study Cross site scripting.
  • To study XSS Vulnerability.
  • To study Banner Grabbing.
  • To study Code Injection and Counter Measures.
  • To study SQL Injection and Counter Measures.
  • To study Web Spidering.
  • To study code review.
  • To study log analysis.
  • To study Vulnerability, Scanning using Nessus tool.
  • To study Vulnerability Scanning of a web site.
  • To study Attacking ActiveX controls and Counter Measures.
  • To study usage of Netcat tool.

Module - V: Mini Project on Advanced Security (3 weeks)

Course Fees

General Candidates: Course Fee  - Rs.  51,000/- (Including Service Tax)


SC/ST Candidates: Tuition Fees/Examination fees are waived for SC/ST students admitted under SCSP/TSP. However they are required to remit an amount of Rs. 5100/- as Advance caution/Security deposit. This amount will be considered as caution/security deposit and will be refunded after successful completion of the course. If the student fails to complete the course successfully this amount along with any other caution/security deposits by the student will be forfeited.

Eligibility

Diploma in IT/Electronics/ECE Passed OR NIELIT ‘A’ Level or Any Graduate in CS/Electronics/IT with mathematical back ground OR B.Tech. (CS/IT/Electronics/Electrical/Instrumentation) undergoing (Final Year Students may also apply)

Important Dates

Last date to apply online/offline with Reg. fee 08-March-2017
Date of Selection list publication 08-March-2017 (5:30 PM)
Last date to pay the advance fee (Rs. 10,000/-) 15-March-2017
Counseling/Admission 20-March-2017
Last date to pay the first installment 20-March-2017
Commencement of classes 21-March-2017
Last date to pay the second installment 15-May-2017

More Details

For more details like How to Apply, Placement, Hostel, etc please see the Course Calendar

For more Information Contact the Course Coordinator, 0495 2287266(ext. 239).

Contact Us

NIELIT Calicut
Post Box No. 5, P. O. NIT Campus,
CALICUT – 673601,Kerala
Tel. : 0495-2287266, 2287166 ,
Fax : 0495-2287168
Reach Us on WhatsApp 9446711666
Email : info@calicut.nielit.in

     cqw