|
IIS (Deemed to be University), Jaipur
Dr CBS Cyber Security Services LLP, Jaipur (CERT-In Empanelled Information Security Auditing Organization)
|
|
Name of Certificate | Certificate in Cyber Security & Cyber Law | |
Time Duration | 03 Months (12 Weeks) | |
Contact Classes | 75 sessions (80 Hrs): 2 sessions (60 Mins each) per day: 3 days per week | |
Credits earned | 5 | |
Fees | Rs. 14000/- for Students, Researchers and Academicians Rs. 20000/- for Professionals and Corporates | |
Eligibility | BCA/ BSc / BBA / BA/ BCom / B.Tech / M.Tech / MSc/ MCA/ MBA Students/ Researchers/ Academicians/ IT Administrators/ Corporate Professionals/ Bank Officials/ CA/ CS/ Financial Auditors. | |
Scheme of Examination | The performance of the student shall be assessed through continuous and final assessment, the weightage of which shall be as follows:
Continuous Assessment (CA) An online MCQ based quiz of 20 Questions will be given to the participants on the completion of each module. Time Duration for the quiz will be 30 min. The computation of 30% shall be done by averaging the marks of all the quizzes.
Final Assessment A MCQ based online examination (100 questions of 1 marks each) will be conducted at the end of the course. Time Duration for Final Assessment will be 2 hrs.
Certificate will be awarded to the successful participants who have secured 70% and more in the CA and final assessment in aggregate. | |
Module | Content | |
I | IT Act 2000: terminology and definitions, Legal perspective of cybercrime, IT 2000 and its amendments; E-commerce; E-records, Electronic signatures their issuance, validation, authentication and Rules & Regulations thereof. Security Procedure and practices for securing electronic record and electronic signature. Certifying Authorities: appointment, functions and powers; Controller of Certifying Authorities and Cyber Appellate Tribunal. Identification of dispatch, receipt time and place of electronic record. Retention and preservation of information by intermediaries and rules thereof. Power to intercept, monitor or decrypt data from computer resource and rules thereof. Blocking of information on computer resource and safeguards and rules thereof. Protected systems and critical information infrastructure. | |
II | Cyber Crime, Classification of Cyber Crime, common Cybercrimes-cybercrime targeting computers, cybercrime against woman and children, financial frauds, social engineering attacks, malware and ransomware attacks, zero day and zero click attacks, Cyber offences: Damage of computer system, tampering with computer systems, stolen computers, hacking, phishing, spoofing, types of malwares, data diddling, hate speech, financial and bank frauds, data identity theft, impersonation, breach of confidentiality & lawful contract, publishing false electronic signatures, violation of privacy, transmitting obscene and sexually explicit material, pornography, Cyber terrorism, non-compliance of Rules and Regulations by intermediaries, data centres, body corporate and other entities. | |
III | Offences committed outside India. Power to investigate, enter, search and arrest without warrant and regulations thereof. Legal provision for financial transactions and documents. Abetment and attempt of offences, offences by Companies and regulations thereof. Reporting and redressal of Cybercrimes. | |
IV | Introduction to digital payments, Component of digital payments and stake holders, modes of digital payments- Banking Cards, Unified Payment Interface (UPI), e-wallets, Unstructured supplementary service Data (USSD), Aadhaar enabled payments, Digital Payment related common frauds and preventive measures. RBI guidelines on digital payment and customer protection in unauthorised banking transactions. Relevant provision of Payment settlement Act, 2007. | |
V | Digital evidence: Definition, Cyber Forensics, types and identification of digital evidences in digital devices. Relevancy and reliability of electronic/ digital evidence. Admissibility of digital evidences in court of Law, Court Judgments. | |
VI | Cyber Security-Legal mandate: Definitions, Unauthorised access; Security Practices and Procedures; Security Awareness; Compliance and Risk assessment; Cyber crisis management plan. General Data Protection Regulation (GDPR); OCED Guidelines; Personal Data Protection Bill 2019. Nodal Agencies for IT Security in India: Computer Emergency Response Team India (CERT-In), National Critical Information Infrastructure Protection Centre (NCIIPC), their duties and scope. Nodal Agencies for IT Security in other countries, like National Institute of Standards and Technology (NIST). | |
VII | Cyber Security-International standardisation: ISO/IEC 27000, 27001, 20000-1, 27002, 27003, 27004, 27005, 27006, 27007, 27008, 27010, 27011, 27013, 27014, 27015, 27016, 27017 and 27018. Other security standards: COBIT, ITIL, Security framework, PCI-DSS and SWIFT-CSP. Compliance of various data security standards. | |
VIII | Defining Cyberspace and overview of computer and Web Technology, Architecture of cyberspace, Communication and web technology Terminology and Need, Internet, World Wide Web, Advent of internet, internet infrastructure for data transfer and governance, Internet society, Regulation of Cyber space. Security of End Points: End Point device and Mobile phone security, Password Policy, Security Patch Management, Data Backup, Downloading and management of third Party software, Device Security Policy. Servers, Communications, Network and of Internet, Wireless & very-small-aperture terminal (VSAT) infrastructure. Security of Mobile Applications, Web-applications, Application Programming Interface (API) and cloud. Malware Backdoor Detection. Risk Assessment, Enterprise Security Architecture Review, Data Leak Prevention (DLP) consulting, Network Performance Testing and Source Code Review. Supervisory Control and Data Acquisition (SCADA) Security. | |
IX | Incident Response, IoT Security Assessment, Data Centre Security Operation Centre (SOC). Authentication User Agency (AUA)/KYC User Agency (KUA) - Aadhaar Security, Electronic Signature (e-Sign) Compliance. AePS and Aadhaar Pay Micro ATM Security. Antivirus update, Logs review; Licensing requirements adherence review; Security of firewall. | |
X | IT security breach and incident management. Role of Backup. Storage Media Management, Handling and Recovery in IT security; Physical & Environmental Security. Data Centre/ Disaster Recovery (DR) Site: Physical and Logical Security controls; Logical security, IT security of Websites & Portals; Social Media Security, Online Banking Security. | |
XI | Intellectual Property Rights: Copyrights and Trademark, copyright law, Software licenses, trademark issues, patents, e-taxation, semiconductor layout and design law, E-Commerce. |