Вы находитесь на странице: 1из 15

Lovely Professional University, Punjab

Course Code Course Title Course Planner Lectures Tutorials Practicals Credits
INT244 SECURING COMPUTING SYSTEMS 23866::Awadhesh Kumar Shukla 2 0 2 3
Course Weightage ATT: 5 CA: 25 MTT: 20 ETT: 50 Exam Category: 11: Mid Term Exam: All MCQ – End Term Exam: All MCQ
Course Orientation KNOWLEDGE ENHANCEMENT, PLACEMENT EXAMINATION, SKILL ENHANCEMENT

TextBooks ( T )
Sr No Title Author Publisher Name
T-1 CEH V9: CERTIFIED ETHICAL SEAN-PHILIP ORIYANO SYBEX
HACKER - VERSION 9 STUDY
GUIDE
Reference Books ( R )
Sr No Title Author Publisher Name
R-1 MASTERING KALI LINUX FOR VIJAY KUMAR VELU PACKT PUBLISHING
ADVANCED PENETRATION
TESTING

Audio Visual Aids ( AV )


Sr No (AV aids) (only if relevant to the course) Salient Features
AV-1 https://www.cybrary.it/course/ethical-hacking/ Very good practical demonstration on open source tools
AV-2 https://www.cybrary.it/course/metasploit/ Very good practical demonstration on open source tools

LTP week distribution: (LTP Weeks)


Weeks before MTE 7
Weeks After MTE 7
Spill Over (Lecture) 8

Detailed Plan For Lectures


Week Lecture Broad Topic(Sub Topic) Chapters/Sections of Other Readings, Lecture Description Learning Outcomes Pedagogical Tool Live Examples
Number Number Text/reference Relevant Websites, Demonstration/
Books Audio Visual Aids, Case Study /
software and Virtual Images /
Labs animation / ppt
etc. Planned

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 1 Lecture / Introduction to Ethical T-1 Delivery of Lecture 0 Students will Peer to peer
Practical 1 Hacking(Hacking Evolution) and understand Discussion
describe basic of ethical about ethical hacking
hacking
Introduction to Ethical T-1 Delivery of Lecture 0 Students will Peer to peer
Hacking(What Is an Ethical and understand Discussion
Hacker?) describe basic of ethical about ethical hacking
hacking
Lecture / Introduction to Ethical T-1 Describe ethical hacking Students will Peer to peer Hack Value,
Practical 2 Hacking(Ethical hacking R-1 and penetration testing understand about Discussion Attack, Exploit,
and Penetration testing) penetration testing Zero Day,
Threat,
Vulnerability
Introduction to Ethical T-1 Describe ethical hacking Students will Peer to peer Hack Value,
Hacking(Hacking and penetration testing understand about Discussion Attack, Exploit,
methodologies) penetration testing Zero Day,
Threat,
Vulnerability
Lecture / System Fundamentals T-1 Exploring network Student will Peer to peer
Practical 3 (Fundamental of computer topologies, Working of understand the basics Discussion
networks) OSI and TCP/IP model, of networking
IP subnetting and DNS
System Fundamentals T-1 Exploring network Student will Peer to peer
(Exploring TCP/IP ports) topologies, Working of understand the basics Discussion
OSI and TCP/IP model, of networking
IP subnetting and DNS
Lecture / System Fundamentals T-1 Exploring network Student will Peer to peer
Practical 4 (Fundamental of computer topologies, Working of understand the basics Discussion
networks) OSI and TCP/IP model, of networking
IP subnetting and DNS
System Fundamentals T-1 Exploring network Student will Peer to peer
(Exploring TCP/IP ports) topologies, Working of understand the basics Discussion
OSI and TCP/IP model, of networking
IP subnetting and DNS
Week 2 Lecture / System Fundamentals T-1 Understanding network Student will Peer to peer Android, Linux,
Practical 5 (Understanding network devices, Working with understand working Discussion MAC and
devices) MAC addresses, Proxies of various networking Windows
and firewalls and devices and operating
Knowing various system
operating system
System Fundamentals T-1 Understanding network Student will Peer to peer Android, Linux,
(Proxies, Firewall and devices, Working with understand working Discussion MAC and
Network Security) MAC addresses, Proxies of various networking Windows
and firewalls and devices and operating
Knowing various system
operating system

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 2 Lecture / System Fundamentals T-1 Understanding network Student will Peer to peer Android, Linux,
Practical 6 (Knowing Operating devices, Working with understand working Discussion MAC and
Systems(Windows, Mac, MAC addresses, Proxies of various networking Windows
Android and Linux)) and firewalls and devices and operating
Knowing various system
operating system
Lecture / System Fundamentals T-1 Understanding network Student will Peer to peer Android, Linux,
Practical 7 (Understanding network devices, Working with understand working Discussion MAC and
devices) MAC addresses, Proxies of various networking Windows
and firewalls and devices and operating
Knowing various system
operating system
System Fundamentals T-1 Understanding network Student will Peer to peer Android, Linux,
(Proxies, Firewall and devices, Working with understand working Discussion MAC and
Network Security) MAC addresses, Proxies of various networking Windows
and firewalls and devices and operating
Knowing various system
operating system
System Fundamentals T-1 Understanding network Student will Peer to peer Android, Linux,
(Knowing Operating devices, Working with understand working Discussion MAC and
Systems(Windows, Mac, MAC addresses, Proxies of various networking Windows
Android and Linux)) and firewalls and devices and operating
Knowing various system
operating system
Lecture / Cryptography(History of T-1 History of cryptography Student will Peer to peer DES, 3DES and
Practical 8 cryptography) , Tracing and evolution, understand about Discussion AES
Symmetric cryptography various symmetric
cryptography
algorithms
Cryptography(Symmetric T-1 History of cryptography Student will Peer to peer DES, 3DES and
cryptography) , Tracing and evolution, understand about Discussion AES
Symmetric cryptography various symmetric
cryptography
algorithms
Lecture / Cryptography(Asymmetric T-1 Asymmetric or public Student will Peer to peer RSA, PGP,
Practical 9 cryptography) key cryptography, understand of Discussion MD5 and SHA
Understanding hashing working of various
asymmetric
algorithms and
hashing algorithms
Cryptography T-1 Asymmetric or public Student will Peer to peer RSA, PGP,
(Understanding Hashing) key cryptography, understand of Discussion MD5 and SHA
Understanding hashing working of various
asymmetric
algorithms and
hashing algorithms

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 3 Lecture / Cryptography(Issues with T-1 Issues with Student will Peer to peer SSL and PGP
Practical 10 cryptography) cryptography and understand Discussion
Application of application of
cryptography cryptography
Cryptography(Application T-1 Issues with Student will Peer to peer SSL and PGP
of cryptography(IPsec, PGP, cryptography and understand Discussion
SSl)) Application of application of
cryptography cryptography
Lecture / Footprinting(What is T-1 AV-1 Understanding steps of Students will Practical Ping, Whois,
Practical 10 Footprinting) ethical hacking, What is understand about demonstration Nslookup and
footprinting, Goals of information gathering Netstat
footprinting
Lecture / Footprinting(Threats T-1 AV-1 Threats introduced by Student will Peer to peer
Practical 11 Introduced by Footprinting) footprinting (Social understand about all Discussion
Engineering, Network existing threat due to
and System Attacks, footprinting
Information Leakage,
Privacy Loss and
Revenue Loss)
Lecture / Footprinting(The T-1 AV-1 The footprinting Student will Practical Google
Practical 12 Footprinting process) process, understand about demonstration Hacking,
methodology of Maltego,Ping,
footprinting Whois,
Nslookup and
Netstat
Week 4 Lecture / Footprinting(Using (Search T-1 AV-1 Google Hacking using Student will Practical Cache, Link,
Practical 13 engine, Google hacking, advance operator understand use of demonstration Info, Site,
Social networking and advance operator of Allintitle and
Financial services) google search Allinurl
Information gathering)
Lecture / Scanning(What is Scanning) T-1 AV-1 What is scanning Student will Peer to peer
Practical 14 understand about Discussion
scanning
Lecture / Test
Practical 15
Lecture / Scanning(Types of Scans) T-1 AV-1 Types of scanning and Student will Practical Nmap, Uniscan,
Practical 16 The family tree of scans underrated about port demonstration Netcraft, Xprobe
scan, network scan and Nikto
and vulnerability
scan
Scanning(Family tree of T-1 AV-1 Types of scanning and Student will Practical Nmap, Uniscan,
Scans) The family tree of scans underrated about port demonstration Netcraft, Xprobe
scan, network scan and Nikto
and vulnerability
scan

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 5 Lecture / Scanning(Types of Scans) T-1 AV-1 Types of scanning and Student will Practical Nmap, Uniscan,
Practical 17 The family tree of scans underrated about port demonstration Netcraft, Xprobe
scan, network scan and Nikto
and vulnerability
scan
Scanning(Family tree of T-1 AV-1 Types of scanning and Student will Practical Nmap, Uniscan,
Scans) The family tree of scans underrated about port demonstration Netcraft, Xprobe
scan, network scan and Nikto
and vulnerability
scan
Lecture / Scanning(OS fingerprinting) T-1 AV-1 Operating system Student will Practical Nmap, Uniscan,
Practical 18 fingerprinting and understand about demonstration Netcraft, Xprobe
Countermeasure active and passive and Nikto
fingerprinting
Scanning(Countermeasure) T-1 AV-1 Operating system Student will Practical Nmap, Uniscan,
fingerprinting and understand about demonstration Netcraft, Xprobe
Countermeasure active and passive and Nikto
fingerprinting
Lecture / Scanning(Vulnerability T-1 AV-1 Vulnerability scanning, Student will Practical Uniscan and
Practical 19 Scanning and Using Proxies) Mapping the network understand demonstration Nikto
and Using proxies vulnerability
scanning and how to
set web browser to
use a proxy
Lecture / Enumeration(What is T-1 AV-1 What is enumeration Student will Peer to peer
Practical 20 Enumeration) understand process of Discussion
extracting
information from a
target system
Week 6 Lecture / Enumeration(Windows T-1 AV-1 Windows enumeration Student will Practical Nbtstat,
Practical 21 Enumeration) AV-2 (Users, Groups and understand about demonstration SuperScan and
Security Identifiers) windows and SNMP PsTools Suite
enumeration process
Enumeration(Enumeration T-1 AV-1 Windows enumeration Student will Practical Nbtstat,
with SNMP) AV-2 (Users, Groups and understand about demonstration SuperScan and
Security Identifiers) windows and SNMP PsTools Suite
enumeration process
Lecture / Enumeration(LDAP and T-1 AV-1 Linux enumeration, Student will Practical Finger, rpcinfo,
Practical 22 Directory Service AV-2 LDAP and Directory understand linux demonstration showmount and
Enumeration) service enumeration, enumeration and enum4linux
SMTP Enumeration LDAP enumeration
Enumeration(SMTP T-1 AV-1 Linux enumeration, Student will Practical Finger, rpcinfo,
Enumeration) AV-2 LDAP and Directory understand linux demonstration showmount and
service enumeration, enumeration and enum4linux
SMTP Enumeration LDAP enumeration

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 6 Lecture / System Hacking(What is T-1 AV-1 What is system hacking Student will Practical Netcat,
Practical 23 System Hacking) AV-2 and Password cracking understand about demonstration Winpass,SSL
various password Striip and Burp
cracking techniques Suite
and privilege
escalation
System Hacking(Password T-1 AV-1 What is system hacking Student will Practical Netcat,
cracking) AV-2 and Password cracking understand about demonstration Winpass,SSL
various password Striip and Burp
cracking techniques Suite
and privilege
escalation
Lecture / System Hacking T-1 AV-1 Authentication on Student will Practical Netcat and
Practical 24 (Authentication on AV-2 Microsoft platforms and understand about demonstration Winpass
Microsoft Platforms) executing applications mechanisms to obtain
credentials
System Hacking(Executing T-1 AV-1 Authentication on Student will Practical Netcat and
Applications) AV-2 Microsoft platforms and understand about demonstration Winpass
executing applications mechanisms to obtain
credentials
Week 7 Lecture / Malware(Malware and the T-1 AV-1 Malware, Malware and Student will Peer to peer
Practical 25 law) AV-2 the law, Categories of understand about Discussion
malware and overt and various types of
covert channels malware and
channels
Malware(Categories of T-1 AV-1 Malware, Malware and Student will Peer to peer
Malware(Viruses, worms, AV-2 the law, Categories of understand about Discussion
spyware, Adware, malware and overt and various types of
Scareware Ransomware and covert channels malware and
Trojans)) channels
Malware(Overt and Covert T-1 AV-1 Malware, Malware and Student will Peer to peer
Channels) AV-2 the law, Categories of understand about Discussion
malware and overt and various types of
covert channels malware and
channels
Lecture / Malware(Malware and the T-1 AV-1 Malware, Malware and Student will Peer to peer
Practical 26 law) AV-2 the law, Categories of understand about Discussion
malware and overt and various types of
covert channels malware and
channels
Malware(Categories of T-1 AV-1 Malware, Malware and Student will Peer to peer
Malware(Viruses, worms, AV-2 the law, Categories of understand about Discussion
spyware, Adware, malware and overt and various types of
Scareware Ransomware and covert channels malware and
Trojans)) channels

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 7 Lecture / Malware(Overt and Covert T-1 AV-1 Malware, Malware and Student will Peer to peer
Practical 26 Channels) AV-2 the law, Categories of understand about Discussion
malware and overt and various types of
covert channels malware and
channels

SPILL OVER
Week 7 Lecture / Spill Over
Practical 27
Lecture / Spill Over
Practical 28
MID-TERM
Week 8 Lecture / Sniffers(Understanding T-1 AV-1 Understanding sniffers, Student will Practical
Practical 29 Sniffers) Using a sniffer and understand about demonstration
various sniffing tools sniffers and its
working
Sniffers(Using a Sniffer) T-1 AV-1 Understanding sniffers, Student will Practical Wireshark and
Using a sniffer and understand about demonstration Tcpdump
various sniffing tools sniffers and its
working
Lecture / Sniffers(Switched network T-1 AV-1 Switched network Student will Peer to peer Ettercap, Cain
Practical 30 Sniffing) sniffing, Port mirror or understand about Discussion & Abel and
SPAN port and MAC flooding, ARP Arpspoof
Detecting sniffing attack poisoning, MAC
spoofing and How to
detect sniffing attacks
Sniffers(MAC Flooding, T-1 AV-1 Switched network Student will Peer to peer Ettercap, Cain
ARP Poisoning, MAC sniffing, Port mirror or understand about Discussion & Abel and
Spoofing, Port Mirror and SPAN port and MAC flooding, ARP Arpspoof
SPAN Port) Detecting sniffing attack poisoning, MAC
spoofing and How to
detect sniffing attacks
Sniffers(Detecting Sniffing T-1 AV-1 Switched network Student will Peer to peer Ettercap, Cain
Attacks) sniffing, Port mirror or understand about Discussion & Abel and
SPAN port and MAC flooding, ARP Arpspoof
Detecting sniffing attack poisoning, MAC
spoofing and How to
detect sniffing attacks
Lecture / Sniffers(Switched network T-1 AV-1 Switched network Student will Peer to peer Ettercap, Cain
Practical 31 Sniffing) sniffing, Port mirror or understand about Discussion & Abel and
SPAN port and MAC flooding, ARP Arpspoof
Detecting sniffing attack poisoning, MAC
spoofing and How to
detect sniffing attacks

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 8 Lecture / Sniffers(MAC Flooding, T-1 AV-1 Switched network Student will Peer to peer Ettercap, Cain
Practical 31 ARP Poisoning, MAC sniffing, Port mirror or understand about Discussion & Abel and
Spoofing, Port Mirror and SPAN port and MAC flooding, ARP Arpspoof
SPAN Port) Detecting sniffing attack poisoning, MAC
spoofing and How to
detect sniffing attacks
Sniffers(Detecting Sniffing T-1 AV-1 Switched network Student will Peer to peer Ettercap, Cain
Attacks) sniffing, Port mirror or understand about Discussion & Abel and
SPAN port and MAC flooding, ARP Arpspoof
Detecting sniffing attack poisoning, MAC
spoofing and How to
detect sniffing attacks
Lecture / Social Engineering(What is T-1 What is social Student will Peer to peer Shoulder
Practical 32 Social Engineering) engineering, The power understand about Discussion surfing,
of social engineering, types of social Phishing and
social engineering engineering and Eavesdropping
phases and common impact
targets of social
engineering
Social Engineering(Social T-1 What is social Student will Peer to peer Shoulder
Engineering Phases) engineering, The power understand about Discussion surfing,
of social engineering, types of social Phishing and
social engineering engineering and Eavesdropping
phases and common impact
targets of social
engineering
Week 9 Lecture / Social Engineering(What is T-1 What is social Student will Peer to peer Shoulder
Practical 33 Social Engineering) engineering, The power understand about Discussion surfing,
of social engineering, types of social Phishing and
social engineering engineering and Eavesdropping
phases and common impact
targets of social
engineering
Social Engineering(Social T-1 What is social Student will Peer to peer Shoulder
Engineering Phases) engineering, The power understand about Discussion surfing,
of social engineering, types of social Phishing and
social engineering engineering and Eavesdropping
phases and common impact
targets of social
engineering
Lecture / Social Engineering T-1 Countermeasures for Student will Peer to peer
Practical 34 (Commonly Employed social networking, understand about Discussion
Threats) Commonly employed defensive strategies
threats and Identity theft and pen-testing issues
Social Engineering(Identity T-1 Countermeasures for Student will Peer to peer
Theft) social networking, understand about Discussion
Commonly employed defensive strategies
threats and Identity theft and pen-testing issues

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 9 Lecture / Denial of Service T-1 AV-1 Understanding DoS Student will Practical Hping3,
Practical 35 (Understanding DoS) attacks and tools used understand about demonstration DoSHTTP and
for DoS attack various types of DoS Targa
attacks
Denial of Service T-1 AV-1 Understanding DoS Student will Practical Hping3,
(Understanding DDoS) attacks and tools used understand about demonstration DoSHTTP and
for DoS attack various types of DoS Targa
attacks
Denial of Service(DoS T-1 AV-1 Understanding DoS Student will Practical Hping3,
Tools) attacks and tools used understand about demonstration DoSHTTP and
for DoS attack various types of DoS Targa
attacks
Lecture / Denial of Service T-1 AV-1 Understanding DoS Student will Practical Hping3,
Practical 36 (Understanding DoS) attacks and tools used understand about demonstration DoSHTTP and
for DoS attack various types of DoS Targa
attacks
Denial of Service T-1 AV-1 Understanding DoS Student will Practical Hping3,
(Understanding DDoS) attacks and tools used understand about demonstration DoSHTTP and
for DoS attack various types of DoS Targa
attacks
Denial of Service(DoS T-1 AV-1 Understanding DoS Student will Practical Hping3,
Tools) attacks and tools used understand about demonstration DoSHTTP and
for DoS attack various types of DoS Targa
attacks
Week 10 Lecture / Denial of Service(DDoS T-1 Understanding DDoS Student will Practical LOIC, Trinoo
Practical 37 Tools) attack, DDoS, Defensive understand how to demonstration and TFN2K
Strategies and Pen- protect against DoS
testing consideration and DDoS attacks
Denial of Service(DoS Pen- T-1 Understanding DDoS Student will Practical LOIC, Trinoo
Testing Considerations) attack, DDoS, Defensive understand how to demonstration and TFN2K
Strategies and Pen- protect against DoS
testing consideration and DDoS attacks
Lecture / Denial of Service(DDoS T-1 Understanding DDoS Student will Practical LOIC, Trinoo
Practical 38 Tools) attack, DDoS, Defensive understand how to demonstration and TFN2K
Strategies and Pen- protect against DoS
testing consideration and DDoS attacks
Denial of Service(DoS Pen- T-1 Understanding DDoS Student will Practical LOIC, Trinoo
Testing Considerations) attack, DDoS, Defensive understand how to demonstration and TFN2K
Strategies and Pen- protect against DoS
testing consideration and DDoS attacks
Lecture / Session Hijacking T-1 AV-1 Understanding session Students will Peer to peer
Practical 39 (Understanding Session hijacking and spoofing understand difference Discussion
Hijacking) versus hijacking between session
hijacking and
spoofing
Lecture / BYOD-Practical 1
Practical 40

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 11 Lecture / Session Hijacking(Exploring T-1 AV-1 Understanding network Student will XSS, MITM and
Practical 41 Defensive Strategies) session hijacking, understand about Practical DNS spoofing
Exploring defensive TCP/IP session demonstration
strategies hijacking and how to
defense against
hijacking
Session Hijacking(Network T-1 AV-1 Understanding network Student will XSS, MITM and
Session Hijacking) session hijacking, understand about Practical DNS spoofing
Exploring defensive TCP/IP session demonstration
strategies hijacking and how to
defense against
hijacking
Lecture / Web Servers and T-1 AV-1 Exploring the client Student will Practical Burp Suite and
Practical 42 Applications(Exploring the server relationship, Web understand about web demonstration Vega
Client-Server Relationship) servers, Web application and web
applications servers
Web Servers and T-1 AV-1 Exploring the client Student will Practical Burp Suite and
Applications(The client and server relationship, Web understand about web demonstration Vega
the server) servers, Web application and web
applications servers
Lecture / Web Servers and T-1 AV-1 Closer inspection of web Student will Practical Burp Suite and
Practical 43 Applications(Vulnerabilities application, understand about demonstration Vega
of Web Servers and vulnerabilities of web vulnerabilities of web
Application) servers and applications, server and
common flaws and application
attack methods
Web Servers and T-1 AV-1 Closer inspection of web Student will Practical Burp Suite and
Applications(Testing Web application, understand about demonstration Vega
Application) vulnerabilities of web vulnerabilities of web
servers and applications, server and
common flaws and application
attack methods
Lecture / SQL Injection(Introducing T-1 AV-1 Introduction to SQL Student will Practical Sqlmap and
Practical 44 SQL Injection) injection, Results of understand demonstration Sqlninja
SQL injection, mechanism of SQL
Databases and their injection
vulnerabilities, Anatomy
and data altering with
SQL injection attack
SQL Injection(Databases T-1 AV-1 Introduction to SQL Student will Practical Sqlmap and
and Their Vulnerabilities) injection, Results of understand demonstration Sqlninja
SQL injection, mechanism of SQL
Databases and their injection
vulnerabilities, Anatomy
and data altering with
SQL injection attack

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 11 Lecture / SQL Injection(Anatomy of a T-1 AV-1 Introduction to SQL Student will Practical Sqlmap and
Practical 44 SQL Injection Attack) injection, Results of understand demonstration Sqlninja
SQL injection, mechanism of SQL
Databases and their injection
vulnerabilities, Anatomy
and data altering with
SQL injection attack
SQL Injection(Altering Data T-1 AV-1 Introduction to SQL Student will Practical Sqlmap and
with a SQL Injection injection, Results of understand demonstration Sqlninja
Attack) SQL injection, mechanism of SQL
Databases and their injection
vulnerabilities, Anatomy
and data altering with
SQL injection attack
Week 12 Lecture / SQL Injection(Introducing T-1 AV-1 Introduction to SQL Student will Practical Sqlmap and
Practical 45
SQL Injection) injection, Results of understand Demonstration Sqlninja
SQL injection, mechanism of SQL
Databases and their injection
vulnerabilities, Anatomy
and data altering with
SQL injection attack
SQL Injection(Databases T-1 AV-1 Introduction to SQL Student will Practical Sqlmap and
and Their Vulnerabilities) injection, Results of understand Demonstration Sqlninja
SQL injection, mechanism of SQL
Databases and their injection
vulnerabilities, Anatomy
and data altering with
SQL injection attack
SQL Injection(Anatomy of a T-1 AV-1 Introduction to SQL Student will Practical Sqlmap and
SQL Injection Attack) injection, Results of understand Demonstration Sqlninja
SQL injection, mechanism of SQL
Databases and their injection
vulnerabilities, Anatomy
and data altering with
SQL injection attack
SQL Injection(Altering Data T-1 AV-1 Introduction to SQL Student will Practical Sqlmap and
with a SQL Injection injection, Results of understand Demonstration Sqlninja
Attack) SQL injection, mechanism of SQL
Databases and their injection
vulnerabilities, Anatomy
and data altering with
SQL injection attack
Lecture / SQL Injection(Evading T-1 AV-1 Evading detection Student will Peer to peer
Practical 46
Detection Mechanisms) mechanism and SQL understand the Discussion
injection mechanism to detect
countermeasure and prevent SQL
injection

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 12 Lecture / SQL Injection(SQL T-1 AV-1 Evading detection Student will Peer to peer
Practical 46 Injection Countermeasures) mechanism and SQL understand the Discussion
injection mechanism to detect
countermeasure and prevent SQL
injection
Lecture / Hacking Wi-Fi and T-1 AV-1 What is a wireless Student will Practical WPA cracking
Practical 47 Bluetooth(What Is a network, WiFi overview understand about demonstration and WEP
Wireless Network) Wireless and cracking
Bluetooth network
Lecture / BYOD-Practical 2
Practical 48
Week 13 Lecture / Hacking Wi-Fi and T-1 AV-1 Wireless network Student will Practical WPA cracking
Practical 49
Bluetooth(A Close threats, Ways to locate understand about demonstration and WEP
Examination of Threats) wireless network and wireless networks cracking
Hacking bluetooth threats and hacking
bluetooth
Hacking Wi-Fi and T-1 AV-1 Wireless network Student will Practical WPA cracking
Bluetooth(Hacking threats, Ways to locate understand about demonstration and WEP
Bluetooth) wireless network and wireless networks cracking
Hacking bluetooth threats and hacking
bluetooth
Lecture / Hacking Wi-Fi and T-1 AV-1 Wireless network Student will Practical WPA cracking
Practical 40
Bluetooth(A Close threats, Ways to locate understand about demonstration and WEP
Examination of Threats) wireless network and wireless networks cracking
Hacking bluetooth threats and hacking
bluetooth
Hacking Wi-Fi and T-1 AV-1 Wireless network Student will Practical WPA cracking
Bluetooth(Hacking threats, Ways to locate understand about demonstration and WEP
Bluetooth) wireless network and wireless networks cracking
Hacking bluetooth threats and hacking
bluetooth
Lecture / Mobile Device Security T-1 AV-1 Mobile OS models and Student will Practical SQL injection
Practical 51
(Mobile OS Models and architecture, Goals of understand about demonstration tools, Proxy
Architectures) mobile security, Device common problem tools and Log
security model with mobile devices files
and penetration
testing using android
Mobile Device Security T-1 AV-1 Mobile OS models and Student will Practical SQL injection
(Goals of Mobile Security) architecture, Goals of understand about demonstration tools, Proxy
mobile security, Device common problem tools and Log
security model with mobile devices files
and penetration
testing using android
Mobile Device Security T-1 AV-1 Mobile OS models and Student will Practical SQL injection
(Device Security Models) architecture, Goals of understand about demonstration tools, Proxy
mobile security, Device common problem tools and Log
security model with mobile devices files
An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
and penetration
testing using android

Week 13 Lecture / Mobile Device Security T-1 AV-1 Mobile OS models and Student will Practical SQL injection
Practical 51 (Countermeasures) architecture, Goals of understand about demonstration tools, Proxy
mobile security, Device common problem tools and Log
security model with mobile devices files
and penetration
testing using android
Lecture / Mobile Device Security T-1 AV-1 Mobile OS models and Student will Practical SQL injection
Practical 52 (Mobile OS Models and architecture, Goals of understand about demonstration tools, Proxy
Architectures) mobile security, Device common problem tools and Log
security model with mobile devices files
and penetration
testing using android
Mobile Device Security T-1 AV-1 Mobile OS models and Student will Practical SQL injection
(Goals of Mobile Security) architecture, Goals of understand about demonstration tools, Proxy
mobile security, Device common problem tools and Log
security model with mobile devices files
and penetration
testing using android
Mobile Device Security T-1 AV-1 Mobile OS models and Student will Practical SQL injection
(Device Security Models) architecture, Goals of understand about demonstration tools, Proxy
mobile security, Device common problem tools and Log
security model with mobile devices files
and penetration
testing using android
Mobile Device Security T-1 AV-1 Mobile OS models and Student will Practical SQL injection
(Countermeasures) architecture, Goals of understand about demonstration tools, Proxy
mobile security, Device common problem tools and Log
security model with mobile devices files
and penetration
testing using android
Week 14 Lecture / Cloud Technologies and T-1 AV-1 What is cloud, Types of Student will Peer to peer
Practical 53 Security(What Is the Cloud) cloud, Forms of cloud understand about Discussion
and Threats to cloud various types of
security clouds and threats
associated to cloud
security
Cloud Technologies and T-1 AV-1 What is cloud, Types of Student will Peer to peer
Security(Threats to Cloud cloud, Forms of cloud understand about Discussion
Security) and Threats to cloud various types of
security clouds and threats
associated to cloud
security

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Lecture / Cloud Technologies and T-1 AV-1 Cloud computing Student will Practical Side channel
Practical 54 Security(Cloud Computing attacks, Controls for understand about demonstration attacks and
Attacks) cloud security and attacks, security Signature
Testing security in the controls and security warping attacks
cloud testing of cloud

Week 14 Lecture / Cloud Technologies and T-1 AV-1 Cloud computing Student will Practical Side
Practical 54 Security(Testing Security in attacks, Controls for understand about demonstration channel
the Cloud) cloud security and attacks, security attacks and
Testing security in the controls and security Signature
cloud testing of cloud warping
attacks
SPILL
OVER
Week 14 Lecture / Spill Over
Practical 55
Lecture / Spill Over
Practical 56
Week 15 Lecture / Spill Over
Practical 57
Lecture / Spill Over
Practical 58
Lecture / Spill Over
Practical 59
Lecture / Spill Over
Practical 60

Plan For Practicals


Practical Topic Learning Outcome
Foot-printing: Demonstration of the process of active and active and passive information Student should be able to know how to gather public available information
gathering using search engines, GHDB and Netcraft. about the target using open source tools
Scanning: Demonstration of port, network and vulnerability scanning with the help of Nmap, Student should be able to understand the process of Network, Vulnerability
Nessus and Rapid7 and AngryIP. scanning
Enumeration: Demonstration of windows, Linux enumeration and network protocol Student should be able to understand the process Linux and Windows
enumeration with the help of inbuilt utilities and open source tools. enumeration
System Hacking: Demonstration of offline and online password cracking with the help of Student should be able to understand the process password cracking
dictionary, brute force and hybrid attack and generating rainbow tables.
Malware: Demonstration of virus creation process and understanding difference between Student should be able to understand the process of propagation method of virus
virus and worms and worms.
Sniffing: Demonstration of network sniffing with the help of packet sniffers such as Student should be able to understand the process of Network traffic analysis

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Wireshark, Tcpdump and Dsniff and understand the data that is being sniffed by the
respective tools.

Denial of Service: Demonstration of various Dos attacks such as Service Request Floods, Student should be able to understand the process of DoS attack
ICMP Flooding, Smurf and Fraggle Attacks using different tools.
Sql Injection: Demonstration of various types of Sql injection with the help of different tools. Student should be able to understand the basics of SQL injection
Wireless Hacking: Demonstration of wifi and Bluetooth security assessment using open Student should be able to understand the basics of Wifi and Bluetooth security
source tool.
Evasion: Configuring Honeypots using Pentbox and Firewalls and understanding their Student should be able to understand the working process of Honeypots
functions in the network.

Scheme for CA:

CA Category of this Course Code is:A0203 (2 best out of 3)

Component Weightage (%)


BYOD-Practical 50
BYOD-Practical 50
Test 50
Details of Academic Task(s)

Academic Task Objective Detail of Academic Task Nature of Academic Academic Task Marks Allottment /
Task Mode submission
(group/individuals) Week
BYOD-Practical 1 To evaluate the The academic task shall be evaluated based on execution of a Individual Online 30 9 / 10
practical skills of the practical problem assigned to the students
students
BYOD-Practical 2 To evaluate the The academic task shall be evaluated based on execution of a Individual Online 30 11 / 12
practical skills of the practical problem assigned to the students
students
Test To test the The syllabus of the academic task shall be from lecture number 1 to Individual Online 30 3/4
understanding of the 14. There shall be subjective type questions of 5 marks or 10 marks
students for the each
basic concepts of
cyber security

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.