#1
25th July 2015, 08:17 AM
| |||
| |||
Cyber Forensics Mumbai University
Here I am looking for Mumbai University M.Sc. Forensic Science in Digital and Cyber Forensics and IT Security (Sem III and IV), course details syllabus, will you please provide here ???
|
#2
25th July 2015, 02:16 PM
| |||
| |||
Re: Cyber Forensics Mumbai University
As you are looking for Mumbai University M.Sc. Forensic Science in Digital and Cyber Forensics and IT Security (Sem III and IV) detailed syllabus here I am giving: M.Sc. Forensic Science in Digital and Cyber Forensics and IT Security (Sem III and IV) SEMESTER III PSDF301: Vulnerability Assessment and Penetration Testing - Part I Unit I: System Testing and Introduction • Internal Intrusion Techniques, • External Intrusion Techniques, • Scanning IP pool and Discovering Devices, • Verifying the Network & Security Devices, Unit II: Information Gathering and Fingerprinting • Web Server, • Frameworks And Applications, • Enumerating Resources, • Port Scanning, • Distinguish between different OS platforms, Unit III: Attacks & Exploitation • Web Server, • Router, • Wireless Network Testing, • Buffer Overflows, • Man in the Middle Attacks, MU M.Sc Forensic Science in Digital and Cyber Forensics and IT Security syllabus M. Sc. FORENSIC SCIENCE (DIGITAL AND CYBER FORENSICS AND IT SECURITY) SEMESTER III PRACTICAL PSDF3P1: Vulnerability Assessment and Penetration Testing - Part I Total Marks 50 Lecture Per Week Credit • Installation of Back-Track OS (2 Nos.) • Webserver and Server Hardening (2 Nos.) • Wireless Hacking Techniques (2 Nos.) • Investigate allegations of bribes & kickbacks • Investigate inventory theft • Investigate fraud against senior citizens • Investigate allegations of fraud by fiduciaries, including estates & trusts, & condominium associations Unit II: Investigations 15 • Company Backgrounds • Due Diligence • Economic Espionage • Financial Fraud • Mergers/Acquisitions Unit III: Methodology 15 • Review internal controls to safeguard assets • Conduct small business asset protection survey & make recommendations for preserving company assets • Fraud auditing services • Uncover financial statement fraud • Conduct white-collar crime investigations • Asset record reconstruction Unit IV : Analysis, Evidence and Testimony 15 • Prove allegations of misuse of business data and business assets by corporate directors, employees, & officers • Prove allegations of embezzlement • Prove allegations of money laundering and/or currency structuring • Provide anti-money laundering and/or fraud training • Consult on civil and/or criminal litigation matters, including asset forfeiture issues • Assist legal counsel with plea negotiations involving drug trafficking, public corruption, money laundering, & currency structuring • Footprinting: Tools to Extract Company’s Data, WHOIS Lookup, Footprint Using Google Hacking Techniques. (2 Nos.) • Scanning: Network Vulnerability Scanners, Spoofing IP Address, Proxy Tools, Http tunnel for Windows, IP Spoofing Detection (2 Nos.) PSDF3P2: Virtualization and Network Forensics – Part I Total Marks 50 Lecture Per Week Credit • Virtual OS (2 Nos.) • Virtual Network (2 Nos.) • Windows Server Configuration (2 Nos.) • Linux Server Configuration (2 Nos.) • Google App Engine Testing (2 Nos.) PSDF3P3: Audit Governance Risk and Compliance – Part I Total Marks Credit 50 2 Case Studies and Industrial Visit Practical: PSDF3P4 - Mobile and Smart Phone Forensics – Part I Total Marks 50 Lecture Per Week Credit • Mobile Forensic (2 Nos.) • Smartphone Forensic (2 Nos.) • SIM analysis (2 Nos.) • Handset Analysis (2 Nos.) • Recovering data (2 Nos.) PSDF3P5: E-commerce and Online Dispute Resolution: International Legal Perspective Total Marks 50 Lecture Per Week Credit 4 2 PRACTICAL Marks Project Work - Review of Literature 25 Project Work - Progress Report 25 PSDF3P6: Financial Fraud and Investigation – Part I Total Marks 50 Lecture Per Week Credit M.Sc. FORENSIC – DIGITAL AND CYBER FORENSICS AND IT SECURITY SEMESTER IV PSDF401: Vulnerability Assessment and Penetration Testing – Part II Total Marks 100 Lecture Per Week Credit Units with Description No. lectures Unit I: System Testing and Introduction 15 • Structure of Penetration Testing, • Concepts of infrastructure Testing and • Application Testing, White Box and Black Box Unit II: Information Gathering and Fingerprinting 15 • Custom Applications, • Vulnerability Scanning, • Remote Operating System Fingerprinting; • Active and Passive techniques. Unit III: Attacks & Exploitation 15 • Firewall Policies bypass techniques, • Malware, • XSS Attacks, • Null Sessions, • SQL Injection, • ARP Poisoning, • Breaking into https connections. Unit IV : Security Policy and Implementation - Linux 15 Domain Policies, User Rights Managements, Router Policies, PRACTICAL Marks 1 a) Topic approval for synopsis b) Objective and work plan 25 2 Presentation Firewall, IPS, UTM Policies, Security Suites, Patch Management Automation, Wireless Network Security, Logging System, Generating Periodic Reports PSDF402: Virtualization and Network Forensics – Part II Total Marks 100 Lecture Per Week Credit 4 2 Units with Description No. lectures Unit I: Forensics - Investigating Dead Virtual Environments • Install Files • Remnants • Registry • Microsoft Disk Image Formats • Data to Look for • Investigator Tips Unit II: Forensics – Investigating Live Virtual Environments 15 • Artifacts • Processes and Ports • Log Files • VM Memory Usage • Memory Analysis • ESXi Analysis • Microsoft Analysis Tools • Moving Forward Unit III: Cloud Computing and Forensic Challenges 15 • What Is Cloud Computing? • Cloud Computing Services • Streaming Operating Systems • Application Streaming • Virtual Applications • Cloud Computing, Virtualization, and Security • Cloud Computing and Forensics Unit IV : Virtual Environments and Compliance 15 • Standards • Compliance • Organizational Chain of Custody • Data Retention Policies PSDF403: Audit Governance Risk and Compliance – Part II Total Marks 100 Lecture Per Week Credit Units with Description No. lectures Unit I: Governance 15 • Overall Management Approach • What is Governance? • Role of Senior Management • Control and Supervisory Role • Hierarchical Management • Segregation of Departments Unit II: Governance Management Role 15 • Governance activities • Critical management, • information reaching, • accurate and timely reporting • decision making, • provide the control mechanisms for ensuring strategies, directions and instructions from management. Unit III: Compliance 15 • Conforming with stated requirements, • organizational level, • management processes which identify the applicable requirements • (defined for example in laws, regulations, contracts, strategies and policies), • assess the state of compliance, • assess the risks and potential costs of non-compliance against the projected expenses to achieve compliance, prioritize and initiate any corrective Unit IV : Compliance Types 15 • Basel II/III – Introdcution and Applicability • PCI DSS – Introdcution and Applicability • NIC Website Compliance Indian Government Websites • COBIT – Introdcution and Applicability • Miscellanous Compliance - Introduction and Applicability PSDF404: Mobile and Smart Phone Forensics – Part II Total Marks 100 Lecture Per Week Credit Units with Description No. lectures Unit I: Introduction to Mobile Malware 15 • Types of Attacks • Taxonomy of Mobile Malware, • Phishing, • SMishing, and • Vishing , Unit II: Malware Attack and Defense 15 • Mobile Malware, • Visual Payloads, • Timeline of Mobile Malware, • Hoaxes, and Threats, • Overview of Mobile Malware Families, • Taxonomy of Mobile Malware Unit III: Threats, Hacking and Viruses in Mobile Communication • Introduction and Overview of Mobile Communication • Attacks in Mobile • Man in the Middle • Denial of Service • Wireless Spoofing • Prevention Techniques in Mobile System • Intrusion detection in wireless • Access Control and Authentication in Mobile Communications - Overview Unit IV : Overview of Mobile Communication Security 15 • SIM Security, • Security of Mobile Networks, • Security of GSM Networks, • Security of 3G Networks, • Security of Wireless Local Area Networks, • Security of Ad-hoc Networks, • Security Techniques for Mobile Services, • End-to-End Security Services in Mobile Communications, • Inter-system Roaming and Internetworking Security, • Securing Mobile E-Services, • Security of Satellite Services, • Security of Mobile Sensor Networks, • Application Level Security, • Security of IP Based Applications, • Security of Mobile Payments, • Security of Multimedia Communications, • Security of Mobile Voice Communication PSDF405: Protection of Personal Data in Cyberspace: International Legal Perspective Total Marks 100 Lecture Per Week Credit Units with Description No. lectures Unit I: Role of OECD for protection of personal data 15 • Organisation for Economic Cooperation and Development (OECD) Guidelines on the protection of privacy and trans-border flow of personal data, 1980. • OECD guidelines for protecting consumers from fraudulent and deceptive commercial practices across borders, 2003. • Organisation for Economic Cooperation and Development (OECD) Guidelines for the security of information systems and networks 2002. • OECD Guidelines for electronic authentication, 2007. Unit II: Protection of Personal Data and EU Principles 15 • The European Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, 1981. (ETS No. 108, Popularly Known as Council of Europe Convention 108) • The protection of individuals with regard to the processing of personal data and on the free movement of such data. (EU Directive 95/46/EC of 24 October 1995) • Asia-Pacific Economic Cooperation (APEC) Privacy Framework, 2004. Unit III: Cyberspace Regulation and Role of United Nation • UN General Assembly, Guidelines for the Regulation of Computerized Personal Data Files, 14 December 1990. • United Nations Convention on the Use of Electronic Communications in International Contracts. 2005 Unit IV : Indian Personal Data Protection Law 15 • Right to Privacy • Data Theft and Indian Law • Legal Measures for Protection of Personal Data • Comparison and Critique of Indian Personal Data Protection Law. • Draft on Right to Privacy PSDF406- Financial Fraud and Investigation – Part II Total Marks 100 Lecture Per Week Credit 4 2 Units with Description No. lectures Unit I: Financial Frauds 15 • Accouting Frauds and Types • Payroll Fraud • Financial Missappropriation Fraud • Shareholders and Partnership Dispute • Criminal Investigaion • Personal Injury and Accident Claim • Business Interrutption and Insurance Unit II: Analysis and Procedure 15 • Organize/analyze financial records, • Organise/analyse response to search warrant records • Analyze & organize financial records to prepare tax returns • Assist legal counsel with plea negotiations regarding tax issues Unit III: Introduction to Financial Compliance 15 • Accounting and Payroll • Assurance • Direct Tax • Indirect Tax • Secretarial Compliance • Labour Laws • Miscellaneous Unit IV : Frauds Investigation 15 • Business/Employee Fraud • Matrimonial Dispute • Business Economic Losses • Professional Negligence • Mediation and Arbitration M.Sc. FORENSIC – DIGITAL AND CYBER FORENSICS AND IT SECURITY SEMESTER IV PRACTICAL PSDF4P1: Vulnerability Assessment and Penetration Testing – Part II Total Marks 50 Lecture Per Week Credit Practical: • Net-Bios Enumeration, SNMP, Linux, LDAP, NTP, SMTP Enumeration, Enumeration Countermeasures (2 Nos.) • Intrusion Detection Tool, Honeypot Tools, Obfuscating, Honeypot Detecting Tool • Buffer overflow Security Tools (2 Nos.) • Application Security Assessment Tool, Network Security Assessment Tool, Wireless/Remote Access Assessment Tool, Telephony Security Assessment Tool, Testing Network-Filtering Device Too (2 Nos.) • SQL Injection (1 No) • XSS (1 No) PSDF4P2: Virtualization and Network Forensics – Part II Total Marks 50 Lecture Per Week Credit Practical: • Windows Azure, Salesforce, Amazon, etc… (2 Nos.) • Cloud Computing Programming (2 Nos.) • Virtual Forensics (2 Nos.) • Cloud Computing and Configuration (2 Nos.) • Virtual Server and Cloud Setup (Virtualization) (2 Nos.) PSDF4P3: Audit Governance Risk and Compliance – Part II Total Marks Credit Practical - Case Study and Industrial Visit PSDF4P4: Mobile and Smart Phone Forensics – Part II Total Marks 50 Lecture Per Week Credit Practical: • M commerce security analysis (2 Nos.) • Mobile application testing (2 Nos.) • Satellite phone technology (2 No.) • Malware Analysis (2 Nos.) • Smart phone malware analysis (2 Nos.) PSDF4P5: Protection of Personal Data in Cyberspace: International Legal Perspective Total Marks 50 Lecture Per Week Credit PRACTICAL Marks 1 Presentation / Poster 25 2 Viva-Voice 25 PSDF4P6: Financial Fraud and Investigation – Part II Total Marks Credit Final Project Work 50 Marks References: PSDF301: • Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide by Lee Allen (Chapter 1) • The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy by Patrick Engebretson (Chapter 2 and 3) • Security Policies and Implementation Issues (Information Systems Security & Assurance) by Robert Jahnson (Chapter 5 and 7) • Microsoft Windows Security Essentials by Darril Gibson (Chapter 1, 3,4, 5, 7,8) • OWASP PSDF302: Virtualization and Forensics By Diane Barrett, Greg Kipper Virtualization Security Protecting virtualized environment By Dave Shackleford PSDF303: Audit – Standards of ISMS27001, US Sarbanes-Oxley Act, HIPPA - Crockford, Neil (1986). An Introduction to Risk Management (2 ed.). Cambridge, UK: Woodhead-Faulkner. p. 18. ISBN 0-85941-332-2 - Dorfman, Mark S. (2007). Introduction to Risk Management and Insurance (9 ed.). Englewood Cliffs, N.J: Prentice Hall. ISBN 0-13-224227-3. - IADC HSE Case Guidelines for MODUs 3.2, section 4.7 - Roehrig, P (2006). "Bet On Governance To Manage Outsourcing Risk" Hopkin, Paul "Fundamentals of Risk Management 2nd Edition" Kogan-Page (2012) ISBN 978-0-7494-6539-1 Risk Management ISO 30001 Standard PSDF304: Chapter 13: Guide to Computer Forensics and Investigations By Bill Nelson, Amelia Phillips, Christopher Stuart Chapter 20 Digital Evidence on Mobile Devices Digital Evidence and Computer Crime, Third Edition Eoghan Casey. Published by Elsevier Inc. All rights reserved Andriod Forensic, Investigation, and Security by Andrew Hogg, Publisher Synergy Security in Mobile Communication by Professor Noureddine Boudriga Mobile Malware Attacks and Defense By Ken Dunham PSDF305 1) International Trade Law by Indira Carr, Peter Stone, 4th edition, 2010, Page 103 to 136 2) Online Dispute Resolution: Challenges for Contemporary Justice by Gabrielle Kaufmann- Kohler, Thomas Schultz, 2004, pages 5 to 58, 67 to 81, 108 to 120, 131 etc. 3) Cyber Consumer Law and Unfair Trading Practices: Unfair Commercial Practices By Cristina Coteanu page 87-113. 4) Cyber Consumer Law and Unfair Trading Practices: Unfair Commercial Practices By Cristina Coteanu Page- 1- 11, 45 to 68, 137 to 150 For detailed syllabus, here is attachment:; |
Thread Tools | Search this Thread |
|