2023 2024 Student Forum > Management Forum > Main Forum

 
  #2  
25th July 2015, 02:16 PM
Super Moderator
 
Join Date: Apr 2013
Re: Cyber Forensics Mumbai University

As you are looking for Mumbai University M.Sc. Forensic Science in Digital and Cyber Forensics and IT Security (Sem III and IV) detailed syllabus here I am giving:

M.Sc. Forensic Science in Digital and Cyber Forensics and IT Security (Sem III and IV)

SEMESTER III

PSDF301: Vulnerability Assessment and Penetration Testing - Part I
Unit I: System Testing and Introduction
• Internal Intrusion Techniques,
• External Intrusion Techniques,
• Scanning IP pool and Discovering Devices,
• Verifying the Network & Security Devices,

Unit II: Information Gathering and Fingerprinting
• Web Server,
• Frameworks And Applications,
• Enumerating Resources,
• Port Scanning,
• Distinguish between different OS platforms,

Unit III: Attacks & Exploitation
• Web Server,
• Router,
• Wireless Network Testing,
• Buffer Overflows,
• Man in the Middle Attacks,
MU M.Sc Forensic Science in Digital and Cyber Forensics and IT Security syllabus
M. Sc. FORENSIC SCIENCE (DIGITAL AND CYBER FORENSICS AND IT
SECURITY)
SEMESTER III
PRACTICAL
PSDF3P1: Vulnerability Assessment and Penetration Testing - Part I
Total Marks 50
Lecture Per Week Credit
• Installation of Back-Track OS (2 Nos.)
• Webserver and Server Hardening (2 Nos.)
• Wireless Hacking Techniques (2 Nos.)
• Investigate allegations of bribes & kickbacks
• Investigate inventory theft
• Investigate fraud against senior citizens
• Investigate allegations of fraud by fiduciaries, including
estates & trusts, & condominium associations
Unit II: Investigations 15
• Company Backgrounds
• Due Diligence
• Economic Espionage
• Financial Fraud
• Mergers/Acquisitions
Unit III: Methodology 15
• Review internal controls to safeguard assets
• Conduct small business asset protection survey & make
recommendations for preserving company assets
• Fraud auditing services
• Uncover financial statement fraud
• Conduct white-collar crime investigations
• Asset record reconstruction
Unit IV : Analysis, Evidence and Testimony 15
• Prove allegations of misuse of business data and
business assets by corporate directors, employees, &
officers
• Prove allegations of embezzlement
• Prove allegations of money laundering and/or currency
structuring
• Provide anti-money laundering and/or fraud training
• Consult on civil and/or criminal litigation matters,
including asset forfeiture issues
• Assist legal counsel with plea negotiations involving
drug trafficking, public corruption, money laundering,
& currency structuring
• Footprinting: Tools to Extract Company’s Data, WHOIS Lookup, Footprint Using
Google Hacking Techniques. (2 Nos.)
• Scanning: Network Vulnerability Scanners, Spoofing IP Address, Proxy Tools, Http
tunnel for Windows, IP Spoofing Detection (2 Nos.)
PSDF3P2: Virtualization and Network Forensics – Part I
Total Marks 50
Lecture Per Week Credit
• Virtual OS (2 Nos.)
• Virtual Network (2 Nos.)
• Windows Server Configuration (2 Nos.)
• Linux Server Configuration (2 Nos.)
• Google App Engine Testing (2 Nos.)
PSDF3P3: Audit Governance Risk and Compliance – Part I
Total
Marks
Credit
50 2
Case Studies and Industrial Visit
Practical: PSDF3P4 - Mobile and Smart Phone Forensics – Part I
Total Marks 50
Lecture Per Week Credit
• Mobile Forensic (2 Nos.)
• Smartphone Forensic (2 Nos.)
• SIM analysis (2 Nos.)
• Handset Analysis (2 Nos.)
• Recovering data (2 Nos.)
PSDF3P5: E-commerce and Online Dispute Resolution: International Legal Perspective
Total Marks 50
Lecture Per Week Credit
4 2
PRACTICAL Marks
Project Work - Review of Literature 25
Project Work - Progress Report 25
PSDF3P6: Financial Fraud and Investigation – Part I
Total Marks 50
Lecture Per Week Credit
M.Sc. FORENSIC – DIGITAL AND CYBER FORENSICS AND IT SECURITY
SEMESTER IV
PSDF401: Vulnerability Assessment and Penetration Testing – Part II
Total Marks 100
Lecture Per Week
Credit
Units with Description No. lectures
Unit I: System Testing and Introduction 15
• Structure of Penetration Testing,
• Concepts of infrastructure Testing and
• Application Testing, White Box and Black Box
Unit II: Information Gathering and Fingerprinting 15
• Custom Applications,
• Vulnerability Scanning,
• Remote Operating System Fingerprinting;
• Active and Passive techniques.
Unit III: Attacks & Exploitation 15
• Firewall Policies bypass techniques,
• Malware,
• XSS Attacks,
• Null Sessions,
• SQL Injection,
• ARP Poisoning,
• Breaking into https connections.
Unit IV : Security Policy and Implementation - Linux 15
Domain Policies,
User Rights Managements,
Router Policies,
PRACTICAL Marks
1 a) Topic approval for synopsis
b) Objective and work plan 25
2 Presentation
Firewall,
IPS,
UTM Policies,
Security Suites,
Patch Management Automation,
Wireless Network Security,
Logging System,
Generating Periodic Reports
PSDF402: Virtualization and Network Forensics – Part II
Total Marks 100
Lecture Per Week
Credit
4 2
Units with Description No. lectures
Unit I: Forensics - Investigating Dead Virtual
Environments
• Install Files
• Remnants
• Registry
• Microsoft Disk Image Formats
• Data to Look for
• Investigator Tips
Unit II: Forensics – Investigating Live Virtual
Environments
15
• Artifacts
• Processes and Ports
• Log Files
• VM Memory Usage
• Memory Analysis
• ESXi Analysis
• Microsoft Analysis Tools
• Moving Forward
Unit III: Cloud Computing and Forensic Challenges 15
• What Is Cloud Computing?
• Cloud Computing Services
• Streaming Operating Systems
• Application Streaming
• Virtual Applications
• Cloud Computing, Virtualization, and Security
• Cloud Computing and Forensics
Unit IV : Virtual Environments and Compliance 15
• Standards
• Compliance
• Organizational Chain of Custody
• Data Retention Policies
PSDF403: Audit Governance Risk and Compliance – Part II
Total Marks 100
Lecture Per Week
Credit
Units with Description No. lectures
Unit I: Governance 15
• Overall Management Approach
• What is Governance?
• Role of Senior Management
• Control and Supervisory Role
• Hierarchical Management
• Segregation of Departments
Unit II: Governance Management Role 15
• Governance activities
• Critical management,
• information reaching,
• accurate and timely reporting
• decision making,
• provide the control mechanisms for ensuring strategies,
directions and instructions from management.
Unit III: Compliance 15
• Conforming with stated requirements,
• organizational level,
• management processes which identify the applicable
requirements
• (defined for example in laws, regulations, contracts,
strategies and policies),
• assess the state of compliance,
• assess the risks and potential costs of non-compliance
against the projected expenses to achieve compliance,
prioritize and initiate any corrective
Unit IV : Compliance Types 15
• Basel II/III – Introdcution and Applicability
• PCI DSS – Introdcution and Applicability
• NIC Website Compliance Indian Government Websites
• COBIT – Introdcution and Applicability
• Miscellanous Compliance - Introduction and
Applicability
PSDF404: Mobile and Smart Phone Forensics – Part II
Total Marks 100
Lecture Per Week
Credit
Units with Description No. lectures
Unit I: Introduction to Mobile Malware 15
• Types of Attacks
• Taxonomy of Mobile Malware,
• Phishing,
• SMishing, and
• Vishing ,
Unit II: Malware Attack and Defense 15
• Mobile Malware,
• Visual Payloads,
• Timeline of Mobile Malware,
• Hoaxes, and Threats,
• Overview of Mobile Malware Families,
• Taxonomy of Mobile Malware
Unit III: Threats, Hacking and Viruses in Mobile
Communication
• Introduction and Overview of Mobile Communication
• Attacks in Mobile
• Man in the Middle
• Denial of Service
• Wireless Spoofing
• Prevention Techniques in Mobile System
• Intrusion detection in wireless
• Access Control and Authentication in Mobile
Communications - Overview
Unit IV : Overview of Mobile Communication Security 15
• SIM Security,
• Security of Mobile Networks,
• Security of GSM Networks,
• Security of 3G Networks,
• Security of Wireless Local Area Networks,
• Security of Ad-hoc Networks,
• Security Techniques for Mobile Services,
• End-to-End Security Services in Mobile
Communications,
• Inter-system Roaming and Internetworking Security,
• Securing Mobile E-Services,
• Security of Satellite Services,
• Security of Mobile Sensor Networks,
• Application Level Security,
• Security of IP Based Applications,
• Security of Mobile Payments,
• Security of Multimedia Communications,
• Security of Mobile Voice Communication
PSDF405: Protection of Personal Data in Cyberspace: International Legal Perspective
Total Marks 100
Lecture Per Week
Credit
Units with Description No. lectures
Unit I: Role of OECD for protection of personal data 15
• Organisation for Economic Cooperation and
Development (OECD) Guidelines on the protection of
privacy and trans-border flow of personal data, 1980.
• OECD guidelines for protecting consumers from
fraudulent and deceptive commercial practices across
borders, 2003.
• Organisation for Economic Cooperation and
Development (OECD) Guidelines for the security of
information systems and networks 2002.
• OECD Guidelines for electronic authentication, 2007.
Unit II: Protection of Personal Data and EU Principles 15
• The European Convention for the Protection of
Individuals with regard to Automatic Processing of
Personal Data, 1981. (ETS No. 108, Popularly Known
as Council of Europe Convention 108)
• The protection of individuals with regard to the
processing of personal data and on the free movement of
such data. (EU Directive 95/46/EC of 24 October 1995)
• Asia-Pacific Economic Cooperation (APEC) Privacy
Framework, 2004.
Unit III: Cyberspace Regulation and Role of United
Nation
• UN General Assembly, Guidelines for the Regulation of
Computerized Personal Data Files, 14 December 1990.
• United Nations Convention on the Use of Electronic
Communications in International Contracts. 2005
Unit IV : Indian Personal Data Protection Law 15
• Right to Privacy
• Data Theft and Indian Law
• Legal Measures for Protection of Personal Data
• Comparison and Critique of Indian Personal Data
Protection Law.
• Draft on Right to Privacy
PSDF406- Financial Fraud and Investigation – Part II
Total Marks 100
Lecture Per Week
Credit
4 2
Units with Description No. lectures
Unit I: Financial Frauds 15
• Accouting Frauds and Types
• Payroll Fraud
• Financial Missappropriation Fraud
• Shareholders and Partnership Dispute
• Criminal Investigaion
• Personal Injury and Accident Claim
• Business Interrutption and Insurance
Unit II: Analysis and Procedure 15
• Organize/analyze financial records,
• Organise/analyse response to search warrant records
• Analyze & organize financial records to prepare tax
returns
• Assist legal counsel with plea negotiations regarding tax
issues
Unit III: Introduction to Financial Compliance 15
• Accounting and Payroll
• Assurance
• Direct Tax
• Indirect Tax
• Secretarial Compliance
• Labour Laws
• Miscellaneous
Unit IV : Frauds Investigation 15
• Business/Employee Fraud
• Matrimonial Dispute
• Business Economic Losses
• Professional Negligence
• Mediation and Arbitration
M.Sc. FORENSIC – DIGITAL AND CYBER FORENSICS AND IT SECURITY
SEMESTER IV
PRACTICAL
PSDF4P1: Vulnerability Assessment and Penetration Testing – Part II
Total Marks 50
Lecture Per Week
Credit
Practical:
• Net-Bios Enumeration, SNMP, Linux, LDAP, NTP, SMTP Enumeration, Enumeration
Countermeasures (2 Nos.)
• Intrusion Detection Tool, Honeypot Tools, Obfuscating, Honeypot Detecting Tool
• Buffer overflow Security Tools (2 Nos.)
• Application Security Assessment Tool, Network Security Assessment Tool, Wireless/Remote
Access Assessment Tool, Telephony Security Assessment Tool, Testing Network-Filtering
Device Too (2 Nos.)
• SQL Injection (1 No)
• XSS (1 No)
PSDF4P2: Virtualization and Network Forensics – Part II
Total Marks 50
Lecture Per Week
Credit
Practical:
• Windows Azure, Salesforce, Amazon, etc… (2 Nos.)
• Cloud Computing Programming (2 Nos.)
• Virtual Forensics (2 Nos.)
• Cloud Computing and Configuration (2 Nos.)
• Virtual Server and Cloud Setup (Virtualization) (2 Nos.)
PSDF4P3: Audit Governance Risk and Compliance – Part II
Total Marks
Credit
Practical - Case Study and Industrial Visit
PSDF4P4: Mobile and Smart Phone Forensics – Part II
Total Marks 50
Lecture Per Week
Credit
Practical:
• M commerce security analysis (2 Nos.)
• Mobile application testing (2 Nos.)
• Satellite phone technology (2 No.)
• Malware Analysis (2 Nos.)
• Smart phone malware analysis (2 Nos.)
PSDF4P5: Protection of Personal Data in Cyberspace: International Legal Perspective
Total Marks 50
Lecture Per Week
Credit
PRACTICAL Marks
1
Presentation / Poster
25
2
Viva-Voice
25
PSDF4P6: Financial Fraud and Investigation – Part II
Total Marks
Credit
Final Project Work 50 Marks
References:
PSDF301:
• Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security
Guide by Lee Allen (Chapter 1)
• The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing
Made Easy by Patrick Engebretson (Chapter 2 and 3)
• Security Policies and Implementation Issues (Information Systems Security &
Assurance) by Robert Jahnson (Chapter 5 and 7)
• Microsoft Windows Security Essentials by Darril Gibson (Chapter 1, 3,4, 5, 7,8)
• OWASP
PSDF302:
Virtualization and Forensics By Diane Barrett, Greg Kipper
Virtualization Security Protecting virtualized environment By Dave Shackleford
PSDF303:
Audit – Standards of ISMS27001, US Sarbanes-Oxley Act, HIPPA
- Crockford, Neil (1986). An Introduction to Risk Management (2 ed.). Cambridge, UK:
Woodhead-Faulkner. p. 18. ISBN 0-85941-332-2
- Dorfman, Mark S. (2007). Introduction to Risk Management and Insurance (9 ed.).
Englewood Cliffs, N.J: Prentice Hall. ISBN 0-13-224227-3.
- IADC HSE Case Guidelines for MODUs 3.2, section 4.7
- Roehrig, P (2006). "Bet On Governance To Manage Outsourcing Risk"
Hopkin, Paul "Fundamentals of Risk Management 2nd Edition" Kogan-Page (2012) ISBN
978-0-7494-6539-1
Risk Management ISO 30001 Standard
PSDF304:
Chapter 13: Guide to Computer Forensics and Investigations By Bill Nelson, Amelia Phillips,
Christopher Stuart
Chapter 20 Digital Evidence on Mobile Devices
Digital Evidence and Computer Crime, Third Edition Eoghan Casey. Published by Elsevier Inc.
All rights reserved
Andriod Forensic, Investigation, and Security by Andrew Hogg, Publisher Synergy
Security in Mobile Communication by Professor Noureddine Boudriga
Mobile Malware Attacks and Defense By Ken Dunham
PSDF305
1) International Trade Law by Indira Carr, Peter Stone, 4th edition, 2010, Page 103 to 136
2) Online Dispute Resolution: Challenges for Contemporary Justice by Gabrielle Kaufmann-
Kohler, Thomas Schultz, 2004, pages 5 to 58, 67 to 81, 108 to 120, 131 etc.
3) Cyber Consumer Law and Unfair Trading Practices: Unfair Commercial Practices
By Cristina Coteanu page 87-113.
4) Cyber Consumer Law and Unfair Trading Practices: Unfair Commercial Practices
By Cristina Coteanu Page- 1- 11, 45 to 68, 137 to 150
For detailed syllabus, here is attachment:;


Quick Reply
Your Username: Click here to log in

Message:
Options

Thread Tools Search this Thread



All times are GMT +5. The time now is 03:09 PM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.
SEO by vBSEO 3.6.0 PL2

1 2 3 4