Master of Science in Cyber Security

This course provides fundamental concepts for Networking. It provides delves into different networking technologies. Topics included in this course: Network topology, IP addressing and subnetting, MAC address, OSI and TCP/IP model, IP routing, Network security devices, Routers, and routing protocols like EIGRP, OSPF, RIP and other protocols for communication like HTTP, HTTPS, FTP, Telnet, DHCP, ARP and the ports. It includes knowledge of networking devices such as switches, L2 and L3 switches, servers, hub, routers, and repeaters. Compare physical interface and cabling types: single-mode fiber, multimode, copper, connection media like Ethernet and point to point. Comparison between TCP and UDP protocol.

In this course, students will focus on Kali Linux operating system wherein the topics included Introduction to Kali Linux, setting up Kali Linux as a virtual machine on VMware workstation, terminal, file system, useful commands, basic network commands, services, managing users, troubleshoot Kali Linux, install, remove and customize and troubleshoot software using Debian package manager, use Kali as a portable USB distribution including options for encryption, persistence and self-destruction and thoroughly administer, customize and configure Kali Linux and create your own packages and host your own customer package repositories.

This course presents the use of Kali Linux as an attacker machine, using more than 600 tools, use terminal and commands for performing hacking. Perform scanning, vulnerability scanning and create exploits and payloads to gain access to the target system. Perform Penetration testing and information gathering to collect information of the target system.

In this course, the students will be made to examine the concepts of hacking, types of hackers, how is hacking done, phases of hacking: reconnaissance, scanning, gaining access, maintaining access, and covering tracks, how these phases are performed, what are the tools and techniques used for hacking. Tools like NMAP and NESSUS are used for scanning and use of Metasploit framework used for execution of exploits and payloads for controlling system after gaining access to a system. Use of various password cracking techniques like brute-force attack and tools like Lophtcrack and Ophcrack. At the end of this course, students will have the tools to protect and safeguard an organization operating computing environment. At the end of this course, students will have the tools to protect and safeguard an organization operating computing environment.

This focuses on the techniques used by the attackers to gain access in the system using social engineering attack, session hijacking, bypassing firewalls, IDS and IPS. Techniques used in social engineering like phishing, shoulder surfing, dumpster diving and using tools like shell phish to create fake pages. Knowing about different types of malwares and the adverse effect of these malwares in any system. Techniques like sniffing used to steal confidential information like username and password using Man in the middle attack performed by tool like Ettercap and Cain and Abel. Knowing about different attacks like SQL injection, XSS attack, JSON injection attack and directory traversal attack and understanding the techniques for preserving an organizations system and people against these attacks. Hands on training will be provided to the students who will perform these attacks and the ways to encounter these attacks by use of the tool Burp Suite, allowing safe HTML.

This course focuses on techniques used by attackers to perform mobile hacking using tools to find the vulnerabilities present in the mobile phone and executing exploits and run payloads using Metasploit framework. Tools like alpha devices are used for hacking Wi-Fi by capturing the four- way handshake and cracking the password using brute force or dictionary attack. It also includes cloud computing and IOT hacking which consists of detailed knowledge of IOT devices, layers of IOT and its security features and cryptography techniques used for encryption and decryption using keys like public and private keys. This course provides students with the tools to protect the use and security of mobile devices.

This course focuses on fundamentals concepts of digital forensics. Use of various tools and techniques to combat any cyber-attack. Use of various tools for investigation and extraction of data from digital evidence collected from the crime scene. Techniques used for securing and collecting evidence from the crime scene.

This course focuses on security technology and students will be made familiar with the policies which ensure the listing of only good files. Policies used for securing networks with BYOD, prevention of damaged or malicious applications.

This course includes Security Administrators, Network Security, Cybersecurity Audits. Students can choose any two courses and will get training for both the courses:

• Security Administration: In this course, students will be provided with knowledge about system security, how attackers harm the system and practical including Data and System Security, Disk encryption, Hardware Firmware Security, securing different operating systems from data destruction and any cyber-attack. Students will be provided with expertise in firewall technologies, Intrusion Detection, and Intrusion Prevention System.
• Network Administration: Students are trained for identifying and solving any problem that arises in the computer network and installing and configuring computer networks. Hands on training provided on Network Firewall, proxy servers, using Virtual Private Network (VPN), protecting servers from cyber-attacks, security of different layers and application of Code Quality and Testing.
• Cybersecurity Audits: In this course, students will be trained for performing audits which includes Operation Security which includes review of policies, procedures and security controls, Data Security including use of encryption techniques, data security during transmission and storage, Physical Security including role-based access controls, disk encryption, multi-factor authentication. The student will get complete practical knowledge and will be able to identify vulnerabilities in security, compliance, and testing controls.

Followed by the dual specialization comes the Capstone Project where students will be required to apply the knowledge gained with this curriculum and projects. Students are expected to engage in a real project for an organization to solve any one of the security and data issues. This includes the Capstone project where the student will be provided with internships, hands on practical knowledge will be developed such as forensics, NIDS, HIDS and honeypots. It also includes secure inventory management; application control and device control will be performed by the students to check for the ability of the student after the completion of the course.