{"id":56439,"date":"2023-08-28T16:33:07","date_gmt":"2023-08-28T16:33:07","guid":{"rendered":"https:\/\/www.inspirenignite.com\/anna-university\/ccs374-web-application-security-syllabus-for-cyber-security-2021-regulation-professional-elective-iii\/"},"modified":"2023-08-28T16:33:07","modified_gmt":"2023-08-28T16:33:07","slug":"ccs374-web-application-security-syllabus-for-cyber-security-2021-regulation-professional-elective-iii","status":"publish","type":"post","link":"https:\/\/www.inspirenignite.com\/anna-university\/ccs374-web-application-security-syllabus-for-cyber-security-2021-regulation-professional-elective-iii\/","title":{"rendered":"CCS374: Web Application Security syllabus for Cyber Security 2021 regulation (Professional Elective-III)"},"content":{"rendered":"<p align=\"justify\">Web Application Security detailed syllabus for Cyber Security (Cyber Security) for 2021 regulation curriculum has been taken from the <a class=\"rank-math-link\" href=\"https:\/\/cac.annauniv.edu\/\" style=\"color: inherit\" target=\"_blank\" rel=\"noopener\">Anna Universities<\/a> official website and presented for the Cyber Security students. For course code, course name, number of credits for a course and other scheme related information,  do visit full semester subjects post given below. <\/p>\n<p align=\"justify\">For Cyber Security 6th Sem scheme and its subjects, do visit <a class=\"rank-math-link\" href=\"..\/cyber-security-6th-sem-syllabus-2021-regulation\">Cyber Security 6th Sem 2021 regulation scheme<\/a>. For Professional Elective-III scheme and its subjects refer to <a class=\"rank-math-link\" href=\"..\/professional-elective-iii-syllabus-for-cyber-security-2021-regulation\">Cyber Security Professional Elective-III syllabus scheme<\/a>. The detailed syllabus of web application security is as follows. <\/p>\n<p><h4>Course Objectives:<\/h4>\n<h4 id=\"istudy\" style=\"text-align:center\"><a class=\"rank-math-link\" href=\"https:\/\/play.google.com\/store\/apps\/details?id=ini.istudy\" style=\"color: inherit\" target=\"_blank\" rel=\"noopener\">Download the iStudy App for all syllabus and other updates.<\/a><br \/><a class=\"rank-math-link\" href=\"https:\/\/play.google.com\/store\/apps\/details?id=ini.istudy&amp;pcampaignid=pcampaignidMKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/play.google.com\/intl\/en_us\/badges\/static\/images\/badges\/en_badge_web_generic.png\" alt=\"Get it on Google Play\" style=\"height:65px;text-align:center\"><\/a><\/h4>\n<p><h4>Unit I<\/h4>\n<p>FUNDAMENTALS OF WEB APPLICATION SECURITY<br \/>\nThe history of Software Security-Recognizing Web Application Security Threats, Web Application Security, Authentication and Authorization, Secure Socket layer, Transport layer Security, Session Management-Input Validation\n<\/p>\n<p><h4>Unit II<\/h4>\n<p>SECURE DEVELOPMENT AND DEPLOYMENT<br \/>\nWeb Applications Security &#8211; Security Testing, Security Incident Response Planning,The Microsoft Security Development Lifecycle (SDL), OWASP Comprehensive Lightweight Application Security Process (CLASP), The Software Assurance Maturity Model (SAMM)\n<\/p>\n<p><h4>Unit III<\/h4>\n<h4 id=\"istudy\" style=\"text-align:center\"><a class=\"rank-math-link\" href=\"https:\/\/play.google.com\/store\/apps\/details?id=ini.istudy\" style=\"color: inherit\" target=\"_blank\" rel=\"noopener\">Download the iStudy App for all syllabus and other updates.<\/a><br \/><a class=\"rank-math-link\" href=\"https:\/\/play.google.com\/store\/apps\/details?id=ini.istudy&amp;pcampaignid=pcampaignidMKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/play.google.com\/intl\/en_us\/badges\/static\/images\/badges\/en_badge_web_generic.png\" alt=\"Get it on Google Play\" style=\"height:65px;text-align:center\"><\/a><\/h4>\n<p><h4>Unit IV<\/h4>\n<p>^MMVULNERABILITY ASSESSMENT AND PENETRATION TESTING<br \/>\nVulnerability Assessment Lifecycle, Vulnerability Assessment Tools: Cloud-based vulnerability scanners, Host-based vulnerability scanners, Network-based vulnerability scanners, Databasebased vulnerability scanners, Types of Penetration Tests: External Testing, Web Application Testing, Internal Penetration Testing, SSID or Wireless Testing, Mobile Application Testing.\n<\/p>\n<p><h4>Unit V<\/h4>\n<p>HACKING TECHNIQUES AND TOOLS<br \/>\nSocial Engineering, Injection, Cross-Site Scripting(XSS), Broken Authentication and Session Management, Cross-Site Request Forgery, Security Misconfiguration, Insecure Cryptographic Storage, Failure to Restrict URL Access, Tools: Comodo, OpenVAS, Nexpose, Nikto, Burp Suite, etc.\n<\/p>\n<p><h4>Practical Exercises<\/h4>\n<ol>\n<li>Install wireshark and explore the various protocols<\/li>\n<ul>\n<li>Analyze the difference between HTTP vs HTTPS<\/li>\n<li>Analyze the various security mechanisms embedded with different protocols.<\/li>\n<\/ul>\n<li>Identify the vulnerabilities using OWASP ZAP tool<\/li>\n<li>Create simple REST API using python for following operation<\/li>\n<ul>\n<li>GET<\/li>\n<li>PUSH<\/li>\n<li>POST<\/li>\n<li>DELETE<\/li>\n<\/ul>\n<li>Install Burp Suite to do following vulnerabilities:<\/li>\n<ul>\n<li>SQL injection<\/li>\n<li>cross-site\tscripting (XSS)<\/li>\n<li>Attack the website using Social Engineering method<\/li>\n<\/ul>\n<\/ol>\n<p><h4>Course Outcomes:<\/h4>\n<h4 id=\"istudy\" style=\"text-align:center\"><a class=\"rank-math-link\" href=\"https:\/\/play.google.com\/store\/apps\/details?id=ini.istudy\" style=\"color: inherit\" target=\"_blank\" rel=\"noopener\">Download the iStudy App for all syllabus and other updates.<\/a><br \/><a class=\"rank-math-link\" href=\"https:\/\/play.google.com\/store\/apps\/details?id=ini.istudy&amp;pcampaignid=pcampaignidMKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/play.google.com\/intl\/en_us\/badges\/static\/images\/badges\/en_badge_web_generic.png\" alt=\"Get it on Google Play\" style=\"height:65px;text-align:center\"><\/a><\/h4>\n<p><h4>Text Books:<\/h4>\n<ol>\n<li>Andrew Hoffman, Web Application Security: Exploitation and Countermeasures for Modern Web Applications, First Edition, 2020, O\u2019Reilly Media, Inc.<\/li>\n<li>Bryan Sullivan, Vincent Liu, Web Application Security: A Beginners Guide, 2012, The McGraw-Hill Companies.<\/li>\n<li>Neil Madden, API Security in Action, 2020, Manning Publications Co., NY, USA.<\/li>\n<\/ol>\n<p><h4>Reference Books:<\/h4>\n<ol>\n<li>Michael Cross, Developer\u2019s Guide to Web Application Security, 2007, Syngress Publishing, Inc.<\/li>\n<li>Ravi Das and Greg Johnson, Testing and Securing Web Applications, 2021, Taylor &amp; Francis Group, LLC.<\/li>\n<li>Prabath Siriwardena, Advanced API Security, 2020, Apress Media LLC, USA.<\/li>\n<li>Malcom McDonald, Web Security for Developers, 2020, No Starch Press, Inc.<\/li>\n<li>Allen Harper, Shon Harris, Jonathan Ness, Chris Eagle, Gideon Lenkey, and Terron Williams Grey Hat Hacking: The Ethical Hacker\u2019s Handbook, Third Edition, 2011, The McGraw-Hill Companies.<\/li>\n<\/li>\n<\/ol>\n<p align=\"justify\">For detailed syllabus of all the other subjects of Cyber Security 6th Sem, visit <a class=\"rank-math-link\" href=\"..\/category\/cyber-security+6th-sem\">Cyber Security 6th Sem subject syllabuses for 2021 regulation<\/a>. <\/p>\n<p align=\"justify\">For all Cyber Security results, visit <a class=\"rank-math-link\" href=\"https:\/\/www.inspirenignite.com\/anna-university\/anna-university-results\/\">Anna University Cyber Security all semester results<\/a> direct link. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Web Application Security detailed syllabus for Cyber Security (Cyber Security) for 2021 regulation curriculum has been taken from the Anna Universities official website and presented for the Cyber Security students. [&hellip;]<\/p>\n","protected":false},"author":2297,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"footnotes":""},"categories":[158],"tags":[],"class_list":["post-56439","post","type-post","status-publish","format-standard","hentry","category-cyber-security"],"_links":{"self":[{"href":"https:\/\/www.inspirenignite.com\/anna-university\/wp-json\/wp\/v2\/posts\/56439","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inspirenignite.com\/anna-university\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inspirenignite.com\/anna-university\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inspirenignite.com\/anna-university\/wp-json\/wp\/v2\/users\/2297"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inspirenignite.com\/anna-university\/wp-json\/wp\/v2\/comments?post=56439"}],"version-history":[{"count":0,"href":"https:\/\/www.inspirenignite.com\/anna-university\/wp-json\/wp\/v2\/posts\/56439\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.inspirenignite.com\/anna-university\/wp-json\/wp\/v2\/media?parent=56439"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inspirenignite.com\/anna-university\/wp-json\/wp\/v2\/categories?post=56439"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inspirenignite.com\/anna-university\/wp-json\/wp\/v2\/tags?post=56439"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}