Computer Engg

CSDLO7031: Advance System Security & Digital Forensics Syllabus for CS 7th Sem 2019 Pattern Mumbai University (Department Level Optional Course-3)

Advance System Security & Digital Forensics detailed syllabus scheme for Computer Engineering (CS), 2019 regulation has been taken from the MU official website and presented for the Bachelor of Engineering students. For Course Code, Course Title, Test 1, Test 2, Avg, End Sem Exam, Team Work, Practical, Oral, Total, and other information, do visit full semester subjects post given below.

For 7th Sem Scheme of Computer Engineering (CS), 2019 Pattern, do visit CS 7th Sem Scheme, 2019 Pattern. For the Department Level Optional Course-3 scheme of 7th Sem 2019 regulation, refer to CS 7th Sem Department Level Optional Course-3 Scheme 2019 Pattern. The detail syllabus for advance system security & digital forensics is as follows.

Advance System Security & Digital Forensics Syllabus for Computer Engineering BE 7th Sem 2019 Pattern Mumbai University

Course Objectives:

For the complete Syllabus, results, class timetable, and many other features kindly download the iStudy App
It is a lightweight, easy to use, no images, and no pdfs platform to make students’s lives easier.
Get it on Google Play.

Course Outcomes:

At the end of the course learner will able to

  1. Understand cyber attacks and apply access control policies and control mechanisms.
  2. Identify malicious code and targeted malicious code.
  3. Detect and counter threats to web applications.
  4. Understand the vulnerabilities of Wi-Fi networks and explore different measures to secure wireless protocols, WLAN and VPN networks.
  5. Understand the ethical and legal issues associated with cyber crimes and be able to mitigate impact of crimes with suitable policies.
  6. Use different forensic tools to acquire and duplicate data from compromised systems and analyse the same.

Prerequisites:

Cryptography and System Security

Module 1

For the complete Syllabus, results, class timetable, and many other features kindly download the iStudy App
It is a lightweight, easy to use, no images, and no pdfs platform to make students’s lives easier.
Get it on Google Play.

Module 2

Program & OS Security 08

  1. Malicious and Non-Malicious programming errors, Targeted Malicious codes: Salami Attack, Linearization Attack, Covert Channel, Control against Program threats.
  2. Operating System Security: Memory and Address protection, File Protection Mechanism, User Authentication.
  3. Linux and Windows: Vulnerabilities, File System Security.

Module 3

Web Application Security 12 OWASP, Web Security Considerations, User Authentication and Session Management, Cookies, SSL, HTTPS, SSH, Privacy on Web, Web Browser Attacks, Account Harvesting, Web Bugs, Clickjacking, Cross-Site Request Forgery, Session Hijacking and Management, Phishing and Pharming Techniques, Web Service Security, OAuth 2.0

Module 4

For the complete Syllabus, results, class timetable, and many other features kindly download the iStudy App
It is a lightweight, easy to use, no images, and no pdfs platform to make students’s lives easier.
Get it on Google Play.

Module 5

Legal and Ethical issues 06

  1. Cybercrime and its types, Intellectual property, Privacy, Ethical issues.
  2. Protecting Programs and Data, Information and the Law, Rights of Employees and Employers, Redress for Software Failures, Computer Crime, Ethical Issues in Computer Security, case studies of ethics.

Module 6

Digital Forensics 10 Introduction to Digital Forensics, Acquiring Volatile Data from Windows and Unix systems, Forensic Duplication Techniques, Analysis of forensic images using open source tools like Autopsy and SIFT, Investigating logs from Unix and windows systems, Investigating Windows Registry.

Text Books:

For the complete Syllabus, results, class timetable, and many other features kindly download the iStudy App
It is a lightweight, easy to use, no images, and no pdfs platform to make students’s lives easier.
Get it on Google Play.

Reference Books:

  1. Computer Security, Dieter Gollman, Third Edition, Wiley
  2. Digital Forensics by Nilakshi Jain & Kalbande, Wiley.
  3. Incident Response & Computer Forensics by Kevin Mandia, Chris Prosise, Wiley.
  4. Cyber Security. Nina Godbole, Sunit Belapure, Wiley.

Digital references:

  1. https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project

Assessment

Internal Assessment: Assessment consists of two class tests of 20 marks each. The first class test is to be conducted when approx. 40% syllabus is completed and second class test when additional 40% syllabus is completed. Duration of each test shall be one hour.

Theory Examination:

  1. Question paper will comprise of total six question.
  2. All question carry equal marks
  3. Questions will be mixed in nature (for example supposed Q.2 has part
    1. from module 3 then part
    2. will be from any module other than module 3)
  4. Only Four question need to be solved.

Laboratory/ Experimental Work The Experiments for this course are required to be performed and to be evaluated in Computational Lab-1.

Lab Outcome:

Learner will able to

  1. Analyze static code and program vulnerabilities using open source tools.
  2. Explore and analyze network vulnerabilities using open source tools.
  3. Explore and analyze different security tools to detect web application and browser vulnerabilities.
  4. Explore and analyze different tools to secure wireless networks and routers, and mobile devices and perform penetration testing, and analyze its impact.
  5. Understand and implement AAA using RADIUS and TACACS.
  6. Explore various forensics tools in Kali Linux and use them to acquire, duplicate and analyze data and recover deleted data.

Description

  1. Static code analysis using open source tools like RATS, Flawfinder etc.
  2. Vulnerability scanning using Nessus, Nikto (Kali Linux)
  3. Explore web-application vulnerabilities using open source tools like Wapiti, browser exploitation framework (BeEf), etc.
  4. Detect SQL injection vulnerabilities in a website database using SQLMap
  5. Performing a penetration testing using Metasploit (Kali Linux)
  6. Exploring Router and VLAN security, setting up access lists using Cisco Packet tracer(student edition)
  7. Exploring VPN security using Cisco Packet tracer(student edition)
  8. Exploring Authentication and access control using RADIUS, TACACS and TACACS+
  9. Install and use a security app on an Android mobile (e.g. Droidcrypt)
  10. Explore forensics tools in Kali Linux for acquiring, analyzing and duplicating data: dd, dcfldd, foremost, scalpel, debugfs, wireshark, tcptrace, tcpflow
  11. Analysis of forensic images using open source tools like Autopsy, SIFT, FKT Imager
  12. Use of steganographic tools like OpenStego, to detect data hiding or unauthorized file copying
  13. Use Password cracking using tools like John the Ripper/Cain and Abel/ Ophcrack to detect weak passwords.

Reference Books:

  1. Build your own Security Lab, Michael Gregg, Wiley India
  2. CCNA Security, Study Guide, Tim Boyles, Sybex.
  3. Web Application Hackers Handbook, Dafydd Stuttard, Marcus Pinto, Wiley India
  4. Network Infrastructure Security, Randy Waver, Dawn Weaver, Cengage Learning.
  5. Incident Response & Computer Forensics by Kevin Mandia, Chris Prosise, Wiley.

Digital References:

  1. http://www.opentechinfo.com/learn-use-kali-linux/

For detail Syllabus of all subjects of Computer Engineering (CS) 7th Sem 2019 regulation, visit CS 7th Sem Subjects of 2019 Pattern.

View All Post

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.