Scribd
Upload
42 views2 pages

Security and Audit TCS 695 SYLLABUS

The syllabus for TCS 695 on Security & Auditing covers various topics including definitions of cyber threats, cybersecurity management concepts, firewall and intrusion detection systems, database auditing, and backup and recovery strategies. It also addresses relevant laws and standards such as GDPR and ISO27001. The course includes textbooks focused on cybersecurity risk and controls as well as information security risk management.

Uploaded by

Gaurabh Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
42 views2 pages

Security and Audit TCS 695 SYLLABUS

The syllabus for TCS 695 on Security & Auditing covers various topics including definitions of cyber threats, cybersecurity management concepts, firewall and intrusion detection systems, database auditing, and backup and recovery strategies. It also addresses relevant laws and standards such as GDPR and ISO27001. The course includes textbooks focused on cybersecurity risk and controls as well as information security risk management.

Uploaded by

Gaurabh Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

SECURITY & AUDITING TCS 695 SYLLABUS

Unit 1:

Definition of Netizen, Malware and its existence, Definition of Security hole, Security Patch,
Viruses, Worms, Trojan Horses, Bot Networks, Social Engineering, Avoiding Malwares, Spyware,
Adware, Keyboard Loggers, Rogue Software and Shareware, Ransomware, White Hat, Search
Engine Optimization, Current and Fulltime Threats, Hackers, Hacker's tools, Email and SPAM,
Spoofing, Spammer's tools, SPIM, Cyber bullies, Online Reputation Attacks, Phishing, Cyber
stalkers.

Unit 2:

Cybersecurity Management Concepts, Security governance, Management models, roles, and


functions, Enterprise Roles and Structures, Information security roles and positions, Strategic
planning and security strategy, Information Security Standards & Laws, Information Security
Standards-ISO, IT Act, Copyright Act. Patent Law, IPR, Cyber Laws in India; IT Act 2000
Provisions, Intellectual Property Law: Copy Right Law , Software License, Patent Law , GDPR ,
HIPAA , SOX , NIST , ISO27001

Unit 3:

Firewalls, Types of firewalls, Intrusion Detection Systems (IDS) and Intrusion Prevention
Systems (IPS), Network-based vs. host-based IDS/IPS, Signature-based vs. anomaly-based
detection, Virtual Private Networks (VPN), Types of VPNs (e.g ., site-to-site, remote access),
VPN protocols (e.g ., IPSec, SSL/TLS), Wireless Security, Wi-Fi Protected Access
(WPA/WPA2/WPA3), Wireless Intrusion Prevention Systems (WIPS). OSI & TCP/IP stack,
Operating system basics, Web basics, PKI & SSL Basics

Unit 4:

Database Auditing and Monitoring, Database activity monitoring (DAM), Audit trails and logs,
Database security policies and procedures, Database Vulnerability Assessment and Penetration
Testing, Identifying and remediating database vulnerabilities, Penetration testing
methodologies, Security scanning tools.

Unit 5:

Backup and recovery, Backup strategies, Secure backup and recovery procedures, Types of data
backups, Data backup security, Disaster recovery planning, Recovery Point Objective (RPO) and
Recovery Time Objective (RTO). Off-site backup storage, Backup monitoring and maintenance.
Creating a ISO27001 Report for an organization
Text Book :

1. The Complete Guide to Cybersecurity Risk and Controls (Internal Audit and IT Audit) , Taylor &
Francis , 2022
2. Information Security Risk Management for ISO 27001/ISO 27002 , IT Governance Publishing

You might also like