Government of Pakistan

National Vocational and Technical Training Commission

Prime Minister Youth Skill Development Program

"Skills for All"

Course Contents/ Lesson Plan

Course Title: Digital Forensic & Cyber Security
Duration: 3 Months

Digital Forensic & Cyber Security

Trainer Name
Author Name Muhammad Ahsan Malik (Senior Instructor Corvit)
Course Title Digital Forensic & Cyber Security

Objective of Course To prepare the trainees to work as Cyber Security Professional in

wide variety of computer-related industries and has a strong
emphasis on ensuring business continuity of production services /
networks.
Learning Outcome of the Course Knowledge Proficiency Details
• Knowledge of Information technology catering principles and
Capabilities with particular -emphasis on the technical support of
local area networks.
• Knowledge of securing networks, systems, servers and operating
Systems with troubleshooting.
• Knowledge of the web attacks in modern day servers
Skills Proficiency Details
• Hands on experience in pen testing all network
technologies regarding with local area network.
• Perform various tests to detect and provide defense against
vulnerabilities.
• Practical scenarios to compromise web servers and web
applications.
• Ability to detect attack vectors, identify attack type and provide
continuity of operations.
• Ability to recover data from damaged disks to ensure data
consistency.
• Capable of malware analysis to detect basic working of malwares.
• Pen testing mobile devices and applications.
• Digital forensics of various operating systems.
Course Execution Plan Total Duration of Course: 3 Months (12 Weeks)
Class Hours: 4 Hours per day
Theory: 20% Practical: 80%
Total contact hours: 240 hours
Companies Offering Jobs in the  Trillium
respective trade  Afinity
 NetSole
 I2c
 Multinet
 Nescom
 Transworld
 Netcom
 Systems
 Web Work Solution
 Purelogics
Job Opportunities  Security Operations Centre (SOC) Engineer
• Network Security Administrator
Digital Forensic & Cyber Security
 • IT Support Officer
• Manager / Assistant Manager IT
• Network support engineer
• Security Analysts
• Penetration tester
No of Students 25

Learning Place Classroom/Lab

Instructional Resources EC-Council

https://www.eccouncil.org/certified-ethical-hacker-training-and-
certification/

https://www.eccouncil.org/train-certify/computer-hacking-forensic-
investigator-chfi/

Linux Foundation
https://training.linuxfoundation.org/resources/
Cisco Adaptive Security Appliances
https://www.cisco.com/c/en/us/solutions/industries/education/
educator-resource-center/networking-academy.html
Cisco Next Generation Firewall
https://learningnetwork.cisco.com/s/next-generation-firewall-training-
videos
Cisco Web Security
https://learningnetwork.cisco.com/s/web-security-training-videos
Cisco Email Security
https://learningnetwork.cisco.com/s/email-security-training-videos
Huawei Next Generation Security
https://e.huawei.com/ae/products/enterprise-networking/security
Cisco Identity Services Engine
https://www.cisco.com/site/us/en/products/security/identity-
services-engine/index.html

Digital Forensic & Cyber Security

 Scheduled Module Title Learning Units Remarks
Week
Week 1 Introduction / Cyber Day 1 Hour#1  Motivational Lecture
Security Fundamentals
Hour#2  Course Introduction
Hour#3  Success stories
Hour#4  Job market
Day 2 Hour#1  Course Application in Industry
Hour#2  Institute/work ethics
Hour#3  Introduction to Cybersecurity
Hour#4  Objectives / Roles
Day 3 Hour #  Why is Cyber security Important?
1 &2  What is a Hacker?
 Describe the elements of information security
Hour #  Lab Buildup (Installation of VMware
3&4 Workstation, EVE-NG, Kali-Linux)
Day 4 Hour #  Explain information security threats and attack
1&2 vectors
Hour #  Describe the hacking concepts, types, and
3&4 phases

Day 5 Hour #  Understand the information security controls

1&2 (information defense-in-depth, policies,
procedures, awareness and risk management)
Hour #  Understand the penetration testing process
3&4
Week 2 Information Gathering, Day 1 Hour#1  Motivational Lecture (For further detail  Task - 1
Foot printing & please see Page No: 3& 4)
Reconnaissance, Hour#2  Basic Concept of Foot printing / Scanning  Task - 2
Scanning Networks,
Hour #  Task 1, Task 2, Task 3 and Task 4 to be
Enumeration  Task - 3
3-4 practiced by students
Day 2 Hour#1  OS, Application, Server, Hardware, Version,
information gathering  Task - 4

 Task - 5

 Task - 6

Digital Forensic & Cyber Security

 Hour#2  Task 5, Task 6 and Task 7 to be practiced by
students  Task - 7

 Task – 8

 Task – 9

 Task – 10
Hour#3  Perform scanning to check for live system
and open ports
 Task – 11
Hour#4  Task 8 to be practiced by students
Day 3 Hour#1  Subdomains, Email, DNS information  Task – 12
gathering
 Task – 13
Hour#2  Task 9 & 10 to be practiced by students
 Task – 14
Hour#3  Foot printing using Search Engines
 Task - 15
Hour#4  Task 11 to be practiced by students

Day 4 Hour#1  Network Foot printing / Scanning

Hour #  Task 12 to be practiced by students

2-3 Details may
 Concepts of Enumeration
be seen at
Hour#4
Annexure-I
 Introduction to Enumeration tools

Day 5 Hour#1  NetBIOS and SNMP Enumeration

Hour#2  Task 13 & 14 to be practiced by students

Hour#3  NTP, DNS and FTP Enumeration

Hour#4  Task 15 to be practiced by students

Week 3 Vulnerability Analysis, Day 1 Hour#1  Success stories (For further detail please see  Task - 16
Operating System Page No: 3& 4)
(Linux) Fundamentals Hour#2  Concept of Vulnerability  Task - 17

Hour#3  Introduction to Vulnerability Analysis Tools  Task - 18

 Use Nikto for Vulnerability Scanning
 Task – 19
Hour#4  Task 16 to be practiced by students
Day 2 Hour#1  Vulnerability research using vulnerability  Task – 20
scoring systems and databases
 Task – 21

Digital Forensic & Cyber Security

 Hour#2  Nessus / Qualys for System Vulnerability
Scanning
Hour #  Task 17 to be practiced by Students
3-4
Details may
Day 3 Hour#1  Vulnerability Assessment Reports
be seen at
Hour#2  Create a Formatted Report with Nikto / Annexure-I
Nessus
Hour # 3  Task 18 to be practiced by Students
-4
Day 4 Hour #  Introduction is Linux Distributions
1-2  Installing Kali Linux and CentOS
Hour #  Task 19 to be practiced by Students
3-4
Day 5 Hour#1  Basic Shell Commands of Linux

Hour#2  Task 20 to be practiced by Students

Hour#3  Managing Users, Groups and Partitions

Hour#4  Task 21 to be practiced by Students

Week 4 Operating System Day 1 Hour#1  Success stories (For further detail please see  Task – 22
(Linux) Page No: 3& 4)
Fundamentals, Hour#2  Managing Files and their permissions.  Task – 23
Social Engineering
Exploits Hour #  Task 22 to be practiced by Students  Task – 24
3-4
Day 2 Hour#1  File Ownership  Task – 25

Hour#2  Task 23 to be practiced by Students  Task – 26

Hour#3  Working with the Bash Shell & Shell Scripts  Task – 27
Hour#4  Task 24 to be practiced by Students
 Task - 28
Day 3 Hour#1  Installation of CentOS
Hour#2  Task 25 to be practiced by Students  Task – 29
Hour#3  Installation of Apache Server on Linux
Hour#4  Task 26 to be practiced by Students Details may
Day 4 Hour #  FTP/SMB/DHCP/DNS/Apache/Mail Servers be seen at
1-2 on Linux Annexure-I
Hour #  Task 27 to be practiced by Students
3-4  1st
Day 5 Hour #  Describe the social engineering concepts Monthly
1-2  Perform social engineering using various test
techniques
 Describe insider threats
 Perform impersonation on social networking
sites
Digital Forensic & Cyber Security
  Describe Phishing and Pharming

Hour #  Task 28 and Task 29 to be practiced by

3-4 Students
Week 5 System Hacking & Day 1 Hour#1  Motivational Lecture (For further detail  Task – 30
Manipulation. Sniffing please see Page No: 3& 4)
Techniques & Attacks  Task – 31
Hour#2  System Hacking Concepts
Hour#3  Performing Online Password Attacks  Task – 32
Hour#4  Task 30 to be practiced by Students
Day 2 Hour#1  Gain Access of remote system using  Task – 33
Armitage
Hour#2  Task 31 to be practiced by Students  Task – 34

Hour#3  Hide data using steganography  Task – 35

Hour#4  Task 32 to be practiced by Students
 Task – 36
Day 3 Hour#1  Sniffing Concepts
Hour#2  Use of Sniffing tool (Wireshark Network  Task – 37
Analyzer)
Hour #  Task 33 to be practiced by Students
3-4
Day 4 Hour#1  Sniffing using MAC Flooding

Hour#2  Task 34 to be practiced by Students

Details may
Hour#3  Sniffing Technique: DHCP Starvation using be seen at
Yersinia Annexure-I
Hour#4  Task 35 to be practiced by Students

Day 5 Hour#1  Sniffing Technique: DNS Poisoning

Hour#2  Task 36 to be practiced by Students
Hour#3  Sniffing Countermeasures and Detection
Methods
Hour#4  Task 37 to be practiced by Students

Week 6 Denial of Service, Day 1 Hour#1  Motivational Lecture (For further detail  Task – 38
Session Hijacking, please see Page No: 3& 4)
Hacking Web Hour#2  DOS/ DDoS concepts  Task – 39
Applications
Hour#3  Perform SYN Flooding Attack using hping3 &  Task – 40
Metasploit
Hour#4  Task 38 and Task 39 to be practiced by  Task – 41
Students
Day 2 Hour#1  Using different attacking tools, perform  Task – 42
ICMP Flood Attack / Ping of Death Attack /
DDoS Attack
 Task – 43
Hour #  Task 40, Task 41 and Task 42 to be practiced
Digital Forensic & Cyber Security
 2-3 by Students
 Task – 44
Hour#4  DOS/DDoS Countermeasures
 Task – 45
Day 3 Hour#1  Session Hijacking
 Types of Session Hijacking
 Spoofing
Hour#2  Network Level Hijacking – Capturing Cookie
Sessions
Hour #  Task 43 to be practiced by Students
Details may
3-4
be seen at
Day 4 Hour#1  Web Application Architecture
Annexure-I
 Web Application Threats
 OWASP Top 10 Application Security Risks –
2022
Hour#2  Web Application Security using WAF (F5
ASM)
Hour #  Task 44 to be practiced by Students
3-4
Day 5 Hour#1  Web Application Hacking Methodology
 Web API
 Webhooks and Web Shell
 Web API Hacking Methodology
Hour#2  Web Application Security using AWS WAF
Hour #  Task 45 to be practiced by Students
3-4
Build Your CV  Download professional CV template from
any good site (https://www.coolfreecv.com
or relevant)
 Add Personal Information
 Add Educational details
 Add Experience/Portfolio
 Add contact details/profile links
Week 7 SQL Injections, Hacking Day 1 Hour#1  Motivational Lecture (For further detail  Task – 46
Wireless Networks, please see Page No: 3& 4)
Hacking Web Servers  Task – 47
Hour#2  SQL Injection
 Types of SQL injection
Hour#3  Task 46 to be practiced by Students  Task – 48
Hour#4  SQL Injection Methodology
 Task – 49
 SQL Injection Tools
Day 2 Hour#1  Launch a SQL Injection Attack
 Task – 50
 Enumerate number of columns in database

Hour#2  Task 47 to be practiced by Students  Task – 51

Hour#3  Blind SQL Injection Attack
 Bypass Website Logins Using SQL Injection  Task – 51a
Hour#4  Task 48 to be practiced by Students
Day 3 Hour#1  SQL Injection Detection Tools
Digital Forensic & Cyber Security
  Use WebCruiser to Detect SQL Injection
Hour#2  Task 49 to be practiced by Students
Hour #  Wireless Terminology
3-4  Wireless Networks
 Wireless Encryption
 Wireless Threats Details may
 Wireless Hacking Methodology be seen at
Day 4 Hour #  Wi-Fi Encryption Cracking Annexure-I
1-2  WEP/WPA/WPA2 Cracking Tools
Hour #  Task 50 to be practiced by Students
3-4
Day 5 Hour #  Website Defacement
1-2  Web Cache Poisoning Attack
 Web Server Attack Methodology
 Web Server Attack Tools
 Web Server Security Tools
Hour #  Task 51 and Task 51a to be practiced by
3-4 Students

Week 8 Digital Forensics Day 1 Hour # 1  Motivational Lecture (For further detail  Task - 51b
please see Page No: 3& 4)  Task - 51c
Hour #  Fundamentals of Computer Forensics
2-4  Cybercrimes and their Investigation
procedures
 Digital Evidence
 Forensic Readiness, Incident response, and
Role of SOC (Security Operations Center) in
computer forensics
 Roles and responsibilities of Forensic
Investigator
Day 2 Hour #  Understanding Hard Disks and File Systems
1-4  Types of Disk drives and their characteristics
 Logical structure of Disk
Day 3 Hour #  Understanding boot process of windows,
1-4 linux and MAC operating systems
 File systems of windows, linux and MAC
operating systems
Day 4 Hour #  Examine file system using Autopsy and
1-2 Sleuth Kit tools
Hour #  Data Acquistion and Duplication
3-4 Fundamentals
Day 5 Hour #  Prepare Image file for examination
1-4  Acquiring disk image using FTK imager
Week 9 Digital Forensics Day 1 Hour#1  Motivational Lecture (For further detail  Task – 52
please see Page No: 3& 4)
Hour#  Windows Forensics  Task – 53
2-4  Collect Volatile and Non-Volatile Information
Day 2 Hour#  Perform Windows memory and registry
Digital Forensic & Cyber Security
 1-4 analysis  Task – 54
 Examine cache, cookie and history recorded
in web browsers  Task – 55
 Examine windows files and metadata
Day 3 Hour #  Understand volatile and non-volatile data in  Task – 56
1-4 linux
 Analyze filesystem images using Sleuth kit  Task – 57
 Memory forensics using Volatility and
PhotoRec
Day 4 Hour#  Network Forensics
1-4  Logging fundamentals and network forensics
readiness
 Summarize event correlation concepts Details may
Day 5 Hour #  Identify indicators of compromise (IoCs) be seen at
1-4 from network logs Annexure-I
 Perform incident detection and examination
with SIEM tools
Week 10 Digital Forensics Day 1 Hour #  Investigating Web Attacks
1-4  Understand Web application forensics
 Understand Internet Information Services
(IIS) logs
Day 2 Hour #  Understand Apache Web Server logs
1-4  Intrusion Detection System
 Web Application Firewall (WAF)
 Investigate Web Attacks on Windows-based
Servers
Day 3 Hour #  Dark Web Forensics
1-4  Understand Dark Web
 Identify traces of Tor browser during
investigation
 Tor browser forensics
Day 4 Hour #  Database Forensics
1-4  Determine data storage and database
evidence repositories in MSSQL server
 Collect evidence files on MSSQL server
 Perform MSSQL forensics
Day 5 Hour #  Cloud Forensics
1-4  Understand basic cloud computing concepts
 Cloud Forensics
 Fundamentals of Amazon Web Services
(AWS)
 Forensic methodologies for containers and
microservices
Week 11 Digital Forensics, Cisco Day 1 Hour#  Malware Forensics  Task – 58
Adaptive Security 1-4  Static Malware analysis
Appliance (ASA)  Analyze suspicious word and PDF documents  Task – 59
 Dynamic Malware analysis and approaches
Day 2 Hour#1  ASA Firewall Technologies
Digital Forensic & Cyber Security
  Basic Firewall initialization using CLI and  Task – 60
ASDM
 Firewall Access Control  Task – 61
Hour#2  Task 59 to be practiced by Students
Hour#3  NAT on ASA (IPv4 / IPv6)  Task – 62
Hour#4  Task 60 to be practiced by Students
Day 3 Hour#1  Routing and VLAN configuration  Task – 63

Hour#2  Task 61 to be practiced by Students  Task – 64

Hour#3  Firewall Deployment Modes
 Transparent Firewall  Task – 65
Hour#4  Task 62 to be practiced by Students
Day 4 Hour#1  Virtualization (Context) on ASA  Task - 66
Hour#2  Task 63 to be practiced by Students
Hour#3  ASA Firewall - High Availability Features
Hour#4  Task 64 to be practiced by Students
Details may
Day 5 Hour#1  ASA Clustering be seen at
Hour#2  Task 65 to be practiced by Students Annexure-I
Hour#3  Modular Policy Framework
Hour#4  Task 66 to be practiced by Students

Week 12 Next Generation Firewall Day 1 Hour#1  Motivational Lecture (For further detail  Task – 67
(USG 6000v), please see Page No: 3& 4)
Data Center Advanced Hour#2  Evolution / Need for NGFW  Task – 68
Architecture and  Deployment Models
implementation of Web Hour#3  Initial Setup / Boot strapping of Huawei  Task – 69
Security. USG6000v Firewall
Hour#4  Task 67 to be practiced by Students  Task – 70
Day 2 Hour#1  Traffic flow
 Security Policy Components  Task – 71
 Security Zones
 Creating Individual Objects and Groups  Task – 72
Hour#2  Task 68 to be practiced by Students
 Task – 73
Hour#3  Filtering based on Application Visibility and
Control
 Task – 74
Hour#4  Task 69 to be practiced by Students

Day 3 Hour#1  Filtering based on Web URLs

 File Blocking
Hour#2  Task 70 to be practiced by Students
Hour#3  Intrusion Detection and Prevention (IPS) /
SNORT Rules Details may
Hour#4  Task 71 to be practiced by Students be seen at
Day 4 Hour#1  SSL Decryption Annexure-I
 Monitoring and Reporting

Digital Forensic & Cyber Security

 Hour#2  Task 72 to be practiced by Students

Hour#3  Need for Web Application Firewall

 Creating WAF protection profile
Hour#4  Task 73 to be practiced by Students

Day 5 Hour#1  Features and Functionality of Cisco WSA

Hour#2  Install and Verify the Cisco WSA in various
deployment scenarios
Hour #  Task 74 to be practiced by Students
3-4
Hour #  Configuring Cisco Web Security Appliance
2-3 (WSA) policies
 Enforcing Acceptable usage control
 Defending against malware
Hour#4  Task 75 to be practiced by Students
Week 13 Entrepreneurship, Day 1 Hour#1  Motivational Lecture (For further detail
Job Hunting Tips, please see Page No: 3& 4)
Final Assessment
Hour#2  Job Market Searching
 Self-employment
Hour#3  Exploring Freelancing Sites
Hour#4  Fundamentals of Business Development
Day 2 Hour#1  Entrepreneurship
Hour#2  Startup Funding
Hour#3  Business Incubation and Acceleration
 Business Value Statement
Hour#4  Business Model Canvas

Day 3 Hour#1  Sales and Marketing Strategies

Hour#2  Stakeholders Power Grid
Hour#3  RACI Model, SWOT Analysis, PEST Analysis
Hour#4  SMART Objectives
Day 4 Hour#1  How to search and apply for jobs in at least
two labor marketplace countries (KSA, UAE,
etc.)
Hour #  Browse the following website and create an
2-4 account on each website
 Bayt.com – The Middle East Leading Job Site
 Monster Gulf – The International Job Portal
 Gulf Talent – Jobs in Dubai and the Middle
East
 Find the handy ‘search’ option at the top of
your homepage to search for the jobs that
best suit your skills.
 Select the job type from the first ‘Job Type’
drop-down menu, next, select the location
Digital Forensic & Cyber Security
 from the second drop- down menu.
 Enter any keywords you want to use to find
suitable job vacancies.
 On the results page you can search for part-
time jobs only, full-time jobs only, employers
only, or agencies only. Tick the boxes as
appropriate to your search.
 Search for jobs by:
• Company
• Category
• Location
• All jobs
• Agency
• Industry
Day 5 Hour #  Final Assessment / Closing Address
1-4

Digital Forensic & Cyber Security

Digital Forensic & Cyber Security
 Tasks For Cyber Security Annexure-I

Task
Task Description Remarks
No.

Cyber Security
Open Source As a professional Ethical Hacker or Pen Tester, your first
Information Gathering
step will be to check for the reachability of a computer in the
using Windows
Command Line target network. Operating systems offer several utilities
Utilities
that you can readily use for primary information – gathering.
1 Windows command-line utilities such as ping nslookup.
And tracert gather important information like IP address,
maximum Packet Fame size, etc., about a target network of
system that form a base for security assessment and pen
test.
Finding Company’s As a professional ethical hacker, you should be able to
Sub – domains using
extract information on the target using an automated tool
Sublist3r
2 such as Sublist3r. It uses multiple search engines to gather
the subdomains of a target domain. This lab will
demonstrate extracting information using Sublist3r.
Gathering Personal During information gathering you need to gather personal
Information using
information about employees working on critical positions in
Online People Search
Services the target organization such as Network Administrator, Help
3 Desk Employees, and Receptionist etc. The information
collected can be useful in performing social engineering.
This lab will demonstrate how you can search for personal
information using online people search services.
Gathering Information As a professional ethical hacker, you should be able to
from LinkedIn using
extract information on the target using an automated tool
In Spy
4 such as InSpy. It uses Google to extract valuable
information about the employees of an organization through
their twitter profiles.

Digital Forensic & Cyber Security

 Collecting Information Collect information on the target website and extract the
About a Target
source code of the web pages built in HMII, Java Script,
Website using
Firebug CSS script etc. This activity may reveal potential
5 vulnerabilities in the web application that can be exploited
later in the security assessment phases. This lab will
demonstrate how to reveal source code and collect
information about a target website.
Extracting a Extract information from the organization website. You are
Company’s Data
required to perform web data extraction in order to gain
using Web Data
6
Extractor useful information from the website. This lab will show you
how to perform web data extraction on the target website
Mirroring Website Difficult to perform foot printing on a live website. Need to
using HTTrack Web
mirror the target website. This mirroring of the website
Site Copier
7
helps you to footprint the web site thoroughly on your local
system
8 Scanning Live Nmap allows you to scan your network and discover not
Systems and Open
only everything connected to it, but also a wide variety of
ports using Nmap
information about what's connected, what services each
host is operating. It allows a large number of scanning
techniques, such as UDP, TCP connect (), TCP SYN (half-
open), and FTP.

Collecting Information An attacker may send malicious emails to a victim in order

About a Target by
to carry out an attack on a target organization. As a
Tracing Emails
professional ethical hacker, you should be able to trace out
8a information about such malicious email. It involves
analyzing the email headers of suspicious email to extract
information such as the date that an email was received or
opened, geographical information, etc.
Gathering IP and Whois foot printing the target domain name or IP
Domain Name
addresses. It involves gathering information on the target
Information using
9
Whois Foot printing IP and domain obtain during previous information gathering
steps.
Digital Forensic & Cyber Security
 DNS Foot printing
You have collected a lot of information using the Whois
database. The next task that you need to perform is to

10 perform DNS footprinting, which helps you gather

information related to DNS Servers and DNS records.
By performing DNS footprinting, an attacker can gather quite
a lot of information about the hosts and systems within the
organization.
11 Footprinting using Search engines can provide a wealth of information about
Search Engines
the target organizations. You can simply type the name of
the organization in the search field. The search results can
provide information, such as physical location of
organization’s offices, contact information, email addresses
and employee names. An attacker can use all this
information to initiate an attack. For example, an attacker
can initiate a social engineering attack using contact
information, telephone, or mobile numbers.
12 Network Footprinting If you manage a small network, it is much easier to keep
using Network
Topology Mapper and track of connected devices. However, as a network grows to
Advanced IP Scanner instead include hundreds or thousands of connected
devices, it becomes nearly impossible to track them
manually. You may have to track and map them, but a
manual discovery can be a daunting task. You can use
various tools to automatically draw a network, eliminating
this issue. In this exercise, you will learn about Network
Topology Mapper and Advanced IP Scanner

13 NetBIOS Enumeration In Windows, you have a utility named Nbtstat that helps you
using Nbtstat and
Nmap obtain NetBIOS information, such as NetBIOS name tables
and NetBIOS name cache. It is a pretty easy-to-use utility
with a few parameters. Nmap, other than the command,
contains a Nmap Scripting Engine (NSE) used to execute
Digital Forensic & Cyber Security
 ready-made scripts available within it. NSE also contains a
script that helps you perform NetBIOS enumeration and can
help you determine the NetBIOS names and MAC
addresses.
14 SNMP Enumeration Several devices are configured to use the Simple Network
using IP network
Browser and SNMP- Management Protocol (SNMP), which helps an administrator
Check manage them and get their current status. An attacker can
perform SNMP enumeration by using the default community
string and extracting a lot of information from the device. The
information can include ARP and routing tables. In this
exercise, you will learn to perform SNMP enumeration using
IP network browser and SNMP-Check utility
15 NTP, DNS and FTP Network Time Protocol (NTP) is used for time
Enumeration
synchronization. It can provide information to connect users
to an NTP server, system names, and operating systems.
Systems internal to a network can use either an internal or
external NTP server. Even though the NTP service is not a
concern for many network administrators, if exploited, it can
provide a wealth of information to the attacker. DNS plays a
vital role on the Internet. There are several tools that the
attacker can use to perform a zone transfer. Some of the key
tools are nslookup, dig, and DNSRecon. The host command
can also provide a lot of information, such as SOA records of
the authoritative nameservers or print the IP addresses of a
specific domain.

16 Use Nikto for Nikto is a vulnerability scanner that is part of Kali Linux.
Vulnerability Scanning
Ethical hackers, penetration testers widely use it, and
hackers to find the vulnerabilities in web applications.
17 Use Lynis for System Lynis is a built-in multi-purpose tool in Kali Linux. It is
Vulnerability Scanning
designed to perform tasks like security auditing, compliance
Digital Forensic & Cyber Security
 testing, penetration testing, vulnerability detection and
system hardening.
18 Vulnerability After the vulnerability assessments have been executed,
Assessment reports
using Nikto their outcome should be in the form of reports. The outcome
of the scan will contain one or more vulnerabilities that
should be listed within a report, which should contain the
remediation step for the vulnerabilities that have been
located. Using Nikto, create a formatted vulnerability
assessment report.
19 Installation of Ubuntu Kali Linux is a famous distribution for Hackers, Pentesters,
Linux and Kali Linux
Forensics Investigators and Security Researchers that
comes pre-configured with already installed hacking tools
that you can use.
20 Basic Shell commands A shell is a special user program that provides an interface
of Linux
to the user to use operating system services. Shell accepts
human-readable commands from the user and converts
them into something which the kernel can understand. It is a
command language interpreter that executes commands
read from input devices such as keyboards or from files. In
this lab exercise, we will learn/practice basic terminal
commands of Linux.
21 Managing users and In Linux, every user is assigned an individual account which
group accounts,
partitions contains all the files, information, and data of the user. You
can create multiple users in a Linux operating system using
Linux user commands. Users and groups are used to control
access to files and resources.
22 Managing Files and Linux is a multi-user system. Every file and directory in your
their Permissions
account can be protected from or made accessible to other
users by changing its access permissions. Every user has
responsibility for controlling access to their files.
23 File Ownership All Linux files belong to an owner and a group. When
Digital Forensic & Cyber Security
 permissions and users are represented by letters, that is
called symbolic mode. For users, u stands for user owner, g
for group owner, and o for others. For permissions, r stands
for read, w for write, and x for execute.
24 Working with Bash / A shell script is an executable file containing multiple shell
Shell Scripts
commands that are executed sequentially. Linux Shell
scripting is writing a series of command for the shell to
execute. Shell variables store the value of a string or a
number for the shell to read. Shell scripting in Linux can help
you create complex programs containing conditional
statements, loops, and functions.
25 Installation of CentOS CentOS is one of the most popular Linux distributions. It is
an open-source operating system that provides an
enterprise-class computing platform. CentOS is a
manageable, predictable, stable, and reproducible platform
derived from RHEL sources. In contrast, RHEL is a
commercial Linux distribution. CentOS is developed for the
amd64 platform. In this Lab, CentOS would be installed on
VMWare workstation.
26 Apache Server on Linux As a Web server, Apache is responsible for accepting
directory (HTTP) requests from Internet users and sending
them their desired information in the form of files and Web
pages. Apache is the most commonly used Web server on
Linux systems. Web servers are used to serve Web pages
requested by client computers. Clients typically request and
view Web pages using Web browser applications such as
Firefox, Opera, Chromium, or Internet Explorer.
27 FTP/SMB/DHCP/DNS/ Domain Name System (DNS) is used to resolve (translate)
Mail Servers on Linux
hostnames to internet protocol (IP) addresses and vice
versa. A DNS server, also known as a nameserver, maps IP
addresses to hostnames or domain names. We can use
Digital Forensic & Cyber Security
 linux distribution for building other common services like
FTP/SMB/DHCP/Apache and Mail services.
28 Social Engineering Social engineering is the art of manipulating and utilizing
Techniques using
phishing human behavior to conduct a security breach. using phishing
and pharming. Phishing uses technical deception to
convince a user to provide personal information, such as
passwords, social security numbers, credit card numbers,
bank account details, and so on.
29 Social Engineering In pharming, user is redirected to a malicious copy of a
Techniques using
pharming genuine website. When a user types the correct URL in the
Web browser, the user is instead redirected to a look-alike
website.
30 Performing Online An online password attack is performed on network services,
Password Attacks
such as SSH, HTTP, FTP, SMB, etc. Most of the time,
servers or network devices are not equipped to block an
online password attack. Therefore, these attacks can
succeed without much effort. For example, an attacker might
guess a user’s password from a website login. Password
attacks can be of two types. The first type is the dictionary
attack, which uses a list of common words. It continues to
run through the list until a suitable match is found. On the
other hand, a brute-force attack uses words based on a
given character set. With an online password attack, either
one of the methods can be used. However, a dictionary
attack is mostly the choice because of the slow speed of the
attack.
31 Gain Access to a Armitage is a GUI-driven front-end which sits on top of
Remote System using
Armitage Metasploit and gives us the ability to “hack like the movies”.
Armitage is available for free and built into Backtrack. If you
are running Kali, you may need to install it before using.
Using this tool, you can create sessions, share hosts,
Digital Forensic & Cyber Security
 capture data, download files, communicate through a shared
event log and run bots to automate pen testing tasks.
32 Hide Data using Steganography is the technique of hiding secret data within
Steganography
an ordinary, non-secret, file or message in order to avoid
detection; the secret data is then extracted at its destination.
The use of steganography can be combined with encryption
as an extra step for hiding or protecting data. Hide’N’Send is
one of the best image Steganography tools. It includes
encryption and hiding of data under an image file (JPEG
format). It encrypts the data using the F5 steganography
algorithm. Hiding of data is done using the LSB (Least
Significant Bit) algorithm for Image Steganography. Instead
of hiding in a file structure, these algorithms hide the data
inside the image.
33 Use of Wireshark Wireshark is the most sought-after packet capturing and
Sniffing Tool
sniffing tool. It helps you capture the live network traffic from
various networks. You can use it to monitor the network or
even get sensitive information like passwords transmitted in
cleartext. You can also filter the traffic to find the information
you are looking for. In this task, you will learn to use
Wireshark.
34 Sniffing using MAC Switches rely on the MAC addresses to forward traffic to the
Flooding Attack
appropriate port. An attacker can conduct a MAC attack to
make a switch work as a hub. When the CAM table is filled
with the spoofed MAC address, it cannot save any new MAC
address and behaves like a hub. In this exercise, you will
learn to perform MAC attacks using Macof.
35 Sniffing Technique: A DHCP server is configured to lease IP addresses to clients
DHCP Starvation Attack
on a network. An attacker can target DHCP with the DHCP
starvation attack. Using this attack, an attacker sends many
DHCP requests to a DHCP server, which eventually forces
Digital Forensic & Cyber Security
 the server to lease all IP addresses. In this scenario, you will
learn to launch the DHCP attacks using Yersinia.
36 Sniffing Technique: DNS poisoning intends to forge the DNS records so that the
DNS Poisoning
victim can be redirected to the malicious sites. The attacker
adds the fake or forged records into the DNS resolver cache,
which the DNS uses to respond to the DNS queries received
from the clients. In this task, you will learn to perform DNS
poisoning using DNSChef
37 Sniffing detection and Various methods can be used against sniffing, which usually
countermeasures using
XArp utility takes place using weak protocols, such as HTTP and FTP.
As a basic precaution, you would avoid using weak
protocols. It is always advisable to use protocols that encrypt
traffic. Encryption also prevents the attacker from reading
data in transmission. In this exercise, you will learn to
prevent sniffing attacks using XArp utility
38 SYN Flooding a Target A SYN flood is a form of denial – of – service attack in which
Host using Metasploit
an attacker sends a succession of SYN requests to a target
machine in an attempt to exhaust its resources and
make it unresponsive to legitimate in incoming traffic
39 SYN Flooding a Target A SYN flood is a form of denial – of – service attack in which
Host using hping3
an attacker sends a succession of SYN requests to the
target’s system to consume enough server resources to
make the system unresponsive to legitimate traffic. Hs A
SYN flood attack works by not responding to the server with
the expected ACK code. The malicious client can either not
send the expected ACK, or spoof the source IP address in
the SYN, causing the server to send the SYN – ACK to a
falsified IP address – which will not send an ACK because it
“knows” that it never sent a SYN. The server will wait for the
acknowledgment for some time, as simple network
congestion could also be the cause of the missing ACK, but
Digital Forensic & Cyber Security
 in an attack increasingly large numbers of half – open
connections will bind resources on the server until no new
connections is made , resulting in a denial of service to
legitimate traffic, Some systems may also malfunction badly
or even crash
40 Perform ICMP Flood ICMP flooding is a type of denial-of-service (DoS) attack in
Attack using hping3
which the attacker sends a large number of ICMP packets to
the victim. In this task, you will learn to conduct ICMP
flooding using hping3.
41 Perform Ping of Death Using the ping command, you can perform a Ping of Death
Attack
attack. You can send data packets of a size of 65500
indefinitely to a target system. While it may not bring down a
system, it will impact the target system’s performance. In this
task, you will perform the Ping of Death attack.
42 Performing Distributed A distributed denial of service (DDoS) attack involves a
Denial of Service Attack
using HOIC group of compromised systems usually infected with Trojans
used to perform a DoS attack on a target system or
network.
43 Network Level Session In network level hijacking, you are looking to identify the
Hijacking – Capture
Cookie Sessions session id or cookie that identifies a user’s session with a
server. This information can be used later in application level
hijacking to take over a session. In this exercise, you will
capture cookies using Burp Suite.
44 Web Application F5 BIG-IP® Application Security Manager™ (ASM) is a
Security using WAF (F5
ASM) flexible web application firewall that secures web
applications in traditional, virtual, and private cloud
environments. In this exercise, you will explore different
strategies to use F5 ASM.
45 Web Application AWS WAF is a web application firewall that helps protect
Security using AWS
WAF apps and APIs against bots and exploits that consume

Digital Forensic & Cyber Security

 resources, skew metrics, or cause downtime. An AWS WAF
rule defines how to inspect HTTP(S) web requests and the
action to take on a request when it matches the inspection
criteria. In this exercise, you will learn how to define rules in
AWS WAF for effective defense against Web application
exploits.
46 SQL Injection Attacks SQL Injection is one of the most common and perilous
on MSSQL Database
attacks that website’s software experience. This attack is
performed on SQL databases that have weak codes and this
vulnerability can be used by an attacker to execute database
queries to collect sensitive information, modify the database
entrics or attach a malicious code resulting in total
compromise of the most sensitive data. As an Expert
Penetration Tester and Security Administrator, you need to
test web applications running on the MS SQL Server
database for vulnerabilities and flaws.
47 SQL Injection Attack to There are many specific SQL injection attacks. In this task,
enumerate number of
columns in database you enumerate the database to see how many columns are
in the database. This gives us information for other types of
SQL injection attacks.
48 Blind SQL Injection The SQL Injection — Blind — Boolean-Based attack is
Attack, Bypass Website
Logins similar to an SQL Injection attack. The only difference is that
in a Blind — Boolean attack, you get answers in the form of
true or false. In this task, you will learn to launch a SQL
Injection — Blind — Boolean attack. Using SQL Injection,
you can bypass web application logins. Each web
application that uses an authentication mechanism requires
a database in the backend to authenticate users. Before you
plan to bypass web application authentication, you need to
find Websites that can be prone to such attacks.
49 Use WebCruiser to WebCruiser is an application vulnerability scanning tool. It
Digital Forensic & Cyber Security
 Detect SQL Injection can help you audit a web application for vulnerabilities that
may exist. It can scan for the common web application
vulnerabilities, such as SQL injection, cross-site scripting,
buffer overflow, and flash/flex application and Web 2.0
exposure scans. In this task, you will learn to use
WebCruiser.
50 WiFi Packet Sniffing Wireless networks can be open to active or passive attacks.
using Microsoft
Network Monitor and These attacks include Dos, MITM, spoofing, jamming, war
Wireshark driving, network hijacking, packet sniffing, and many more.
Passive attacks that take place on wireless networks are
common and are difficult to detect since the attacker usually
just collects information. Active attacks happen when a
hacker has gathered information about the network after a
successful passive attack. Sniffing is the act of monitoring
the network traffic using legitimate network analysis tools.
Hackers can use monitoring tools, including AiroPeck,
Ethereal, TCPDump, or Wireshark, to monitor the wireless
networks. These tools allow hackers to find an unprotected
network that they can hack. Your wireless network can be
protected against this type of attack by using strong
encryption and authentication methods In this lab, we use
Microsoft Network Monitor, a tool that an sniff network using
a wireless adapter. Because you are the ethical hacker and
a penetration tester of an organization, you need to check
the wireless security and evaluate weaknesses present in
your organization
51 Uniscan Web Server Webserver fingerprinting is an essential task for any
Fingerprinting in Kali
Linux penetration tester. Before proceeding to hacking / exploiting
a webserver, it is critical for the penetration tester to know
the type and version of the webserver as most of the
attacks / exploits are specific to the type and version of the
Digital Forensic & Cyber Security
 server being used by the target. These methods help any
penetration tester to gain information and analyze their
target so that they can perform a thorough test and can
deploy appropriate methods for mitigation of such attacks
on the server.
51a Exploiting Parameter Though web applications enforce certain security policies,
Tampering and XSS
Vulnerabilities in Web they are vulnerable to attacks such as SQL injection, cross-
Applications site scripting, and session hijacking.
51b Analyzing image file Autopsy is a tool that is used industry-wide tool for digital
using Autopsy
forensics. The best feature is that it is open source. It is fast,
easy to use, and capable of analyzing all types of mobile
devices and digital media. Autopsy is computer software that
makes it simpler to deploy many of the open source
programs and plugins used in The Sleuth Kit. The graphical
user interface displays the results from the forensic search of
the underlying volume, making it easier for investigators to
flag pertinent sections of data.
51c Acquiring memory Memory forensics can be thought of as a current snapshot of
image from Windows
a system that gives investigators a near real time image of
the system while in use. Hard drive forensics is normally
focused on data recovery and decryption, usually made from
an image of the drive. The first step in memory forensics is
to acquire a copy of the physical memory (RAM) of the target
system. This can be done using various tools and methods,
depending on the operating system, hardware, and access
level. Some of the most popular tools for memory acquisition
are FTK Imager, DumpIt, WinPmem, and LiME
52 Identity and Access Identity and Access Management (IAM) is a security and
Management on AWS
business discipline that includes multiple technologies and
business processes to help the right people or machines to
access the right assets at the right time for the right reasons,
Digital Forensic & Cyber Security
 while keeping unauthorized access and fraud at bay. In this
exercise, IAM users for accessing AWS resources would be
created by students.
53 Installation of AWS To access the services, you can use the AWS Management
CLIv2 and accessing
resources via CLI Console (a simple intuitive user interface), the Command
Line Interface (CLI), or Software Development Kits (SDKs).In
this exercise, students will access AWS resources via AWS
management console and CLI
54 Configure EC2 Linux Compute services are also known as Infrastructure-as-a-
based server in AWS.
Use AMI to replicate. Service (IaaS). Compute platforms, such as AWS Compute,
Also launch AWS supply a virtual server instance and storage and APIs that let
Lambda function
users migrate workloads to a virtual machine.
55 Virtual Private Cloud Amazon Virtual Private Cloud is a commercial cloud
buildup in AWS
computing service that provides a virtual private cloud, by
“provisioning a logically isolated section of Amazon Web
Services Cloud”. Enterprise customers are able to access
the Amazon Elastic Compute Cloud over an IPsec based
virtual private network.
56 Cloud Network Security AWS Security Groups help you secure your cloud
using Security Groups,
NACLs, AWS Network environment by controlling how traffic will be allowed into
Firewall your EC2 machines. With Security Groups, you can ensure
that all the traffic that flows at the instance level is only
through your established ports and protocols.
57 DDoS Protection design DDoS mitigation is included automatically with AWS
in AWS
services. DDoS resilience can be improved further by using
an AWS architecture with specific services.
58 Cisco ASA Firewall Basic Firewall initialization using CLI/ASDM and Firewall
Initialization
access control.
59 Firewall Access Control Configure appropriate security rules to regulate the traffic as
per company’s need.

Digital Forensic & Cyber Security

60 NAT on Cisco ASA Configuring Object NAT and manual NAT with source &
destination-based schemes.
61 Routing on ASA and Configuring Routing protocols and implementation of Secure
Secure DMZ Design
DMZ design near perimeter firewall.
62 Deployment modes Implementation of Routed and transparent mode firewalls.
(Transparent)

63 Virtualization on Cisco Configure contexts (virtual firewalls) in Cisco ASA to address

ASA (Context)
the needs of multi-tenancy

64 High Availability Configure Active/Passive and Active/Active designs for HA.

Options on Cisco ASA
Implementation of Redundant and aggregated interfaces.
65 ASA Clustering Cisco ASA supports clustering feature to combine up to 16
appliances, each cluster unit actively forwards transit traffic
(unlikely failover), acting as a single unit. Adjacent switches
statelessly load balance traffic between available cluster
members.
66 Modular Policy Configuring MPF with security filtering. Implementation of
Framework
ASA clustering with spanned ether-channel and interface
mode.
67 Deployment of Huawei Initial setup for Huawei USG 6000v and its bootstrapping
USG 6000v
68 Security Polices on Configuring various components of security policy with zones,
NGFW
objects and groups.
69 Application Visibility Application control, a system designed to uniquely identify
and Control on NGFW
traffic from various applications on a network, enables an
organization to define and apply extremely granular security
and network routing policies based upon the source of a
particular traffic flow.
70 Web Filtering and File Web filtering software monitors and manages the locations
Blocking
where users are browsing on the Internet, enabling an
organization to either allow or block web traffic in order to
protect against potential threats and enforce corporate policy.

Digital Forensic & Cyber Security

 A File Blocking rule defines how IM Security blocks a file
based on file type, file or extension name, or file size.
71 Intrusion Prevention IPS policy allows you to view predefined signatures and
System Policy
customize the intrusion prevention configuration at the
category as well as individual signature level. Categories are
signatures grouped together based on the application and
protocol vulnerabilities.
72 SSL Decryption SSL Decryption, also referred to as SSL Visibility, is the
process of decrypting traffic at scale and routing it to various
inspection tools which identify threats inbound to applications,
as well as outbound from users to the internet.
73 Web Application A WAF or web application firewall helps protect web
Firewall
applications by filtering and monitoring HTTP traffic between
a web application and the Internet.
74 Cisco Web Security Bootstrapping Cisco WSA and deploy proxy services
Appliance
75 WSA Policies and Configuring WSA policies to enforce data security features
Enforcing Acceptable
and defending against Malware.
use

76 Installation of Cisco Cisco Email Security Appliance is an email security gateway

Email Security
product. It is designed to detect and block a wide variety of
Appliance
email-borne threats, such as malware, spam and phishing
attempts.
77 Email Security Administering Cisco Email Security appliance and email
Appliance pipeline
security pipeline
deployment
78 Cisco Identity Services Bootstrapping of Cisco ISE
Engine Installation

79 Cisco ISE policies Implementing next generation NAC solution with Identity
(AAA, Profiling,
management, profiling, posturing, BYOD access control and
Posturing, Guest
Access) guest services

Digital Forensic & Cyber Security

Annexure-II
SUGGESTIVE FORMAT AND SEQUENCE ORDER OF MOTIVATIONAL
LECTURE.
Mentor
Mentors are provided an observation checklist form to evaluate and share their
observational feedback on how students within each team engage and collaborate in a
learning environment. The checklist is provided at two different points: Once towards
the end of the course. The checklists are an opportunity for mentors to share their
unique perspective on group dynamics based on various team activities, gameplay
sessions, pitch preparation, and other sessions, giving insights on the nature of
communication and teamwork taking place and how both learning outcomes and the
student experience can be improved in the future.
Digital Forensic & Cyber Security
Session- 1 (Communication):
Please find below an overview of the activities taking place Session plan that will
support your delivery and an overview of this session’s activity.

Session- 1 OVERVIEW
Aims and Objectives:
 To introduce the communication skills and how it will work
 Get to know mentor and team - build rapport and develop a strong sense of a
team
 Provide an introduction to communication skills
 Team to collaborate on an activity sheet developing their communication,
teamwork, and problem-solving
 Gain an understanding of participants’ own communication skills rating at
the start of the program

Activity: Participant Time Teacher Time Mentor Time

Intro Attend and
contribute to the
scheduled.
Understand good
communication
skills and how it
works.
Understand what
good
communication
skills mean
Understand what
skills are important
for good
communication
skills
Key learning Resources: Enterprise skills
outcomes: developed:
 Understand the  Podium  Communication
communication  Projector  Self Confidence
skills and how it  Computer  Teamwork
works.  Flip Chart
 Understand what  Marker
communication
skills mean
 Understand what
skills are
important for
communication
skills
Digital Forensic & Cyber Security
Schedule Mentor Should do
Welcome: Short welcome and ask the Mentor to introduce
5 min him/herself.
Provide a brief welcome to the qualification for the class.
Note for Instructor: Throughout this session, please
monitor the session to ensure nothing inappropriate is
being happened.
Icebreaker: Start your session by delivering an icebreaker, this
10 min will enable you and your team to start to build rapport
and create a team presentation for the tasks ahead.
The icebreaker below should work well at introductions
and encouraging communication, but feel free to use
others if you think they are more appropriate. It is
important to encourage young people to get to know
each other and build strong team links during the first
hour; this will help to increase their motivation and
communication throughout the sessions.
Introduction & Provide a brief introduction of the qualification to the
Onboarding: class and play the “Onboarding Video or Presentation”.
20mins In your introduction cover the following:
1. Explanation of the program and structure.
(Kamyab jawan Program)
2. How you will use your communication skills in
your professional life.
3. Key contacts and key information – e.g. role of
teacher, mentor, and SEED. Policies and procedures
(user agreements and “contact us” section). Everyone
to go to the Group Rules tab at the top of their screen,
read out the rules, and ask everyone to verbally agree.
Ensure that the consequences are clear for using the
platform outside of hours. (9am-8pm)
4. What is up next for the next 2 weeks ahead so young
people know what to expect (see pages 5-7 for an
overview of the challenge). Allow young people to ask
any questions about the session topic.
Team Activity Planning: MENTOR: Explain to the whole team that you will now
30 minutes be planning how to collaborate for the first and second
collaborative Team Activities that will take place outside
of the session. There will not be another session until
the next session so this step is required because
communicating and making decisions outside of a
session requires a different strategy that must be
agreed upon so that everyone knows what they are
doing for this activity and how.
 “IDENTIFY ENTREPRENEURS” TEAM
Digital Forensic & Cyber Security
 ACTIVITY
 “BRAINSTORMING SOCIAL PROBLEMS” TEAM
ACTIVITY”
As a team, collaborate on a creative brainstorm on
social problems in your community. Vote on the
areas

Digital Forensic & Cyber Security

 you feel most passionate about as a team, then write
down what change you would like to see happen.
Make sure the teams have the opportunity to talk about
how they want to work as a team through the activities
e.g. when they want to complete the activities, how to
communicate, the role of the project manager, etc.
Make sure you allocate each young person a specific
week that they are the project manager for the weekly
activities and make a note of this.
Type up notes for their strategy if this is helpful - it can
be included underneath the Team Contract.

Session Close: MENTOR: Close the session with the opportunity for
5 minutes anyone to ask any remaining questions.
Instructor:
Facilitate the wrap-up of the session. A quick reminder
of what is coming up next and when the next session
will be.

Digital Forensic & Cyber Security

 MOTIVATIONAL LECTURES LINKS.

TOPIC SPEAKER LINK

How to Face Qasim Ali Shah https://www.youtube.com/watch?v=OrQte08Ml90
Problems In
Life
Just Control Qasim Ali Shah https://www.youtube.com/watch?v=JzFs yJt-w
Your
Emotions
How to Qasim Ali Shah https://www.youtube.com/watch?v=PhHAQEGehKc
Communicate
Effectively
Your Tony Robbins https://www.youtube.com/watch?v=5fS3rj6eIFg
ATTITUDE is Les Brown
Everything David Goggins
Jocko Willink
Wayne Dyer
Eckart Tolle
Control Your Jim Rohn https://www.youtube.com/watch?v=chn86sH0O5U
EMOTIONS Les Brown
TD Jakes
Tony Robbins
Defeat Fear, Shaykh Atif https://www.youtube.com/watch?v=s10dzfbozd4
Build Ahmed
Confidence
Wisdom of Learn Kurooji https://www.youtube.com/watch?v=bEU7V5rJTtw
the Eagle
The Power of Titan Man https://www.youtube.com/watch?v=r8LJ5X2ejqU
ATTITUDE
STOP Arnold https://www.youtube.com/watch?v=kzSBrJmXqdg
WASTING Schwarzenegger
TIME
Risk of Denzel https://www.youtube.com/watch?v=tbnzAVRZ9Xc
Success Washington

Digital Forensic & Cyber Security

 Annexure-III

SUCCESS STORY

S. No Key Information Detail/Description

1. Self & Family background Seemant Sehgal, Founder and CEO of BreachLock
Inc. is a promising Cyber Security Entrepreneur in the
EU and USA tech scene. His venture BreachLock has
been listed amongst Top 10 Vulnerability Management
Solution providers for 2019 and is listed in Top 10
Vulnerability Assessment Solutions by Gartner Peers
insights. He is an ardent supporter of RED Teaming
philosophy. Seemant is a regular speaker at
international conferences and also an author for the
ISACA Journal since 2015. In January 2015, Seemant’s
paper on “Effective Cyber Threat Management –
Evolution And Beyond” was published in the ISACA
Journal

3. Post-training activities
His areas of expertise include cyber resilience, payment
security ( PSD2, PCI DSS), ISO 27001, Cyber defense
and SOC. He is a proud contributor/supporter for Threat
Intelligence Based Ethical Red teaming (TIBER)
initiative.He has been recently engaged with
organizations such as ING Group, Capital One Bank,
IBM, COMODO Security Solutions (UK) and Cisco
Systems offering them his expertise in various domains
of Information Security. He has also achieved various
certifications including SANS GSNA, CISM, CISA, CEH,
ISO 27001 Lead Implementer.

4. Message to others Take the training opportunity seriously

Impose self-discipline and ensure regularity
(under training) Make Hard work pays in the end so be always ready for
the same.

Digital Forensic & Cyber Security

Note: Success story is a source of motivation for the trainees and can be presented in several
ways/forms in a NAVTTC skill development course as under: -

1. To call a passed out successful trainee of the institute. He will narrate his success story
to the trainees in his own words and meet trainees as well.
2. To see and listen to a recorded video/clip (5 to 7 minutes) showing a successful
trainee Audio-video recording that has to cover the above-mentioned points.*
3. The teacher displays the picture of a successful trainee (name, trade, institute,
organization, job, earning, etc) and narrates his/her story in the teacher’s own motivational
words.

* The online success stories of renowned professional can also be obtained from Annex-II

Digital Forensic & Cyber Security

 Annexure-IV:
Workplace/Institute Ethics Guide

Work ethic is a standard of conduct and values for job performance. The modern definition of what
constitutes good work ethics often varies. Different businesses have different expectations. Work
ethic is a belief that hard work and diligence have a moral benefit and an inherent ability, virtue, or
value to strengthen character and individual abilities. It is a set of values-centered on the
importance of work and manifested by determination or desire to work hard.

The following ten work ethics are defined as essential for student success:

1. Attendance:
Be at work every day possible, plan your absences don’t abuse leave time. Be punctual
every day.
2. Character:
Honesty is the single most important factor having a direct bearing on the final success of
an individual, corporation, or product. Complete assigned tasks correctly and promptly.
Look to improve your skills.
3. Team Work:
The ability to get along with others including those you don’t necessarily like. The ability to
carry your weight and help others who are struggling. Recognize when to speak up with an
idea and when to compromise by blend ideas together.

4. Appearance:
Dress for success set your best foot forward, personal hygiene, good manner, remember
that the first impression of who you are can last a lifetime
5. Attitude:
Listen to suggestions and be positive, accept responsibility. If you make a mistake, admit it.
Values workplace safety rules and precautions for personal and co-worker safety. Avoids
unnecessary risks. Willing to learn new processes, systems, and procedures in light of
changing responsibilities.
6. Productivity:
Do the work correctly, quality and timelines are prized. Get along with fellows, cooperation
is the key to productivity. Help out whenever asked, do extra without being asked. Take
pride in your work, do things the best you know-how. Eagerly focuses energy on
Digital Forensic & Cyber Security
accomplishing tasks, also referred to as demonstrating ownership. Takes pride in work.
7. Organizational Skills:
Make an effort to improve, learn ways to better yourself. Time management; utilize time and
resources to get the most out of both. Take an appropriate approach to social interactions
at work. Maintains focus on work responsibilities.

8. Communication:
Written communication, being able to correctly write reports and memos.
Verbal communications, being able to communicate one on one or to a group.
9. Cooperation:
Follow institute rules and regulations, learn and follow expectations. Get along with fellows,
cooperation is the key to productivity. Able to welcome and adapt to changing work
situations and the application of new or different skills.
10. Respect:
Work hard, work to the best of your ability. Carry out orders, do what’s asked the first time.
Show respect, accept, and acknowledge an individual’s talents and knowledge. Respects
diversity in the workplace, including showing due respect for different perspectives,
opinions, and suggestions.

Digital Forensic & Cyber Security

Digital Forensic & Cyber Security