Scribd
Upload
39 views7 pages

Lect 01 ITS Syllabus

Uploaded by

thebigbull405
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
39 views7 pages

Lect 01 ITS Syllabus

Uploaded by

thebigbull405
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

IT SECURITY

PROF.(DR.) SATISH N. GUJAR


Unit 1: Foundations of IT Security
 Introduction to IT Security
o Importance of IT Security
o Evolution of Cyber Threats
o Principles of Confidentiality, Integrity, and Availability (CIA Triad)
 Physical Security Principles
o Assessing Physical Security Risks
 Site Surveys and Risk Assessments
 Threat Modeling Techniques
o Implementing Physical Security Controls
 Perimeter Security (Fencing, Gates)
 Access Control Systems (Biometrics, RFID)
 Surveillance Systems (CCTV, Motion Sensors)
 Host Security
o Host Hardening Techniques
 Patch Management
 Endpoint Protection Solutions (Antivirus, Anti-Malware)
o Operating System Security
 User Authentication and Access Control
 File System Encryption
o Application Security Best Practices
 Secure Coding Principles

Unit 2: Network Security Fundamentals
 Understanding Network Fundamentals
o Types of Networks and Components
 Local Area Networks (LANs)
 Wide Area Networks (WANs)
o Standard Network Models
 OSI Model
 TCP/IP Protocol Suite
 Network Security Threats and Controls
o Common Network Security Threats
 Malware (Viruses, Worms, Trojans)
 Phishing Attacks
o Network Security Controls and Protocols
 Access Control Lists (ACLs)
 Secure Socket Layer (SSL)/Transport Layer Security (TLS)
 Firewall Configuration and Management
o Types of Firewalls and Their Functions
 Packet Filtering Firewalls
 Stateful Inspection Firewalls
o Configuring and Managing Firewalls
 Firewall Rule Design and Implementation
 Firewall Logging and Monitoring
Unit 3: Security Controls and Tools
 Intrusion Detection and Prevention
o Intrusion Detection Systems (IDS)
 Network-Based IDS (NIDS)
 Host-Based IDS (HIDS)
o Intrusion Prevention Systems (IPS)
 Signature-Based IPS
 Behavior-Based IPS
 Virtual Private Networks (VPN)
o VPN Components and Technologies
 VPN Concentrators
 VPN Protocols (IPsec, SSL VPN)
o Configuring and Managing VPNs
 VPN Client Configuration
 Site-to-Site VPN Deployment
 Wireless Network Defense
o Wireless Network Threats and Countermeasures
 Rogue Access Points
 Evil Twin Attacks
o Implementing Wireless Security Controls
 Wi-Fi Protected Access (WPA/WPA2)
Wireless Intrusion Detection Systems (WIDS)
Unit 4: Incident Response and Management
 Understanding Incident Response
o Incident Handling Process
 Preparation
 Identification
 Containment
 Eradication
 Recovery
 Lessons Learned
o First Responder Responsibilities
 Initial Incident Assessment
 Evidence Preservation
 Incident Detection and Analysis
o Network Traffic Monitoring and Analysis
 Packet Sniffing Tools (Wireshark)
 Log Analysis
o Identifying Security Incidents
 Indicators of Compromise (IOCs)
 Anomaly Detection Techniques
 Incident Containment and Recovery
o Containment Strategies
 Isolation of Affected Systems
 Blocking Malicious Traffic
o Recovery and Resilience Planning
 Data Restoration Procedures
 Business Continuity Plans
Unit 5: Risk Management and Vulnerability Assessment
 Risk Management Principles
o Risk Identification and Assessment
 Asset Identification
 Threat Assessment
 Vulnerability Assessment
o Risk Mitigation Strategies
 Risk Acceptance
 Risk Avoidance
 Risk Transfer
 Vulnerability Assessment
o Conducting Vulnerability Scans
 Automated Scanning Tools (Nessus, OpenVAS)
 Manual Vulnerability Assessment Techniques
o Vulnerability Remediation Techniques
 Patch Management Processes
Unit 6: Data Protection and Backup Strategies
 Data Backup and Recovery
o Backup Strategies and Best Practices
 Full, Incremental, and Differential Backups
 Offsite Data Storage
o Data Recovery Techniques
 Bare-Metal Recovery
 Data Replication
 Ensuring Data Integrity
o Data Encryption Methods
 Symmetric Encryption Algorithms (AES)
 Asymmetric Encryption Algorithms (RSA)
o Securing Data Storage Solutions
 Disk Encryption Technologies (BitLocker, FileVault)

You might also like