Diploma in Networking & Cyber Security (DNCS)

Our 6 Months Diploma Programme in Networking and Cyber Security (DNCS) is specially designed to provide a great opportunity for the students to grab their dream carrier in more than 30 different

IT-oriented job roles.

Students who have completed plus-2 and Degree can do this course. This course starts from the very basics and will help students to become IT industry professionals.

This course will also benefit students who are planning to migrate Abroad

Security+(SY0-701) Syllabus

Module 1: General Security Concepts

1.1 Security Controls

• Technical Controls
• Managerial Controls
• Operational Controls
• Physical Controls
• Preventive Controls
• Detective Controls
• Corrective Controls
• Deterrent Controls
• Compensating Controls
• Directive Controls

1.2 Fundamental Security Concepts

• CIA Triad
  • Confidentiality
  • Integrity
  • Availability
• Non-Repudiation
• AAA Framework
  • Authentication
  • Authorization
  • Accounting
• Zero Trust Architecture
• Deception and Disruption Technologies
  • Honeypots
  • Honeyfiles
  • Decoy Systems

1.3 Change Management

• Business Processes
• Technical Implications
• Documentation Procedures
• Approval Workflows
• Rollback Planning
• Version Control

1.4 Cryptographic Solutions

• Public Key Infrastructure (PKI)
• Encryption Technologies
• Symmetric Encryption
• Asymmetric Encryption
• Hashing Algorithms
• Digital Signatures
• Certificates
• Obfuscation Techniques

Module 2: Threats, Vulnerabilities, and
Mitigations

2.1 Threat Actors and Motivations

• Nation-State Actors
• Organized Crime
• Hacktivists
• Insider Threats
• Script Kiddies / Unskilled Attackers
• Shadow IT

Motivations

• Financial Gain
• Espionage
• Data Exfiltration
• Sabotage
• Political/Ideological Reasons

2.2 Threat Vectors and Attack Surfaces

• Message-Based Attacks
  • Phishing
  • Smishing
  • Spam
• Social Engineering Attacks
• File-Based Threats
• Voice Call Attacks (Vishing)
• Supply Chain Attacks
• Vulnerable Software Exploitation
• Unsecured Networks

2.3 Vulnerabilities

• Application Vulnerabilities
• Hardware Vulnerabilities
• Mobile Device Vulnerabilities
• Virtualization Vulnerabilities
• Operating System Vulnerabilities
• Cloud-Specific Vulnerabilities
• Web-Based Vulnerabilities
• Supply Chain Vulnerabilities

2.4 Malicious Activities

Malware Attacks

• Viruses
• Worms
• Trojans
• Ransomware
• Spyware
• Rootkits

Password Attacks

• Brute Force
• Dictionary Attacks
• Credential Stuffing
• Rainbow Table Attacks

Application Attacks

• SQL Injection
• Cross-Site Scripting (XSS)
• Cross-Site Request Forgery (CSRF)

Network Attacks

• DoS/DDoS
• ARP Poisoning
• Man-in-the-Middle (MITM)

Physical Attacks

• Tailgating
• Shoulder Surfing
• Dumpster Diving

Cryptographic Attacks

• Collision Attacks
• Downgrade Attacks
• Birthday Attacks

2.5 Mitigation Techniques

• Network Segmentation
• Access Control
• Configuration Enforcement
• System Hardening
• Isolation Techniques
• Patch Management

Module 3: Security Architecture

3.1 Architecture Models

• On-Premises Infrastructure
• Cloud Computing
• Virtualization
• Internet of Things (IoT)
• Industrial Control Systems (ICS)
• Infrastructure as Code (IaC)

3.2 Enterprise Infrastructure Security

• Secure Network Design
• Secure Communication Protocols
• VPN Technologies
• Remote Access Security
• Control Selection
• Secure Access Principles

3.3 Data Protection

Data Types

• Structured Data
• Unstructured Data
• Sensitive Data

Data Protection Methods

• Encryption
• Tokenization
• Masking
• Data Loss Prevention (DLP)

Data Classification

• Public
• Internal
• Confidential
• Restricted

3.4 Resilience and Recovery

• High Availability
• Load Balancing
• Clustering
• Site Considerations
  • Hot Site
  • Warm Site
  • Cold Site
• Backup Types
  • Full Backup
  • Incremental Backup
  • Differential Backup
• Disaster Recovery
• Business Continuity
• Continuity of Operations

Module 4: Security Operations

4.1 Computing Resource Security

• Secure Baselines
• Mobile Device Security
• Wireless Security
• Application Security
• Sandboxing
• System Monitoring

4.2 Asset Management

• Asset Acquisition
• Asset Assignment
• Asset Monitoring and Tracking
• Asset Disposal
• Hardware Asset Management
• Software Asset Management
• Data Asset Management

4.3 Vulnerability Management

• Vulnerability Identification
• Vulnerability Analysis
• Remediation Processes
• Validation Procedures
• Reporting and Documentation

4.4 Alerting and Monitoring

• Security Monitoring Tools
• Log Management
• SIEM Solutions
• IDS/IPS Monitoring
• User Activity Monitoring
• Network Monitoring

4.5 Enterprise Security Technologies

• Firewalls
• IDS/IPS
• DNS Filtering
• Data Loss Prevention (DLP)
• Network Access Control (NAC)
• Endpoint Detection and Response (EDR)
• Extended Detection and Response (XDR)

4.6 Identity and Access Management (IAM)

• User Provisioning and Deprovisioning
• Single Sign-On (SSO)
• Multifactor Authentication (MFA)
• Privileged Access Management (PAM)

4.7 Automation and Orchestration

• Automation Use Cases
• Security Scripting
• Workflow Automation
• Benefits and Considerations

4.8 Incident Response

Incident Response Lifecycle

• Preparation
• Detection
• Containment
• Eradication
• Recovery
• Lessons Learned

Additional Topics

• Threat Hunting
• Root Cause Analysis
• Digital Forensics

4.9 Data Sources for Investigations

• Log Files
• Packet Captures
• SIEM Data
• Endpoint Logs
• Cloud Logs
• Threat Intelligence Sources

Module 5: Security Program Management and
Oversight

5.1 Security Governance

• Policies
• Standards
• Procedures
• Guidelines
• Governance Structures
• Roles and Responsibilities
• Security Monitoring

5.2 Risk Management

Risk Processes

• Risk Identification
• Risk Assessment
• Risk Analysis
• Risk Register Management
• Risk Reporting

Risk Concepts

• Risk Appetite
• Risk Tolerance
• Business Impact Analysis (BIA)

Risk Strategies

• Risk Acceptance
• Risk Avoidance
• Risk Mitigation
• Risk Transfer

5.3 Third-Party Risk Management

• Vendor Assessment
• Vendor Selection
• Security Agreements
• SLA Review
• Vendor Monitoring
• Security Questionnaires
• Rules of Engagement

5.4 Security Compliance

• Compliance Monitoring
• Compliance Reporting
• Privacy Requirements
• Legal and Regulatory Requirements
• Consequences of Non-Compliance

5.5 Audits and Assessments

• Internal Audits
• External Audits
• Attestation
• Penetration Testing
• Security Assessments

5.6 Security Awareness and Training

• Phishing Awareness
• Social Engineering Awareness
• Password Security
• User Guidance
• Incident Reporting Procedures
• Anomalous Behavior Recognition

Ethical Hacking

Module 1: Introduction to Ethical Hacking

Module 2: Foot Printing and Reconnaissance

Module 3: Scanning Networks

Module 4: Enumeration.

Module 5: Vulnerability Analysis.

Module 6: System Hacking.

Module 7: Malware Threats.

Module 8: Sniffing.

Module 9: Social Engineering.

Module 10: Denial-of-Service.

Module 11: Session Hijacking.

Module 12: Evading IDS, Firewalls, and Honeypots.

Module 13: Hacking Web Servers.

Module 14: Hacking Web Applications.

Module 15: SQL Injection.

Module 16: Hacking Wireless Networks.

Module 17: Hacking Mobile Platforms.

Module 18: IoT and OT Hacking.

Module 19: Cloud Computing.

Module 20: Cryptography.

SOC Analyst  Syllabus

Module 1 – Security Operations and Management
Module 2 – Understanding Cyber Threats, IoCs, and Attack Methodology
Module 3 – Incidents, Events, and Logging
Module 4 – Incident Detection with Security Information and Event Management (SIEM)
Module 5 – Enhanced Incident Detection with Threat Intelligence
Module 6 – Incident Response