CSC501 / Cyber Security

Syllabus

174KB

PDF

102KB

PDF

M1: Introduction to Cyber Laws & Cyber Forensics

Classifications of Cyber Crimes
- Against individuals
- Against property
- Against the nation
Need for Digital Forensics
- Steps in digital forensics (scientific methods)
Number Systems for Data Representation
- Binary
- Decimal
- Hexadecimal
- ASCII and Unicode
Arenas for Digital Forensics
- Disk
- Network
- Wireless
- Database
- Mobile
- Email
- GPS
- Memory
Incident Handling and Response
- Forensic triage
Ethical Hacking
Future of Cybercrime

[⤓]

Content Preview

M2: Fundamentals for Cyber Forensics

Locard's Exchange Principle and Digital Forensic Investigation Models
Types of digital evidence artifacts
Raw vs proprietary forensic storage formats
Identification of potential evidence:
- Slack space
- Swap space
- Steganography
Recovery of:
- Hidden data
- Deleted data
- Corrupt data
Standard file formats & headers
Forensic file carving
Investigation planning:
- Order of volatility
- Forensic triage
Overview of file systems

[⤓]

Content Preview

M3: Rules for Cyber Security and Digital Forensics

[⤓]

Content Preview

M4: Implementation of Cyber Law and Digital Forensics

Forensic laboratory requirements:
- Setting up a lab
- Evaluating lab staff
- Selecting forensic workstations
Backup and recovery plans
Generating forensically sound reports
Intellectual Property Rights and Cyber Laws in India:
- IT Act 2000
- 2008 Amendment
- Related IPC sections
Code of Ethics
Role of Expert Witnesses
Analysis of sample forensic reports

[⤓]

Content Preview

M5: Practical Approaches to Cyber Forensics

Evidence validation and gathering using:
- DOS commands
- Unix/Linux commands
Forensic imaging with DD commands
Software tools:
- Open source frameworks
- Proprietary frameworks
Hardware tools:
- Write blockers
- Images and evidence protection containers/bags
NIST tools:
- CFReDS
- CTFF
- NSRL
Analysing:
- Email headers
- Network packets