Cyber Security Assessment & IT Audit

panel_start Introduction panel_end

Cyber Threats, both internal and external, have the potential to impact confidentiality, integrity and availability if controls are not in place.

New laws and regulations or growth in data may pose a threat to the organization. Human threats can include everything from carelessness to espionage. And, of course, there are an array of technical threats, including, but in no way limited to, malicious code, unauthorized access, malware, or hardware/software failures

The amount or significance of threat can vary, dependent upon whether the enterprise is working in cloud, mobile, Internet of Things (IoT), big data or security analytics. As information shifts location (moving from mobile, to IoT, to cloud, for example), there will be a need for new classes of controls to address the new locations of information, and those new classes of controls will require updating as well as auditing

This workshop on Cyber Security & Audit recognizes the dangers, vulnerabilities the organisation faces, and the effect and probability of such attacks.

panel_start Target Audience panel_end

• Network experts hoping to enhance their insight and investigate cyber security as a lifelong way.
• Executives and managers wanting  to build their capacity to speak with security experts and execute a powerful security arrangement at the hierarchical level.
• Individuals needs to improve their comprehension of cybersecurity essentials, including dangers, relieving controls, and hierarchical duties.

panel_start Course Content panel_end

I.T SECURITY

• Types of cyber crime (Credi t cards, payment frauds, Net banking frauds etc.)
• Recent Internet Banking frauds & their modus-operandi
• Cyber Crime Cases (Past, present, & what can we expect in future)

Understanding IP & MAC addresses Proxy Servers

• How to use proxy severs
• How  to detect proxy severs
• Mobile Hacking & Security( Live Demos of mobile hacking & how to secure your mobiles)
• Calls Recording & Spoofing  
• Hacking the entire mobile, etc

OWASP  Top 10 : Website Hacking & Security

• Vulnerability Scanning in Websites
• SQL Injection
• Cross Site Scripting
• DOS
• Defacing a website
• XSS
• Uploading a shell on the web server

Understanding Data leakage solutions for Data security.

Understanding the ISO 27001 standards

CYBER CRIME INVESTIGATIONS & DIGITAL FORENSICS

• Investigating Emails
• Analyzing Email Headers
• Windows File Analysis tools
• MAC FORENSICS
• LINUX FORENSICS

Network Forensics :

• Understanding Wireshark
• Windows server forensics
• Data Acquisition Software Tools
• Creating Images of pen drive/hdd
• Investigating Website & web application 
• Mobile Forensics
• Complete laptop / desktop forensic

( incase an employee leaves the company to trace the activity done on his computer)

• Filing cyber complaints

Software provided :  Kali Linux, Nmap, NetScan Tools Pro, Nessus, SAINT, GFI LANGuard, TOR, OmniPeek Network Analyzer, Sandcat, Wikto, Acunetix, Havij, TrueCrypt & lot more