CSCC LABS

New syllabus of cscc labs :

About : Daily 4 hours training(4hrs*30days = 120 Hrs) , 2 hrs assignments , 1

hr interview , 1 hr seminar.

MODULE TOPIC Hrs(120)

01 Introduction to Cyber Security (ICT) 10 Hours

02 Network Attacks & Defense (NAD) 25 Hours

03 Software Security (SS) 40 Hours

04 One hour sessions (OH) 10 Hours

Re-view Re-view and Exams 20 Hours

Total 120 Hours

Time Table:
(from 3/02/2021 to 5/02/2021)
sno 9 to 10:0 to 11 :0 to 1:0 1:0 to 2:0 to 3 :0 to 4:0 to
10 11:0 2:0 3:0 4:0 6:0

Mon ICT ICT Assignment Lunch ICT OH Seminar

Tue ICT ICT Assignment Lunch ICT OH Seminar

 Web ICT ICT Assignment Lunch NAD OH Seminar

Thu ICT NAD Assignment Lunch ICT OH Seminar

Fri ICT NAD Assignment Lunch ICT OH Seminar

CSCC LABS , Hyderabad. Confidential only for

internal use
I. Introduction to Cyber Security(10hrs)
Chapter 1: Introduction to Cyber Threats (3hrs)
1.1 Security threats
1.2 CyberSpace and Criminal Behaviour
1.3 Types of Hackers & Various Hacking Techniques
1.4 Types of Cyber crimes
1.5 Vulnerability assessment and penetration testing
1.6 Red team and Blue team
1.7 Osi layers

Chapter 2:ICT (Information Communication Technology)(4hrs)

2.1 IT Communication Technologies
2.2 Protocols
2.3 Fundamental principles of operating systems
2.4 Different types of application and network servers
2.5 Cryptography
2.6 Load balancer
2.7 VPN
2.8 TOR
2.9 Virtualization

Chapter 3: Defensive measures of Cyber Security(3Hrs)

3.1 Introduction to AAA
3.2 Authentication methods
3.3 Access Control
3.4 Firewall
3.5 IDS and IPS
3.6 Antivirus
3.7 SIEM
3.8 SOC
3.9 Business continuity and disaster recovery planning

CSCC LABS , Hyderabad. Confidential only for

internal use
 3.9.1 Hot site
3.9.2 Warm site
3.9.3 Cold site

Chapter 4: Advanced Computing Technologies (2hrs)

4.1 Introduction to cloud computing
4.2 Cloud service models
4.3 Cloud Deployment models

Module 1 Assignments and Tasks (4hrs):

CSCC LABS , Hyderabad. Confidential only for

internal use
II. Network Attacks & Defense(25hrs).
Chapter 1: Introduction to Networks (6hrs)
1.1 Network & Its Types
1.2 Network Devices
1.3 OSI and TCP/IP Reference Model
1.4 Network Topologies
1.5 IP Address and classifications
1.6 IPv4 & IPv6
1.7 Subnetting
1.8 Routers & Switches
1.9 VPN
1.10 Proxy Servers
1.11 Network Ports

Chapter 2: Network Threats and Attacks (7hrs)

2.1 CIA model
2.2 Network Security Threats
2.2.1 DoS and DDoS
2.2.2 Sniffing
2.2.3 Session Hijacking
2.2.4 Spoofing
2.2.5 Man in the middle attack
2.2 Cyber kill chain framework
2.3 Information gathering
2.4 Scanning
2.5 Enumeration and Vulnerability identification
2.6 Exploitation
2.7 Post Exploitation

Chapter 3: Network Defence(7hrs)

3.1 Patch management

CSCC LABS , Hyderabad. Confidential only for

internal use
 3.2 System hardening
3.3 Configuration auditing
3.4 Access control list
3.5 Content and URL filtering
3.6 DLP
3.7 HIPS and NIPS
3.8 SIEM
3.9 Vulnerability management
3.10 Cyber Threat intelligence
3.11 Compliance

Chapter 4: Cryptography for Cyber Security (3hrs)

4.1 Goals of Cryptography
4.2 Cryptography Concepts
4.3 Symmetric vs Asymmetric Cryptography
4.4 Digital Signatures
4.5 Cryptographic Hashes
4.6 Creating Digital Signatures

Module 2 Assignments and Tasks(7hrs) :

●

CSCC LABS , Hyderabad. Confidential only for

internal use
Module III : Software Security(50Hrs)
Chapter 1: Software Security Concepts (5hrs)
1.1 Software Basics
1.2 Types of Software
1.2.1 Operating system
1.2.2Desktop application
1.2.3 Web application
1.2.4Mobile application
1.3 Core Concepts of Software Security
1.3.1 Confidentiality
1.3.2 Integrity
1.3.3 Availability
1.3.4 Authentication
1.3.5 Authorization
1.3.6 Auditing
1.3.7 Accountability
1.4WebApplication Architectures
1.4.1 One-Tier Architecture
1.4.2 Two-Tier Architecture
1.4.3 Three-Tier Architecture
1.4.4 N-Tier Architecture
1.4.5. Service Oriented Architecture

1.5 Regulations, Privacy, and Compliance

1.5.1 HIPAA
1.5.2 PCI
Chapter 2: Design and Implementation of Secure Software (5hrs)
2.1 Secure Software Development Life Cycle
2.2 Secure Software Design Principles
2.2.1 Least Privilege

CSCC LABS , Hyderabad. Confidential only for

internal use
 2.2.2 Separation of Duties
2.2.3 Defense in Depth
2.2.4 Fail Safe
2.2.5 Open Design…etc
2.2.6 Credential Management
2.2.7 Multi-factor Authentication
2.2.8 Single Sign-On (SSO)
2.3 OWASP Top 10 Vulnerabilities

Chapter 3: Software Vulnerability Assessment(5hrs)

3.1 Security Testing Methods
3.1.1 White Box Testing
3.1.2 Black Box Testing
3.2 Phases of Penetration Testing
3.2.1 Reconnaissance
3.2.2 Scanning
3.2.3. Gaining Access
3.2.4 Maintaining Access
3.2.5 Covering Tracks
3.5 Tools for Security Testing

Module 3 Assignments and Tasks(25hrs) :

● Portswigger
● Webgoat
●

CSCC LABS , Hyderabad. Confidential only for

internal use
 One Hour sessions (10hrs):
● About Osi layers
● Docker
● ELK
● Cloud
● Operating system Basics.
● Splunk
● Any firewall configuration
● Cisco packet tracer (network devices conf )

CSCC LABS , Hyderabad. Confidential only for

internal use
 Tools need to cover in training :

Networking Wapt SOC Others

Wireshark Nessus Radar X protect Metasploit

Cisco Packet Tracer Qualis guard qradar Social Engineering

Toolkit

Pfsense Firewall Splunk Cain and Abel

Iptables Hydra

Nmap LIOC and HIOC

Netstat, Nikto
Netuser,Netsh,
nslookup , dig , NC,

Certificate has to complete before the training period :

1. Splunk fundamentals .
2. Cscc labs CTF Machines .

CSCC LABS , Hyderabad. Confidential only for

internal use
3. Portswigger labs Certificate .

CSCC LABS , Hyderabad. Confidential only for

internal use