Degree - MCA - Cybersecurity Specialist

15 30 25 25 55 150

1. Information Security Fundamentals: Understanding the basics of information security and its
critical role in protecting data from unauthorized access, disclosure, or alteration.
2. Cybersecurity Awareness: Developing the ability to recognize common cybersecurity threats and
vulnerabilities that could compromise data integrity and privacy.
3. Encryption Techniques: Learning about encryption methods and their applications in
safeguarding sensitive information from eavesdropping or unauthorized access.
4. Cloud Security: Understanding different cloud computing models and the security considerations
associated with them, including best practices for securing cloud-based resources and services.
5. Compliance and Risk Management: Recognizing the importance of risk management in business
operations, understanding regulatory compliance frameworks, and acquiring skills to create and
implement effective compliance programs to meet legal and industry standards.

1. Learners will understand and articulate the core principles of information security and its
significance in safeguarding sensitive data.
2. learners will be able to identify and describe various cybersecurity threats and vulnerabilities,
including malware, phishing, and social engineering.
3. After completion, learners will have the skills to describe and apply encryption methods for
securing data during transmission and storage.
4. Learners will differentiate between cloud service models (e.g., IaaS, PaaS, SaaS) and discuss the
associated security considerations, while also implementing security controls and best practices
for data and application protection in a cloud environment.
5. Upon completion, learners will be equipped to identify and explain key cloud compliance
standards, recognize the role of risk management in decision-making, and design and implement
compliance programs to adhere to industry-specific regulations and standards.

Module 1: Introduction to Information Security

• Identify the Basic components of the information security cycle.
• Understand the goals of information security (CIA)
• Identify information security controls.
Degree - MCA - Cybersecurity Specialist

Module 2: Information Security Policies and Basic Cryptography

• Understand the common security practices and authentication methods.
• Understand the Security policy, types of security policies and how to implement within
enterprise effectively.
• Identify fundamental security policy issues.
• Identify the fundamentals components of Cryptography (Encryption & Decryption, Cipher Types,
Stenography, Encryption - Symmetric, Asymmetric and Hashing, Key Exchange, PKI, and Digital
Signature
• Understand how to manage the certificates (CA, PKI, and Digital Signature)

Module 3: Enterprise Security Overview

•
•

Module 4: AAA, Risk Management and Governance

•
•
•

Module 5: Cloud Computing Fundamentals and Basics of Cloud Security

• Understand the Fundamentals of Cloud computing.
• Understand Cloud computing architecture, types of Cloud Deployment (Public, Private and
Hybrid) and types of Cloud computing services (IaaS, PaaS, and SaaS)
• Discuss the security for Cloud computing and Security controls available in cloud.
•

•
•
•

Labs : The learning objectives of the labs mentioned are related to cybersecurity and ethical
hacking. These labs are designed to teach individuals about various cybersecurity threats,
vulnerabilities, and attack techniques. Learning objectives for each lab:
Degree - MCA - Cybersecurity Specialist

8. Deploy and Manage EC2 Instances (AWS):

9. Create EBS Volumes and Attach to EC2 Instances (AWS):

10. Configure AWS VPC (VPC, Subnets, Routing, VPC Peering, etc.) (AWS):

11. Monitor EC2 Instances using CloudWatch and Configuring Alerts (AWS):

12. Create and Manage S3 Buckets, Upload Objects with Customized Permissions (AWS):

13. Creating and Managing IAM Users, Groups, and Policies (AWS):

14. Manage Azure Virtual Machines (Linux & Windows) (Azure):

15. AWS Instance with Accidental Termination Enablement:

16. AWS S3 Access IAM Role:

17. AWS IAM User Creation:

Degree - MCA - Cybersecurity Specialist

15 30 25 25 55 150

Threat Intelligence Fundamentals: Understanding the basics of threat intelligence, including its sources,
types, and its crucial relevance in cybersecurity for proactive threat identification.

Threat Hunting Skills: Developing the ability to proactively hunt for threats by learning various
techniques and strategies to identify and mitigate potential security risks.

Threat Intelligence Sharing: Learning about the importance of sharing threat intelligence within the
cybersecurity community to enhance collective security and response capabilities.

Incident Response Lifecycle: Understanding the complete incident response process, from initial
detection through containment, recovery, and post-incident analysis to learn lessons and improve
security measures.

Vulnerability Assessment and Management: Gaining insights into vulnerability assessment basics,
vulnerability scanning techniques, and strategies for managing and remediating security weaknesses to
enhance overall security posture.

Learners will be able to define threat intelligence, identify various sources, and understand its role in
enhancing security.

After completion, learners will possess the skills to conduct threat hunting exercises using various
methods to proactively identify and respond to potential threats within an organization's network.

Learners will understand the benefits of sharing threat intelligence, actively participate in threat
information sharing groups, and contribute to collective defense against cyber threats.

Upon completion, learners will have the ability to explain each phase of the incident response lifecycle,
perform appropriate actions, and effectively communicate incident details to relevant stakeholders.
Degree - MCA - Cybersecurity Specialist

After completing the training, learners will be equipped to define vulnerability assessment, use scanning
tools, prioritize vulnerabilities, and develop and implement effective vulnerability management
programs to maintain a secure environment.

Module 1: Introduction and Info Gathering

• Understand the penetration testing methodology and terminologies
• Understand how to plan and scope a penetration testing
• Understand how to conduct information gathering (Passive & Active) and enumeration

Module 2: Vulnerability Management

• Vulnerability Management Process - Identifying and Analyzing vulnerabilities
• Understand how to exploit vulnerabilities to gain control over networks and system using
backdoor during a pen test.
• Understand how to exploit the Web Application using OWASP Top 10 attacks and Mobile
applications.
• Understand how to perform Post exploitation like Lateral Movement, Persistence and Pivoting.
• Understand how to prepare a report, document, and communicate your findings.

Module 3: Threat Intelligence and its Phases

• Understand Concept & Baseline of Threat Intelligence and Role of Threat Intelligence in Various IT
Departments
• Understand the stages of Threat Intelligence - Collection, Processing, Clustering, Correlation, Analysis,
Dissemination and Sharing
• Understand how to leverage intelligence to understand adversary behavior and Features Extraction
• Understand the Methodologies of Threat Hunting
• Understand how to extract, ingest, pivot on and Hunt for indication from Threat Intelligence
• Understand how to hunt the suspicious / malware from Network, Web shell and Endpoint
• Understand the role of ML in Threat Intelligence and Hunting
• Understand the NextGen SIEM Architecture, how to use SIEM for Threat Hunting
• Understand how Tools helps to identify breaches and threat using behavioral analysis and provide a
clear actionable report on a simple attack timeline

Module 4: Incident Response and its Phases

• Understand the importance of an incident response plan
• Understand the six phases of incident response
• Understand the incident response team and various steps involved in planning an incident handling
and response program
• Understand roles and responsibilities of First Incident Responders
• Understand importance of First Responder procedure including evidence collection, Packaging,
transportation, storing, data acquisition, Volatile & Static Evidence collection and Evidence analysis

Module 5: Incident Handling

• Understand how to apply the right technique to different types of incidents including malware
incidents, email security incidents, network security incidents, web application security incidents and
insider threat related incident.
• Understand how to detect and response for all Cyber incidents.
• Understand the necessary steps taken after the Cyber Security incident
Degree - MCA - Cybersecurity Specialist

Labs : The learning objectives of the labs mentioned are related to cybersecurity and ethical
hacking. These labs are designed to teach individuals about various cybersecurity threats,
vulnerabilities, and attack techniques. Learning objectives for each lab:

18. Establishing Passive-Reconnaissance using recon-ng tool:

19. Establishing Passive-Reconnaissance using Maltego tool:

20. Establishing Passive-Reconnaissance using 'The Harvester' tool:

21. Establishing Active-Reconnaissance using NMAP Utility:

22. Enumeration of Windows Server using NMAP Tool:

23. Vulnerability Scanning Enumeration - Linux:

24. Performing Vulnerability Scanning using OpenVAS:

25. Vulnerability Scanning using the Nikto Web App Scanner:

26. Network PenTest using Zenmap:

27. PenTest using Meterpreter part 1:

28. PenTest using Meterpreter part 2:

29. PenTest - Persistent Backdoor:

30. Pentest - Pivoting (One Host to Another):

31. OWASP - Login Injection:

32. OWASP - Improper Input Validation:

33. OWASP - Broken Access Control:

34. Forensic Lab2 (Analyze the Attacker's Activities using Wireshark):

35. Memory Forensics with Volatility:

36. Forensic Lab3 (Analyze the Attacker's Activities using Wireshark):

37. OWASP - Sensitive Data Exposure:

38. Forensic Lab1 (Analyze the Attacker's Activities using Wireshark):

Degree - MCA - Cybersecurity Specialist

39. Performing File Recovery from the Windows System:

40. Perform Forensic Analysis on a Suspect’s System using Autopsy:

15 30 25 25 55 150

1) Secure Software Development: Understanding the principles of secure software development

and recognizing the significance of application security in preventing vulnerabilities.
2) Application Security Skills: Developing the ability to identify and mitigate common application
security vulnerabilities to enhance the resilience of software against potential threats.
3) Security Testing Techniques: Learning about security testing methods for applications, including
penetration testing and code reviews, to proactively identify and address security weaknesses.
4) Data Security Principles: Gaining insights into data classification, encryption, and access control
principles, along with skills in data breach prevention and incident response.
5) Regulatory Compliance and Privacy Standards: Understanding the fundamentals of regulatory
compliance and privacy standards related to data security, such as GDPR and HIPAA, to ensure
compliance and protect sensitive information.

Learners will be able to explain fundamental concepts of secure software development and
emphasize the importance of application security in preventing vulnerabilities and breaches.

Upon completion, learners will possess the ability to recognize and describe various application
security vulnerabilities, applying best practices to mitigate these issues throughout the software
development lifecycle.

After the training, learners will be skilled in conducting security assessments of applications
using techniques like penetration testing and code review to identify and address security
weaknesses.

Learners will be equipped to categorize data by sensitivity, implement encryption measures for
data protection, establish access controls, and ensure compliance with data security regulations
and privacy standards.
Degree - MCA - Cybersecurity Specialist

After completing the training, learners will have the capacity to define malware, categorize
different types of malwares, describe common malware behaviors, and perform malware
analysis to enhance their organization's security defenses.

Module 1: Introduction to Application Security & Secure Software Development

• Understanding the importance of application security
• Common security threats and challenges in software development
• Phases of the SDLC
• Integrating security into the SDLC
• Secure coding practices

Module 2: Common Application Security Vulnerabilities & Secure Application Design

• SQL injection
• Cross-Site Scripting (XSS)
• Cross-Site Request Forgery (CSRF)
• Insecure deserialization
• Authentication and authorization issues
• Principles of secure design
• Security patterns and practices
• Threat modeling

Module 3: Security Testing Techniques & Secure API and Web Services Development
• Static analysis (code review)
• Dynamic analysis (penetration testing)
• Automated security scanning tools
• API security best practices
• OAuth and token-based authentication
• API security testing
• Secure deployment practices
• Secure configuration management
• Secure DevOps and CI/CD pipeline integration
• User authentication methods
• Role-based access control (RBAC)
• Single Sign-On (SSO)
• Data classification and encryption
• Data leakage prevention
• Data retention and disposal
• Incident response planning
• Patch management best practices
• Handling security incidents in applications
• Relevant regulations (e.g., GDPR, HIPAA)
• Compliance auditing and reporting
• Mobile application security
• Cloud application security
• DevSecOps and container security
Degree - MCA - Cybersecurity Specialist

Module 4: Data Security and Access Control

• Importance of data security
• Data classification and sensitivity
• Encryption methods and algorithms
• Data at rest and data in transit encryption
• Key management
• Access control models
• Identity and access management (IAM)
• Multi-factor authentication (MFA)
• Identifying and preventing data leakage
• DLP tools and technologies
• Data backup strategies
• Disaster recovery planning
• Business continuity
• Securing databases
• Database access controls
• SQL injection prevention
• Data security in cloud environments
• Shared responsibility model
• Cloud encryption and key management
• Secure file sharing platforms
• Secure collaboration tools
• File encryption and access controls
• Recognizing insider threats
• Employee training and awareness
• Monitoring and detection

Module 5: Introduction to Malware Analysis and Behavior

• Types of malwares
• The role of malware analysis in cybersecurity
• Dynamic analysis vs. static analysis
• Sandboxing and virtualization
• Behavioral analysis
• Signature-based detection
• Heuristic and behavior-based detection
• Antivirus and anti-malware tools
• Assembly language basics
• Debugging and disassembly tools
• Analyzing code flow
• File structure analysis
• Strings and patterns
• Function and code analysis
• Execution monitoring
• API hooking
• Memory analysis
Degree - MCA - Cybersecurity Specialist

• Analyzing real-world malware samples

• Identifying malware families and variants
• Packing and obfuscation
• Polymorphic malware
• Rootkit techniques
• Sharing malware intelligence
• Threat intelligence platforms
• Malware incident response procedures
• Cleanup and recovery strategies
• Advanced persistent threats (APTs)
• Fileless malware
• Zero-day vulnerabilities

15 30 25 25 55 150

SIEM Fundamentals: Understanding the core principles of Security Information and Event Management
(SIEM) and its essential role in security operations for monitoring and threat detection.

SIEM Configuration and Management: Developing the skills required to configure and manage a SIEM
system effectively to collect and analyze security data.

Threat Detection and Incident Response: Learning how to utilize SIEM for threat detection and incident
response, including analyzing logs, correlating events, and generating alerts.

Compliance and Reporting: Gaining knowledge of how SIEM systems can be used for compliance
monitoring and reporting to meet regulatory requirements.

UEBA and Threat Detection: Understanding the principles of User and Entity Behavior Analytics (UEBA)
and its significance in identifying threats through anomaly detection, behavior analysis, and machine
learning, as well as its use cases in insider threat detection, fraud prevention, and more.

Learners will be able to explain core SIEM concepts, emphasizing the importance of log management,
correlation, and real-time monitoring in detecting and responding to security incidents.

Upon completion, learners will have the capability to set up and configure a SIEM system, integrate data
sources, and customize rules, dashboards, and reports.
Degree - MCA - Cybersecurity Specialist

After the training, learners will be skilled in using SIEM for identifying and analyzing security incidents,
including advanced persistent threats (APTs), and responding appropriately.

Learners will possess the ability to analyze logs from various sources, correlate events to detect
anomalies and threats, and configure alerts to notify security personnel.

After completing the training, learners will be proficient in creating compliance reports using SIEM data,
meeting regulatory requirements, developing incident response plans, and using SIEM for automating
security tasks and orchestrating incident response actions to enhance efficiency and effectiveness.

Module 1: Introduction to SIEM and Data Collection

• Understanding the cybersecurity landscape
• Role of SIEM in security operations
• Key concepts: Logs, events, alerts, and incidents
• SIEM architecture overview
• Data sources: Logs, network traffic, endpoint data
• SIEM components: Collectors, analyzers, dashboards, and storage
• Configuring data collection from various sources
• Log management and normalization
• Data enrichment and parsing
• Setting up SIEM rules and alerts
• Customizing dashboards and reports
• Integration with third-party tools

Module 2: Threat Detection and Incident Response with SIEM

• Real-time event monitoring
• Behavioral analysis and anomaly detection
• Correlation rules and threat intelligence integration
• Incident detection and categorization
• Incident investigation workflows
• Incident response orchestration

Module 3: Compliance, Reporting, and Automation

• Compliance requirements and standards
• Generating compliance reports
• Demonstrating compliance to auditors
• Automating routine security tasks
• Security orchestration workflows
• Integration with SOAR (Security Orchestration, Automation, and Response) platforms

Module 4: User and Entity Behavior Analytics (UEBA) Fundamentals

• Introduction to UEBA
• UEBA use cases: Insider threat detection, fraud prevention, etc.
• UEBA data sources and collection methods
• Building behavioral baselines
Degree - MCA - Cybersecurity Specialist

• Machine learning and statistical analysis

• Identifying anomalies and suspicious behavior
• Alert generation and prioritization
• Risk scoring and severity assessment.
• UEBA alerts and SIEM integration
• Leveraging UEBA insights in incident response
• Customizing incident response based on UEBA data.
• Real-world incident response scenarios

Module 5: UEBA Best Practices and Case Studies

• Best practices for UEBA implementation
• Continuous monitoring and improvement strategies
• Adapting UEBA models to evolving threats
• Real-world case studies in SIEM and UEBA
• Hands-on labs for configuring, using, and troubleshooting SIEM and UEBA tools.