Skip to main content
Milav
  1. Resources/
  2. Study Materials/
  3. Information & Communication Technology Engineering/
  4. ICT Semester 5/
  5. Cyber Security (4353204)/
  6. Cyber Security Slidev Presentations/

·
Milav Dabgar
Author
Milav Dabgar
Experienced lecturer in the electrical and electronic manufacturing industry. Skilled in Embedded Systems, Image Processing, Data Science, MATLAB, Python, STM32. Strong education professional with a Master’s degree in Communication Systems Engineering from L.D. College of Engineering - Ahmedabad.
Table of Contents

Cyber Security (4353204) - Complete 42 Lecture Plan
#

Course Code: 4353204
Institution: Gujarat Technological University (GTU)
Curriculum: Competency-focused Outcome-based Green Curriculum-2021 (COGC-2021)
Semester: V
Programme: Diploma in Information and Communication Technology
Total Teaching Hours: 42 hours (Theory: 3 hrs/week × 14 weeks = 42 hours)

Course Outcomes (COs)
#

  • CO1: Understand the fundamental principles of cybersecurity, apply them to analyze, evaluate, and implement effective security measures in digital environments.
  • CO2: Implement security strategy encompassing authentication, authorization, defense against malicious software.
  • CO3: Secure web communications and applications by applying security protocols, managing ports, and implementing HTTPS, SSH, and VPN technologies.
  • CO4: Conduct ethical hacking and protect systems using Kali Linux tools and vulnerability assessment techniques.
  • CO5: Identify types of cybercrimes, understand their impact, and apply forensic techniques to investigate and prevent cyber-criminal activities.

UNIT I: Introduction to Cyber Security & Cryptography (8 Lectures)
#

Lecture 1: Introduction to Cyber Security
#

  • Topics:
    • Definition and importance of cyber security
    • Evolution of cyber threats
    • Digital asset protection
    • Current cybersecurity landscape
  • Learning Outcomes: Understand cyber security fundamentals and importance
  • Practical: Cyber security awareness assessment and threat analysis

Lecture 2: Computer Security Fundamentals
#

  • Topics:
    • CIA Triad: Confidentiality, Integrity, Availability
    • Information security principles
    • Security objectives and goals
    • Real-world examples of CIA violations
  • Learning Outcomes: Explain CIA triad and its significance in secure system design
  • Practical: Analyze CIA triad implementation in various systems

Lecture 3: Computer Security Terminology
#

  • Topics:
    • Adversary (threat agent)
    • Attack vectors and methods
    • Countermeasures and controls
    • Risk assessment and management
  • Learning Outcomes: Define key security terms and their relationships
  • Practical: Security terminology mapping and risk analysis exercise

Lecture 4: Advanced Security Concepts
#

  • Topics:
    • Security policies and procedures
    • System resources (assets)
    • Threat modeling and analysis
    • Vulnerability assessment basics
  • Learning Outcomes: Understand comprehensive security terminology
  • Practical: Create basic security policy and threat model

Lecture 5: OSI Security Architecture - Part 1
#

  • Topics:
    • OSI model layers overview
    • Security attacks at different layers
    • Layer-specific vulnerabilities
    • Attack classification (passive vs active)
  • Learning Outcomes: Identify security attacks per OSI layer
  • Practical: Map common attacks to OSI layers

Lecture 6: OSI Security Architecture - Part 2
#

  • Topics:
    • Security mechanisms and services
    • Layer-specific security solutions
    • Security protocols and standards
    • Integration of security across layers
  • Learning Outcomes: Understand security mechanisms and services
  • Practical: Design layered security architecture

Lecture 7: Introduction to Cryptography
#

  • Topics:
    • Cryptography fundamentals
    • Symmetric vs asymmetric encryption
    • Public and private key concepts
    • Key management principles
  • Learning Outcomes: Explain asymmetric encryption principles
  • Practical: Basic encryption/decryption exercises

Lecture 8: Hashing Algorithms
#

  • Topics:
    • Hash function principles
    • MD5 algorithm structure
    • SHA family (SHA-1, SHA-256, SHA-512)
    • Applications in data integrity and authentication
  • Learning Outcomes: Understand hashing for data integrity and authentication
  • Practical: Implement MD5 and SHA hashing algorithms

UNIT II: Account & Data Security (7 Lectures)
#

Lecture 9: Introduction to Authentication
#

  • Topics:
    • Authentication definition and significance
    • Authentication vs authorization
    • Authentication factors (something you know, have, are)
    • Authentication challenges in cybersecurity
  • Learning Outcomes: Define authentication and its cybersecurity significance
  • Practical: Analyze different authentication scenarios

Lecture 10: Authentication Methods - Part 1
#

  • Topics:
    • Password-based authentication
    • Password policies and best practices
    • Biometric authentication systems
    • Biometric types and implementation
  • Learning Outcomes: Understand traditional authentication methods
  • Practical: Password strength analysis and biometric system evaluation

Lecture 11: Authentication Methods - Part 2
#

  • Topics:
    • Multi-factor authentication (MFA)
    • Single Sign-On (SSO) systems
    • Cookie-based authentication
    • Token-based authentication
  • Learning Outcomes: Understand advanced authentication methods
  • Practical: Configure MFA and SSO systems

Lecture 12: Authorization and Access Control
#

  • Topics:
    • Authorization definition and significance
    • Access control models (DAC, MAC, RBAC)
    • CAPTCHA systems and implementation
    • Authorization challenges
  • Learning Outcomes: Define authorization and its cybersecurity significance
  • Practical: Implement CAPTCHA and access control systems

Lecture 13: Firewall Technologies
#

  • Topics:
    • Firewall fundamentals and types
    • Packet filter firewalls
    • Application proxy firewalls
    • Personal firewalls and implementation
  • Learning Outcomes: Understand firewall technologies and deployment
  • Practical: Configure packet filter and application proxy firewalls

Lecture 14: Malicious Software - Part 1
#

  • Topics:
    • Malware classification and characteristics
    • Viruses: types, propagation, effects
    • Worms: self-replication and network impact
    • Trojan horses: deception and payload delivery
  • Learning Outcomes: Explain different types of malicious software and effects
  • Practical: Malware analysis and detection techniques

Lecture 15: Malicious Software & Attacks - Part 2
#

  • Topics:
    • Advanced malware: logical bombs, keyloggers, sniffers, backdoors
    • Attack types: brute force, credential stuffing
    • Social engineering and phishing attacks
    • Machine-in-the-middle attacks
  • Learning Outcomes: Understand comprehensive attack vectors on accounts and data
  • Practical: Simulate and defend against various attack types

UNIT III: Network & System Security (8 Lectures)
#

Lecture 16: Web Security Threats
#

  • Topics:
    • Web security landscape
    • Integrity threats in web applications
    • Confidentiality breaches
    • Authentication bypass attacks
    • Denial of Service (DoS) attacks
  • Learning Outcomes: Explain impact of web security threats on CIA
  • Practical: Web vulnerability assessment and threat analysis

Lecture 17: Network Ports and Security
#

  • Topics:
    • Port fundamentals and importance
    • Common ports and their services
    • Port 80 (HTTP) and port 443 (HTTPS)
    • Port scanning and security implications
    • Port-based access control
  • Learning Outcomes: Explain importance of network ports and identify key ports
  • Practical: Port scanning with Nmap and firewall configuration

Lecture 18: SSL/TLS Protocols - Part 1
#

  • Topics:
    • Secure Socket Layer (SSL) fundamentals
    • Transport Layer Security (TLS) evolution
    • SSL/TLS handshake process
    • Certificate authority and trust models
  • Learning Outcomes: Explain SSL/TLS for secure data transmission
  • Practical: SSL/TLS configuration and certificate analysis

Lecture 19: SSL/TLS Protocols - Part 2
#

  • Topics:
    • Encryption algorithms in SSL/TLS
    • Perfect Forward Secrecy
    • SSL/TLS vulnerabilities and mitigations
    • Best practices for implementation
  • Learning Outcomes: Understand SSL/TLS security mechanisms
  • Practical: SSL/TLS security assessment and hardening

Lecture 20: Digital Signatures and Certificates
#

  • Topics:
    • Digital signature fundamentals
    • Public Key Infrastructure (PKI)
    • Certificate lifecycle management
    • Digital certificate validation
    • Non-repudiation and authenticity
  • Learning Outcomes: Describe role of digital signatures and certificates
  • Practical: Create and verify digital signatures and certificates

Lecture 21: HTTPS Implementation
#

  • Topics:
    • HTTPS protocol architecture
    • HTTP vs HTTPS comparison
    • HTTPS implementation best practices
    • Performance considerations
    • Security headers and configurations
  • Learning Outcomes: Implement HTTPS for secure web communications
  • Practical: Configure HTTPS servers and analyze security headers

Lecture 22: SSH and Secure Shell
#

  • Topics:
    • Secure Shell (SSH) protocol
    • SSH authentication methods
    • SSH tunneling and port forwarding
    • WAP end-to-end security
    • Remote access security
  • Learning Outcomes: Understand SSH for secure remote access
  • Practical: Configure SSH servers and implement secure remote access

Lecture 23: Virtual Private Networks (VPN)
#

  • Topics:
    • VPN fundamentals and benefits
    • VPN protocols (OpenVPN, IPSec, WireGuard)
    • Site-to-site vs client-to-site VPNs
    • VPN security considerations
    • Privacy and data protection
  • Learning Outcomes: Explain VPN secure encrypted connections over public networks
  • Practical: Configure and test VPN connections

UNIT IV: Ethical Hacking (9 Lectures)
#

Lecture 24: Introduction to Hacking
#

  • Topics:
    • Hacking definition and evolution
    • Types of hackers (white, black, gray hat)
    • Ethical hacking vs malicious hacking
    • Legal and ethical considerations
  • Learning Outcomes: Understand ethical behavior vs unethical behavior
  • Practical: Ethical hacking methodology and legal frameworks

Lecture 25: Basics of Ethical Hacking
#

  • Topics:
    • Ethical hacking principles and guidelines
    • Penetration testing methodology
    • Rules of engagement
    • Documentation and reporting requirements
  • Learning Outcomes: Understand ethical hacking fundamentals
  • Practical: Create ethical hacking engagement plan

Lecture 26: Hacking Terminology
#

  • Topics:
    • Vulnerability definition and classification
    • Exploit development and usage
    • Zero-day (0-day) vulnerabilities
    • Common Vulnerabilities and Exposures (CVE)
    • Vulnerability disclosure process
  • Learning Outcomes: Understand basic terminology related to ethical hacking
  • Practical: Vulnerability research and CVE analysis

Lecture 27: Five Steps of Hacking - Part 1
#

  • Topics:
    • Information gathering (reconnaissance)
    • Active vs passive information gathering
    • Scanning and enumeration
    • Target profiling and footprinting
  • Learning Outcomes: Learn about system/application scanning and protection
  • Practical: Perform reconnaissance and scanning exercises

Lecture 28: Five Steps of Hacking - Part 2
#

  • Topics:
    • Gaining access techniques
    • Maintaining access and persistence
    • Covering tracks and anti-forensics
    • Post-exploitation activities
  • Learning Outcomes: Understand complete hacking methodology
  • Practical: Demonstrate ethical access gaining and persistence techniques

Lecture 29: Information Gathering Techniques
#

  • Topics:
    • Active information gathering methods
    • Passive information gathering techniques
    • OSINT (Open Source Intelligence)
    • Social media reconnaissance
    • DNS enumeration and analysis
  • Learning Outcomes: Master information gathering techniques
  • Practical: Comprehensive OSINT gathering exercise

Lecture 30: Kali Linux Introduction
#

  • Topics:
    • Kali Linux OS overview and installation
    • Kali Linux configuration and customization
    • Basic commands and navigation
    • Tool categories and organization
    • Virtual machine setup and management
  • Learning Outcomes: Understand basic terminology as it relates to Kali Linux
  • Practical: Install and configure Kali Linux environment

Lecture 31: Vulnerability Assessment and Exploitation
#

  • Topics:
    • Vulnerability scanning tools and techniques
    • Vulnerability-based hacking approaches
    • Password cracking methods
    • Brute force and dictionary attacks
    • Injection attacks (SQL, command, XSS)
  • Learning Outcomes: Learn about various types of attacks and vulnerabilities
  • Practical: Perform vulnerability scans and ethical exploitation

Lecture 32: Advanced Attack Techniques
#

  • Topics:
    • Phishing attack creation and detection
    • Blockchain security and attacks
    • Port scanning advanced techniques
    • Remote Administration Tools (RAT)
    • RAT protection and detection
    • Sniffing mechanisms and session hijacking
  • Learning Outcomes: Understand advanced attack vectors and protection methods
  • Practical: Implement and defend against advanced attack techniques

UNIT V: Cyber Crime & Cyber Forensics (10 Lectures)
#

Lecture 33: Introduction to Cyber Crime
#

  • Topics:
    • Cyber crime definition and evolution
    • Types of cyber crimes overview
    • Cyber crime statistics and trends
    • Economic and social impact
    • Legal frameworks and jurisdictional challenges
  • Learning Outcomes: Understand cybercrimes from nature of crime perspective
  • Practical: Cyber crime case study analysis

Lecture 34: Organizational Cyber Crimes
#

  • Topics:
    • Email bombing attacks
    • Salami attack methodology
    • Web jacking and domain hijacking
    • Data diddling techniques
    • Distributed Denial of Service (DDoS)
    • Ransomware attacks and trends
  • Learning Outcomes: Analyze various aspects of organizational cybercrimes
  • Practical: Simulate and analyze organizational cyber attacks

Lecture 35: Individual-Targeted Cyber Crimes
#

  • Topics:
    • Cyber bullying and its impact
    • Cyber stalking mechanisms
    • Cyber defamation cases
    • Cyber fraud and theft methods
    • Spyware deployment and detection
    • Email spoofing techniques
  • Learning Outcomes: Understand individual-focused cybercrime methods
  • Practical: Individual cybercrime detection and prevention strategies

Lecture 36: Society and Property-Based Cyber Crimes
#

  • Topics:
    • Cyber terrorism and its implications
    • Cyber spying techniques and detection
    • Social engineering attack vectors
    • Online gambling and fraud
    • Credit card fraud mechanisms
    • Software piracy and intellectual property crimes
  • Learning Outcomes: Analyze social engineering attacks and property crimes
  • Practical: Social engineering awareness and IP crime analysis

Lecture 37: Cyber Crime Prevention and Challenges
#

  • Topics:
    • Cyber crime prevention strategies
    • Technical and legal challenges
    • International cooperation requirements
    • Industry best practices
    • Incident response planning
    • User awareness and training programs
  • Learning Outcomes: Understand security and privacy methods for cybercrime prevention
  • Practical: Develop cybercrime prevention and response plans

Lecture 38: Introduction to Digital Forensics
#

  • Topics:
    • Digital forensics definition and importance
    • Forensic investigation principles
    • Chain of custody requirements
    • Legal admissibility of digital evidence
    • Forensic methodology and standards
  • Learning Outcomes: Describe basic concepts of forensics
  • Practical: Digital evidence handling and documentation

Lecture 39: Specialized Forensic Disciplines - Part 1
#

  • Topics:
    • Disk forensics methodology
    • File system analysis and recovery
    • Network forensics techniques
    • Traffic analysis and packet inspection
    • Wireless forensics challenges
  • Learning Outcomes: Understand branches of digital forensic specializations
  • Practical: Perform disk and network forensic analysis

Lecture 40: Specialized Forensic Disciplines - Part 2
#

  • Topics:
    • Database forensics methods
    • SQL log analysis and recovery
    • Malware forensics and reverse engineering
    • Dynamic and static malware analysis
    • Behavioral analysis techniques
  • Learning Outcomes: Master advanced forensic investigation techniques
  • Practical: Database and malware forensic investigation

Lecture 41: Mobile and Email Forensics
#

  • Topics:
    • Mobile device forensics challenges
    • iOS and Android forensic techniques
    • Mobile app data extraction
    • Email forensics methodology
    • Email header analysis and tracing
    • Cloud-based evidence collection
  • Learning Outcomes: Apply forensic techniques to modern digital platforms
  • Practical: Mobile device and email forensic investigation

Lecture 42: Integration and Future Trends#

  • Topics:
    • Integration of all cybersecurity concepts
    • Emerging threats and technologies
    • AI and machine learning in cybersecurity
    • IoT security challenges
    • Future career paths in cybersecurity
    • Continuous learning and certification paths
  • Learning Outcomes: Synthesize all course concepts and understand future trends
  • Practical: Comprehensive cybersecurity project presentation

Assessment Distribution
#

  • Theory CA (30 marks): 20 marks from tests + 10 marks micro-project
  • Theory ESE (70 marks): End semester examination
  • Practical CA (25 marks): Continuous assessment of practicals
  • Practical ESE (25 marks): Practical examination
  • Total: 150 marks

Key Practical Exercises (Compulsory)
#

  1. Lecture 8: Implement MD5 and SHA hashing algorithms *
  2. Lecture 15: Simulate brute-force attack and defense mechanisms *
  3. Lecture 17: Network port scanning and firewall configuration *
  4. Lecture 21: Configure HTTPS and analyze security headers *
  5. Lecture 23: Set up and test VPN connections *
  6. Lecture 30: Install and configure Kali Linux environment *
  7. Lecture 31: Perform ethical vulnerability assessment *
  8. Lecture 39: Conduct disk and network forensic analysis *
  9. Lecture 41: Mobile device forensic investigation *

Suggested Micro-Projects
#

Choose one for 10 marks CA component:

  1. Multi-Factor Authentication System Development
  2. Network Security Monitoring Tool
  3. Web Application Vulnerability Scanner
  4. Digital Forensics Investigation Toolkit
  5. Cybercrime Awareness Campaign Platform

Learning Resources
#

  • Primary: Information Security Principles and Practice by Mark Stamp
  • Secondary: Cryptography & Network Security by William Stallings
  • Hands-on: Ethical Hacking by Daniel Graham
  • Forensics: Handbook of Digital Forensics and Investigation by Eoghan Casey
  • Online: NIST Cybersecurity Framework, OWASP Guidelines

This 42-lecture plan strictly follows the GTU syllabus 4353204 and ensures comprehensive coverage of all required topics within the allocated teaching hours, integrating theoretical concepts with practical hands-on exercises.