LIBA LoyolaInstitute DIGITALFORENSICS ANDINFORMATION SECURITYMANAGEMENT CERTIFICATEON

Transkript

1 LIBA CERTIFICATEON DIGITALFORENSICS ANDINFORMATION SECURITYMANAGEMENT

2 CERTIFICATEON DIGITALFORENSICSAND INFORMATIONSECURITYMANAGEMENT CyberCrimes:Introduction,trends nationalandglobal perspectives,uniquenessandchalengesofcybercrimes, natureandextentofcybercrimes. ImpactofCyberCrimes:Socio Economic,culturalandlegal perspectives. CyberCrimes:CriminologicalPerspectives. FormsofCyberCrimes:Dictionaryatacks BruteForce atacks DataDiddling Hacking Phreaking Masquerading Eavesdropping Snifing Spoofing Skimming DNS Poisoning DOS DDOS-Maliciouscodes Virus Worms TrojanHorse-Malware Spyware LogicBombs Packet flooding DenialofService SocialEngineering WhySocial Engineering?-CommonFrauds ExamplesofCommonfrauds OutlineofFinancial,telecom andbfsisectorfrauds. SocialMediaCrimes:Media-SocialMedia SocialMedia Crimesandconceptualdefinitions FormsofSocialMedia Crimes PreventionandCounterMeasures.

3 IntroductiontoInformationSecurity:Definition Information Security CIATriad-Whatneedstobeprotectedfrom Cyber Criminals? PilarsofInformationSecurity-Threats -The atackvectors PreventivemeasuresforSocialEngineering- Vulnerabilities TypesofVulnerabilities SecurityFramework- BusinessRequirements InformationSecurityPolicies Procedures Standards Guidelines Procedures. InformationAssetClassification:Informationasset Life cycle Whyshouldweclassifyinformation? InformationOwner InformationCustodian InformationUser InformationAsset Classification FivePhaseapproach Chalenges Classificationstages Classificationmethodology Classification levels Managementmethodology Declassificationor Reclassification Retention Disposal Authorization. RiskManagement:Definition Risk-PrinciplesofRisk Management Riskidentificationmethods Riskassessment ManagementActions Riskmitigationstrategy 7Stepselect controlsprocedures Riskevaluationandassessment Control typesandcategories Technicalsecuritycontrols Cost-Benefit Analysis.

4 AccessControlSystems:AccessControl Singlefactor authentication Multi-factorauthentication Accesscontrol models Identificationandauthentication Authorization Atributebasedaccesscontrol Discretionaryaccesscontrol Mandatoryaccesscontrol Rolebasedaccesscontrol Intrusion detectionsystem Host-basedintrusiondetectionsystem Logmanagement Eventlogsanalysis. IntroductiontoComputerForensics:Definition Computer ForensicsvsDataRecovery ComputerForensicslifecycle ComputerForensiccapabilities ExamplesofCybercrime DigitalForensicsvsComputerForensics. IntroductiontoDigitalForensics:Mediadevicesthatcan holdpotentialdigitaldata-forensicinvestigation Forensic InvestigationMethodology ImportanceofDigitalForensics NatureofDigitalEvidence ScopeofDigitalForensics.Media devicesthatcanholdpotentialdigitaldata-forensicinvestigation ForensicInvestigationMethodology ImportanceofDigital Forensics NatureofDigitalEvidence ScopeofDigital Forensics.

5 IntroductiontoDigitalForensicInvestigation:Forensic duplicate QualifiedForensicduplicate Restoredimage Reconstructionofcrime WhatisEncryption Symmetricand Asymmetricencryption FulDiskEncryption EncryptingFile System Bitlocker AppleFilevault Passwordsandits associatedatacks Forensictracesleftbyencryption PGP encryption Forensics. Acquisition:SeizureofComputers SearchWarant Needfor Onsiteanalysis Preparingforsearches Actionsatthescene Examiningandcolectingtheevidence Documentingthe sceneofcrime Photography Notes Securingthecrime scene Preservingtheevidence Handlingadigitalcrime scene Casestudies-DigitalCrimeScene. PreparationandgivingofDigitalEvidence:Witness statements ForensicAnalysis Reporting Briefingthecase Outlineofrecoveryofdigitalevidence. AdmissibleEvidence:RoleofISP s Dataexchangedacross internet Investigationstrategiesandprecautions. (Thetheoreticalsessionswilbehandledbytheexpertise academiciansandindustryexperts)

6 TakeHome: 1.Thebestupdatedknowledgerequiredforthefieldin whicheverprofessiontheyare. 2.HandsonPracticalsonbasicsofdigitalforensics, forensics,acquisionofevidenceanddatafrom various hardwaresandwheretolookupevidences?andsecuring theinformationassets.(requirements:byod) 3.Abriefcoursematerialinsoftcopywilbeprovidedto thecoursereaders. TotalDurationofclasshours:30(Weekendclasses) excludingexamtotaldurationofclasshours:30(weekend classes)excludingexam

7 Faculties 1.Prof.R.Thilagaraj FounderDirector CentreforCyberForensics andinformationsecurity UniversityofMadras Chennai Mrs.G.Revathy AssistantProfessor CentreforCrime PreventionandSecurity Studies&Centrefor ExcelenceinDigitalForensics 2.Dr.S.Latha AssistantProfessor DepartmentofCriminology& FounderCo-ordinator CentreforCyberForensics 7.Prof.A.Kannan SeniorProfessor DepartmentofComputer ScienceandEngineering VIT,Velore andinformationsecurity UniversityofMadras Chennai Mr.E.R.Ramesh Faculty CentreforCrimePrevention andsecuritystudies 4.Dr.C.L.Ramakirhsnan, I.P.S.(R) FormerDirectorGeneral ofpolice,chennai 5.Mr.K.Mahesh GeneralManager Risk andinformationsecurity TataConsultanciesPrivateLimited,Chennai