Social Icons

Showing posts with label CYBER SECURITY COURSE. Show all posts
Showing posts with label CYBER SECURITY COURSE. Show all posts

Sunday, June 07, 2015

Career in CYBER SECURITY : Where to start ?

1.  I get a lot of queries on my blog posts related to cyber security courses and any time I am in some forum or discussion from all range age  groups regarding serious career scope in India in the field of Cyber Security.Is it worth taking a plunge in a field which currently only has more of a keen interest value rather then offering  lucrative pay packet job?The younger age group which generally has young engineering graduates look little restless of taking the risk but the field is pretty exciting for those who are passionately interested in it.

2.  The field is immense and huge to start with.For a fresher it would be pretty cumbersome to find where to start from.The moment any typical search is made for a cyber security course on google,the results are too huge and confusing to get started on.For a novice guy who doesn’t  have any background in this field but keen to start a career in this field, I would submit few first steps to start before ways and career road automatically starts guiding ahead.

3.   Firstly,make it very clear in your mind that this field is very dynamic...you have to be continuously on your toes to be updated around what’s happening in this field.Millions of cyber incidents are happening,thousands of zero days are being discovered,thousands of case studies are being released about various cyber incidents and as you start understanding you need to prioritize of what all to grasp in detail .....follow up good tweets of cyber security experts.The courses you do in this field will not be like the typical graduation certification that you do once and will make you a B.Tech for the rest of your life without ever some one asking about the syllaabi.Most of the course and certification have a shelf life of 2-3 years after which you need to renew them to continue your professional standing in the market.

4.   The best thing about this field is that you can build your career and get your basics clear by putting in you hard-work along with the world of open-source that’s your window to knowledge bank.Be it the white papers or applications or Operating systems etc most of the entire gambit of tools is free....yes...for last about 8-9 years of my association with the field I have not bought or purchased any software or OS or toolkit to practice basic hacks and penetration tests.

5.   For a start in respect of courses....I would submit that most of the courses valued globally like CEH,CISSP etc by EC-COUNCIL are pretty costly and just doing them does not guarantee anything with respect to job.You have to be aware of lots besides these courses.For a start for a typical Indian novice fresher I would recommend to start with CCCSP,CCCS etc...links given below :

http://cdac.in/index.aspx?id=cyber_security for courses offered by CDAC on cyber security and forensics.



more listed at http://anupriti.blogspot.in/2012/12/cyber-security-courses-in-india.html ....though slightly old post...but everything holds good today...

6. Besides these courses which only give a very basic over view of the field,you should start getting conversant with LINUX flavors available viz UBUNTU, Fedora, OpenSuse, Linux MInt etc to mention a few....besides a horde of excellent security distros are available with all possible youtube videos and manuals on the net for helping from scratch.Get conversant and start playing with maximum tools available in these.Few of the distros that I would recommend are listed  below :

- ARCHASSAULT at https://archassault.org/

- Kali Linux at

- BackBox at

- BackTrack R3 at

- Knoppix STD

- Pentoo

- DEFT

- Parrot

- Caine

- Samurai Web Testing framework

- Matriux Krypton

- Bugtraq

- Node zero

- Cyb org

- Helix

- Network SEcurity Toolkit

- Wireshark(not an OS)

- GRML

- Chaos

- Katana

-  Damn Vulnerable Linux

- Auditor

and I must tell you these are only few to test before you start getting basic idea of what’s happening around.

7.   You have to be passionate enough to carry yourself successfully in this field.The moment you are out of touch for whatever reasons you have a lot to catch.Every thing is available on the net..be it the study material...be it any software to start.....you actually do not straight away enrol for a course..prepare yourself with the basics as available vide these distros...basic linux and then do some course to start building your documented profile.If you have reached reading here and you have queries you can get back to me here ....post a comment.

Tuesday, November 25, 2014

Being PGDIS : Post Graduate Diploma in Information Security@IGNOU

1.   In my endeavour to gain skill sets in Cyber Security,I have been stuffing my profile in past few years with professional Qualifications in the IT security field...though I personally feel simply loading with qualifications is not an authority to you being an expert but what matters more in this field is hands on practical training and knowledge...but still some gut feeling from inside makes me always enroll for some good course in addition to continuous hands on attempts with pracs.So in past as I qualified CCCSP@CDAC,CEH@EC-Council, and few qualifications from ASCL,Alison,Rackspace etc I got myself enrolled for a longer version course(One year)...PGDIS@IGNOU...and passed out last week with 81.13 percentage marks.Here I bring you out basic features of this course...

- Stands for Post Graduate Diploma in Information Security

- This programme emphasizes specifically on the User’s Security Awareness and needs as follows:

    - Securing one’s own desktop.
    - Securing one’s own data.
    - Securing one’s connectivity.
    - Secure browsing. (E-mail, Internet application)
    - Secure Internet transaction.
    - W3C Compliance.
    - Employee perspective of ISO 27000
    - Securing Web servers/ services.
    - Cyber Forensics.
    - Securing in the mobile world
    - Govt. rules in IT Security

- Subjects covered in this course vide two semesters are as seen below :

Click to Enlarge

- Course fee is Rs 9000/- per semester

AMAZING PROMPT STAFF

3.  I would like to bring out another good thing about this course...the staff involved is surprisingly amazing and prompt.I always had this view about IGNOU being a sarkari university with slow staff,slow procedures,slow communications and so on...but the kind of dedicated staff that is available for this course deserves accolades and loads of appreciation...the study center staff with Mr Santosh,Mr Niranjan @ Delhi Center , Dr Anup Girdhar as the conducting instructor and guide for course/project and Ms Urshla Kant,coordinating staff from the Faculty of SOVET......all working together to bring out this relatively good course that involves...contact programmes,theory and practicals....I found it much contentful then CEH,CISSP etc.Wish them al d best....

Wednesday, August 14, 2013

Being CEH : Certified Ethical Hacker V8

1.    After CCCSP,,my efforts to clear a EC-Council exam finally paid off....and today I passed my CEH V8 exam....the feeling of being a CEH is yet to set in...but yess!!!it feels good to clear a exam which has good repu in the security world....one thing I would like to share is that though the exam covers nearly all domains and spheres of security and hacking but still ,end of course does not mean that a guy can hack into any site and create havoc...but yess it does make you understand the nuts and bolts of how one can do it...and more importantly from a CEH point of view...what and where are the vulnerabilities?

2.  CEH is all about offensive hacking.The amount of tools that are available today in the open source world is mind boggling...and the best part is the course ware that the student gets...its great!!!!I can just say that...it all comes with a set of 6 CDs which have thousands of PDFs and tools.If one starts doing each and every practical aspect of this course-ware it will take more than a year to assimilate and do it on a VM platform...so that is definitely going to keep me busy.The best part is that all this is explained with screen shots and step by step instructions.


3.   As i keep doing these practicals on my VM...will try certainly uploading and sharing with you guys!!!!will get my hard copy of the certificate in a few weeks from now...anxiously waiting!!!!

Saturday, August 03, 2013

Is PORT SCANNING legal in INDIA?

1.   The IT security guys have so much to experiment and learn vide unending open source information and tools available on the net.Be it BACKTRACK or Wireshark or Nmap or nessus or Canvas(not opensource) or a web scanner like Acunetix or Arachini and the list is unending....there is lots to do...but do we actually know that simply running a port scan on the internet is a crime in other parts of the world?

2.   In countries like Australia,UK , port scanning is recognized as a "potential attempt" to infringe on a system and that's a simple truth....no body would run such tools openly available without intent. Yess!!!...the intent can be educating self but the other side can be bad intent and no one can prove whats the intent inside the person's mind.It may change the moment he realizes he/she is caught.In the United States there is no need to prove intent and port scanning is considered illegal.So even installation of such tools is a crime.So if a naive script kiddie from India goes with his laptop to US with a virtual box machine holding a OS with a port scanner...he is a cyber criminal the moment he lands in the US.

3.   Today we in India do not have straight and clear laws defining whether running such tools or installation is a crime or not coz the whole thing is COMPLEX.The compliance laws across countries vary and that too drastically...it may be acceptable in a country like India and it may be serious offence in US.So seeing from the current state of affairs in India,it does not look like if a day will be near when such stringent guidelines exist in India to restrict all these uses and installations...or let it be restricted to professionals only.....but then who will define a Cyber Security Professional....CDAC or CEH or some other such agency....these institutes can be a critical node in identifying and certifying cyber security professionals to measure and endorse the intent...but at the end of the day we all are humans...and we know that "too err is human"....so a agency certified person finally has himself to decide whether he uses a black hat or a white hat!!!! :-)

4.   Meanwhile students and IT security enthusiasts should take care of running such tools on the internet coz these are serious tools who can break into some one's privacy...and if the victim gets serious after you...things will be bad enough to land you behind bars...so the best place to experiment with such tools is a virtual environment that can be available vide Virtual box or vmware etc....Security guys and enthus should be familiar with the excellent Open Source Security Testing Methodology Manual (OSSTMM), which provides best practices for these situations.

PLEASE TAKE CARE TO RUN THE CYBER SECURITY TOOLS BEFORE THE LAW STARTS RUNNING AFTER YOU

Wednesday, December 26, 2012

DREAM JOB : Cyber Special Agent@FBI

1.    Came across this dream job kind job for a guy like me :-)......i got this from twitter handle @CcureIT

2.   Now this job is meant for US Citizens only...and any Cyber Security guy enthu about being savvy about making a career in cyber security should at least go through what they demand and what they offer....it's worth value addition to self in at least knowing what the best organisations demand in terms of QR for getting a job like this.All the details available at https://www.usajobs.gov/GetJob/ViewDetails/332166500?utm_source=dlvr.it&utm_medium=twitter#TopofPage


Thursday, December 06, 2012

CYBER SECURITY COURSES IN INDIA


1. Most of the guys interested in cyber security keep looking and searching for Cyber Security Courses on the web and that included me too till some time back.So though I started like any body would do ie google and Bing around the web....so I found out so many courses being offered by so many unknown unheard institutions....but the best of what are accredited to some university and of some good valuable repute here in India are discussed in brief down along with the links.You can click on the course and u will be taken to the respective site for full details :


CDAC : Offers the following courses vide elearn :

C-DAC's Course On Cyber Security [CCCS] at http://elearn.cdac.in/eSikshak/help/English/eSikshak/cccs.htm

C-DAC Certified Cyber Security Professional ( CCCSP ) at http://elearn.cdac.in/eSikshak/help/English/eSikshak/CCCSP.html

Being from CDAC,these courses are valid in all govt organisations and public sectors.

GUJRAT FORENSIC SCIENCES UNIVERSITY AT http://www.gfsu.edu.in/institute_of_forensic_science.php offers following courses online :

GFSU CERTIFIED CYBER CRIME INVESTIGATOR
GFSU CERTIFIED CELLPHONE FORENSIC PROFESSIONAL
GFSU CERTIFIED COMPUTER FORENSIC EXPERT
GFSU CERTIFIED CYBER SECURITY EXPERT
PG CERTIFICATE DIPLOMA IN CYBER LAW
PG CERTIFICATE DIPLOMA IN IPR

Details about the courses offered at http://www.gfsu.edu.in/pdf/online_certificate_course.pdf

ASCL(ASIAN SCHOOL OF CYBER LAWS) : The Website is at http://www.asianlaws.org/ .The following courses are offered in cyber domain including security :

Advanced Executive Program in Cyber Security AT http://www.asianlaws.org/cyber_security.php#.UMC5Zn_SFI0

Advanced Executive Program in Cyber Security, Audit & Compliance AT http://www.asianlaws.org/csac.php#.UMC5mX_SFI0

DIPLOMA IN CYBER LAW AT http://www.asianlaws.org/glc.php#.UMC353_SFI0

DIPLOMA IN CYBER LAW(INTERNATIONAL) AT http://www.asianlaws.org/dcl.php#.UMC4Cn_SFI0

PG IN CYBER LAW AT http://www.asianlaws.org/pgpcl.php#.UMC4LX_SFI0

CYBER LAW FOR POLICE OFFICERS AT http://www.asianlaws.org/police.php#.UMC4TX_SFI0

PG Program in Cyber Crime Prosecution & Defence AT http://www.asianlaws.org/ccpd.php#.UMC4fH_SFI0

Advanced Program in International Cyber Laws AT http://www.asianlaws.org/icl.php#.UMC4p3_SFI0

ASCL Certified Cyber Crime Investigator AT http://www.asianlaws.org/cci.php#.UMC4xn_SFI0

ASCL Certified Digital Evidence Analyst AT http://www.asianlaws.org/dea.php#.UMC46n_SFI0

ASCL Certified Digital Forensic Investigator AT http://www.asianlaws.org/dfi.php#.UMC5JH_SFI2

Advanced Executive Program in IT Act Audit & Compliance AT http://www.asianlaws.org/audit.php#.UMC5RH_SFI0

DATA64 website at http://www.data64.in/index.php#.UMC54X_SFI0 offers a range of courses similar to ASCL as mentioned above.

IMT,GHAZIABAD.Details at http://www.imtcdl.ac.in/. The following courses are offered in cyber domain including security :

ONE YEAR PG DIPLOMA IN CYBER SECURITY at http://www.imtcdl.ac.in/opgdcs_about.htm

TWO YEAR MS IN CYBER LAW & SECURITY at http://www.imtcdl.ac.in/mscs_about.htm

IGNOU OFFERS Post Graduate Diploma in Information Security (PGDIS) at http://www.ignou.ac.in/ignou/aboutignou/school/sovet/programmes/detail/428/2

ANKIT FADIA Certified Ethical Hacker (AFCEH) AT http://www.ankitfadia.in/afceh.html

Wednesday, September 12, 2012

Being CCCSP: CDAC Certified Cyber Security Professional

1.     There is no doubt that I have keen interest in cyber security issues and subjects.I stop anywhere I find some thing to read or see articles / videos related to cyber security...always grab opportunities like workshops and seminars that hold related events. But just reading and going through these was not going to be enough to make a small mark in the field.Thus I decided to go for a certification exam.Came across CISSP,CCIE,Comp-TIA etc....which were slightly heavier on pocket :-)...so looked for a Indian version and equivalent that is not only recognized but also accepted in government organisations.So I enrolled for the exam in the month of Dec 2011 last year.....and got the results last week....and I passed....became a CDAC Certified Cyber Security Professional.The list of certified professionals is given at the link http://esikshak.in/eSikshak/professional_certified.html


2.   So in this post I am going to tell you few key features of this informative and excellent course :

- Name : CCCSP ie CDAC Certified Cyber Security Professional

- Duration : 6 months

- Certification Fees : Rs 7500/-

- Conducted By : CDAC,Hyderabad


-  Written test conducted at identified CDAC centres across India.

-   Duration of the test is 2 hours.

-  Two sections, 80% of objective type and 20% of subjective in the examination paper .

- 60% score in each section must required

-  The minimum score to get professional certification on average is 70%.

3.    More details available about this course at http://esikshak.in/eSikshak/help/English/eSikshak/CCCSP.html

4.    The certificate issued by C-DAC on CCCSP (C-DAC Certified Cyber Security Professional) is valid for 3 years from the date of issue. This is introduced, considering the importance of updating on-self on the latest security issues. 

5.   Thanks CDAC,Hyderabad.
Powered By Blogger