Syllabus  |   Lectures  |   Downloads  |   FAQ  |   Ask a question  |  
Course Co-ordinated by IIT Madras
Prof. V. Kamakoti
IIT Madras


Download Syllabus in PDF format

Untitled Document

Module No



What is Information Security & Why do you need it? – Basics Principles of Confidentiality, Integrity Availability Concepts Policies, procedures, Guidelines, Standards Administrative Measures and Technical Measures, People, Process, Technology


Current Trends in information Security, Cloud Computing: benefits and Issues related to info Sec. Standards available for InfoSec: Cobit, Cadbury, ISO 27001, OWASP, OSSTMM, etc - An Overview, Certifiable Standards: How, What, When, Who


Vulnerability, Threat and Risk, Risk Assessment and Mitigation + Quick fixes, Introduction to BCP / DRP / Incident management, Segregation and Separation of Duties & Roles and responsibilities, IT ACT 2000


Types of assessments for Information Security

  1. VAPT of Networks
  2. Web Appln Audits
  3. IT assessments or audits
  4. Assessment of Network Equipments
  5. Assessment of Security Devices (Web Filtering, Firewalls, IDS / IPS, Routers
  6. Data Center Assessment
  7. Security of Application Software
  8. SAP Security
  9. Desktop Security
  10. RDBMS Security
  11. BCP / DRP assessments
  12. Policy reviews
Network Security & Common and Popular Tools Used


Windows and Linux security, Types of Audits in Windows Environment: Server Security, Active Directory (Group Policy), Anti-Virus, Mails, Malware, End point protection, Shadow Passwords, SUDO users, etc


Web Application Security: OWASP, Common Issues in Web Apps, What is XSS, SQL injection, CSRF, Password Vulnerabilities, SSL, CAPTCHA, Session Hijacking, Local and Remote File Inclusion, Audit Trails, Web Server Issues, etc

Knowledge of typical IT infrastructure and its usage. Operational skills would be preferable.

Important: Please enable javascript in your browser and download Adobe Flash player to view this site
Site Maintained by Web Studio, IIT Madras. Contact Webmaster: