Which Cyber Security program to choose can be a major career and financial investment. To assist with this process, it is critical to clearly define what is to be learned with a program’s specific modules. In this regard, it is important to analyze the relationship of the program’s modules with your personal career goals. The iiit bangalore cyber security course designs a curriculum to create hands-on and systematic understanding of the different fields of Cyber Security. This guide is designed to help navigate the curriculum and determine if this program is the right fit for you.
Program Philosophy and Structure
IIIT Bangladore partnered with the Canadian School of Security and Defensive Studies to develop a curriculum to fill the Cyber Security education gap. The program combines learning with hands-on-labs, use of real world case studies, and project work that emulates the Cyber Security exercises of in house practictioners. This curriculum design fills the gap of ineffective programs that are purely academic and allows practicing professionals to effectively carry out their duties immediately upon program completion.
The program modules are guided by a cohort format, where all the participants progress through the curriculum together, to optimize peer accountability and networking. This is what most alumni rate as the most beneficial aspect of the program.
Module 1: Foundations of Information Security
This program always begins with a basic module on information security. It covers the basic information on the CIA triad (Confidentiality, Integrity, Availability), the basic principles of threat modeling, the principles of security architecture, and the basic cyber security laws that exist in India and throughout the world. This particular module allows the learners to have a basic building blocks understanding of the information security practices that they will encounter throughout the program.
Module 2: Network Security and Architecture
Networking concepts make the important building blocks of cyber security and this module covers them in detail. This module covers the knowledge bases of firewalls and next-generation firewalls, intrusion detection and prevention systems, and Virtual Private Network (VPN) technologies. It also covers the basic concepts of network traffic and traffic analysis. It also covers the use of the network monitoring software known as WIRESHARK, as well as, the concept of packet inspection of the traffic that occurs on a network. One must understand how networks operate before one can understand how networks can be attacked or how they can be protected.
Module 3: Ethical Hacking and Penetration Testing
This module covers the foundations of ethical hacking and the phases of penetration testing, which include reconnaissance, scanning, access, persistence, and clearing tracks. This module also incorporates the use of the tools of the trade such as network scanning tools (NMAP), exploitation tools (METASPLOIT), web application testing tools (BURPSUITE), and the ethical hacking penetration testing standard hacking distribution (KALI LINUX). In addition to the knowledge based content, the framework of this program delivers the context of the various forms of attacks using the defunct admission control systems, also parallel to the content the standard CEH course.
Module 4: Cryptography and PKI
Cryptography is at the core of every communication and data protection technique. This module provides an introduction to symmetric and asymmetric encryption, hashing algorithms, digital certificates, PKI (Public Key Infrastructure), TLS/SSL, and their real-world implementation across applications and APIs. Knowledge of cryptography helps security professionals to evaluate the security of the systems they protect or test.
Module 5: Security Operations and Incident Response
Security operations refers to the systems and processes that are used to detect, analyze, and respond to security threats. Participants will learn to work with SIEM (Security Information and Event Management) systems, analyze log data for signs of threats, implement the incident response lifecycle (Preparation, Detection, Containment, Eradication, Recovery, Post-Incident Review), and create formal incident reports. This module will be particularly useful for people aiming to work as SOC analysts, incident responders, or security operations professionals.
Module 6: Cloud Security
As enterprise workloads are transitioned to the cloud, so are the security skills. This module covers the shared responsibility model for AWS, Azure, and GCP, security controls that are native to the cloud, identity and access management in the cloud, and the protection of cloud storage, compute, and networking services. Hands-on labs will be conducted to deploy and secure cloud resources using real environments of cloud service providers.
Module 7: Governance, Risk, and Compliance
The last major module investigates three of the major Governance, Risk, and Compliance frameworks: ISO 27001, the NIST Cybersecurity Framework, the IT Act 2000 and the proposed Personal Data Protection Bill of India. Participants engage in building skills in managing risk, writing security policies, running compliance programmes, and reporting about the security posture of the organization to the executives. This module will be highly useful for participants looking to become a senior security professional where the key differentiators are the professional’s governance and communication skills, as opposed to the technical skills.
What Graduates Say
The quality of the teaching, the lab engagements, and the peer network are consistently ranked the highest by alumni of the program. For the technology, Financial Services, and Consulting industries in India, the program’s credential is looked highly upon. Graduates say they use the knowledge in their jobs and often mention the association to get senior security roles.
