ONLINE CERTIFICATE COURSE IN ETHICAL HACKING
FOR BANKING AND FINANCIAL SECTOR

Background

Cyber attacks can cause significant setbacks for any organisation operating in the cyberspace, and more so for those in the banking and financial sector. Cyber attackers or hackers are always trying to gain and retain access to crucial/sensitive resources of organisations through cyber attacks such as Ransomeware, Phishing, Man-in-the-middle, Denial-of-service, Zero-day exploit, etc.

Ethical Hacking is a popular approach to combat cyber attacks by minimising possible vulnerabilities in an organisation’s infrastructure. It is a process of discovering vulnerabilities present in the applications, systems, policies, infrastructure, etc., with the due permission of the authorities concerned. Ethical hackers follow all the similar steps that a hacker follows but lawfully.

Given the ever-increasing attack surface, the demand for Ethical Hacking skills is surging. The objective of this Certificate Course in Ethical Hacking is to equip and train bankers with the latest ethical hacking skills so that they can effectively facilitate and maintain a cyber-safe environment that is resilient against various cyber attacks. It is a unique course specifically designed to provide the concepts as well as hands-on experience in various facets of Ethical Hacking to banking and financial sector professionals so that they are equipped to stay well ahead of the hackers.

Course Curriculum

Spread over four months and offered through the online mode, the course will provide essential learning inputs related to different steps, phases and processes of ethical hacking and cyber attacks. The course curriculum, categorised into five different modules, will cover:

  • Module 1: Introduction to Cyber Security
    • Introduction to CIA and Cryptographic Protocols
    • Exploiting Protocol Vulnerabilities
    • Malicious Codes and Terminologies
    • Cyber Security Breaches
    • Authentication – Factors, Methods, and Policy
    • Authorisation – Mechanisms, Types, Principles, and Granularity
    • Access – Rights, Control System
  • Module 2: Introduction to Networking
    • OSI layers
    • Protocols
    • Network Types and Topologies to use when Designing a Network
    • Network Devices
    • IP Address Standards and Services
    • NAT
    • TCP & UDP Handshake
  • Module 3: Application Vulnerabilities
    • OWASP Top 10
    • API OWASP Top 10
    • Privilege Escalation
    • Metasploit for Web Application Attacks
    • Introduction to Android Application Testing
    • Android Penetration Testing Lab
  • Module 4:  System Vulnerabilities
    • OS Vulnerabilities
      • Windows, Mac OS, Linux, Android, iOS
    • Windows Buffer Overflows
    • Linux Buffer Overflows
    • Privilege Escalation
  • Module 5: Vulnerability Assessment and Penetration Testing
    • Reconnaissance / Information Gathering (OSINT)
      • Port Scanning
      • Service Scanning
      • Vulnerability Scanning
    • Enumeration
      • User Enumeration
      • Credential Brute Force
      • Web Directory Enumeration
    • Open-Source Intelligence Gathering
    • Pen Test Planning, Scoping, and Recon
    • In-Depth Network Scanning
    • Exploitation
    • Advanced Network Attacks for Pen testers

Teaching Methodology

These modules will be covered through two online sessions every week, which will include lectures, hand-on sessions, Q&A sessions, etc. Since the course is focused on learning skills and gaining hands-on experience in ethical hacking, the course will include a significant number of hands-on sessions as well as self-learning.

The course will be conducted by the Faculty of the Institute as well as External Experts. Participants will be provided reading material, presentations, and other support to augment their skills.

After the completion of every module, there will be an online examination.

Who can Participate

This course is specifically designed to meet the requirements of the Indian Banking and Financial Sector. Accordingly, staff members from Information Technology, Information Security, Security Operations Centre, CISO Office and related areas nominated by Banks / Financial Institutions can participate in this unique certificate course.

Fee

For Indian Participants (per Participant):

  • RRBs & Coop Banks: Rs. 35,400/- (Rs. 30,000/- + 18% GST)
  • All other Banks & Fis: Rs. 47,200/- (Rs. 40,000/- + 18% GST)

For International Participants:

  • US $ 750 (per participant, all inclusive)

The fees can be remitted through NEFT and the bank account details for fee payment is available at: https://www.idrbt.ac.in/ programme-contact/.

Certification

Candidates successfully qualifying all the five module-wise exams will receive a successful course completion certificate from the Institute while others will get a participation certificate.

Key Dates

  • Last Date of receipt of Nominations: March 31, 2023
  • Course Commences On: April 10, 2023

Nominations

Banks may nominate any number of participants to this certificate course, which may be accepted on a first-cum-first-served basis. While nominating, please provide the details of the participants (Name, Designation, Bank, Mobile No/Phone No, email address, fees billing address, GST No. of the Bank) for Invoice purposes.

The nominations for the Certificate Course in Ethical Hacking, and queries if any, may be sent to eprogram@idrbt.ac.in.