Do's and Dont's

internet Security
D0s
Donts
Skills Factory Learning Pvt. Ltd
&

If you have any questions or concerns regarding the information provided here, then please contact
the help desk of ‘SKILLS-FACTORY’ 020-25451488 or email us at ‘help@skills-factory.com’
Do’s:
Is your applied password secure?
Why not try this!!!
 Try to Create passwords that are at least 12 characters long which include at least a
numerical value and a symbol such as #, to foil password-cracking software. Avoid
common words. And never disclose a password online.
 Change your password every 30 days.
 Share your files and folders securely
 Create a password for your files in order to protect file sharing activities.
#Security Fail

“It’s crazy to have lost data to get back.
Backup is the natural solutions to it”
#Always backup your important data
Perform regular backups (online/ofﬂine) of important data. Store the backups at a dif-
ferent location.
 Delete any message that refers to groups or organizations that you are not a part of.
 Download and install software only from online sources you trust.
 Physically secure your laptop/mobile/PC.

“There is No Patch to Human Stupidity”
#Don’t get phished
 Never click on a link from an untrusted source; when in doubt use www.phishtank.
com
 Install “Ublock Origin” add-on for browsers to stop advertisements and pop-ups.
 Use antivirus software and update it on a regular basis so that it can recognize the
latest Malwares.
 Save email attachments to disk before opening them. Use www.virustotal.com to
scan the downloaded file for malicious code.

“Why Fear..! When Update is Here..!!!
#Always Update
 Regular updates will give latest security patches in most regular scenario. But does
not guarantee for 100% security (“Guarantee only gives by GOD or by Fraud”)
 Regularly update your operating system, Web browser and other major software,
using the manufacturers’ update features, preferably using the auto/manual
update functionality.
 Always check https:// for any banking, shopping or social networking websites.
 Wherever possible, use encryption to encrypt your confidential data. Check
reference manual.

“Your account safety is in your Hands!”
#Always Logout
 Always logout or lock your computer or Laptop while leaving.
 Always logout your email accounts or social networking accounts after accessing.
 Do use encrypted communications over public Wi-Fi or open Wi-Fi.
 Always update Java and Flash.

#Privacy Matters
 Do install “Privacy Badger” add-on in your browser to stop tracking your activities
by websites. Ref: https://www.eff.org/privacybadger
 Always apply privacy settings for your social networking sites like Facebook/
Google+.
 Always set your friend list to “ONLY ME” in social networking sites (Facebook) from
others.
 Try to avoid posting Status/Photos on social networking sites with “Turned On
Location”.
 Turn on “Login Notification” in Facebook to notify when you or someone login in
your account from unknown source.
 Try to avoid accepting “Friend Request” from unknown people on social networking
sites.
 Try to turn on Phone “GPS” only when needed.
 Do install only certified Apps from “Play Store/App Store”.
 Do encrypt your “Phone” device from settings (Android & BlackBerry).
 Enable Lock SIM card, found under Settings -> Personal -> Security -> Set up SIM
card lock. This will mean that you must enter a PIN number in order to unlock your
SIM card each time your phone is switched on, with out the PIN no phone calls can
be made
 Always update your smartphone.

For Administrators:
 Use PGP or digital certificate to encrypt emails which contain confidential
information.
 Be accountable for your IT assets and data.
 Adhere to Policy on Use of IT Services and Facilities.
 Ensure sensitive information on the computer screen is not visible to others.
 Protect your user ID and password.
 Install personal Firewall.
 Validate the website you are accessing.
 Be cautious if you are asked for personal information.
 Encrypt your communication while accessing internet in public network like café/
college.
 Apply security patching timely.
 Backup your system and data, and store it securely

What AntiVirus could do when?
#Scan it all
 Do scan all email attachments for viruses before opening them.
 Use email filtering software like mailwasher.
 Only give your email address to people you know.
 Use digital signature to send emails for proving who you are.
 Check the terms and disclaimers of an e-shopping site before acquiring its service.
 Check the trustworthiness of the e-commerce website (e.g. checking the SSL
certificate).

#Use unique passwords
 Use different passwords for bank accounts, university accounts and external
accounts.
 Always reboot when starting to use the public PCs.
 Clean up cache files after use.
 Use MAC filtering for Wi-Fi networks.
 Disable DHCP for Wi-Fi/Wired network.
 Turn off the remote services like SSH or Telnet which are not in need.
 Check the physical security of server room or network room.
 Beware of social engineering.
 Assess the security of network and every single device for loopholes.
 Implement content filtering within your Firewall.
 Implement domain based VPN for communication between branches.
 Do implement a monitoring system to analyze packets.

Don’ts:
It’s that hard to remember …!
#Never write down your passwords
 ver write down your password. Especially on a Post-It note stuck to your computer.
 Never give out your password to anyone, whether you know them or not.
 Never select the “Remember My Password” option. Many applications do not store
them securely.
 Never purchase anything promoted in a spam message. Even if the offer isn’t a
scam, you are only helping to finance and encourage spam.
 Please refrain from opening an e-mail attachment, even from someone you know
well, unless you were expecting it.
 Do not leave your laptop unattended, even for a few minutes.
 Never reply to e-mail(s) requesting financial or personal information.

Spam the ultimate way for hacker…
#Spam Spam
 Avoid opening e-mail(s) or e-mail attachments from an unknown sender.
 Please refrain from clicking on the close button within pop-up ads.
 Under no circumstances should you install or use pirated copies of software.
 Do not install P2P file sharing programs which can illegally download copyrighted
material.
 Never set your e-mail program to “auto-open” attachments.
 Don’t let any unauthorized person use your computer/mobile system.
 Do not access Internet Banking website through a link from another website or a
link in an e-mail.
 Do not access Internet Banking site at Cyber cafes and shared PCs.
 Do not use the same password for all your online accounts.
 Do not add strangers on Facebook or any other social networking sites.
 Do not save passwords or PINs in website or notepad.
 Do not forward chain messages on WhatsApp.
 Do not use profane language on internet as you may be sued.
 Do not use any hacking software’s unless they’re open source and you trust them.
 Do not provide your personal phone number, email ID to any stranger.

For Administrators:
“Becoming Mr. Crypto!”
#Encrypt Everything
 Don’t store sensitive information in portable device without strong encryption.
 Don’t leave your computer / sensitive documents unlocked.
 Don’t discuss something sensitive in public place. People around you may be
listening to your conversation.
 Don’t visit untrustworthy sites even out of curiosity, or access the URLs provided in
those websites.
 Don’t use illegal software and programs, like pirated or cracked applications.
 Don’t send mail bomb, forward or reply to junk email or hoax message
 Don’t click on links embedded in spam mails.
 Don’t buy things or make charity donations in response to spam email.
 Don’t leave without closing all browsers and logging out from the public PCs.

“Don’t let others get in to your head”
#Human Hacking
 Be aware of social engineering.
 Don’t let others watch over your shoulder while logging in or doing online
transactions.
 Don’t allow employees to plug storage devices like HDD/pen drive without
permission.
 Don’t use outdated server applications like IIS/Apache.
 Do not provide administrator/root privilege to any accounts other than yours.
 Do not use clear text protocol for any kind of communication.
 Do not allow user mobiles to connect Wi-Fi network of company unless needed.
 Don’t install multiple AVs on user machines as they consume a lot of memory.

#CyberAttack
 Don’t panic when somebody says you’re under cyber-attack, try to analyze the
problem or inform cyber security professionals.
 Do not allow any kind of devices to connect to your network like ‘pogo plug’.

# Who’s the target? Company or Customer?

Indian Cyber Crimes regulations & Punishments: (*The flowing information is taken from Indi-
an Cyber Crime Act 2008 and 2012)
SL.
NO. Offence Section Punishment
1.
Tampering with computer
source Documents
Sec.65 3yrs jail and/or two lakh fine
2.
Hacking with computer sys-
tems , Data Alteration
Sec.66 3yrs jail and/or two lakh fine
3.
Sending offensive messag-
es through communication
service, etc.
Sec.66A Up to 3yrs jail with fine
4.
Dishonestly receiving stolen
computer resource or com-
munication device
Sec.66B 3yrs jail and/or one lakh fine
5. Identity theft Sec.66C 3yrs jail and/or one lakh fine
6.
Cheating by personation by
using computer resource
Sec.66D 3yrs jail and/or one lakh fine
7. Violation of privacy Sec.66E 3yrs jail and/or two lakh fine
8. Cyber terrorism Sec.66F Imprisonment for life
9.
Publishing or transmitting
obscene material in elec-
tronic form
Sec .67 On first conviction –5yrs jail
and/or fine up to one lakh. On
second conviction –10yrs jail
and/or two lakh fine.
10.
Publishing or transmit-
ting of material containing
sexually explicit act, etc. in
electronic form
Sec.67A On first conviction –5yrs jail
11.
Punishment for publishing
or transmitting of mate-
rial depicting children in
sexually explicit act, etc. in
electronic form.
Sec.67B On first conviction –5yrs jail
11.
Preservation and Retention
of information by intermedi-
aries
Sec.67C Imprisonment for a term,
which may extend to 3 years
and shall also be liable to fine.
12.
Powers to issue directions
for interception or moni-
toring or decryption of any
Information through any
computer resource.
Sec.69 Imprisonment for a term,
which may extend to seven
years and shall also, be liable
to fine.
13.
Power to issue directions
for blocking for public
access of any information
through any computer re-
source.
Sec.69A Imprisonment for a term which
may extend to seven years and
shall also be liable to fine.
14.
Power to authorize to mon-
itor and collect traffic data
or information through any
computer resource for Cy-
ber Security.
Sec.69B Imprisonment for a term which
may extend to three years and

15.
Un-authorized access to
protected system
Sec.70 Imprisonment of either de-
scription for a term which may
extend to ten years and shall
also be liable to fine.
16.
Penalty for misrepresenta-
tion
Sec.71 imprisonment for a term which
may extend to two years, or
with fine which may extend to
one lakh rupees, or with both.
17.
Breach of confidentiality
and privacy
Sec.72 Imprisonment for a term which
18.
Publishing False digital sig-
nature certificates
Sec.73 Imprisonment for a term which
19.
Publication for fraudulent
purpose
Sec.74 Imprisonment up to two years,
or with fine up to one lakh ru-
pees, or with both.
29.
Act to apply for offence or
contraventions committed
outside India
Sec.75 NA
21.
Compensation, penal-
ties or confiscation not
to interfere with other
punishment
Sec.77 NA
22. Compounding of Offences Sec.77A NA
23.
Offences with three years’
imprisonment to be cog-
nizable
Sec.77B NA
24.
Exemption from liability
of intermediary in certain
cases
Sec.79 NA
25.
Punishment for abetment of
offences
Sec.84B NA
26.
Punishment for attempt to
commit offences
Sec.84C NA
27. Offences by Companies Sec.85 NA
28.
Sending threatening mes-
sages by e-mail
Sec .503
IPC
2yrs imprisonment
29.
Word, gesture or act intend-
ed to insult the modesty of
a woman
Sec.509
IPC
Simple imprisonment for a
term which may extend to one
year, or with fine, or with both.
30.
Sending defamatory mes-
sages by e-mail
Sec .499
IPC
Simple imprisonment for a
term which may extend to one
year, or with fine, or with both.
31.
Bogus websites , Cyber
Frauds
Sec .420
IPC
7 years with fine or without
fine.

32.
E-mail Spoofing Sec .463
IPC
Imprisonment and/or fine
33.
Making a false document Sec.464
IPC
Imprisonment and/or fine
34.
Forgery for purpose of
cheating
Sec.468
IPC
Imprisonment of either de-
extend to seven years, and
35.
Forgery for purpose of
harming reputation
Sec.469
IPC
extend to three years, and
36.
Web-Jacking Sec .383
IPC
extend to three years, or with
fine or with both
37.
E-mail Abuse Sec .500
IPC
Imprisonment for term which
may extend to 2yrs/fine or
both
38.
Punishment for criminal
intimidation
Sec.506
IPC
scription for a term, which
may extend to 7yrs/fine, or
with both.
39.
Criminal intimidation by an
anonymous communication
Sec.507
IPC
extend to two years.
40.
When copyright in-
fringed:- Copyright in a
work shall be deemed to
be infringed.
Sec.51 Imprisonment may not be less
than six months but which
may extend to three years.
41.
Offence of infringement of
copyright or other rights
conferred by this Act. Any
person who knowingly in-
fringes or abets the infringe-
ment.
Sec.63 Imprisonment for a term
which shall not be less than 6
months but which may extend
to 3yrs & with fine which shall
not be less than 50,000 but
which may extend to 2 lakh
rupees.
42.
Enhanced penalty on sec-
ond and subsequent convic-
tions
Sec.63A Imprisonment for a term which
shall not be less than one year
but which may extend to three
years and with fine which shall
not be less than one lakh ru-
pees but which may extend to
two lakhs rupees.
43.
Knowing use of infringing
copy of computer program
to be an offence
Sec.63B Imprisonment for a term which
shall not be less than seven
days but which may extend
to three years and with fine
which shall not be less than
fifty thousand rupees but
which may extend to two lakh
rupees.

44.
Obscenity Sec. 292
IPC
On first conviction with impris-
onment of either description
for a term which may extend to
two years, and with fine which
may extend to two thousand
rupees, and, in the event of
a second or subsequent con-
viction, with imprisonment of
either description for a term
which may extend to five years,
and also with fine which may
extend to five thousand ru-
pees.
45.
Printing etc. of grossly in-
decent or scurrilous mat-
ter or matter intended for
blackmail.
Sec.292A
IPC
scription for a term, which
with fine, or with both.
46.
Sale, etc., of obscene objects
to young person
Sec .293
IPC
On first conviction with impris-
onment of either description
for a term which may extend
to three years, and with fine
which may extend to two thou-
sand rupees, and, in the event
of a second or subsequent
conviction, with imprisonment
of either description for a term
which may extend to seven
years, and also with fine which
may extend to five thousand
rupees.
47.
Obscene acts and songs Sec.294
IPC
extend to three months, or
with fine, or with both.
48.
Theft of Computer Hard-
ware
Sec. 378 Imprisonment of either de-
scription which may extend to
3 years, with fine, or both.
49.
Punishment for theft Sec.379 Imprisonment of either de-
extend to 3yrs/fine, or with
both.
50.
Online Sale of Drugs NDPS
Act
Imprisonment for a term which
shall not be less than 10 years
but which may extend to 20
years and shall also be liable
to fine that shall not be less
than Rs.1 lakh but which may
extend to Rs.2 lakh.
51.
Online Sale of Arms Arms Act Imprisonment for a term which
shall not be less than five
years but which may extend
to ten years and shall also be
liable to fine.

CDSA Course Syllabus

UNIT 1: NETWORKING AND SECURITY
CONCEPTS
Module 1: Networking Concepts
Overview
1. Introduction to Computers
2. Introduction to OS
3. Introduction to networks
4. Basic communication systems
5. Transmission media
6. ISO/OSI and TCP/IP Model and Com-
munication Protocols
7. Types of Networks
8. Addressing
9. Servers
10. Wireless Network
Module 2: Information security Con-
cepts
1. Information Security Overview
2. Goals of security
3. Types of attacks
4. Steganography
5. Cryptography
6. E-commerce Security
7. Computer Forensics
Module 3: Security Threats and vul-
nerabilities
1. Overview of security threats
2. Malwares
3. Programming bugs
4. Insecure Network Connections
5. Cyber Crime and Cyber Terrorism
6. Information warfare and surveil-
lance
UNIT 2: ETHICAL HACKING
Module 1: Introduction to Ethical
Hacking
1. Introduction to Ethical
Hacking
2. Legality and Ethics
3. Foot printing and
Reconnaissance
4. Scanning
5. Enumeration
6. System Hacking
7. Maintaining Access
8. Covering Tracks
Module 2: Various attack methods
and their counter measures
1. DoS & DDoS
2. SQL Injection
3. Buffer overflow
4. Session Hijacking – Man in the
Middle Attack
5. Cracking Web Passwords
6. Sniffers
7. Cross site scripting attack
Module 3: Penetration Testing
1. Penetration Testing Overview
2. Legal and Ethical Implications
3. The three Pre-test Phases
4. Penetration Testing Tools and
Techniques
5. Wireless Network Penetration
Testing
UNIT 3: SERVER MANAGEMENT, FIRE-
WALL, IDS, WIRELESS NW & MOBILE
SECURITY
Module 1: Server Management and
Firewall
1. User Management
2. DNS Routing and Load
Balancing
3. Overview of Firewalls
4. Types of Firewalls
5. DMZ and Firewall Features
6. Protecting Servers
7. VPN Security
8. Fax Security
9. Web Server security
10. Email Server Security
Module 2: Wireless Network Security
1. Wireless Networking concepts
2. Wireless Technology
3. IEEE 802.11 family
4. WLAN operational modes
5. Wireless Application Protocol
6. Wired Equivalent Privacy (WEP)
7. WPA and WPA2
8. WLAN Threats
9. Wireless Hacking Tools
10. Securing WLANs
Module 3: Intrusion Detection
Systems and Honeypots
1. Intrusion Detection and
Response
2. Incident Handling
3. Honey pots
Module 4: Mobile Security
1. Mobile Attacks
2. Vulnerabilities and Risks
3. Mobile Device Management
4. Mobile Protection tools
UNIT 4: SYSTEM & APPLICATION SE-
CURITY
Module 1: System Security
1. Desktop Security
2. Email Security: PGP & SMIME
3. Web security: SSL & SET
4. Browser security
Module 2: OS Security
1. OS Security vulnerabilities, updates
and patches
2. Antivirus software’s
3. Design of secure OS and OS harden-
ing
4. Linux Security
5. Windows Security
UNIT 5: DIGITAL FORENSICS AND
COMPLIANCE
Module 1: Digital Forensics
1. Log Analysis
2. Web Server Analysis
3. Forensic Evidence
Management
Module 2: Compliances
1. Auditing
2. Information on Security
Management
3. Risk Assessment
4. Business Continuity
5. PCI DSS
____________
Become Certified Digital
Security Analyst and
Earn While You Learn.
To book a counselling
Contact: 9325304001

Year 2015
January 2015 February 2015 March 2015 April 2015
M T W T F S S M T W T F S S M T W T F S S M T W T F S S
1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31
1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28
1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30
May 2015 June 2015 July 2015 August 2015
1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
September 2015 October 2015 November 2015 December 2015
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30
1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31
1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31
Year 2016
January 2016 February 2016 March 2016 April 2016
1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31
1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30
May 2016 June 2016 July 2016 August 2016
1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30
1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31
September 2016 October 2016 November 2016 December 2016
1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30
1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31
Address:
SKILLS FACTORY LEARNING PVT LTD
103 Venkateshwara House, near Sharda center,
Opposite Sinhagad College, Erandwane,
Pune 411004
020-25451488 | training@skills-factory.com
91-9225304001 | www.skills-factory.com

Do's and Dont's

More Related Content

What's hot

Viewers also liked

Similar to Do's and Dont's

Recently uploaded

Do's and Dont's