Courses ×


Corporate Training Hire From Us Explore Courses
University Logo

Executive Post Graduate Certification in Cyber Security

Learn from IIT Faculty & Industry Experts with Guaranteed Job Interviews.
Campus Immersion at IIT Roorkee.

This Executive Post Graduate Certification in Cyber Security is designed to provide professionals with the skills and techniques who are looking forward to kickstart their careers in the field of cybersecurity. Also, get a chance to win big with our course! The top 2 performers from each batch may get a fellowship worth Rs. 80,000, plus the opportunity to showcase their startup ideas and secure incubation support of up to Rs. 50 Lakhs for their startup from iHUB DivyaSampark, IIT Roorkee. Undergraduate studentsRead More..

In collaboration with

Only Few Seats Left

Learning Format

Online Bootcamp

Live Classes

8 Months

Executive PG


Campus Immersion

IIT Roorkee


Hiring Partners

Process Advisors

*Subject to Terms and Condition

About Program

This Executive Post Graduate Certification program in Cyber Security by iHUB DivyaSampark, IIT Roorkee offers 9 modules and a career-accelerating capstone project to elevate your professional journey. This course will help you gain expertise in Networks, SQL, Application Security, Risk Analysis, and Mitigation via live classes by IIT professors.

Key Highlights

250 Hrs of Applied Learning
70+ Live sessions across 8 months
Learn from IIT Faculty & Industry Experts
50+ Industry Projects & Case Studies
One-on-One with Industry Mentors
24*7 Support
Dedicated Learning Management Team
Designed for working Professionals & Fresher's
1:1 Mock Interview
iHUB DivyaSampark, IIT Roorkee Certification
Resume Preparation and LinkedIn Profile Review
Placement Assistance
Free Career Counselling
2 Days Campus Immersion at IIT Roorkee
3 Guaranteed Job Interviews upon movement to Placement Pool
Top 2 performers per batch will receive Rs 80000 in fellowship*
Up to Rs. 50 Lakhs startup Incubation Support*
Certified Ethical Hacker certificate from EC Council*

Free Career Counselling

We are happy to help you 24/7

About iHUB DivyaSampark, IIT Roorkee

iHUB DivyaSampark aims to enable innovative ecosystem in new age technologies like AI, ML, Drones, Robots, data analytics (often called CPS technologies) and becoming the source for the next generation of digital technologies, products and services by promoting, enhancing core competencies, capacity building,Read More..

Key Achievements of IIT Roorkee:

Upon the completion of this program, you will receive:

  • Executive Post Graduate Certification in Ethical Hacking from iHUB DivyaSampark, IIT Roorkee.

About the EC-Council

This American organization offers education, training, and services on Cyber Security. The certification by the EC-Council validates the various cybersecurity skills that the learners will be trained in through the programme.

Benefits for students from EC-Council

  • Certified Ethical Hacker certificate from EC Council
  • 24 Hacking Challenges from EC Council
  • Student kit containing e-books, exam voucher

Who can apply for this program?

  • Anyone who has a bachelor’s degree
  • Anyone who is in the final year of their bachelor’s degree program
  • IT professionals
  • Anyone who wants to pursue cyber security
Who can aaply

What roles can a Cyber Security professional play?

Security Analyst

They analyze and assess infrastructure vulnerabilities, uncover weaknesses, and recommend solutions and best practices.

Security Engineer

These professionals conduct safety monitoring and investigations and implement new technologies and procedures to improve safety capabilities.


They use encryption to secure information or develop security software. They may also develop stronger encryption algorithms.

Security Architect

Designs a security system or major components of a security system and leads a security design team that instals a new security system.

Security Administrator

These professionals install and manage organisation-wide security systems.

Security Software Developer

They develop security software and integrate or implement security in application software.

View More

Skills to Master

Ethical Hacking


Cyber Security


Application Security

Risk Analysis and Mitigation

View More

Tools to Master

intellipaat intellipaat intellipaat intellipaat intellipaat intellipaat intellipaat intellipaat intellipaat intellipaat intellipaat intellipaat intellipaat intellipaat intellipaat
View More

Meet Your Mentors

Interested in This Program? Secure your spot now.

The application is free and takes only 5 minutes to complete.


Live Course


  • Introduction to Python and IDEs – The basics of the python programming language, how you can use various IDEs for python development like Jupyter, Pycharm, etc.
  • Python Basics – Variables, Data Types, Loops, Conditional Statements, functions, decorators, lambda functions, file handling, exception handling ,etc.
  • Object Oriented Programming – Introduction to OOPs concepts like classes, objects, inheritance, abstraction, polymorphism, encapsulation, etc.
  • Hands-on Sessions And Assignments for Practice – The culmination of all the above concepts with real-world problem statements for better understanding.


  • Introduction to Linux  – Establishing the fundamental knowledge of how linux works and how you can begin with Linux OS.
  • Linux Basics – File Handling, data extraction, etc.
  • Hands-on Sessions And Assignments for Practice – Strategically curated problem statements for you to start with Linux.

3.1 What is Cyber Security
3.2 Overview
3.3 Need and Importance
3.4 Different verticals

4.1 Introduction to Kali Linux
4.2 Services in Kali (HTTP, SSH)
4.3 Wget, curl, grep, awk, tail, head, watch, find, locate
4.4 Piping and Redirection
4.5 Python and Bash Scripting
4.6 Netcat, Socat, Powercat, Powershell, Wireshark, tcpdump
4.7 Note taking

5.1 Introduction to Ethical Hacking

  • Information Security Threats and Attack Vectors
    • Motives, goals, and objectives of information security attacks
    • Top information security attack vectors
    • Information security threat categories
    • Types of attacks on a system
    • Information warfare
  • Hacking Concepts
    • What is hacking?
    • Who is a hacker?
    • Hacker classes
    • Hacking phases
  • Ethical Hacking Concepts
    • What is Ethical Hacking?
    • Why is Ethical Hacking necessary?
    • Scope and limitations of Ethical Hacking
    • Skills of an Ethical Hacker
  • Information Security Controls
    • Information Assurance (IA)
    • Information security management program
    • Enterprise Information Security Architecture (EISA)
    • Network security zoning
    • Defense-in-Depth
    • Information security policies
    • Physical security
    • What is risk?
    • Threat modeling
    • Incident management
    • Security Incident and Event Management (SIEM)
    • User Behavior Analytics (UBA)
    • Network security controls
    • Identity and Access Management (IAM)
    • Data leakage, backup, and recovery
    • The role of AI/ML in Cyber Security
  • Penetration Testing Concepts
    • Why penetration testing?
    • Security audit
    • Vulnerability assessment
    • Blue Teaming/Red Teaming
    • Types and phases of penetration testing
    • Security testing methodology
  • Information Security Laws and Standards
    • Payment Card Industry Data Security Standard (PCI-DSS)
    • ISO/IEC 27001:2013
    • Health Insurance Portability and Accountability Act (HIPAA)
    • Sarbanes Oxley Act (SOX)
    • The Digital Millennium Copyright Act (DMCA)
    • Federal Information Security Management Act (FISMA)
    • Cyber law in different countries

5.2 Footprinting and Reconnaissance

  • Footprinting through Search Engines
    • Footprinting through search engines
    • Footprint using advanced Google hacking techniques
    • Information gathering using Google Advanced Search and Image Search
    • Google Hacking Database
    • VoIP and VPN footprinting through Google Hacking Database
  • Footprinting through Web Services
    • Finding the company’s Top-level Domains (TLDs) and sub-domains
    • Finding the geographical location of the target
    • People Search on social networking sites and people search services
    • Gathering information from LinkedIn
    • Gather information from financial services
    • Footprinting through job sites
    • Monitoring target using alerts
    • Information gathering using groups, forums, and blogs
    • Determining the OS
    • VoIP and VPN footprinting through SHODAN
  • Footprinting through Social Networking Sites
    • Collecting information through social engineering on social networking sites
  • Website Footprinting
    • Website Footprinting
    • Mirroring the entire website
    • Extracting website information
    • Monitoring web pages for updates and changes
  • Email Footprinting
    • Tracking email communications
    • Collecting information from the email header
    • Email tracking tools
  • Competitive Intelligence
  • Whois Footprinting
    • Whois Lookup
    • Whois Lookup result analysis
    • Whois Lookup tools
    • Finding IP geolocation information
  • DNS Footprinting
    • Extracting DNS information
    • DNS interrogation tools
  • Network Footprinting
    • Locate the network range
    • Traceroute
    • Traceroute analysis and tools
  • Footprinting Through Social Engineering
    • Footprinting through social engineering
    • Eavesdropping
    • Shoulder surfing
    • Dumpster diving
  • Footprinting Tools
    • Maltego
    • Recon-ng
    • FOCA
    • Recon-Dog
    • OSRFramework
    • Additional footprinting tools
  • Footprinting Countermeasures
  • Footprinting Pen Testing

5.3 Scanning Networks

  • Introduction to Network Scanning
    • Scanning tools: Nmap, Hping2 / Hping3, and Hping commands
  • Scanning Techniques
    • ICMP scanning
    • Ping sweep
    • ICMP echo scanning
    • TCP connect / full-open scan
    • Stealth Scan / half-open scan
    • Inverse TCP flag scanning
    • Xmas scan
    • ACK flag probe scanning
    • IDLE/IPID header Ssan
    • UDP scanning
    • SSDP and list scanning
    • Port scanning countermeasures
  • Scanning Beyond IDS and Firewall
  • IDS/Firewall Evasion Techniques
    • Packet fragmentation
    • Source routing
    • IP address decoy
    • IP address spoofing
    • Proxy servers
    • Anonymizers
  • Banner Grabbing
    • How to identify target system OS
    • Banner grabbing countermeasures
  • Draw Network Diagrams
    • Drawing network diagrams
    • network discovery and mapping tools
    • network discovery tools for mobile
  • Scanning Pen Testing

5.4 Enumeration

  • Enumeration Concepts
    • What is Enumeration?
    • Techniques for enumeration
    • Services and ports to enumerate
  •  NetBIOS Enumeration
    • NetBIOS enumeration tools
    • Enumerating user accounts
    • Enumerating shared resources using Net View
  • SNMP Enumeration
    • SNMP (Simple Network Management Protocol) enumeration
    • Working of SNMP
    • Management Information Base (MIB)
    • SNMP enumeration tools
  • LDAP Enumeration
    • LDAP Enumeration
    • LDAP Enumeration tools
  •  NTP Enumeration
    • NTP Enumeration
    • NTP Enumeration tools
  • SMTP and DNS Enumeration
    • SMTP enumeration
    • SMTP enumeration tools
    • DNS enumeration using zone transfer
  • Other Enumeration Techniques
    • IPsec enumeration
    • VoIP enumeration
    • RPC enumeration
    • Unix/Linux User enumeration
  • Enumeration Countermeasures
  • Enumeration Pen Testing

5.5 Vulnerability Analysis

  • Vulnerability Assessment Concepts
    • What is vulnerability assessment?
    • Vulnerability classification and research
    • Vulnerability-Management Life Cycle
  • Vulnerability Assessment Solutions
    • Vulnerability scanning solutions
    • Types of vulnerability assessment tools
    • Choosing a vulnerability assessment tool
  • Vulnerability Scoring Systems
    • Common Vulnerability Scoring System (CVSS)
    • Common Vulnerabilities and Exposures (CVE)
    • National Vulnerability Database (NVD)
    • Resources for Vulnerability Research
  • Vulnerability Assessment Reports
    • Vulnerability assessment reports
    • Analyzing vulnerability scanning report

5.6 System Hacking

  • System Hacking Concepts 
    • CEH Hacking Methodology (CHM)
    • System hacking goals
  • Cracking Passwords
    • Password cracking
    • Types of password attacks
    • Password recovery tools
    • Password salting
    • Password cracking tools
  • Escalating Privileges
    • Privilege escalation techniques
    • How to defend against privilege escalation?
  • Executing Applications
    • Tools for executing applications
    • Keylogger
    • Spyware
  • Hiding Files
    • Rootkits
    • NTFS Data Stream
    • What is steganography?
  •  Covering Tracks
    • Covering tracks
    • Disabling auditing: Auditpol
    • Clearing logs
    • Clear online tracks
    • Covering BASH shell tracks,
    • Covering tracks on the network and OS
    • Covering tracks tools

5.7 Malware Threats

  • Malware Concepts
    • Introduction to malware
    • Components of malware
  • Trojan Concepts
    • What is a trojan and its types?
    • Trojan horse construction kit
    • Wrappers
    • Crypters
    • Evading anti-virus techniques
  • Virus and Worm Concepts
    • Introduction to viruses
    • Stages of virus life
    • Different types of viruses
    • Virus hoaxes
    • Fake antiviruses
    • Ransomware
    • Creating virus
    • Computer worms
    • Worm makers
  • Malware Analysis
    • Introduction to malware analysis
    • What is Sheep Dip Computer?
    • Anti-virus sensor systems
    • Malware analysis procedure
  • Countermeasures
    • Trojan countermeasures
    • Backdoor countermeasures
    • Virus and worms countermeasures
  • Anti-Malware Software
    • Anti-trojan software
    • Antivirus software
  • Malware Penetration Testing

5.8 Sniffing

  • Sniffing Concepts
    • Network sniffing
    • Types of sniffing
    • Hardware protocol analyzers
    • SPAN port
    • Wiretapping
    • Lawful interception
  • Sniffing Technique:
    • MAC attacks
    • DHCP attacks
    • ARP poisoning
    • Spoofing attacks
    • DNS poisoning
  • Sniffing Tools
    • Wireshark
    • Wireshark filters
    • Sniffing tools
    • Packet sniffing tools for mobile
  • Countermeasures
    • How to Defend Against Sniffing
  • Sniffing Detection Techniques
    • How to detect sniffing
    • Promiscuous detection tools
    • Sniffing penetration testing

5.9 Social Engineering

  • Social Engineering Concepts
    • What is social engineering?
    • Phases of a social engineering attack
  • Social Engineering Techniques
    • Types of social engineering
    • Human-based social engineering
    • Computer-based social engineering
    • Mobile-based social engineering
  • Insider Threats
    • Insider threat/insider attack
    • Types of insider threats
  • Impersonation on Social Networking Sites
    • Social engineering through impersonation on social networking sites
    • Social networking threats to corporate networks
  • Identity Theft
  • Countermeasures
    • Social engineering countermeasures
    • Insider threats countermeasures
    • Identity theft countermeasures
    • Detect phishing emails
    • Anti-phishing toolbar
    • Common social engineering targets and defense strategies
  • Social Engineering Pen Testing
    • Social engineering pen testing
    • Social engineering pen testing tools

5.10 Denial-of-Service

  • DoS/DDoS Concepts
    • What is a Denial-of-Service attack?
    • What is distributed Denial-of-Service attack?
  • DoS/DDoS Attack Techniques
    • Basic categories of DoS/DDoS attack vectors
    • UDP, ICMP, and SYN flood attack
    • Ping of death and smurf attack
    • Fragmentation attack
    • HTTP GET/POST and slowloris attacks
    • Multi-vector attack
    • Peer-to-peer attacks
    • Permanent Denial-of-Service attack
    • Distributed reflection Denial-of-Service (DRDoS)
  • Botnets
    • Organized cyber crime: organizational chart
    • Botnet ecosystem
    • Botnet Trojans
  • DDoS Case Study
    • DDoS attack
    • Hackers advertise links to download botnet
    • Use of mobile devices as botnets for launching DDoS attacks
    • DDoS Case Study: Dyn DDoS Attack
  • DoS/DDoS Attack Tools
    • DoS/DDoS attack tools
    • DoS and DDoS attack tool for mobile
  • Countermeasures
    • Detection techniques
    • DoS/DDoS countermeasure strategies
    • DDoS Attack countermeasures
    • Techniques to defend against botnets
    • DoS/DDoS protection at ISP Level
  • DoS/DDoS Protection Tools 
    • Advanced DDoS protection appliances
    • DoS/DDoS protection tools
  • DoS/DDoS Penetration Testing
    • Denial-of-Service (DoS) Attack Pen Testing

5.11 Session Hijacking

  • Session Hijacking Concepts
    • What is session hijacking?
    • Session hijacking process
    • Types of Session hijacking
    • Packet analysis of a local session hijack
    • Session hijacking in OSI Model
    • Spoofing vs. hijacking
  •  Application Level Session Hijacking
    •  Application level session hijacking
      • Compromising session IDs using sniffing and by predicting session token
      • Man-in-the-Middle attack
      • Man-in-the-Browser attack
      • Client-side attacks
    • Client-side attacks:
      • Cross-site script attack
      • Compromising session IDs
      • Session fixation
      • Session hijacking using proxy servers
      • CRIME attack
      • Forbidden attack
  • Network Level Session Hijacking 
    • TCP/IP hijacking
    • IP spoofing: source routed packets
    • RST hijacking
    • Blind hijacking
    • UDP hijacking
    • MiTM attack using forged ICMP and ARP spoofing
  • Session Hijacking Tools
    • Session hijacking tools
    • Session hijacking tools for mobile
  • Countermeasures 
    • Session hijacking detection methods
    • Protection against session hijacking
    • Session hijacking detection and prevention tools
    • IPSec
  • Penetration Testing

5.12 Evading IDS, Firewalls, and Honeypots

  • IDS, Firewall and Honeypot Concepts
    • Intrusion Detection System (IDS)
    • Firewall
    • Honeypot
  • IDS, Firewall and Honeypot Solutions
    • Intrusion detection tool
    • Firewalls and honeypot tools
  • Evading IDS
    • IDS/firewall evasion tools and techniques
    • Packet Fragment Generator Tools
  • Detecting Honeypots
    • Detecting and defeating honeypots
    • Honeypot detection tool: Send-Safe Honeypot Hunter
  • IDS/Firewall Evasion Countermeasures
    • How to defend against IDS evasion
    • How to defend against firewall evasion
  • Firewall/IDS Penetration Testing

5.13 Hacking Web Servers

  • Web Server Concepts
    • Web server operations
    • Open source web server architecture
    • IIS web server architecture
    • Web server security issue
  • Web Server Attacks
    • DoS/DDoS attacks
    • DNS server hijacking
    • DNS amplification attack
    • Directory traversal attacks
    • Man-in-the-Middle/sniffing attack
    • Phishing attacks
    • Website defacement
    • Web Server misconfiguration
    • HTTP response splitting attack
    • Web cache poisoning attack
    • SSH brute force attack
    • Web server password cracking
    • Web application attacks
  • Web Server Attack Methodology
    • Information gathering
    • Web server footprinting/banner grabbing
    • Website mirroring
    • Vulnerability scanning
    • Session hijacking
    • Web server passwords hacking
    • Using application server as a proxy
  •  Web Server Attack Tools
    • Metasploit
    • Web server attack tools
  • Countermeasures
    • Web servers in separate secure server security segment
    • Countermeasures
    • Detecting web server hacking attempts
    • Defend against web server attacks
    • HTTP response splitting
    • Web cache poisoning
    • DNS hijacking
  • Patch Management
    • What is patch management
    • Patches and hotfixes
    • Installation of a patch
    • Patch management tools
  • Web Server Security Tools
    • Web application security scanners
    • Web server security scanners
    • Web server security tools
  • Web Server Pen Testing
    • Web server penetration testing
    • Web server pen testing tools

5.14 Hacking Web Applications

  • Web App Concepts
    • Introduction to web applications
    • Web application architecture
    • Web 2.0 applications
    • Vulnerability stack
  • Web App Threats
    • OWASP Top 10 Application Security Risks
    • Web app hacking methodology
    • Footprint web Infrastructure
    • Attack web servers
    • Analyze web applications
    • Bypass client-side controls
    • Attack authentication mechanism
    • Attack authorization schemes
    • Attack access controls
    • Attack session management mechanism
    • Perform injection/input validation attacks
    • Attack application logic flaws
    • Attack database connectivity
    • Attack web app client
    • Attack web services
  • Web App Hacking Tools
  • Countermeasures
    • Web application fuzz testing
    • Source code review
    • Encoding schemes
    • Defend against injection attacks
    • Web application attack countermeasures
    • Defend against web application attacks
  • Web App Security Testing Tools
    • Web application security testing tools
    • Web application firewall
  • Web App Pen Testing
    • Web application pen testing
    • Web application pen testing framework

5.15 SQL Injection

  • SQL Injection Concepts
    • What is SQL injection?
    • SQL injection and server-side technologies
    • HTTP POST Request
    • Normal SQL Query
    • SQL Injection Query
    • Code Analysis
  • Types of SQL Injection
  • SQL Injection Methodology
  • SQL Injection Tools
    • SQL power injector and SQLmap
    • The mole and SQL injection
    • SQL injection tools for mobile
  • Evasion Techniques:
    • Evading IDS
    • Types of signature evasion techniques:
      • In-line comment
      • Char encoding
      • String concatenation
      • Obfuscated codes
      • Manipulating white spaces
      • Hex encoding
      • Sophisticated matches
      • URL encoding
      • Null Byte
      • Case variation
      • Declare variable
      • IP fragmentation 
  • Countermeasures
    • Defend against SQL injection attacks
    • SQL injection detection tools

5.16 Hacking Wireless Networks

  • Wireless Concepts
    • Wireless terminologies, networks, and standards
    • Service Set Identifier (SSID)
    • Wi-Fi authentication modes
    • Wi-Fi authentication process using a centralized authentication server
    • Types of wireless antennas
  • Wireless Encryption
    • Types of wireless encryption
    • WEP vs. WPA vs. WPA2
    • WEP issues
    • Weak Initialization Vectors (IV)
  • Wireless Threats
    • Rogue access point attack
    • Client mis-association
    • Misconfigured access point attack
    • Unauthorized association
    • Ad hoc connection attack
    • Honeypot access point attack
    • AP MAC spoofing
    • Denial-of-Service attack
    • Key Reinstallation Attack (KRACK)
    • Jamming signal attack
  • Wireless Hacking Methodology
    • Wi-Fi discovery
    • GPS mapping
    • Wireless traffic analysis
    • Launch wireless attacks
    • Crack Wi-Fi encryption
  • Wireless Hacking Tools
    • WEP/WPA cracking tools
    • WEP/WPA cracking tool for mobile
    • Wi-Fi sniffer
    • Wi-Fi traffic analyzer tools
    • Other wireless hacking tools
  • Bluetooth Hacking
    • Bluetooth stack
    • Bluetooth hacking
    • Bluetooth threats
    • How to blueJack a victim
    • Bluetooth hacking tools
  • Countermeasures
    • Wireless security layers
    • How to defend against WPA/WPA2 cracking, KRACK attacks, wireless attacks, and bluetooth hacking
    • How to detect and block rogue AP
  •  Wireless Security Tools
    • Wireless intrusion prevention systems
    • Wireless IPS deployment
    • Wi-Fi security auditing tools
    • Wi-Fi predictive planning tools
    • Wi-Fi vulnerability scanning tools
    • Bluetooth security tools
    • Wi-Fi security tools for mobile
  • Wireless Pen Testing
    • Wireless Penetration Testing,
    • Wireless Penetration Testing Framework

5.17 Hacking Mobile Platforms

  • Mobile Platform Attack Vectors
    • Vulnerable areas in mobile business environment
    • OWASP top 10 mobile risks
    • Anatomy of a mobile attack
    • Mobile attack vectors
    • Mobile platform vulnerabilities
    • Security issues arising from App stores
    • App sandboxing issues
    • Mobile spam
    • SMS Phishing Attack (SMiShing)
  • Hacking Android OS
    • Android OS and rooting
    • Blocking Wi-Fi access using NetCut
    • Hacking with zANTI
    • Hacking networks using Network Spoofer
    • Launching DoS attack using Low Orbit Ion Cannon (LOIC)
    • Performing session hijacking using DroidSheep
    • Hacking with Orbot Proxy
    • Android-based sniffers
    • Android trojans
    • Securing android devices
    • Android security tools
    • Android device tracking tools
  • Hacking iOS
    • Apple iOS
    • Jailbreaking iOS
    • iOS trojans
    • Guidelines for securing iOS devices
    • iOS device security and tracking tools
  • Mobile Spyware
    •  mSpy
  • Mobile Device Management
    • Mobile Device Management (MDM)
    • MDM solutions
    • Bring Your Own Device (BYOD)
  • Mobile Security Guidelines and Tools
    • General guidelines for mobile platform security
    • Mobile device security guidelines for Administrator
    • SMS phishing countermeasures
    • Mobile protection tools
    • Mobile anti-spyware
  •  Mobile Pen Testing
    • Android Phone Pen Testing,
    • iPhone Pen Testing,
    • Mobile Pen Testing Toolkit: Hackode

5.18 IoT Hacking

  • IoT Concepts
    • What is IoT?
    • How does IoT work?
    • IoT architecture
    • IoT application areas and devices
    • IoT technologies and protocols
    • IoT communication models
    • Challenges of IoT
    • Threat vs opportunity
  • IoT Attacks
    • IoT security problems
    • OWASP top 10 IoT vulnerabilities and obstacles
    • IoT attack surface areas
    • IoT threats
    • Hacking IoT devices
    • IoT attacks
    • Case Study: Dyn Attack
  • IoT Hacking Methodology
    • What is IoT device hacking?
    • IoT hacking methodology
    • IoT hacking tools
    • Information gathering tools
    • Sniffing Tools
    • Vulnerability scanning tools
  • Countermeasures
    • How to defend against IoT hacking
    • General guidelines for IoT device manufacturing companies
    • OWASP Top 10 IoT vulnerabilities solutions
    • IoT framework security considerations
    • IoT security tools
  • IoT Penetration Testing

5.19 Cloud Computing

  • Cloud Computing Concepts
    • Introduction to cloud computing
    • Separation of responsibilities in cloud
    • Cloud deployment models
    • NIST cloud deployment reference architecture
    • Cloud computing benefits
    • Virtualization
  • Cloud Computing Threats
  • Cloud Computing Attacks
    • Service hijacking using social engineering attacks
    • Service hijacking using network sniffing
    • Session hijacking using XSS attack
    • Session hijacking using session riding
    • Domain Name System (DNS) attacks
    • Side channel attacks or cross-guest VM breaches
    • SQL Injection attacks
    • Cryptanalysis attacks
    • Wrapping attack
    • DoS and DDoS attacks
    • Man-in-the-Cloud attack
  • Cloud Security 
    • Cloud security control layers
    • Cloud computing security considerations
    • Placement of security controls in the cloud
    • Best practices for securing cloud
    • NIST recommendations for cloud security
    • Organization/Provider cloud security compliance checklist
  • Cloud Security Tools
  • Cloud Penetration Testing
    • What is cloud pen testing?
    • Key considerations for pen testing in the cloud
    • Recommendations for Cloud Testing

5.20 Cryptography

  • Cryptography Concepts
    • Cryptography
    • Types of cryptography
    • Government Access to Keys (GAK)
  • Encryption Algorithms
    • Ciphers
    • Data Encryption Standard (DES)
    • Advanced Encryption Standard (AES)
    • RC4, RC5, and RC6 algorithms
    • Twofish
    • The DSA and related signature schemes
    • Rivest Shamir Adleman (RSA)
    • Diffie-Hellman
    • Message digest (One-Way Hash) functions
  • Cryptography Tools
    • MD5 hash calculators
    • Hash calculators for mobile
    • Cryptography tools
    • Cryptography tools for mobile
  • Public Key Infrastructure (PKI)
    • Public Key Infrastructure (PKI)
    • Certification authorities
    • Signed certificate (CA) vs. self-signed certificate
  • Email Encryption
    • Digital signature
    • Secure Sockets Layer (SSL)
    • Transport Layer Security (TLS)
    • Cryptography toolkit
    • Pretty Good Privacy (PGP)
  • Disk Encryption
    • Disk encryption
    • Disk encryption tools
  • Cryptanalysis
    • Cryptanalysis methods
    • Code Breaking methodologies
    • Cryptography attacks
    • Cryptanalysis tools
    • Online MD5 decryption tools
  • Countermeasures: How to Defend Against Cryptographic Attacks
  • Job Search Strategy
  • Resume Building
  • Linkedin Profile Creation
  • Interview Preparation Sessions by Industry Experts
  • Mock Interviews
  • Placement opportunities with 400+ hiring partners upon clearing the Placement Readiness Test.

6.1 Domain One –  Security and Risk Management

  • Regulatory and legal issues
  • Confidentiality, availability, and integrity concepts
  • Principles of security governance
  • Compliance and professional ethics
  • Requirements of business continuity
  • Policies of personnel security
  • Threat modeling and risk considerations
  • Security education, awareness, and training
  • Security policies, standards, procedures, and guidelines

6.2 Domain Two – Asset Security

  • Privacy protection
  • Asset and information classification
  • Ownership
  • Data security controls and appropriate retention
  • Requirements handling

6.3 Domain Three – Security Architecture and Engineering

  • Security evaluation models
  • Fundamental concepts of security models
  • Security designs, architectures, and solution elements vulnerabilities
  • Information systems security capabilities
  • Using secure design principles for engineering processes
  • Vulnerabilities of web-based and mobile systems
  • Cryptography
  • Vulnerabilities of cyber-physical systems and embedded devices
  • Secure principles of facility and site design
  • Physical security

6.4 Domain Four – Communication and Network Security

  • Architectural design of a secure network
  • Channels for secure communication
  • Components of a secure network
  • Network attacks

6.5 Domain Five – Identity and Access Management (IAM)

  • Logical/physical access to assets management
  • Authentication and identification management
  • Integrating identity as a third-party service
  • Mechanism of authorization
  • Provisioning life cycle’s identity and access

6.6 Domain Six – Security Assessment and Testing

  • Test outputs (e.g., manual and automated)
  • Security process data (e.g., operational and management controls)
  • Vulnerabilities of security architectures
  • Testing of security control
  • Test and assessment strategies

6.7 Domain Seven – Security Operations

  • Monitoring and logging activities
  • Investigation requirements and support
  • Incident management
  • Resource provision
  • Concepts of foundational security operations
  • Recovery strategies
  • Techniques of resource protection
  • Physical security
  • Measures of prevention
  • Vulnerability and patch management
  • Processes of change management
  • Exercises and planning of business continuity
  • Personnel safety concerns
  • Plans and processes for disaster recovery

6.8 Domain Eight – Software Development Security

  • Security controls for the development environment
  • Software development life cycle security
  • Impact of acquired software security
  • Effectiveness of software security
  • Job Search Strategy
  • Resume Building
  • Linkedin Profile Creation
  • Interview Preparation Sessions by Industry Experts
  • Mock Interviews
  • Placement opportunities with 400+ hiring partners upon clearing the Placement Readiness Test.

7.1 Overview of Azure Security
7.2 Active Directory (AD) of Azure for Workloads
7.3 Network Security for the Protection of the Platform
7.4 Host Security for the Protection of the Platform
7.5 Security and Containers
7.6 Role-based Access Control (RBAC) and Security Operations
7.7 Data Services Security
7.8 Security of Storage

8.1 Understand the Basic Concepts of Security Information and Event Management (SIEM)
8.2 Discuss the Different SIEM Solutions
8.3 Understand the SIEM Deployment
8.4 Learn Different Use Case Examples for Application-Level Incident Detection
8.5 Learn Different Use Case Examples for Insider Incident Detection
8.6 Learn Different Use Case Examples for Network Level Incident Detection
8.7 Learn Different Use Case Examples for Host Level Incident Detection
8.8 Learn Different Use Case Examples for Compliance
8.9 Understand the Concept of Handling Alert Triaging and Analysis

In this module, you will learn how to prevent a web application from being hacked as well as what key points to be considered for making an web application secure. This capstone project will give you exposure to both blue team and red team work profile and help you gain exposure on both sides.

  • Job Search Strategy
  • Resume Building
  • Linkedin Profile Creation
  • Interview Preparation Sessions by Industry Experts
  • Mock Interviews
  • Placement opportunities with 400+ hiring partners upon clearing the Placement Readiness Test.
View More

Program Highlights

70+ Live sessions across 8 months
250 Hrs of Applied Learning
50+ Industry Projects & Case Studies
24*7 Support

Interested in This Program? Secure your spot now.

The application is free and takes only 5 minutes to complete.


All the projects included in this program are aligned with the industry demands and standards. These industry-oriented projects will test your level of knowledge in the Cyber Security domain and also help you get exposure to real-life scenarios.

Practice 20+ Essential Tools

Designed by Industry Experts

Get Real-world Experience

Process Advisors

*Subject to Terms and Condition



Hear From Our Hiring Partners

Career Services By Intellipaat

Career Services

Career Oriented Sessions

Throughout the course

Over 10+ live interactive sessions with an industry expert to gain knowledge and experience on how to build skills that are expected by hiring managers. These will be guided sessions and that will help you stay on track with your up skilling objective.

Resume & LinkedIn Profile Building

After 70% of course completion

Get assistance in creating a world-class resume & LinkedIn Profile from our career services team and learn how to grab the attention of the hiring manager at profile shortlisting stage

Mock Interview Preparation

After 80% of the course completion

Students will go through a number of mock interviews conducted by technical experts who will then offer tips and constructive feedback for reference and improvement.

1 on 1 Career Mentoring Sessions

After 90% of the course completion

Attend one-on-one sessions with career mentors on how to develop the required skills and attitude to secure a dream job based on a learners’ educational background, past experience, and future career aspirations.

3 Guaranteed Interviews

After 80% of the course completion

Guaranteed 3 job interviews on the submission of projects and assignments. Get interviewed by our 400+ hiring partners.

Exclusive access to Intellipaat Job portal

After 80% of the course completion

Exclusive access to our dedicated job portal and apply for jobs. More than 400 hiring partners’ including top start-ups and product companies hiring our learners. Mentored support on job search and relevant jobs for your career growth.

Our Alumni Works At

Master Client Desktop

Peer Learning

Via Intellipaat PeerChat, you can interact with your peers across all classes and batches and even our alumni. Collaborate on projects, share job referrals & interview experiences, compete with the best, make new friends – the possibilities are endless and our community has something for everyone!


Admission Details

The application process consists of three simple steps. An offer of admission will be made to selected candidates based on the feedback from the interview panel. The selected candidates will be notified over email and phone, and they can block their seats through the payment of the admission fee.

Submit Application

Submit Application

Tell us a bit about yourself and why you want to join this program

Application Review

Application Review

An admission panel will shortlist candidates based on their application


Application Review

Selected candidates will be notified within 1–2 weeks

Program Fee

Total Admission Fee

$ 2,632

Upcoming Application Deadline 10th June 2023

Admissions are closed once the requisite number of participants enroll for the upcoming cohort. Apply early to secure your seat.

Program Cohorts

Next Cohorts

Next Cohorts

Date Time Batch Type
Program Induction 10th June 2023 08:00 PM IST Weekend (Sat-Sun)
Regular Classes 10th June 2023 08:00 PM IST Weekend (Sat-Sun)

Frequently Asked Questions

Why should I enrol in this Executive Post Graduate Certification in Cyber Security by iHUB DivyaSampark, IIT Roorkee?

The program provides a holistic education in cyber security. The advanced certification offered by iHUB DivyaSampark, IIT Roorkee is aligned with industry requirements and will enable you to interview with leading MNCs.

Intellipaat provides career services that include guarantee interviews for all learners enrolled in this course. iHUB DivyaSampark, IIT Roorkee is not responsible for career services.

  • In 2021, there will be 3.5 million cybersecurity job openings worldwide – New York Times
  • The average annual salary of a security analyst in India is ₹606,066 per annum – Glassdoor
  • The average annual salary of a security analyst in the U.S. is $104,210 – U.S. News
  • Growth rate for information security jobs projected at 37% from 2012 to 2022- Monster

You will be taught by the best practitioners in the industry and the course has been developed in consultation with IIT faculty.

If you miss a live class, you will receive the recording of the class within the next 12 hours. If you need assistance, you’ll also have access to our 24/7 support team to help you with any questions you may have.

To complete this program, it is recommended that you spend approximately 6-8 hours per week studying.

The career service is provided by Intellipaat, where you are guaranteed three interviews upon successful completion of the course. iHUB DivyaSampark, IIT Roorkee issues a certificate upon completion of the course.

Yes. You may contact course advisors to learn more about scholarship opportunities.

This advanced certification program is conducted online for 9 months and is accompanied by several live sessions with instructors.

To be included in the placement pool, the learner must complete the course and submit all projects and assignments. He/she must then pass the PRT (Placement Readiness Test) to be accepted into the placement pool and gain access to our job portal and career mentoring sessions.

  • Unbiased career counselling
  • Counselling based on your skills and preferences
  • No repeat calls, only as needed
  • Rigorous curriculum developed by industry experts
  • Complete this programme while you work

From each batch, 2 candidates may get a fellowship of upto Rs. 80,000. Candidates will have to meet certain performance criteria to get selected. The selection of candidates who receive the fellowship will be at the discretion of the iHUB DivyaSampark, IIT Roorkee team. All the students will be informed about the performance criteria during the tenure of the program.

All candidates who apply for this course will be eligible to receive an equity based seed funding and incubation support for their startup from iHUB DivyaSampark, IIT Roorkee. Candidates who enroll will get the chance to pitch their ideas to the iHUB DivyaSampark team. Ideas that get shortlisted may receive funding up to Rs. 50 Lakh and incubation support for their startup.

This Executive Post Graduate Certification in Cyber Security will help you pass the Certified Ethical Hacker Certification for CEH v12, Certified Information System Security Professional Certification & Microsoft Certified: Azure Security Engineer Associate (Exam AZ 500)

View More

What is included in this course?

  • Non-biased career guidance
  • Counselling based on your skills and preference
  • No repetitive calls, only as per convenience
  • Rigorous curriculum designed by industry experts
  • Complete this program while you work

I’m Interested in This Program

Select Currency