draft information / cyber security syllabus for cbse … about information security awareness under...

I

About Information Security Awareness under ISEA Project Phase-II

Draft Information / Cyber Security Syllabus

for CBSE /ICSE/IB

INFORMATION SECURITY

EDUCATION AND AWARENESS

Project Phase -II

Ministry of Electronics and Information Technology (MeitY)

Government of India

Supported by

Centre for Development of Advanced Computing, (C-DAC)

Hyderabad

II

Draft Information / Cyber Security Syllabus

for CBSE /ICSE/IB

III

About Information Security Education & Awareness (ISEA) Project Phase – II

Keeping in view the pervasive nature and impact of cyber security on all walks of life - economic and

social, Government of India has identified Information Security as one of the major thrust area for

launching various development programs. One of the key elements essential for information security is

availability of right kind of qualified and well trained human resources, who could take up Research &

Development (R&D), develop indigenous solutions / software, secure and maintain various systems

including critical infrastructure.

The Government has approved a project entitled, 'Information Security Education and Awareness

(ISEA) Project Phase-II' in the year 2014 with an objective of (i) capacity building in the area of

Information Security, (ii) training of Government personnel and (iii) creation of mass Information

Security awareness targeted towards various user segments.

Capacity building in the area of Information Security to address the human resource requirement of

the country, by

Generation of core research manpower to undertake basic/fundamental research, applied

research, research in the area of product/solution design and development and in selected

thematic areas of national strategic importance to build indigenous

Introduction of Information Security curriculum in formal courses like M.Tech./M.E./M.S.,

B.Tech/B.E., Post Graduate Diploma courses, faculty training, modular/short term knowledge

oriented courses etc. through academic institutions

Launching non-formal modular/short-term knowledge-cum-skill oriented courses etc. for

working professionals at all levels including the flexible certificate programs, certification

scheme through NIELIT, CDAC etc.

Launching formal courses on virtual mode using the NKN Network to expand the training

capacities

Training of Government Personnel

Creation of mass information security awareness targeted towards

Academic Users: School level - Children, Parents & Teachers, College level - Students &

Faculties

General Users: Small enterprise/Business users, SME Sector/Non IT industry, NGO's, CSCs,

Cyber cafes and general public at large

Government Users: Central/State Government employees (non IT professionals), Legal / Police

personnel's etc.

Area of Coverage / Target Beneficiaries:

Academic Activities: 1,14,038 persons to be trained under formal & non formal courses, faculty

training etc. Besides this, around 400 paper publications are expected from ISRDCs, RCs, PIs

IV

Training of Government Personnel: 13,170 officials in five years.

Creation of Mass Information Security Awareness towards academic, general and Government

users covering approximately 3 crore internet users either through direct or indirect mode

The implementation of the academic activities under ISEA Project Phase II are carried out by 52

institutions across the country, at 3 levels, comprising of:

i. Information Security Research & Development Centre (ISRDC) – 4 institutions

ii. Resource Centre (RC): 7 institutions

iii. Participating Institute (PI):– 41 institutions

List of institutions under ISEA Project Phase II

S. No Institute Name Location

Information Security Research & Development Centre (ISRDC) - 4

1 Indian Institute of Science Bangalore, Karnataka

2 Indian Institute of Technology Guwahati Guwahati, Assam

3 Indian Institute of Technology Madras Chennai, Tamil Nadu

4 Indian Institute of Technology Bombay & Tata Institute of Fundamental Research (jointly)

Mumbai, Maharastra

Resource Centre (RC) - 7

1 Indian Institute of Technology Roorkee Roorkee, Uttaranchal

2 Malviya National Institute of Technology Jaipur, Rajasthan

3 National Institute of Technology Rourkela, Odisha

4 SardarVallabhbhai National Institute of Technology Surat, Gujarat

5 National Institute of Technology Surathkal, Karnataka

6 National Institute of Technology Warangal, Andhra Pradesh

7 Indian Institute of Technology Kharagpur, West Bengal

Participating Institute (PI) - 40

Category 1

1 Motilal Nehru National Institute of Technology Allahabad, Uttar Pradesh

2 Maulana Azad National Institute of Technology Bhopal, Madhya Pradesh

3 National Institute of Technology Durgapur, West Bengal

4 National Institute of Technology Hamirpur, Himachal Pradesh

5 Dr. B R Ambedkar National Institute of Technology Jallandhar, Punjab

6 National Institute of Technology Kurukshetra, Haryana

7 Visvesvaraya National Institute of Technology Nagpur, Madhya Pradesh

8 National Institute of Technology Patna, Bihar

9 National Institute of Technology Srinagar, Jammu & Kashmir

10 ABV Indian Institute of Information Technology and Management Gwalior, Madhya Pradesh

11 International Institute of Information Technology Hyderabad, Telagana

12 Indian Institute of Information Technology and Management Thiruvananthapuram, Kerala

13 Indian School of Mines Dhanbad, Jharkhand

V

14 College of Engineering Pune, Maharastra

15 College of Engineering North Goa, Goa

16 Pondicherry Engineering College Puducherry

17 Delhi Technological University Delhi

18 Tezpur University Tezpur, Assam

19 International Institute of Information Technology Bhubaneswar, Odisha

20 National Institute of Technology Raipur, Chattisgarh

21 Indraprastha Institute of Information Technology New Delhi

22 Indira Gandhi Delhi Technical University for Women New Delhi

23 Andhra University Vishakhapatnam, Andhra Pradesh

Category 2

1 Centre for Development of Advanced Computing Hyderabad, Telangana

2 Centre for Development of Advanced Computing Noida, Uttar Pradesh

3 Centre for Development of Advanced Computing Mohali, Punjab

4 Centre for Development of Advanced Computing Thiruvananthapuram, Kerala

5 Centre for Development of Advanced Computing Bengaluru, Karnataka

6 Centre for Development of Advanced Computing Kolkata, West Bengal

7 National Institute for Electronics and Information Technology Gorakhpur, Uttar Pradesh

8 National Institute for Electronics and Information Technology Aurangabad, Maharastra

9 National Institute for Electronics and Information Technology Jammu/Srinagar, Jammu & Kashmir

10 National Institute for Electronics and Information Technology Chennai, Tamil Nadu

11 National Institute for Electronics and Information Technology Calicut, Kerala

12 National Institute for Electronics and Information Technology Agartala, Tripura

13 National Institute for Electronics and Information Technology Patna, bhihar

Special Category (Technical Universities)

1 College of Engineering, Guindy (Anna University) Guindy, Tamil Nadu

2 Gujarat Technological University Ahmedabad, Gujarat

3 Rajiv Gandhi ProudyogikiVishwavidyalaya Bhopal, Madhya Pradesh

4 MaulanaAbulKalam Azad University of Technology (Formerly known as West Bengal University of Technology – WBUT)

Kolkata, West Bengal

5 Jawaharlal Nehru Technological University Hyderabad, Telangana

VI

Preface The aims of education simultaneously reflect the current needs and aspirations of a society as well as its lasting values, and

the immediate concerns of a community. Education is a life-long process.Qualityeducation is today’s need as it is the

development of intellectual skills and knowledge, which will equiplearners to fulfill the needs of professionals,

decisionmakers and trainers. The convergent and mutually reinforcing impactsof globalization and the information

andcommunication revolution have radically changed notonly the methods and structure of learning, butalso the relative

importance of factors of continuous learning.A well trained work force and well informed people,that can apply not only

know - how, but is also capableof analysis and decision making are the key factors of development, main drivers of growth

and majordeterminants of competitiveness in the globaleconomy. To fulfill the need, an education system isrequired which

is flexible, basic education shouldprovide the foundation for learning, and secondary and tertiary education should develop

core skills thatencourage creative and critical thinking. In addition,it is necessary to develop an effective lifelong learning’

system to provide continuing education and skill upgrading to persons after they have left formaleducation in order to

provide the changing skillsnecessary to be competitive in the new globaleconomy.

The Digital India Programme is a flagship Programme of the Government of India with a vision to transform India into a

digitally empowered society and knowledge economy. The use of ICT is further leveraged to provide facilities to the

stakeholders in India.The tremendous effectiveness of the computer and computing technology in shaping modern society

has created the need for an educated public that can utilize such technology most effectively for the betterment of society

and humankind.

National Curriculum Framework (NCF) 2005 focused on connecting knowledge to life outside the school, ensuring that

learning is shifted away from old methods, enriching the curriculum to provide for overall development of children rather

than remain textbook centric, making examinations more flexible and integrated into classroom life and, nurturing an over-

riding identity informed by caring concerns within the democratic polity of the country.

In the present context, there are new developments and concerns to which our curriculum must respond. Technology has

the capability to address all these issues. Trends such as the growing penetration of high speed broadband, low cost

computing devices and a strong thrust from the Government are accelerating the transformation of India’s education

system.All students need to be provided access to inclusive learning environment to acquire physical, emotional and

intellectual competencies for life. It is expected, that once the knowledge in Information / cyber security is provide to the

student, who will create a safe and supportive environment for themselves to use Internet by which we can create a better

cyber aware society.

As CBSE is credited for being the most innovative, progressive and contemporary board while remaining in sync with the

national goals and inspirations, we would like to propose few enhancements in the syllabus which are inclined towards

Information / cyber security in a systematic way for each class to add value and enhance the quality of learning experiences

for students.

The purpose of this exercise is to design a model course structure /syllabus, which acts as a benchmark for various topics to

be enhanced in the core CBSE syllabus with information / cyber security concepts so as to make each and every student

understand the meaning of security while using the latest technologies and devices. Information security awareness is the

need of the hour as more and more children are getting addicted to the technology and our future depends on how safe we

use them. Children acquire varied skills naturally while growing up in their environment. They also observe life and the

world around them. Such reforms will also facilitate the practice of the widely acknowledged curricular principles of moving

from "known to the unknown", from "concrete to abstract", from "local to global" and “unsecured to secure”.

Making children sensitive to the safe use of Internet, safe use of technology and secure computing environment and the

need for its individual protection is another important curricular concern. The emergence of new technological choices and

living styles witnessed during the last century has lead to this requirement. Each topics and the level of knowledge for each

class is thoroughly reviewed by experts in field of Information security. At the end we hope that after introducing the

proposed syllabus on information / cyber security in CBSE/NCERT/IB curriculum, it is expected to create a long-term impact

of creating cyber security aware students who would significantly contribute towards making India as a secured cyber

nation.

Preface

The aims of education simultaneously reflect the current needs and aspirations of a society as well as its lasting values, and the

immediate concerns of a community. Education is a life-long process. Quality education is today’s need as it is the development

of intellectual skills and knowledge, which will equip learners to fulfill the needs of professionals, decision makers and

trainers. The convergent and mutually reinforcing impacts of globalization and the information and communication revolution

have radically changed not only the methods and structure of learning, but also the relative importance of factors of continuous

learning. A well trained work force and well informed people, that can apply not only know - how, but is also capable of analysis

and decision making are the key factors of development, main drivers of growth and major determinants of competitiveness in

the global economy. To fulfill the need, an education system is required which is flexible, basic education should provide the

foundation for learning, and secondary and tertiary education should develop core skills that encourage creative and critical

thinking. In addition, it is necessary to develop an effective lifelong learning’ system to provide continuing education and skill

upgrading to persons after they have left formal education in order to provide the changing skills necessary to be competitive in

the new global economy.

The Digital India Programme is a flagship Programme of the Government of India with a vision to transform India into a digitally

empowered society and knowledge economy. The use of ICT is further leveraged to provide facilities to the stakeholders in

India. The tremendous effectiveness of the computer and computing technology in shaping modern society has created the

need for an educated public that can utilize such technology most effectively for the betterment of society and humankind.

National Curriculum Framework (NCF) 2005 focused on connecting knowledge to life outside the school, ensuring that learning

is shifted away from old methods, enriching the curriculum to provide for overall development of children rather than remain

textbook centric, making examinations more flexible and integrated into classroom life and, nurturing an over-riding identity

informed by caring concerns within the democratic polity of the country.

In the present context, there are new developments and concerns to which our curriculum must respond. Technology has the

capability to address all these issues. Trends such as the growing penetration of high speed broadband, low cost computing

devices and a strong thrust from the Government are accelerating the transformation of India’s education system. All students

need to be provided access to inclusive learning environment to acquire physical, emotional and intellectual competencies for

life. It is expected, that once the knowledge in Information / cyber security is provide to the student, who will create a safe and

supportive environment for themselves to use Internet by which we can create a better cyber aware society.

As CBSE is credited for being the most innovative, progressive and contemporary board while remaining in sync with the

national goals and inspirations, we would like to propose few enhancements in the syllabus which are inclined towards

Information / cyber security in a systematic way for each class to add value and enhance the quality of learning experiences for

students.

The purpose of this exercise is to design a model course structure /syllabus, which acts as a benchmark for various topics to be

enhanced in the core CBSE syllabus with information / cyber security concepts so as to make each and every student

understand the meaning of security while using the latest technologies and devices. Information security awareness is the need

of the hour as more and more children are getting addicted to the technology and our future depends on how safe we use

them. Children acquire varied skills naturally while growing up in their environment. They also observe life and the world

around them. Such reforms will also facilitate the practice of the widely acknowledged curricular principles of moving from

"known to the unknown", from "concrete to abstract", from "local to global" and “unsecured to secure”.

Making children sensitive to the safe use of Internet, safe use of technology and secure computing environment and the need

for its individual protection is another important curricular concern. The emergence of new technological choices and living

styles witnessed during the last century has lead to this requirement. Each topics and the level of knowledge for each class is

thoroughly reviewed by experts in field of Information security. At the end we hope that after introducing the proposed syllabus

on information / cyber security in CBSE/NCERT/IB curriculum, it is expected to create a long-term impact of creating cyber

security aware students who would significantly contribute towards making India as a secured cyber nation.

VII

Acknowledgements

Prof. Raja Ram Sharma, Joint Directors, ICET, NCERT, New Delhi

Prof. Amarendra P Behra, Head ICT & TD, CIET-NCERT, New Delhi

Shri. Sanjay Kumar Vyas, Additional Director, MeitY, New Delhi

Shri E. Magesh, Director, C-DAC, Hyderabad

Shri Ch A S Murty, Joint Director, C-DAC, Hyderabad

Shri I L NarasimhaRao, Project Manager, C-DAC, Hyderabad

Shri Chandan Sharma, Consultant, ISEA-PMU, C-DAC, Hyderabad

Shri K S Balaji, Project Manager, C-DAC, Hyderabad

Shri E. Naresh, Project Officer, Project Officer, ISEA-PMU, C-DAC, Hyderabad

Ms. M. Shruthi Reddy, Project Associate, C-DAC, Hyderabad

VIII

Table of Contents

Structure of Proposed Syllabus for CBSE/ICSE/IB

1-15

Proposed CBSE/ICSE/IB Syllabus

16-27

Subject wise syllabus for CBSE/ICSE/IB

28-35

Sample Chapter of cyber bullying which covers (4th ,5th class)

36-44

1

Proposed Information / Cyber Security content - Structure of the syllabus Class wise with Proposed Periods

and weightage of marks for each Class

The Proposed topics /content are added in such a way that it expands the scope of the existing topics / enhances the

knowledge on the current/ latest topics and ensures that the students are well equipped with the requisite knowledge

about latest information/cyber security issues.

Teaching them about the information/ cyber security is the need of the hour, so as to empower the children to face the

Threats online by creating a cyber secure education system, which in turn creates a responsible Internet Citizens and cyber

aware society.

After analyzing the present curriculum offered by different schools and taking the Kendriya Vidyalaya’s computer science

syllabus (2014-15) from class III onwards and CBSE prescribed syllabus, the Proposed syllabus is designed.

* The Detailed syllabus is appended in the subsequent pages –page no’s from ____ to ____.

Class Proposed Topics / Syllabus for Information/Cyber Security * Proposed Periods

Proposed weight age of Marks for each Class

III

Computer Security, Introduction to security in word processor Internet Ethics

5 5% to 7 %

IV Computer Security, Introduction to Security for Word Processor, Presentation Tool, Spreadsheets (Application Security), Internet Ethics, Cyber bullying

7 5% to 7 %

V Computer Security, Introduction to Office Application Security Internet Ethics, Cyber bullying

7 5% to 7 %

VI Computer Security, Office Application Security, Internet Ethics E-mail Security, Social Networking, Password Security, Operating System Level Security, Cyber bullying

13 8% to 10%

VII Computer Security, Browser Application Security, Internet Ethics, Operating System Level Security, Social Networking, E-mail Security, Password Security

12 8% to 10%

VIII Computer Security, Internet Browser Security, Email-Security, Cyber Laws

13 8% to 10%

IX Network Security, Operating System Level Security, E-mail Security, Malware, Cyber Laws

16 10 % to 15 %

X Database Security, Network Security, Introduction to Web Application and Security

10 8% to 10%

XI Secure Programming Concepts, Web Application Security

16 10 % to 15 %

XII Database Security, Secure Programming Concepts, Cyber Laws, Network Security

18 10 % to 20 %

2

Proposed Structure of the Class III Syllabus after Adding Information / Cyber Security Content

Present Structure of CBSE - Computer Science Syllabus for Class III TE

RM

I

Units Name of the Unit Total Periods

Marks Present Learning Outcomes

1 Computer Basics

38

70

Student should be able to identify basic components of

computers.

Should know the rules of computer laboratory

Should be able to identify tools of Paint Brush.

Should be able to draw basic figuresin ???

Student should be able to explore the Windows OS

Should be able to recognize and work on basic

computer parts

Should be able to open, create and save a word file.

Should be able to edit the contents in a word file

2 Using Paint Brush

3 More in Paint

4 About Desktop and Computer Peripherals

5 Word Processor

TER

M II

6 Formatting Word Document

24 70 Understand aboutthe ethical rules of using computer

Learn how to secure personal computer and lab

computers. 7 Internet

Proposed Structure of the Information/Cyber Security for Class III Computer ScienceSyllabus

TER

M 1

Name of the Topics Proposed Proposed periods to cover the

topic

Proposed marks to

assess the learning

Enhanced Learning Outcomes

CST 1: Desktop Security 2 2 Understand about the ethical rules of using

computer


computers.

Understand and apply the security features in

word processor.

CST 2: Introduction to security in word processor

3 3

TER

M 2

IST 1: Internet Ethics 2 2 Learn how to access internet safely.

Learn about unethical behavior in internet

Note:

1. The proposed topics are added in such a way that it expands the scope of existing topics and ensures that the

students are well equipped with the requisite knowledge about Desktop safety, Security features in Microsoft

Word and internet safety and/or security issues.

2. After analyzing the present curriculum and taking the Kendriya Vidyalaya’s computer syllabus (2014-15) for

class III as a base (appended as Annexure - I )proposed detailed topics for class III (appended as Annexure II.)

3. In Term I and Term 2 the total periods assigned are 38 & 24 examination marks each respectively with 3 hrs

examination. We propose that after inclusion of the information /cyber security of topics, the periods

proposed can be integrated with in the prescribed periods by allotting 5 hours to teach the security aspects

and 5% to 7% weight age of marks to asses the learning in each term.

The above are broad guidelines only. Each teacher may follow a different pattern and there is a complete flexibility in adapting the weightage of marks and number of periods.

3

Proposed Structure of the Class IV Syllabus after Adding Information / Cyber Security Content

Present Structure of CBSE - Computer Science Syllabus for Class IV TE

RM

I



1 Computer History

48

70

Student should know the various inventions in

computers

Student should know the difference between save and

save as option

Student should be able to open the existing file

Students should be able to work on different view.

Students should be able create /rename/delete/move

a folder and create its shortcut on desktop

Student should be able to search a particular file or

folder in computer

Student should be able to format a presentation

Should be able to able to insert various objects in the

PowerPoint slides.

Should be able to run the PowerPoint Presentation.

Student should be able to create a file in Excel.

Should be able to identify components of Excel Sheet.

Should be able to make a mark sheet using

spreadsheet

Should can auto generate functionality on series like

Serial no., days, months etc.

Student should be able to use calculator, onscreen

keyboard, and magnifier.

Should be able to change desktop background, time

etc.

Should be able to change the view of start menu and

customize task bar

Understand about the ethical rules of using computer


computers.

2 Word Processor

3 Exploring Windows

4 PowerPoint Presentation

5 Excel Spreadsheet

TER

M II

6 Windows Accessories 20 70

7 Control Panel

Proposed Structure of the Information/Cyber Security for Class IV Computer ScienceSyllabus

TER

M 1

Name of the Topics Proposed

Proposed periods to cover the

topic

Proposed marks to

assess the learning


CST 1: Computer Ethics 1 1 Understand the about ethical rules while using

computer


computers.

Understand and apply the security features in

word processor.

CST 2: Application Security, Macros, Risks involved in Word, Excel, Browsers

3 3

4

TER

M 2

IST 1: Internet Ethics 3 3 Learn how to access Internet safely.

Learn about unethical behavior in internet

IST 4: Cyber Bulling

Note:

1. The Proposed topics are added in such a way that it expands the scope of existing topics and ensures that the

students are well equipped with the requisite knowledge about Computer Ethics, Application Security, Macros,

Risks involved in Word, Excel, Browsers internet safety and/or security issues.

2. After analyzing the present curriculum and taking the KendriyaVidyalaya’s computer syllabus (2014-15) for class IV

as a Base (appended as Annexure - I) proposed detailed topics for class IV(appended as Annexure II.)


examination in each term, we propose that after inclusion of the information /cyber security proposed topics the

periods proposed can be integrated with in the prescribed periods by allotting 7 hours to teach the security

aspects and 5% to 7% weight age of marks to asses the learning in each term.


5

Proposed Structure of the Class V Syllabus after Adding Information / Cyber Security Content

Present Structure of CBSE - Computer Science Syllabus for Class V

TER

M I



1 Table Creation in Word

35

70

Student should be able to create a time table of their class in word

Student should be able to create a greeting card using page borders and other options.

Student should be able to create a sheet with his/her own name

Should be able to create an album of CCA activity using moviemaker.

Student should be able to select a perfect design for his/her power point file based on project given by different subject teachers

Should be able to apply different animation effects on different objects used in slides

Should be able to change give proper settings for printing the document in page setup

2 More in Word

3 Working in Excel

4 Multimedia

5 Making A Powerful Presentation

TER

M II

6 Internet 24 70

Proposed Structure of the Information/Cyber Security for Class V Computer ScienceSyllabus

TER

M 1

Name of the Topics Proposed Proposed periods to cover the topic

Proposed marks to

assess the learning


CST1: Computer Security 2 1 Understand the risks in MS Word, Spreadsheets.

Learn how to encrypt the files with password.

Understand about ethical rules to be followed while using Internet.

Learn what is unethical behavior in the Internet.

Understand about various web browsers and their risks, how to secure the browser.

CST2: Application Security

3 3

TER

M 2

IST1: Internet Ethics

1 1

IST4: Cyber Bullying

1 1

Note:


students are well equipped with the requisite knowledge about Computer Security, Application Security, Internet

Ethics, Cyber Bullying and internet safety and/or security issues.

2. After analyzing the present curriculum and taking the KendriyaVidyalaya’s computer syllabus (2014-15) for class V

as a Base (appended as Annexure - I )proposed detailed topics for class V (appended as Annexure II.)

3. In Term I and Term 2 the total periods assigned are 35& 24 examination marks each respectively with 3 hrs


periods proposed can be integrated with in the prescribed periods by allotting 7 hours to teach the security aspects and

5% to 7% weight age of marks to assess the learning in each term.

6


Proposed Structure of the Class VI Syllabus after Adding Information / Cyber Security Content

Present Structure of CBSE - Computer Science Syllabus for Class VI

TER

M I



1 Fundamental of Computer

36

70

Student should be able to identify basic components of

computers and Input/output devices.

Should be able to turn on and off the computer.

Should be able to open, create and format a word file.

Should be able to understand the concept of mail

merge.

Student should be able to understand the use of excel.

Should be able to open, create an excel file and can do

calculation using formulas.

Should be able to understand the concept of

sorting,filtering,password.

Student should be able to start power point

presentation.

Should be able to create an effective presentation.

Should be able to create simple web page.

Should be able to access the webpage,can identify

various browsers can effectively search a topic on the

Internet, Can ensure his/her security over the net,can

open an email account and operate it.

2 Word Processing (MS Word)

3 Spread Sheet (MS Excel)

4 Advance feature of MS Power Point

5 HTML

TER

M II

6

USE OF INTERNET

32 70

Proposed Structure of the Information/Cyber Security for Class VI Computer ScienceSyllabus

TER

M 1


topic

Proposed marks to

assess the learning


CST1: Computer Security 1 1 Learn about Removable Devices, key loggers.

Guidelines for computer security.

Understand the principles of Information Security.

Understands how to protect from Active X control

threats in WORD,EXCEL

Learn about browser’s risks. Understand how to

secure different web browsers.

Understand how an e-mail works does; learn

threats involved using an email communication,

safety measures while using e-mail.

Learn about Social Networking, Understands the

risks while using social media. Guidelines for

social networking.

CST2: Application Security

3 3

TER

M 2

IST 1: INTERNET ETHICS 1 1

IST 2: EMAIL SECURITY 2 2

IST 3 : SOCIAL NETWORKING 2 2

CTS4: Password Security 1 1

CST3: Operating System Level Security

2 2

IST4: Cyber Bullying 1 1

7

Note:


students are well equipped with the requisite knowledge about Computer Security, Application Security, Internet

Ethics, Email Security, Social Networking, Password Security, Operating System Level Security, Cyber Bullyingand

internet safety and/or security issues.

2. After analyzing the present curriculum and taking the KendriyaVidyalaya’s computer syllabus (2014-15) for class VI

as a Base (appended as Annexure - I ) proposed detailed topics for Class VI (appended as Annexure II.)



periods proposed can be integrated with in the prescribed periods by allotting 13 hours to teach the security aspects

and 8% to 10% weight age of marks to assess the learning in each term.


8

Proposed Structure of the Class VII Syllabus after Adding Information / Cyber Security Content

Present Structure of CBSE - Computer Science Syllabus for Class VII

TER

M I



1 Computer Security

36

70

Student should be able to secure his/her computer from

various threats.

Can tell what is cybercrime and understand the

importance of cyber law.

Student should be create a web page using tags taught

in the class.

Student should be able to understand the use of

Photoshop.

Should be able to identify various tools and where to use

the tool.

Should be able to make changes in the picture using

tools taught in the class.

Should be able to identify various tools and where to use

the tool.

Should be able to make changes in picture using tools.

Should be able to complete Practical exercise given to

student so that they can learn the specified tool.

2 HTML

3 HTML cont..

4 Photoshop Introduction

5 Advance feature Photoshop

TER

M II

6

Painting tool in Photoshop

32 70

Proposed Structure of the Information/Cyber Security for Class VII Computer ScienceSyllabus

TER

M 1


topic

Proposed marks to

assess the learning


CST1: Computer Security - keyloggers

1 1 Understands Ethics on Computer usage.

Understand about malware and how to recognize.

Learn how to secure computer system from

malware attack

Understand about IT ACT 2000/2008

Study the case studies involved in cyber crime

Learn about Fire walls

Learn about risk factors for OS and in Internet

Understand the ethical rules for computer users.

Understand about methods and tactics used by

attackers – phishing

Learn about safety measures for passwords

Understand about Operating system and its safety

tools.

Learn about Guidelines for windows operating

system and safety

Understand the Email security features

CST2: Application Security –Browser security

3 3

TER

M 2

IST 1: INTERNET ETHICS 1 1

IST 2:Email security 2 2

IST 3: SOCIAL NETWORKING 2 2

CST 3 OPERATING SYSTEM LEVEL SECURITY

1 1

CST4: PASSWORD SECURITY

2 2

9

Note:


students are well equipped with the requisite knowledge about Computer Security, Application Security, Internet Ethics,

Email Security, Social Networking, Operating System Level Security, Password Securityand internet safety and/or security

issues.

2. After analyzing the present curriculum and taking the KendriyaVidyalaya’s computer syllabus (2014-15) for class VII

as a Base (appended as Annexure - I ) proposed detailed topics for class VII (appended as Annexure II.)


examination in each term, we propose that after inclusion of the information /cyber security proposed topics the periods

proposed can be integrated with in the prescribed periods by allotting 12 hours to teach the security aspects and 8% to

10% weight age of marks to assess the learning in each term.


10

Proposed Structure of the Class VIII Syllabus after Adding Information / Cyber Security Content

Present Structure of CBSE - Computer Science Syllabus for Class VIII

TER

M I


Marks Learning Outcomes

1 Algorithm 6

70

Student should be able to Create algorithm.

Student should be able to create flow chart and solution for the problems.

Student should be able to identify various tools and use them.

Should be able to create an album of CCA activity using moviemaker.

Student should be able to select a perfect design for his/her picture using tools based on project given by different subject teachers.

Should be able to apply different animation effects on different objects used in flash.

Should be able to understand the E-commerce and various websites.

Should be able to understand and use different chat applications available.

Should be able to use various Video conferencing tools and advantages.

2 Flowchart 8

3 Photoshop review 5

4 More on Photoshop 17

5 Photoshop vectors 10

TER

M II

6 Flash 10

70

7 Flash continued 4

8 E- Commerce 2

9 Chatting 2

10 Download/upload 2

11 Audio and video conferencing

2

Proposed Structure of the Information/Cyber Security for Class VIII Computer ScienceSyllabus

TER

M 1


topic

Proposed marks to

assess the learning


CST1: Computer Security Denial of Service Attacks, Distributed Denial of Service Attacks:

3 3 Understand DoS attacks

Understand about malware and how to

recognize.

Understand about IT ACT 2000/2008

Learn the case studies involved in DoS

Learn about risk factors for OS and in Internet

Understand the ethical rules for computer users.

Understand about methods and tactics used by

attackers – phishing Emails and tracing them

Understand the Email security features.

Understand about malware and how to

recognize.

Understands how to prevent malwares

Learn about safety measures for Malwares

CST2: Application Security Microsoft Internet Explorer,

3 3

TER

M 2

IST2: E-mail Security E-mail Tracer:

2 2

IST5: Malware

3 3

11

IST6: Cyber Laws

2 2 Learn how to secure computer system from

malware attack

Understands how to configure a secured browser

Note:


students are well equipped with the requisite knowledge about Computer Security, Application Security, E-

mail Security, Malware, Cyber Laws and internet safety and/or security issues.

2. After analyzing the present curriculum and taking the Kendriya Vidyalaya’s computer syllabus (2014-15) for

class VIII as a Base (appended as Annexure - I ) proposed detailed topics for class VIII (appended as Annexure

II.)

3. In Term I and Term 2 the total periods assigned are 46 & 22 examination marks eachrespectively with 3 hrs

examination in each term, we propose that after inclusion of the information /cyber security proposed topics

the periods proposed can be integrated with in the prescribed periods by allotting 13 hours to teach the

security aspects and 8% to 10% weight age of marks to asses the learning in each term.


12

Proposed Structure of the Class IX Syllabus after Adding Information / Cyber Security Content

Present Structure of CBSE - Computer Science Syllabus for Class IX TE

RM

I

Units Name of the Unit Periods Marks Learning Outcomes

1 Basics of Information Technology

46

90

Student should be able to understand ICT and its uses

Student should be able to understand different applications

Student should be able to identify various tools for information processing and use them

Should be able to understand different OS –open source and proprietary.

Student should be able to select a perfect design for his/her letters /reports

Should be able to apply different types of networking Technology and its purpose

Should be able to understand the societal impact of IT and ICT

2 Information Processing tools

3 IT Applications

TER

M II


22 90


6 IT Applications

7 Societal impacts of IT

Proposed Structure of the Information/Cyber Security for Class IX Computer ScienceSyllabus


topic

Proposed marks to

assess the learning


TER

M 1

SPT1:Network Security 4 8 Student should be able to understand types of attacks on wifi / wireless communication

Student should be able to learn how to mitigate the threats

Student should be able to identify various open source OS

Student should be able to understand types of attacks through email - Tabnabbing

Student should be able to learn how to mitigate the threats in Desktop software’s

Student should be able to understand the IT laws and its purpose through case studies

CST4 :Operating System Level Security

4

TER

M 2

IST2: E-mail Security 3 8

CST2: Application Security 3

IST6: Cyber Laws 2

Note:


students are well equipped with the requisite knowledge about Network Security, Operating System Level

Security, E-mail Security, Application Security, Cyber Laws and internet safety and/or security issues.

2. After analyzing the present curriculum and taking the Foundation of Information Technology(code no 165)-

CBSE for class IX as a Base (appended as Annexure - I ) proposed detailed topics for class IX (appended as

Annexure II.)

3. In Term I and Term 2 the total periods assigned are 46 & 22 examination marks eachrespectively with 3 hrs





13

Proposed Structure of the Class X Syllabus after Adding Information / Cyber Security Content

Present Structure of CBSE - Computer Science Syllabus for Class X TE

RM

I

Units Name of the Unit periods Marks Learning Outcomes


46

90

Student should be able to understand about the terms used in Internet

Student should be able to understand different applications / services provided through Internet

Student should be able to identify various tools for information processing and use databases

Should be able to learn webpage design using HTML.

Student should be able to create different databases

Should be able to apply different types of formatting using HTML for creation of webpage’s and blogs

Should be able to understand the societal impact of

IT and benefits of ICT


3 IT Applications

TER

M II


22 90


6 IT Applications

7

Societal impacts of IT

Proposed Structure of the Information/Cyber Security for Class X Computer ScienceSyllabus


topic

Proposed marks to

assess the learning


TER

M 1

SPT1:Network Security 4 4 Student should be able to understand database security issues

Student should be able to understand different network security issues

Student should be able to identify various tools for information processing and use security in databases

Should be able to learn different threats in

Internet and follows ethics

SPT3: Database Security

4 4

TER

M 2

IST1: Internet Ethics

2 2

Note:


students are well equipped with the requisite knowledge about Network Security, Database Security, Internet

Ethics and internet safety and/or security issues.

2. After analyzing the present curriculum and taking the Foundation of Information Technology (code no 165)-

CBSE for class X as a Base (appended as Annexure - I ) proposed detailed topics for class X (appended as

Annexure II.)

3. In Term I and Term 2 the total periods assigned are 46&22 examination marks eachrespectively with 3 hrs





14

Proposed Structure of the Class XI Syllabus after Adding Information / Cyber Security Content

Present Structure of CBSE - Computer Science Syllabus for Class XI TE

RM

I


Marks Learning Objectives

1 Computer Fundamentals T + P

18 + 6

70

To understand basics of computers.

To develop logic for Problem Solving.

To develop problem solving skills and their

implementation using C++.

To understand and implement the concept

of Object Oriented Methodology.

To understand the concept of working with

Relational Database.

To understand the basic concept of

Computing Logic.

To understand the basic concepts of

Communication and Networking

technologies.

To understand Open Source concepts.

2 Programming Methodology

28 + 10

TER

M II

3 INTRODUCTION TO C++ / Python

44 + 36

4 PROGRAMMING IN C++ / Python

50 + 48

Note: Schools may choose option 1 C++ or option 2 Python and teach accordingly

Proposed Structure of the Information/Cyber Security for Class XI Computer ScienceSyllabus


topic

Proposed marks to asses the learning

Enhanced Learning objectives

TER

M 1

SPT4: Secure Programming Concepts

8 8 To understand basics of secured programming

To understand and learn vulnerabilities.

To understand secured manipulation of arrays.

To understand secured creation of client server

communication.

TER

M 2

SPT2: Web Application Security

8 8

Note:


students are well equipped with the requisite knowledge about Secure Programming Concepts, Web

Application Security and internet safety and/or security issues.

2. After analyzing the present curriculum and taking the COMPUTER SCIENCE (code no 083)-CBSE syllabus as a

base for class XI (appended as Annexure - I ) proposed detailed topics for class XI (appended as Annexure II.)

3. In Term I and Term 2 the total periods assigned are (T + P) 46+16 & 94+84 examination marks eachrespectively

with 3 hrs examination in each term, we propose that after inclusion of the information /cyber security

proposed topics the periods proposed can be integrated with in the prescribed periods by allotting 16 hours to

teach the security aspects and 10% to 15% weight age of marks to asses the learning in each term.


15

Proposed Structure of the Class XII Syllabus after Adding Information / Cyber Security Content

Present Structure of CBSE - Computer Science Syllabus for Class XII TE

RM


Marks Learning Objectives

1 Object Oriented Programming with C++/Python

T + P 50+ 40

24

To understand basics of OOPS

To develop logic for Problem Solving using

classes.

To develop advanced problem solving skills and

their implementation using C++/python

To understand and implement the concept

databases and queries generation

To understand the concept of working with

Relational Algebra

To understand the basic concept of SQL and its

functions

To understand the basic concepts of

Communication and Networking technologies.

To understand Mobile Telecommunication

Technologies

To understand Different Web Services

2 Advanced Programming with Python / Data Structure

42+36 20

3

Database management system and SQL 20+20 8

4

Boolean Algebra

16 + 0 8

5

Communication Technologies

16+3 10

Proposed Structure of the Information/Cyber Security for Class XII Computer ScienceSyllabus


topic

Proposed marks to

assess the learning

Enhanced Learning Objectives

TER

M

SPT3: Database Security

6 6 To understand basics of secured programming

To understand and learn vulnerabilities in

database design.

To understand secured manipulation of arrays.

To understand secured creation of client server

communication.

To Understand the basics of the IT/Cyber Laws

SPT4: Secure Programming Concepts

6 6

IST6: Cyber Laws 2 2

SPT1: Network Security 4 4

Note:


students are well equipped with the requisite knowledge about Database Security, Secure Programming

Concepts,Cyber Laws, Network Security and internet safety and/or security issues.

2. After analyzing the present curriculum and taking the COMPUTER SCIENCE -CBSE syllabus as a Base (appended

as Annexure - I) proposed detailed topics for class XII (appended as Annexure II.)

3. In total periods assigned are (T + P) 144 +99 examination marks eachrespectively with 3 hrs examination in

each term, we propose that after inclusion of the information /cyber security proposed topics the periods

proposed can be integrated with in the prescribed periods by allotting 18 hours to teach the security aspects

and 10% to 20% weight age of marks to asses the learning in each term.


Proposed by ISEA Project Phase-II, Ministry of Electronics and Information Technology (MeitY),

Government of India 16

Proposed Information / Cyber Security Syllabus for CBSE/ICSE/IB

Class – III

Computer Security

Physical Security of a computer: What is a physical security of Computer?, Why physical security of a

computer is important, Physical Security for computer Peripherals, Guidelines for keeping your PC

physically secure, Safe login and Logout, Guidelines for safe usage of computer peripherals in school labs.

Application Security

Introduction to Software Applications, Types of Software Applications, Accepting License and agreement

while installing software applications, Security features of MS Word.

Internet Ethics

Ethical Rules to be followed while accessing Internet

For Students: Activity, Lab Session, Group Discussion, and Project Work

For Teachers: Establishing your own personal practice before teaching Lab sessions.

NCERT:

NCERT is the government outfit which is involved in publishing text books for various examination

conducted by CBSE board.



Proposed Information / Cyber Security Syllabus for CBSE/ICSE/IB Class – IV

Computer Security

Computer Ethics: What do you mean by Ethics? What are computer ethics, Difference between ethical

and Unethical behaviour of computer, Unethical behaviour of Computer usage: Improper use of computer

resources, The ten rules of computer ethics.

Introduction to Security for Word Processor, Presentation Tool, Spreadsheets (Application

Security)

Word Processor Tool: What is Word Processor Software?, Risks in Word Processor: Introduction to

Macros, How Macros spread the word processor.

Presentation Tool: What is Presentation Software?, Types of Presentation Software’s, Risks in

Presentation Software:Introduction to Macros, How Macros spread the Presentation

Spreadsheets: What is Excel? ,Types of Excel Sheet?, Risks involved:Introduction to Macros, How Macros

spread the Spread sheets.

Browsers: What is browser? Types of web browsers, Do and Don’ts while downloading (pictures) in

computer.

Internet Ethics

What are Internet Ethics, Difference between Ethical and Unethical behaviour in Internet world

Cyberbullying

What is bullying? Difference between Normal Bullying and Cyber bullying, what is Cyberbullying?

For Students: Activity, Lab Session, Group Discussion, Project Work


NCERT:





Proposed Information / Cyber Security Syllabus for CBSE/ICSE/IB Class – V

Computer Security

What are Physical and Non-Physical threats of a computer, Need of security for computer, Why do we

learn about Computer Security?, About Computer Security. Computer Virus: Introduction to Computer

Virus, Types of virus, Possible ways to get virus into Computers, Installation of Antivirus present in

computer lab.

Introduction to Office Application Security

Application Software: How to Install software on your computer?, Importance of Copyrights while

installing software.

Word Processor Tool: Reviewing the concept of Macro Virus, Safe security settings for MS Word to

protect from Macro virus,

Presentation Tool: Reviewing the concept of Macro Virus, Safe security settings for MS Word to protect

from Macro virus.

Spreadsheets: Reviewing the concept of Macro Virus, Safe security settings for MS Excel to protect from

Macro virus.

Browsers: Importance of HTTPS, How to recognize fake and original browsers?, About safe browsing

using in- cognitive window in browsers?, Risks in web browsers, How to Secure Web browser, How to

enable security features in your web browser?, How to enable safe browsing.

Internet Ethics

What is Cyber Security, What is Cyber safety, Difference between cyber safety and cyber security,

Acceptable behavior (a) Acceptance (b) Sensitivity to National and Local Cultures.

Unit 4: Cyberbullying

What is Cyberbullying?, Different methods used for bullying others



NCERT:





Proposed Information / Cyber Security Syllabus for CBSE/ICSE/IB Class – VI

Computer Security

Removable Devices & Drives: Introduction to usage of Removable Devices and Drives, Types of

Removable Devices & Drives, Risks involved while using the Devices, Best Practices for safe & secure

usage of Devices. Computer virus: Signs of Computer Virus, How to prevent from virus from your

computer.

Understand principles of Information Security: Confidentiality; Integrity; Availability.

Office Application Security

Word Processor Tool: Introduction to Active X control IN MS Word, How Active X control threats involved

in Word, How to secure from Active X control threats in Word. Presentation Tool: Introduction to Active X

control, How Active X control threats, involved in MS PowerPoint, How to secure from Active X control

threats in MS Power Point.

Spreadsheets: Introduction to Active X control, How Active X control threats involved in MS Excel, How to

secure from Active X control threats in Excel.

Browser Security: Reviewing the concept of Browsers, Risks in web browsers: Active X, Java, Plugins,

JavaScript, Mozilla Firefox: Configure privacy settings , Configuring security settings, disable JavaScript,

Google Chrome: Enable Phishing and Malware Protection, Turn off instant search, configuring content

settings –JavaScript.

Internet Ethics

Internet: Reviewing the concept Internet Ethics, Unethical behavior in Internet & Examples, (c) Using of

computer resources improperly, (d)Using computers, data, information to harm others (e) Using Internet,

one shall not forward false communication, Acceptable behavior: (c) While using e-Mail and chatting, (d)

Pretending someone else, (e) Avoid Bad Language.

E-mail Security

Importance of E-mail Security, Threats through E-mails – Attachments, Fake e-Mails, Spam e-Mails,

Guidelines for using E-mail Safely

Phishing: What is Phishing? How does a phishing email message look like?, Threats related to phishing.

Social Networking

Introduction to Social Networking, Risks in Social Networking, a. Illegal content, b. Spam, c.

Abusivevulgar, or irreverent language.

Password Security

Introduction to Passwords, Importance of Passwords, Guidelines for maintaining good passwords.



Operating System Level Security

What is an operating system?, Types of Operating system, Guidelines for Securing windows OS: Creating

Strong password, Update windows, Software patches, Install Antivirus and Updating Antivirus.

Cyberbullying

Introduction to Cyberbullying, Risk factors, Signs for Cyber bullying, how to Prevent Cyber bullying,

Guidelines for Cyberbullying



NCERT:





Proposed Information / Cyber Security Syllabus for CBSE/ICSE/IB Class – VII

Computer Security

Key loggers: Introduction to Key Loggers, Why Keystroke logging is a threat, How key loggers spread, How

would I get a key logger?, How do you detect a key logger?, How to protect yourself from key loggers.

Understand principles of Information Security: How threat and risk affects principles, Principle of least

privilege.

Browser Application Security

Browser Security: Reviewing the concept of Browsers, Risks in web browsers: Active X, Java, Plugins,

JavaScript, Mozilla Firefox: Configure privacy settings, configuring security settings, disable JavaScript,

Google Chrome: Enable Phishing and Malware Protection, Turn off instant search, configuring content

settings –JavaScript.

Internet Ethics

Internet: Reviewing the concept Internet Ethics, Unethical behavior in Internet & Examples – (f) Using

computer to harm other people, (g) Interfering with other’s computer work , (h) Snooping around in other

‘s computer files , (i) Forwarding messages through Internet to bear false witness , (j) Copying software

for which you have not paid , (k) One shall not use other people’s computer resources without

authorization. Acceptable behavior – (f) Hide Personal Information, (g) While Downloading, (h)

Supervision, (i) Encourage Children to use Internet, (j) One shall think about the social consequences of

the program you write, (k) One shall use a computer in ways that show consideration and respect one ‘s

fellow humans.


Review the concepts of Previous class

Securing Windows OS: Configure firewall, Encryption Software, System Back-Ups.

Social Networking

Other risks in Social Networking: j. Personally identifiable information, k. Phishing, l. Click jacking, m.

Conduct, Guidelines for Social Networking.

E-mail Security

How an E-mail Works – a. Post office protocol, b. Internet Message Access Protocol, c. Simple Mail

Transfer Protocol. Threats: e-Mails offering free gifts, Hoaxes, How to prevent those E-mail threats?,

Guidelines for using E-mail Safely.

Phishing: How to recognize a message of phishing?, What should do if responded to a phishing scam?,

Guidelines for phishing attacks.



Password Security

Various Techniques to retrieve passwords /Threats: Shoulder Surfing, Brute force attacks, Dictionary

attacks, sending your password information through network, Sharing your passwords with strangers,

Using weak Passwords or blank passwords, Strong and easiest to remember Password.



NCERT:





Proposed Information / Cyber Security Syllabus for CBSE/ICSE/IB Class – VIII

Computer Security

Denial of Service Attacks, Distributed Denial of Service Attacks: What is a denial-of-service (DoS) attack?,

What is a distributed denial-of-service (DDoS) attack?

Internet Browser Security

Microsoft Internet Explorer – Configure security settings for Internet Explorer, Configure Privacy settings,

Configure Advanced Security settings.

Apple Safari – Configuring security settings, Extensions, Control browser tracking, Best Practices for

Secure Web Browsing.

Email-Security

E-mail Tracer: What is e-mail tracer? ,why should you trace an e-Mail? Examples.

Cyber Laws

Introduction to Cyber Laws, Classification of Cyber Crimes, Importance of cyber laws.



NCERT:





Proposed Information / Cyber Security Syllabusfor CBSE/ICSE/IB

Class – IX

Network Security

Wi-Fi Security: What is wireless communication? Importance of Wi-Fi Security, Types of attacks on

Wireless Environment -DOS attack,Man-In-Middle Attack, War Driving, How the attack occurs in Wi-Fi

Environment, Guidelines for Wireless communications.


Introduction to Linux OS, Linux operating system guidelines. Android Security guidelines - Introduction to

Android Operating system, Risks involved in Android OS, how to protect Android Devices – Screen Lock,

Keep OS & Apps Up to date, Tracking &Wiping, Downloading App’s, Managing App Permissions, Backup,

Secure Wi-Fi, Encrypt Android. Guidelines – Do’s and Don’ts on Mobile Phone Security.

E-mail Security

Phishing Technique – Tabnapping: Tabnapping, How does it work, Tips to against tabnapping.

Malware

What is Malware, Types of Malwares, Damages through Malware in computer how to recognize malware,

How do you detect a Malware in computer?, How to protect your gadgets from Malware?, Guidelines to

prevent Malware.

Cyber Laws

Cyber Laws of India, Advantage of Cyber Laws, IT ACT 2000/2008 Amendment, Case Studies.



References:

NCERT:





Proposed Information / Cyber Security Syllabus for CBSE/ICSE/IB Class – X

Database Security

MS Access: What is Word Processor Software, Risks in Access Database: Macros and Scripts, Active X

control threats, How to Access Database, how to Delete Macros manually in Access Database, how to

encrypt document with a password, how to open/scan documents with Antivirus.

Guidelines for Desktop Application Software’s – Do’s and Don’ts while using Desktop Application

Software’s.

MySQL:

Introduction to MySQL/Postgres database, Installation and confirmation of the database with an

application.

Network Security

What is Network, Introduction to Network Security, Types of Networks? Why Network Security required?,

What are Internetworking devices - HUB, Active Hub, Passive Hub, Ethernet Hubs, Switches, Bridges,

Types of Bridges, Routers, Gateways, Network card, Network protocols, ISDN (Integrated Services Digital

Network), Modems.

Introduction to Web Application and Security

Top OWASP Web Security Vulnerabilities



NCERT:



IB: Computer Syllabus is not Introduced.



Proposed Information / Cyber Security Syllabus for CBSE/ICSE/IB Class – XI

Secure Programming Concepts

General Security Principles useful for secure software development, Software Vulnerabilities, Buffer

Overflow & Integer Overflow in C++, Vulnerabilities exploited by Morris Worm, Input Validation & Data

Sanitization, Secure manipulation of arrays &stringsSAFE APIs , Secure Memory & File Handling.

Web Application Security

Web applications architectures Basics on Client side and server side programming, Basic web

programming concepts – HTTP and HTTPS Protocol,HTTP Methods, cookies, authentication mechanisms

and sessions, Improper Input Validation.



NCERT:



IB: Computer Syllabus is not Introduced .



Proposed Information / Cyber Security Syllabus for CBSE/ICSE/IB Class – XII

Database Security

Secure configuration of the database, Improper configurations and mitigations.

Secure Programming Concepts

Software Vulnerabilities, Format String & Race Condition Vulnerabilities in Python, SQL injection and login

bypass, Error detection and Error handling, Risks associated with specific Python library functions like

eval& exec, Use of Crypto library for securing the communication.

Cyber Laws

National Cyber Security Policy –Objectives, Case Studies.

Network Security

Firewalls: Introduction to Firewall, Use of Firewall, IDS, IPS, Application Gateway

Broadband Internet Security: Introduction, Broadband Security Threats, Types of Broadband, Guidelines

for securing Broadband Internet access.



NCERT:



IB: Computer Syllabus is not Introduced.



Subject wise Syllabus for CBSE/ICSE/IB

Security Topics – Suggestive topic codes (ISEA – CST, IST, SPT)

Cyber Security Topic

CST1: Computer Security Physical Security: Introduction to computers, Physical threats of a computer –Power faults, theft,hardware, disruption, accidental errors. Need of security for computer, About Computer Security, Understanding Physical Security of computer. Instructions for Physical Security in Computer Labs. Non- Physical threats of a computer – Virus, Trojans, Worms, Spyware, Key loggers, Adware, Denial of Service Attacks, Distributed Denial of Service Attacks, Un-authorized access to computer systems resources such as data, Phishing. Why do we learn about Computer Security, Importance of Computer Security, and Guidelines for Computer Security, computer ethics (The ten rules of computer ethics)? Removable Devices & Drives– Introduction to usage of Removable Devices and Drives, Types of Removable Devices & Drives, Risks involved while using the Devices, Best Practices for safe & secure usage of Devices. Computer Virus:Introduction to Computer Viruses, Types of Viruses, Possible ways to get virus into Computers- (a) By opening an e-mail attachment, (b) By downloading files from un-trusted sites, (c) By Removable Medium, (d) While downloading games, (e) By sharing files, Signs of Computer Virus, how to prevent from virus. Denial of Service Attacks, Distributed Denial of Service Attacks: What is a denial-of-service (DoS) attack? What is a distributed denial-of-service (DDoS) attack? How do you avoid being part of the problem? How do you know if an attack is happening? What do you do if you are experiencing an attack? Key loggers– Introduction to Key Loggers, Why Keystroke logging is a threat, how key loggers spread, how would I get a key logger? How do you detect a key logger? how to protect yourself from key loggers. Understand principles of Information Security: Confidentiality; Integrity; Availability; how threat and risk affects principles; Principle of least privilege. For Students: Activity, Lab Session, Group Discussion, and Project Work



For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

Computer Security and Penetration Testing By Alfred Basta

Computer security fundamentals Book by Chuck Easttom

Fundamentals Of Computer Security by Pieperzyck Jose (Author)

CST2: Application Security Introduction to Application Software’s & Examples, Types of Application Software’s Possible Threats in Office/Desktop Publishing Software’s – Macro Virus, How Macro viruses spread in the application software’s (MS Word, PowerPoint, Spreadsheet, Access Database). MS Word /MS Writer: What is Word Processor Software Risks in Word Processor: Macros and Scripts, Active X control threats. How to Secure Word Processor, how to Delete Macros manually in word processor, how to encrypt document with a password, how to open/scan documents with Antivirus. MS Excel / Spread Sheet: What is Spreadsheet Publisher software? Risks in Spreadsheet: Macros and Scripts, Active X control threats, How to Secure Spreadsheet, how to Delete Macros manually in Spreadsheet, how to encrypt document with a password, how to open/scan Excel sheet with Antivirus. MS PowerPoint: What is Presentation Software? Risks in Presentation software: Macros and Scripts, Active X control threats How to Secure PowerPoint, how to Delete Macros manually in PowerPoint, how to encrypt document with a password, how to open/scan presentations with Antivirus. MS Access: What is Word Processor Software Risks in Access Database: Macros and Scripts, Active X control threats How to Access Database, how to Delete Macros manually in Access Database, how to encrypt document with a password, how to open/scan documents with Antivirus. Guidelines for Desktop Application Software’s – Do’s and Don’ts while using Desktop Application Software’s. Browser Application: Introduction to Internet Browsers, what is URL, www, .in, co.in, Internet vs World Wide Web, Website. What is Browsers, Popular Web Browsers, Risks involved in web browsers – (a) Active X , (b) Java,(c) Plug-ns , (d) Cookie , (e) JavaScript , (f) VBScript (g) Clickjacking . Why we need to secure Web Browser. How to Secure Web Browser: Mozilla Firefox, Internet Explorer, Google Chrome, Safari. Mozilla Firefox- Configure Privacy Settings, Configure security settings, Disable JavaScript, Enable pop-up blocks, Turn on Auto updates, Secure protocols.



Google Chrome - Enable phishing and malware protection, Turn off instant search, Configure content settings – JavaScript, Pop-ups, Location, Configure passwords and forms settings. Microsoft Internet Explorer – Configure security settings for Internet Explorer, Configure Privacy settings, Configure Advanced Security settings. Apple Safari – Configuring security settings, Extensions, Control browser tracking. Best Practices for Secure Web Browsing For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

1. Information Security Awareness Handbook – (www.infosecawareness.in).

CST3:Operating System Level Security Introduction to Operating system, Types of Operating systems. Windows operating system security - Creating Strong Passwords, Updating Windows, Software Patches, Configuring Firewall, Post-Configuration Clean-IP, Encryption Software, System Back-ups, Installing Antivirus. Guidelines for securing operating system Linux operating system guidelines Android Security guidelines - Introduction to Android Operating system, Risks involved in Android OS, how to protect Android Devices – Screen Lock, Keep OS & Apps Up to date, Tracking &Wiping, Downloading App’s, Managing App Permissions, Backup, Secure Wi-Fi, Encrypt Android. Guidelines – Do’s and Don’ts on Mobile Phone Security. For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

Microsoft Windows Security By Mark E. Russinovich, Alex Ionescu, David A. Solomon

Microsoft Windows Operating System Essentials by Tom Carpenter (Author)

Linux for Beginners by Jason Cannon (Author)

CTS4: Password Security Introduction to Passwords, Importance of Passwords, Various Techniques to retrieve passwords -Shoulder Surfing, Brute force attacks, Dictionary attacks, sending your password information through

http://www.infosecawareness.in/



network, Sharing your passwords with strangers, Using weak Passwords or blank passwords, Strong and easiest to remember Password, Guidelines for maintaining good passwords. For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions.

References:

Perfect Passwords Book by Mark Burnett

Take Control of Your Passwords Book by Joe Kissell

Password Journal (a Diary for Internet Login Security) Book by Bookweaver

Information Security Topics

IST1: Internet Ethics Internet: Understanding about the Internet, How Is the 'Internet' Different from the 'Web’?, What Is 'Web 1.0', 'Web 2.0', and 'the Invisible Web’?, The Invisible Web is a third part of World Wide Web, Features of Internet, Benefits of Internet. Internet Ethics:Introduction to Ethics, Access to Internet, Unethical behavior in Internet & Examples– (a) Digital Plagiarism, (b). Breaking copyright and software theft, (c) Using of computer resources improperly, (d)Using computers, data, information to harm others, (e) Using Internet, one shall not forward false communication, (f) Using computer to harm other people , (g) Interfering with other’s computer work , (h) Snooping around in other ‘s computer files , (i) Forwarding messages through Internet to bear false witness , (j) Copying software for which you have not paid , (k) One shall not use other people’s computer resources without authorization . Ethical Rules for Computer Users, Acceptable behavior - (a) Acceptance, (b) Sensitivity to National and Local Cultures, (c) While using e-Mail and chatting, (d) Pretending someone else, (e) Avoid Bad Language, (f) Hide Personal Information, (g) While Downloading, (h) Supervision, (i) Encourage Children to use Internet, (j) One shall think about the social consequences of the program you write, (k) One shall use a computer in ways that show consideration and respect one ‘s fellow humans. Cyber Ethics, Cyber Security, Cyber safety, Safety measures for ethics, Guidelines for teachers, An acceptable user policy For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions.

References:

Internet Ethics 2000th Edition by Duncan Langford (Author)



Internet & Computer Ethics for Kids (And Parents & Teachers Without a Clue) by Winn Schwartau (Author), D. L. Busch (Illustrator)

IST2: E-mail Security Introduction to E-Mail, how an E-mail Works –Post office protocol, Internet Message Access Protocol, Simple Mail Transfer Protocol, Importance of E-mail Security, Threats through E-mails – Attachments, Fake e-Mails, Spam e-Mails, e-Mails offering free gifts, Hoaxes. How to prevent, Guidelines for using E-mail Safely. E-mail Tracer:What is e-mail tracer?, why should you trace an e-Mail ?,Example. Phishing:What is Phishing? How does a phishing email message look like? , Threats, Phishing techniques, How to recognize a message of phishing? , What should do if responded to a phishing scam?, Guidelines for phishing attacks. Phishing Technique – Tabnapping:Tabnapping, How does it work, Tips to against tabnapping For Students: Activity, Lab Session, Group Discussion, and Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions.

References:

E-mail security Book by Bruce Schneier

Email Security with Cisco Iron Port Book by Chris Porter

IST3: Social Networking Introduction to Social Networking, Risks in Social Networking- a. Illegal content, b. Spam, c. Abusive, vulgar, or irreverent language, d. Insults, e. Threats, f. Hate speech, g. Malicious links, h. Fraudulent Reviews, i.Fake Friends, j. Personally identifiable information, k. Phishing l. Click jacking m. Conduct, Guidelines for Social Networking. For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

1. Information Security Awareness Handbook – (www.infosecawareness.in).

IST4: Cyber Bullying

http://www.infosecawareness.in/



Introduction to Cyberbullying, Risk factors, Methods used for cyber bullying -Threatening, Harassment, Impersonation, Flaming, Exclusion, Phishing, Denigration, Outing. Signs for Cyber bullying, how to Prevent Cyber bullying, Guidelines for Cyberbullying For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

Cyber Bullying Book by Nick Hunter

Cyberbullying Book by Lucia Raatma

Cyber bullying Book by Robin M. Kowalski

IST5: Malware What is Malware, Types of Malwares, Damages through Malware in computer, how to recognize malware, How do you detect a Malware in computer? , how to protect your gadgets from Malware , Guidelines to prevent Malware. For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

Practical Malware Analysis Book by Andrew Honig and Michael Sikorski

Advanced Malware Analysis Book by Christopher C. Elisan IST6: Cyber Laws Introduction to Cyber Laws, Classification of Cyber Crimes, Importance of cyber laws, Cyber Laws of India, Advantage of Cyber Laws, Nation Cyber Security Policy –Objectives, IT ACT 2000/2008 Amendment, Case Studies For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

Cyber Laws and IT Protection Book by Harish Chander

Textbook On Cyber Law by Pavan Duggal (Author)

Cyber Laws by Justice Yatindra Singh (Author)



Secure Programming Topics

SPT1: Network Security What is Network, Introduction to Network Security, Types of Networks? Why Network Security required? What are Internetworking devices - HUB, Active Hub, Passive Hub, Ethernet Hubs, Switches, Bridges, Types of Bridges, Routers, Gateways, Network card, Network protocols, ISDN (Integrated Services Digital Network), Modems, Wi-Fi Security: What is wireless communication? Importance of Wi-Fi Security, Types of attacks on Wireless Environment -DOS attack, Man-In-Middle Attack, War Driving, How the attack occurs in Wi-Fi Environment, Guidelines for Wireless communications. Firewalls: Introduction to Firewall, Use of Firewall, IDS, IPS, Application Gateway Broadband Security:Broadband Internet Security, Broadband Security Threats, Types of Broadband, Guidelines for securing Broadband Internet access. For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

Network Security Essentials Applications and Standards by Stallings (Author)

Network Security A Beginner's Guide, Third Edition by Eric Maiwald (Author)

Network Security by Scott C.-H. Huang (Editor), David MacCallum (Editor), Ding-Zhu Du(Editor) SPT2: Web Application Security Web applications architectures, Basics on Client side and server side programming, Basic web programming concepts – HTTP and HTTPS Protocol, HTTP Methods, cookies, authentication mechanisms and sessions. Improper Input Validation For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

Web Application Security Book by Bryan Sullivan and Vincent Liu

The Web Application Hacker's Handbook 2nd Edition by DafyddStuttard (Author), Marcus Pinto (Author)



SPT3: Database Security Introduction to MySQL/Postgres database, Installation and confirmation of the database with an application, Secure configuration of the database, Improper configurations and mitigations For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

Database Security Book by Alfred Basta

Implementing database security and Auditing Book by Ron Ben-Natan

Database Security and Auditing: Protecting Data Integrity and Accessibility 1st Edition by Hassan A. Afyouni (Author)

SPT4: Secure Programming Concepts Introduction to Secure Coding, How Bug is different from Vulnerability, Software Vulnerabilities, Examples of software vulnerabilities, First Vulnerability exploited by Morris worm ,Input Validation & Data Sanitization, Secure manipulation of arrays & strings, SAFE APIs , Secure Memory & File Handling. (or) Software Vulnerabilities, Format String & Race Condition Vulnerabilities in Python, SQL injection and login bypass, Error detection and Error handling, Risks associated with specific Python library functions like eval& exec, Use of Crypto library for securing the communication For Students: Activity, Lab Session, Group Discussion, Project Work For Teachers: Establishing your own personal practice before teaching Lab sessions. References:

Security Program and Policies 2nd, by Sari Greene (Author)

Secure Programming Cookbook for C and C++ 1st Edition by John Viega (Author), Matt Messier (Author)

Writing Secure Code Book by David Le Blanc and Michael Howard



Class IV

Cyberbullying

Bob was a brilliant student in Grammar School. He was little bit of fat but

very active.

There was a small boy called Nick. Although he wasn’t very big, he was

strong, and he loved to tease all the boys and girls who went to school

with him. What he loved to do most was to comment Bob in the class

by calling him fatty.

Bob used to feel bad and cried a

lot. He became very dull and was

not able to study well in the class and got less marks

in his exams and he used to sit in the corner of the

class.

After observing his behaviour in the class his teacher

called him to the staffroom and asked

Teacher: “Bob! what happen to you?”

“You seems to be very inactive in class”

Bob replied: “Everybody in classroom calling me as

fatty”

Teacher said “Not to worry Bob, I will take care”

“Please concentrate on your activities in school

studies”

On the next day in school teacher explained the following thing in classroom about

What is Bullying?

Bullying happens when someone is being hurt by Actions.

Or

It happens when someone is being hurt by words.

Or

Do You know Somebody who teases you? Pushes you intentionally? If so,

read this story of Bob



It also happens when someone may feel you down called bullying.

Also Bullying can be done in following ways:

hitting

pushing

fighting

name calling

laughing at you

Where Does Bullying Happen?

Bullying can happen anywhere. It can happen /occur in

School premises i.e., Classroom, labs

Parks

Playgrounds

School buses etc.,

So children “everybody is having positive & negatives”, “May be some people look thin”

or “Somebody may be fatty” but we should never tease the others by seeing their

defiance’s.

So everybody promise that you will help to avoid such bullying. Also take an oath that

you never tease others by seeing their personality.

If the above bullying happens by using the computer is called

Cyberbullying?

Or

Cyberbullying can be done by sending hurtful messages on a computer or

cellphone to someone.

Cyberbullying can be done in following ways

telling lies about someone

trying to make someone feel bad about who they are

Sending hurtful messages.

Posting statements online that are not true



Activity 1: Word Building

Activity 2 : Fun Time

Here is a word, cyberbullying. Write down words relating to Cyberbullying.



Teacher’s Page ________________________________________________Unit 1

Cyberbullying

Themes

Normal bullying vs Cyberbullying

Reading Time

Reading of the story by students should be encouraged. There also other stories on cyberbullying for

children, and should be suggested for their reading.

Conversation Time

Discuss with the children the importance of rules in social situations and why these should be made and

followed. Make them also aware of Bullying and how they should avoid from the bullies. Let them list

some of the rules they don't like to follow and to reason out why they also are important.

Writing Time

A paragraph is a group of sentences developing one topic. Choose a topic (Example: Cyberbullying),

make a plan, gather material and then construct the paragraph. Skills of paragraph writing and collecting

and presenting information on the topic can be stressed upon. These can be put up on the display board.

Project Work

Let the children discuss about bullies they know. They can then talk about the story, how they started

bullying and what they like or would like to do about that bully.

They could find out some cyberbullying stories from the Internet or an encyclopedia. This information

should also be displayed for everyone to see.



Class VI

Cyberbullying

We’ve all heard of bullying. In school, we remember when school bullies pick the

other children to tease or hurt them in the school premises or playground. Those

bullies had names and faces that we could recognize and do the following things:

To stay away from them.

To report about them to the authorities in school.

Also ask our parents to speak to their parents

But the if the same thing happens by using the computer and gaming sites or

Mobile phone is an extension of bullying called Cyberbullying.

What is Cyberbullying?

Cyberbullying is bullying which happens among the kids by sending or posting of

hurtful texts, messages or images using the Internet.

Methods used for bullying others:

Threatening

Threatening the target child through social networks

(Facebook, twitter), text messages, emails, blogs or instant

messaging.

Flaming

Online fights using electronic messages with angry and vulgar language.

Example : Joe and Alec's online exchange got angrier and angrier. Insults were

flying. Joe warned Alec to watch his back in school the next day.

Harassment

Repeatedly sending nasty, mean, and insulting messages

Example : Sara reported to the principal that Kayla was

bullying another student. When Sara got home, she had 35

angry messages in her e-mail box. The anonymous

cruel messages kept coming - some from complete strangers.

Exclusion

Intentionally and cruelly excluding someone from an online group.



Example :Millie tries hard to fit in with a group of girls at school. She recently got

on the "outs" with a leader in this group. Now Millie has been blocked from the

friendship links of all of the girls.

Activity :Let’s start to solve the puzzle

Across:

1 Using the internet,cellphone,or other technology to sent or post text or images to hurt or

embarrass another person is called…………………



3 Don’t share access to your computer with……………………

6 Make Social networking site pages…………..and only invite people you Know to view

them.

8 Never say anything in a …………….room that you wouldn’t say in Public

Down:

2 Never agree to meet face-to-face with someone you have met……….without discussing it

with you parent’s first.

4 Teach other preteens about keeping ……….. on the internet. 5 If you encounter someone online who is unpleasant or hostile,Logoff ………………...or

block them.

7 Never give out your name,address,telephone no,password, schoolnameParent’s name,

pictures of yourself, creditcard no,socialsecurity no, or Another

personal………………………. to others online



Activity :Word Search:

Solve the puzzle using given below words

Threat Internet

Awareness

Meeting Children Messaging



Activity :

Kids you have read about cyberbullying, suppose if you are in the below sticky

situation what you will do:

You've been receiving messages from an unknown person for a week now. The messages are mean

and threatening, what do you do?

Discuss this with your parents or teacher and write a few sentences about how one

should effectively resolve this sticky situation.

-----------------------------------------------------------------------------------------------------------------------

-----------------------------------------------------------------------------------------------------------------------

-----------------------------------------------------------------------------------------------------------------------

-----------------------------------------------------------------------------------------------------------------------

-----------------------------------------------------------------------------------------------------------------------

-----------------------------------------------------------------------------------------------------------------------

-----------------------------------------------------------------------------------------------------------------------

-----------------------------------------------------------------------------------------------------------------------

-----------------------------------------------------------------------------------------------------

draft information / cyber security syllabus for cbse … about information security awareness under...

Documents