INDIAN CYBER LAW Section with Penalties and Offenses

Section under IT Act, 2000	Offense	Penalty
Sec.43	Damage to computer, computer system, etc.	Compensation not exceeding one core rupees to the person so affected
Sec.43A	Body corporate failure to protect data	Compensation not exceeding five core rupees to the person so affected
Sec.44(a)	Failure to furnish document, return or report to the Controller or the Certifying Authority	Penalty not exceeding one lakh and fifty thousand rupees for each such failure
Sec.44(b)	Failure to file any return or furnish any information, books or other documents within the time specified	Penalty not exceeding five thousand rupees for every day during which such failure continues
Sec.44(c)	Failure to maintain books of account or records	Penalty not exceeding ten thousand rupees for every day during which the failure continues
Sec.45	Where no penalty has been separately provided	Compensation not exceeding twenty-five thousand rupees to the person affected by such contravention or a penalty not exceeding twenty-five thousand rupees
Sec.65	Tampering with Computer source documents	Imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both
Sec.66	Hacking with Computer systems, Data alteration etc.	Imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees or with both
Sec.66A	Sending offensive messages through communication service etc.	Imprisonment for a term which may extend to three years and with fine
Sec.66B	Retains any stolen computer resource or communication device	Imprisonment for a term which may extend to three years or with fine which may extend to rupees one lakh or with both
Sec.66C	Fraudulent use of electronic signature	Imprisonment for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh
Sec.66D	Cheats by personating by using computer resource	Imprisonment for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupees
Sec.66E	Publishing obscene images	Imprisonment which may extend to three years or with fine not exceeding two lakh rupees, or with both
Sec.66F	Cyber terrorism	Imprisonment which may extend to imprisonment for life
Sec.67	Publishes or transmits unwanted material	Imprisonment for a term which may extend to three years and with fine which may extend to five lakh rupees & in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to five years and also with fine which may extend to ten lakh rupees
Sec.67A	Publishes or transmits sexually explicit material	Imprisonment for a term which may extend to five years and with fine which may extend to ten lakh rupees and in the event of second or subsequent conviction with imprisonment of either description for a term which may extend to seven years and also with fine which may extend to ten lakh rupees
Sec.67B	Abusing children online	Imprisonment for a term which may extend to five years and with a fine which may extend to ten lakh rupees and in the event of second or subsequent conviction with imprisonment of either description for a term which may extend to seven years and also with fine which may extend to ten lakh rupees
Sec.67C	Preservation of information by intermediary	Imprisonment for a term which may extend to three years and shall also be liable to fine
Sec.70	Un-authorised access to protected system	Imprisonment for a term which may extend to ten years and shall also be liable to fine
Sec.71	Misrepresentation to the Controller or the Certifying Authority for obtaining license or Electronic Signature Certificate	Imprisonment for a term which may extend to two years, or with fine which may extend to one lakh Rupees, or with both.
Sec.72	Breach of Confidentiality and Privacy	Imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both
Sec.72A	Disclosure of information in breach of contract	Imprisonment for a term which may extend to three years, or with a fine which may extend to five lakh rupees, or with both
Sec.73 & 74	Publishing false digital signature certificates	Imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both

References – (1) THE GAZETTE OF INDIA EXTRAORDINARY

                      (2) THE INFORMATION TECHNOLOGY ACT, 2000

Security Certification Organizations

You’ll find a breakdown of 13 cyber security certification bodies and notes on some of their most popular accreditations below. These organizations are also listed on the website of the National Initiative for Cybersecurity Education (NICE). 

The big ones – 

• CompTIA
• EC Council 
• GIAC 
• ISACA
• (ISC)²

These are members of the Cybersecurity Credentials Collaborative (C3), an effort to promote the benefits of certifications in the skills development of information security professionals around the world.

The Department of Defense, for instance, has developed a separate SPēD Certification program run through the Center for Development of Security Excellence.

If you’re confused about which certification is right for your experience level and interests, reach out to your network. Your professors, employer and/or senior-level colleagues will have a strong sense of which qualifications are worth the investment
 
CERT Programs -

SEI(Software Engineering Institute)offers two security-focused certifications:

• CERT Instructor

• CERT-CSIH: Computer Security Incident Handler 

CISCO Programs- 

Cisco has tiered its security accreditations into four levels of experience:

• CCENT
• CCNA Security
• CCNP Security
• CCIE Security 

CWNP Programs- 

 

The most relevant security qualifications are:

• CWSP: Certified Wireless Security Professional
• CWNE: Certified Wireless Network Expert

ComPTIA Programs- 

 

Notable security accreditations include:

• CompTIA Network+
• CompTIA Security+
• CASP: CompTIA Advanced Security Practitioner

DRI International Programs- 

 

DRII certification is the intermediate-level:  

• CBCP: Certified Business Continuity Professional 

EC-Council Programs- 

EC-Council’s flagship course is: 

• CEH: Certified Ethical Hacker 

GIAC Programs- 

If you’re interested in a GIAC credential, you might wish to investigate:

• GSEC: GIAC Security Essentials Certification
• GPEN: GIAC Certified Penetration Tester
• GCIH: GIAC Certified Incident Handler

IACRB Programs- 
 
IACRB, Competitors to EC-Council’s CEH qualification include:

• CPT: Certified Penetration Tester
• CEPT: Certified Expert Penetration Tester

ISACA Programs- 

 

The organization offers certifications in 

• CISA
• CGEIT
• CRISC
• CISM: Certified Information Security Manager. 

Like CompTIA and CISSP, CISM was named to Ed Tittel’s list of Best Information Security Certifications for 2015.

 

(ISC)² Programs- 

 

(ISC)²’s banner certification is the globally-recognized  

• CISSP: Certified Information Systems Security Professional.

You can also opt to take a concentration:

• CISSP-ISSAP: Information Systems Security Architecture Professional
• CISSP-ISSEP: Information Systems Security Engineering Professional
• CISSP-ISSMP: Information Systems Security Management Professional

MI: McAfee Institute Programs- 
 
Crime-related security certifications include:

• CCTA: Certified Counter-Intelligence Threat Analyst
• CEFI: Certified eCommerce Fraud Investigator
• CCIE: Certified Cyber Investigative Expert
• CCII: Certified Cyber Intelligence Investigator
• CCIP: Certified Cyber Intelligence Professional
• CORCI: Certified Organized Retail Crime Investigator

Mile2 Programs-

 Mile2 has set itself up in direct competition to the EC-Council’s CEH and IACRB’s CPT. Its hacking certifications include:

• CPTE: Certified Penetration Testing Engineer
• CPTC: Certified Penetration Testing Consultant

Offensive Security Programs- 

If you’re a Pen Tester looking for a top-notch certification, you should seriously consider

• OSCP: Offensive Security Certified Professional.

Offensive Security offers other information security certifications, including the more advanced OSCE: Offensive Security Certified Expert, but OSCP is the one we’ve heard infosec experts mention the most. View a full list of their community projects.

Security Certification Resources

Cybersecurity Education and Training Catalog

NICCS maintains an up-to-date listing of all cyber security and cyber security-related education and training courses offered in the U.S. The catalog currently contains more than 1,300 courses. You can search by proficiency level, delivery method, specialty area and keyword.

Josh More’s Blog Series on Security Certification

It’s a few years old, but Josh More’s insider’s view on the pros and cons of certification makes for interesting reading. He has even developed a mathematical method for assessing the overall learning value of a qualification.

Tom’s IT Pro Security Certification Section

Tom’s IT Pro has scores of articles and blog posts on security certification. We’re particular fans of Ed Tittel’s advice column, where he gives career guidance to security professionals around the world.

Cybrary.it

Cybrary.it, founded by Ralph Sita, Jr. and Ryan Corey, is an online cyber security community offering dozens of free training courses. For example, students interested in earning CompTIA Certification can prepare by enrolling in Cybrary’s free CompTIA A+ Certification Training course. Browse courses by skill level or topic, connect with others in the online forum, and browse listings of cyber security jobs.

Cyber Security Certification

Which Certification to Choose

When it comes to entry-level training, you might start by considering certifications such as:

• CompTIA Security+
• GSEC: GIAC Security Essentials Certification
• SSCP: Systems Security Certified Practitioner

Once you’re through the initial hoops, certification will depend on your level of expertise and your field of interest. For example, a Penetration Tester would probably want to take a look at GPEN

Popular industry certifications include:

• CISSP: Certified Information Systems Security Professional is a high-level credential focused on security policy and management. This is the most frequently mentioned certification in the business. It was also one of the top-paying IT security certifications in 2014.
• CISA: Certified Information Systems Auditor is designed for professionals who audit, control, monitor and assess information technology and business systems.
• CISM: Certified Information Security Manager is geared towards people in managerial positions (e.g. CIO of IT security).
• GCIH: GIAC Certified Incident Handler is for incident handlers responsible for detecting, responding to and resolving computer security incidents.
• CEH: Certified Ethical Hacker is often discussed among white hat hackers and penetration testers.
• OSCP: Offensive Security Certified Professional is designed for penetration testers and includes a rigorous 24 hour certification exam.  

Non-Security IT Certifications

Cisco Certified Network Associate (CCNA) Routing and Switching

A “go-to” certification for entry-level network engineers and specialists working with Cisco routers and network systems. CCNA certificate holders have proven their ability to install, configure, operate and troubleshoot medium-size routed and switched networks.This qualification is on par with CCNA Security, which emphasizes core security technologies, confidentiality, the availability of data/devices and competency in the technologies that Cisco uses in its security structure. Experienced Cisco engineers can aim for the higher level Professional and Expert levels.

CompTIA A+

CompTIA A+ is one of the most common baseline certifications for IT professionals, especially IT support specialists and technicians. The exams cover the maintenance of PCs, mobile devices, laptops, operating systems and printers.

A+ is required for Dell, Lenovo and Intel service technicians and recognized by the U.S. Department of Defense. Many folks follow it up with Network+ and Security+.

  

CompTIA Network+

The second in CompTIA’s trinity of qualifications (which includes A+ and Security+). Network+ is an ISO-17024 compliant certification that tests a professional’s knowledge of data networks. This includes building, installing, operating, maintaining and protecting networking systems.Network+ fulfills U.S. DoD Directive 8570.01-M and is held by nearly half a million people worldwide. It’s often recommended for network administrators, technicians and installers.

Information Technology Infrastructure Library (ITIL) Foundation

ITIL certifications focus on ITIL best practices. Foundation is the basic level and the ITIL credential most frequently seen on job requirements.The exam tests candidates in key elements, concepts and terminology used in the ITIL service lifecycle, including the links between lifecycle stages, the processes used and their contribution to service management practices. If your company is using ITIL processes to handle their services to internal/external customers, then Foundation is worth considering.

Microsoft Certified Solutions Expert (MCSE)

Anyone working with Microsoft technologies should take a close look at the Microsoft Certificate Solutions Associate (MCSA) and the expert MCSE. You must complete the MCSA before tackling the MCSE.Widely respected in the industry, MCSE demonstrates a professional’s ability to build, deploy, operate, maintain and optimize Microsoft-based systems. For the MCSE, you can choose one of nine certification paths, including Server Infrastructure, Private Cloud, SharePoint and more.

Project Management Professional (PMP)

PMP is aimed at mid-level project managers. Candidates without a bachelor’s degree must have at least five years of project management experience (7,500 hours leading and directing projects); bachelor’s degree holders must have at least three years (4,500 hours leading and directing projects).Successful PMP holders have demonstrated they have the experience, education and competency to handle project teams. It’s not a “must-have” by any means, but it can certainly help you zip through the résumé screening process and proceed into discussions about salary.

Red Hat Certified Architect (RHCA)

Interested in becoming a Linux expert? Take a look at RHCA, probably the most challenging qualification in the Red Hat certification program. To attain RHCA status, Red Hat Certified Engineers (RHCEs) must pass at least 5 exams and demonstrate their skills in performance-based tasks. Beginners should consider the RHCAS and the CompTIA Linux+ certification.

VMWare Certified Professional 5 – Data Center Virtualization (VCP5-DCV)

VCP5-DCV is expensive, but probably worth it if you’re interested in virtualization. To obtain this foundation-level certification, candidates must demonstrate hands-on experience with VMware technologies, complete a VMware-authorized training course and pass an exam. This proves a certificate holder’s ability to install, deploy, monitor, scale and manage VMware vSphere environments.Once you have the VCP5-DCV, you might wish to consider more advanced levels of VMWare DCV certification. In addition to data centers, VMWare also offers credentials in the cloud, end user computing and network virtualization.

Hard IT Skills to Cultivate

Since technology is always subject to change, we also recommend you consult your colleagues, mentors and/or professors for the most up-to-date advice.

Operating Systems & Database Management

• Windows, UNIX and Linux operating systems
• MySQL/SQLlite environments

Programming & Coding

• C, C++, C# and Java
• Python, Ruby, PHP, Perl and/or shell
• Assembly language & disassemblers
• Regular Expression (regex) skills
• Linux/MAC Bash shell scripting

 

Networks

• System/network configuration
• TCP/IP, computer networking, routing and switching
• Network protocols and packet analysis tools
• Firewall and intrusion detection/prevention protocols
• Packet Shaper, Load Balancer and Proxy Server knowledge
• VPNs

 

Specializations

Thanks to the nature of their job and industry, security experts usually end up specializing in a specific area of interest. For example:

• Cisco networks
• Cloud computing
• Microsoft technologies
• Wireless
• Database modeling
• Open source applications
• Cryptography

INFORMATION AND TECHNOLOGY

Information Technology courses are outstanding choice to help advance your career .Information Technology is a specialized field of Computer Engineering. It is a technical domain in which the student learns how to design and develop computer software, programmes and hardware such as personal computers , networking equipment and much more. There are various academic institutes located around the world offering IT courses through ONLINE AND OFFLINE programs. It became popular among students by creating numerous job opportunities with decent pay packages!

Information technology courses cover a wide range of topics like:

• Data Structure
• Database Management System
• Logic Design and Structure
• File Structure
• Operating System
• Programming in C Language
• Business Information Systems
• Object Oriented Programming using C++
• Data Communication
• Networking
• Programming using Java
• Computer Graphics and Multimedia
• Computer Networks
• Software Engineering
• Information Management
• E-Commerce
• Web Scripting and Technology
• Data Mining
• RDBMS
• Project Management
• Management
• Data Compression
• Java (Advanced)
• Algorithm Design
• Electronics

Scope

IT sector is rapidly evolving and is directly or indirectly influencing the working of various other sectors and industries. IT sector is a great supporter for various sectors such as health-care, aviation, education, manufacturing sector, telecommunications sector, various Government Departments etc.

Following job posts in the above mentioned sectors-

• Web Developer and Designer
• Data Security Officer
• Database Manager
• Software Developer
• Information Technology Engineer