UNIVERSITY OF MAURITIUS

MODULE SPECIFICATION SHEET

1. GENERAL INFORMATION

Academic Year: 2018/2019

Semester(s): 1 & 2

Title Code Duration (hrs) No of credits

INFORMATION SYSTEMS CSE 3118Y Lectures: 2 hrs x 30 weeks 6
SECURITY Practicals: 2 hrs x 30 weeks
Seminars:
Tutorials:
Others (Specify):
Total: 90 hrs

2. PRE-REQUISITE(S)/PRE-REQUIREMENT(S)
As per the programme structure, there is no pre-requisite or pre-requirement.
This elective will also built upon the knowledge acquired from level 2 core module CSE 2027Y
Information Systems Audit and Control.

3. AIMS
• Learn the technical and operational aspects of information security – systems and
architectures.
• Present the fundamentals and principles of information systems security
• Demonstrate different security strategies, products and solutions

4. OUTLINE SYLLABUS

Introduction to Information Systems Security , Identification & Authentication, Secure design

principles (Least-privilege, fail-safe defaults, complete mediation, separation of privilege),
Application Layer Security, Security Protocols, Public and private key systems, Password systems,
Firewall, Malware, Defense in Depth, Intrusion Detection Systems, Cyber Security Attacks &
Analysis, Security Policies, Information Security Management, Vulnerability Measurement,
Security Risk Assessment, Information Security Standard (ISO Standards), Information Security
Management, Security Planning and Design Issues, Incident Response Plan, Security System
Architecture, Business Continuity, Backup Strategies, Legal & Ethical Issues.

5. LEARNING OUTCOMES

Having studied this module, the students should be able to:

• Describe the need for security, different categories of security threats, as well as common
attack methods and techniques used by hackers

1
 • Discuss the functionality, design principles and security issues associated with firewalls
• Describe major encryption, authentication, access control techniques & concepts, and
analyze specific examples
• Define security attack issues, intrusion detection, and analyze various approaches to
prevention and detection
• Discuss important security area and web security standards
• Develop skills and ability to identify strengths and weaknesses of security systems,
security technologies & tools;
• Describe security policies that identify the threats and define the requirements for
ensuring a secure system;
• Assess Operational issues, cost-benefit and risk analyses, legal and human factors in
security;
• Understand and apply security, confidentiality, and integrity policies;
• Apply security design principles to networks, systems, users, and software.
• Analyse information security systems.
• Identify future trends in security architecture and strategies

6. COORDINATORS:
Programme Coordinator Area Coordinator Module Coordinator
(if applicable)
Name Razvi Doomun
Department ICT
Building Engineering Tower
Room Number 4.5
Phone No. 403 7836
E-mail address r.doomun@uom.ac.mu
Consultation Time

7. LECTURER(S)
Name R. DOOMUN
Department ICT
Building Engineering Tower
Room Number 4.5
Phone No. 403 7836
E-mail address r.doomun@uom.ac.mu
Contact Hours
Consultation Time By appointment on
Thursdays
Contact Address
(For P/T)

8. VENUE AND HOURS/WEEK

All lectures will normally be held in Room: Refer to TIME TABLE

2
 Hours/week: 2+2 hours/week

9. MODULE MAP

Week Hr(s) Theme(s)/Lecture Title(s) Mode

SEMESTER 1
1 2+2 Introduction to Information Systems Security L + P/T

2 2+2 Identification & Authentication L + P/T

3 2+2 Secure design principles (Least-privilege, fail-safe L + P/T

defaults, complete mediation, separation of privilege)

4 2+2 Application Layer Security, Security Protocols L + P/T

5 2+2 Public and private key systems L + P/T

6 2+2 Password systems L + P/T

7 2+2 Firewall L + P/T

8 2+2 Malware, Defense in Depth L + P/T

9 2+2 Intrusion Detection Systems L + P/T

10 2+2 Cyber Security Attacks Analysis L + P/T

11 2+2 Revision/Tutorial L + P/T

12 2+2 Class Test 1

13 2+2 Presentation/ ISS Case studies L + P/T/S

14 2+2 Presentation / ISS Case studies L + P/T/S

15 2+2 Presentation/ ISS Case studies L + P/T/S

SEMESTER 2
16 2+2 Security Policies, Information Security Management

17 2+2 Vulnerability Measurement

18 2+2 Security Risk Assessment

19 2+2 Security Planning and Design Issues

20 2+2 Incident Response Plan

3
 21 2+2 Security System Architecture

22 2+2 Business Continuity

23 2+2 Backup Strategies

24 2+2 Cyber Laws and Cyber Crimes

25 2+2 Information Security Standards (ISO)

26 2+2 Presentation/ ISS Case studies

27 2+2 Presentation / ISS Case Studies

28 2+2 Class Test 2

29 2+2 Presentation/ ISS Case studies

30 2+2 Presentation/ ISS Case studies

Abbreviations: L: Lectures, P: Practicals, T: Tutorials, V: Visits, S: Seminars

The detail lecture outline and objectives will be presented weekly or at the start of a new topic
or chapter.

10. RECOMMENDED BOOKS/JOURNALS/WEBSITES

Title 1: Computer Security: Principles and Practice

William Stallings & Lawrence Brown
ISBN-10: 0136004245, ISBN-13: 9780136004240
Publisher: Prentice Hall & Copyright: 2008
Companion website:
http://williamstallings.com/ComputerSecurity/

Title 2: Security in Computing 4th Edition

Charles P. Pfleeger Consulting Group Pfleeger; Shari LawrenceRAND Corporation Pfleeger
Publisher: Prentice Hall
Pub. Date: October 13, 2006
Print ISBN-10: 0-13-239077-9
Print ISBN-13: 978-0-13-239077-4

11. ESSAY(S)/ASSIGNMENT(S)/PRACTICAL(S)

Title Maximum Marks Last Submission Date

1. One assignment (To be specified) 10% TBA
2. Practical & Presentation 10% TBA

12. ASSESSMENT

4
(i) Written Examination

Paper Structure

Sections (if any) No. of questions to be answered (5)

Multiple Choice Questions Compulsory Questions (if any)

Exams date: May 2019 Paper Duration: 3 Hours

Weighting (%): 60

Total Marks: 100 Pass Marks: 40

(ii) Continuous Assessment

Weighting (%)
Practical/Assignment(s) & 20%
Presentation:

Two Class Test(s): 20%

Total Marks: 40%

Last updated on: August 2018