i. Develop an understanding of the role of procedures, policies, standards and guideline in information systems security. ii. Develop an understanding of the fundamentals of cryptography, cryptographic techniques and network security. iii. Enable students to categorize threats and classify security strategies based on system security principles.
Course status: Core
Credit rating: 8 credits
Total hours spent: 80 hours
Course Expected Learning Outcomes
By the end of the course, students should be able to:
i. Describe basic information security concepts and defense methods. ii. Explain Symmetric and Asymmetric Encryption crypto systems. iii. Design Authentication Applications. iv. Apply network and information security concepts and cryptographic algorithms.
Course Contents
Introduction to Security Concepts; goals, security threats, attacks,
vulnerabilities, risks and countermeasure, Information security management taxonomy, policy formation & ethical and legal issues; Malicious software and network security; Viruses, Trojans, Spyware, Backdoors, Trapdoors and Rootkits; Intrusion detection and prevention mechanisms, firewall taxonomy, wireless network security Cryptography; History and Overview of Cryptography, Encryption basics, symmetric encryption algorithms: block ciphers and stream ciphers, asymmetric encryption and Public Key Infrastructure. Secure One-Way Hash Function and Message Authentication Codes (MD4, MD5, SHA-1, SHA-2, MAC and keyed- MAC. Access Control; Key Certificates and Digital Signatures. E-mail, Web and E- Commerce security (PGP, PKI and SSL). Access Control mechanisms, Access Control Lists, Capability Lists, Operating Systems Access Control, Security of Linux and Windows File Systems and personnel and physical security. Authentication: Authentication mechanisms and technologies for authentication, Challenge-response systems, Smartcards, Security Tokens, Biometry and Kerberos. Emerging Trend in IT Security: Cyber-security, Trusted Computing, Quantum Cryptography, cloud computing security, proivacy and data theft issues, Designing secure systems. Teaching and learning activities: Lectures 30 hours, seminars 15 hours, assignments 15 hours and independent study 20 hours. Assessment methods: Continuous assessment will comprise 30 marks and Final Examination 70 marks.
Reading List:
1. William Stallings (2010). Cryptography and Network Security: Principles and
Practice, 5th Edition. USA: Prentice Hall. 2. Ross J. Anderson (2008). Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley. 3. Larry Ullman (2013). Effortless E-Commerce with PHP and MySQL, 2nd Edition (Voices That Matter). USA: Pearson Education. 4. Gurpreet Dillon (2007). Principles of Information Systems Security: Text and Cases, 1st Edition. Wiley. 5. Mark Stamp (2005). Information Security: Principles and Practice. Wiley.
CCNA: 3 in 1- Beginner's Guide+ Tips on Taking the Exam+ Simple and Effective Strategies to Learn About CCNA (Cisco Certified Network Associate) Routing And Switching Certification
The CompTIA Network+ Computing Technology Industry Association Certification N10-008 Study Guide: Hi-Tech Edition: Proven Methods to Pass the Exam with Confidence - Practice Test with Answers
Computer Networking: The Complete Beginner's Guide to Learning the Basics of Network Security, Computer Architecture, Wireless Technology and Communications Systems (Including Cisco, CCENT, and CCNA)
Evaluation of Some Websites that Offer Virtual Phone Numbers for SMS Reception and Websites to Obtain Virtual Debit/Credit Cards for Online Accounts Verifications
Computer Networking: The Complete Guide to Understanding Wireless Technology, Network Security, Computer Architecture and Communications Systems (Including Cisco, CCNA and CCENT)