Course Objectives:

· To discuss the important of system and network security

· To explain the relationship between threats, vulnerabilities, countermeasures, attacks, compromises and remediation.

· To describe of how to manage information security.

· To explain the encryption technologies.

· To explain about the privacy and access management

· To describe of how digital forensics fits with the other forensic disciplines.

· To discuss various issues related to storage, physical, and advanced security.

Course Description:

Since IT systems are increasingly under attack, knowledge of Information Security (IS) is of paramount importance to the profession of IT. The IT professional must understand, apply, and manage information assurance and security in computing, communication, and organizational systems. It is also important for the IT professional to provide users with a framework to be sufficiently security aware to be an asset to the organization rather than a liability.

Course Outlines:

· Fundamental Aspects

o History and Terminology, Security Mindset (reasoned paranoia)

o Design Principles (Defense in Depth), System/security life-cycle

o Security implementation mechanisms (gates, guards, guns; cryptography)

o Information assurance analysis model

o (MSR model; threats; vulnerabilities; attacks; countermeasures)

o Disaster recovery (natural and man-made)

o Forensics

· Security Mechanisms (Countermeasures)

o Cryptography , Cryptosystems, Keys: symmetric & asymmetric, Performance (software/hardware) , Implementation

o Authentication "Who you are, what you have, what you know" , Bio-authentication (use of biometrics)

o Redundancy, Intrusion Detection

· Operational Issues

o Trends Auditing Cost / benefit analysis, Asset Management, Standards Enforcement, Legal issues, Disaster recovery (natural and man-made)

· Policy

o Creation of Policies, Maintenance of Policies, Prevention Avoidance, Incident Response (Forensics), Domain integration (physical, network, internet, etc.)

· Attacks

o Social Engineering, Denial of Service, Protocol attacks, Active attacks, Passive Attacks, Buffer Overflow, Attacks Malware (Viruses, Trojan Horses, Worms)

· Security Domains

o Human-Computer Interaction, Information Management, Integrative Programming Networking, Program Fundamentals, Platform Technologies

o System Administration, System Integration and Architecture

o Social and Professional Issues

o Web Systems

o Physical plant

· Forensics

o Legal Systems, Digital Forensics and its relationship to other Forensic disciplines, Rules of Evidence, Search and Seizure ,Digital Evidence, Media Analysis

· Security Services

o Availability Integrity, Confidentiality, Authentication (source reliability), Non-repudiation

· Threat Analysis Model

o Risk assessment, Cost benefit

· Vulnerabilities

o Perpetrators, Inside attacks, External attacks, Black Hat, White Hat

o Ignorance, Carelessness, Network, Hardware (design, implementation, installation, etc.)

o Software (design, implementation, installation, etc.), Physical access

Course Outcomes:

Upon finishing this course, the student should:

· Briefly describe the history of the field of Information Assurance and Security.

· Explain the relationship between threats, vulnerabilities, countermeasures, attacks, compromises and remediation.

· Give examples of how IT system components (e.g. servers, routers, people, and software) can be countermeasures, vulnerabilities, and also threats.

· Describe the three key factors involved in authentication and how they are used to verify identity and grant access to a system.

· Explain the process and value of two-factor authentication.

· Describe the characteristics of an effective password.

· Describe and compare physical access control to logical access control.

· Identify the key types of biometric information utilized in authentication from the perspectives of accuracy, intrusiveness and efficiency.

· Specify what constitutes admissible evidence in a legal proceeding and how to acquire and maintain this information

· Describe the role of policy and procedure in the IS Model.

· Explain and give examples of the social engineering techniques used to gain access to computing and network assets in an organization.

· Describe how a Denial of Service attack works against an organization’s network.

· List some different protocol attacks to which TCP/IP is susceptible.

· Describe how the different protocol attacks (e.g. TCP/IP) works against an organization’s network.

· Give examples of shared concerns across a specified set of security domains.

· Give examples of concerns that are specific to specified security domains.

· List three types of legal systems used by countries in the world.

· Describe how digital forensics fits with the other forensic disciplines.

· Describe the possible availability levels for a web service.

· Describe how redundancy and geographic dispersion relate to availability.

· Define integrity as a security service.

· Describe how one-way cryptographic functions are used to implement integrity in document transfer.

· Identify the aspects of a business that may be impacted by a security breach or interruption of operation.

· Explain the differences between a hacker and a cracker. Consider white hat, black hat, culture, community, tools, and technologies used

· Describe the role of the user in information assurance and how they fit into an

· Overall information assurance plan for an organization.

· Explain how ignorance and carelessness leads to vulnerabilities for an

· Organization.

Assessment Strategy:

Students will be assessed in this course based on a set of exams, assignments, and presentations.

Text Book:

· John R. Vacca, Computer and Information Security Handbook (The Morgan Kaufmann Series in Computer Security), 2^nd Edition, Morgan Kaufmann publisher, 2009, ISBN-10: 0123743540

Other reference:

· Mark Stamp, Information Security : Principles and Practice, Wiley-Interscience publisher, 2005, ISBN 0471738484