|
Course Code : COIT 324 Name : Information Securit
Credits : 3 Contact hours : 42 Hrs Lecture
Course coordinator’s name : Altyeb Altaher
Text book
Corporate Computer and Network Security, 2nd Edition, P. Raymond, Prentice Hall, 2010, ISBN 978-0131854758.
Other references
Computer and Information Security Handbook (The Morgan Kaufmann Series in Computer Security), 2nd Edition, by John R. Vacca, Morgan Kaufmann publisher, 2009, ISBN-10: 0123743540
Specific course information
a. Synopsis
Since IT systems are increasingly under attack, knowledge of Information Security (IS) is of paramount importance to the profession of IT. The IT professional must understand, apply, and manage information assurance and security in computing, communication, and organizational systems. It is also important for the IT professional to provide users with a framework to be sufficiently security aware to be an asset to the organization rather than a liability
b. Prerequisites : None
c. Type of course : Core
:Specific goals for the course
This course aims to meet student outcomes (A) , (B) , and (E) of ABET criterion 3
|
Course Learning Outcomes
|
ABET Student Outcome
|
|
Familiarity with information security awareness and a clear understanding of its importance
|
e
|
|
Have knowledge of how threats to an organization are discovered, analyzed, and dealt with.
|
a & b
|
|
Understanding the fundamentals ofcryptography techniques
|
a & b
|
|
Know the advanced security issues and technologies (such as DDoS attack detection and containment, and anonymous communications)
|
a & b
|
Grading System
|
Assignment
|
10 %
|
|
Project
|
10%
|
|
Exam 01
|
20%
|
|
Exam 02
|
20%
|
|
Final Exam
|
40%
|
Topics covered
|
Time table for distributing theoretical course contents
|
|
Week
|
theoretical course contents
|
ABET SO
|
Remarks
|
|
1
|
The threat environment
Malware, Hackers and attacks, the criminal era
|
a
|
|
|
2
|
Security Planning and Policy
-compliance laws and regulations
- Ethics
- Risk analysis
- Governance Frameworks
|
e
|
|
|
3
|
Cryptography
classical encryption algorithms
|
a & b
|
|
|
4
|
Cryptography
Public-Key Cryptography
|
a & b
|
|
|
5
|
Secure networks
- denial-of-service attacks
- ARP poisoning
|
a & b
|
|
|
6
|
Secure networks
- secure Ethernet networks
- potential attacks against wireless networks
|
a & b
|
Exam 1
|
|
7
|
Access Control
- basic access control terminology
- Mandatory and Discretionary Access Control
|
a & b
|
|
|
8
|
Access Control
- biometric authentication, including verification and identification.
- Biometric Errors and Deception , Biometric Methods
|
a & b
|
|
|
9
|
Firewalls
- Static Packet Filtering
- Stateful Packet Inspection (SPI)
- Network Access Translation (NAT)
|
a & b
|
|
|
10
|
Firewalls
- Application Proxy Firewalls
- Intrusion Detection Systems (IDSs)
- Stopping Denial-of-Service
(DoS) Attacks
|
a & b
|
|
|
11
|
Firewalls
- Firewall management
- Firewall filtering problems
|
a & b
|
Exam 2
|
|
12
|
Application Security
- Application Security Threats
- Cross-Site Scripting (XSS) Attacks
SQL Injection Attacks
|
a & b
|
|
|
13
|
Application Security
E-Mail Security
|
a & b
|
|
|
14
|
A comprehensive review
|
|
|
|
15
|
Final Exam
|
|
|
|