Scribd
Upload
26 views3 pages

IS336 Lecture 0

Uploaded by

j art ,education,and lifestyle
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
26 views3 pages

IS336 Lecture 0

Uploaded by

j art ,education,and lifestyle
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

COLLEGE OF INFORMATION AND COMMUNICATION TECHNOLOGIES (CoICT)

IS 336/ IS 364: PRINCIPLES OF SYSTEMS SECURITY

Instructor Details:
• Name: Dr. Hellen Maziku
• Office Number: A09
• Email: [email protected]

Course Objectives
This course teaches learners the skills to develop secure software and/or install security mechanisms to
protect computing infrastructures. This course introduces learners to the fundamental principles of
Computer and Information Security using the OSI layer approach. Basic concepts that will be covered
include; Access control, authentication, vulnerabilities and threats, Program and Programming Security,
Web Security, Operating Systems Security, Network Security, Database Security, Cloud Security, Privacy
issues, Digital Forensics, Security Management and incident response, Legal Issues and Ethics, etc.

The course will include numerous hands on practicals in a virtualized environment. Example Labs to be
covered include; Penetration Testing, SQL injection attacks, MITM, Password cracking, Firewalls, Network
Protocols, Digital Forensics, Network traffic analysis, etc.

Learning Outcome
At the completion of this course, students should be able to;

• Demonstrate an understanding of fundamental security concepts and Defense Methods


• Demonstrate an understanding on security requirements, security management and incident
response
• Demonstrate an understanding of Symmetric and Asymmetric Encryption (Public key)
cryptosystems, and Digital Certificates
• Demonstrate an understanding application security including; Web security, Programs security,
Operating System security
• Demonstrate an understanding of network security, including security in network transports,
network protocols, wireless networks, network traffic analysis, VPNs, etc.
• Demonstrate an understanding of Database Security
• Demonstrate understanding on vulnerability assessment and applicable security tools;
Footprinting, scanning and enumeration, vulnerability identification, and vulnerability validation
• For each layer in OSI model, the student should be able to identify common attacks. The student
should have practical skills on how to run the attacks and harden networks and systems against
such attacks.
• Demonstrate understanding on Legal issues and ethics in relation to Security
Course Content
Unit One: Introduction to Computer Security
• Threats, vulnerabilities, and controls
• Confidentiality, integrity, and availability
• Attackers and attack types; method, opportunity, and motive
• Valuing assets
• Authentication and Access control

Unit Two: Program and Programming


• Unintentional Programming Oversights
• Malicious Code – Malware
• Countermeasures

Unit Three: The Web


• Browser and Web Attacks
• Email Attacks
• Countermeasures

Unit Four: Operating Systems


• Security in Operating System
• Security in Design of Operating System
• Rootkit

Unit Five: Networks


• Network Concepts
• Threats to Network Communications
• Wireless Network Security
• Denial of Service
• Network Security Countermeasures
o Cryptography in Network Security
o Firewalls
o Intrusion Detection and Prevention Systems
o Network Management

Unit Six: Databases


• Database Concepts
• Security Requirements of Databases
• Database Reliability and Integrity
• Database Disclosure
• Data Mining and Big Data

Unit Seven: Cryptography


• Cryptology
• Symmetric Encryption
• Asymmetric Encryption
• Message Digests
• Certificates
• Digital Signatures
• Quantum Cryptography

Unit Eight: Privacy


Unit Nine: Cloud Computing Security
Unit Ten: Management and Incidents

Recommended Readings
1. Security in Computing, 5th Edition, Charles P. Pleeger et al., Prentice Hall
2. CompTIA Security+ Guide to Network Security Fundamentals, 6th Edition, Mark Ciampa,
Cengage Learning
3. Information Security Management Principles, 3rd Edition, Andy Taylor, et al., BCS, The Chartered
Institute for IT
4. Guide to Network Security 1st Edition, Michael E. Whitman, Cengage Learning;

You might also like