Scribd
Upload
0 views24 pages

00 Course Overview

The document outlines the overview of a Computer Security course led by Dr. Mehdi Hussain at SEECS-NUST, detailing course objectives, evaluation criteria, and policies. It emphasizes the importance of understanding computer security concepts, tools, and practices, along with the consequences of plagiarism. The course aims to equip students with essential skills and knowledge to address security challenges in the digital landscape.

Uploaded by

Shaheer Khan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0 views24 pages

00 Course Overview

The document outlines the overview of a Computer Security course led by Dr. Mehdi Hussain at SEECS-NUST, detailing course objectives, evaluation criteria, and policies. It emphasizes the importance of understanding computer security concepts, tools, and practices, along with the consequences of plagiarism. The course aims to equip students with essential skills and knowledge to address security challenges in the digital landscape.

Uploaded by

Shaheer Khan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 24

Computer

Security
IS-820
Lecture 0
Course Overview

Dr. Mehdi Hussain


SEECS-NUST
Agenda
• Computer Security Course
• Course Divisions, Objectives
• Books/Reading Material
• Evaluation Criterion
• Rules & Policies of course
• Contact Information
• Question?
• Layman overview of
“Computer Security”
2
Contact Information
LMS for course material
Consultation Hours: Thursday (04:00 to 05:00
PM)
(or through prior
appointment)
• Introduction of Computer Security
• Cryptographic Tools
• User Authentication
• Access Control
• Database Security
Course • Malicious Software
• Denial of Service Attack
Division • Intrusion Detection
• Firewall and Intrusion Prevention
Systems
• Buffer Overflow
• Software and Operating System
Security
• Human Resources Security and
Security Auditing
4
Course Outline

5
Course Outline

6
7

To understand the basics of computer security.

To explain the use of different tools for enforcing security


services.

Course
Objectives
Introduce the latest research in computer security area.

A good security professional should possess two important skills:


(1) the sense of security, and
(2) the knowledge of security principles.
I hope that students who finish this course can possess both
8

Books:
• Computer Security Principles and Practice, William Stallings
and Lawrie Brown. 5th edition. Pearson Education
• Introduction to Computer Security by Matt Bishop. Pearson
Education
• Computer Security Art and Science by Matt Bishop, Pearson
Education.
9

Your future grade will be determined


using the following criteria:

THEORY

Evaluation • 10% Quizzes


• 10% Assignments
Criterion • 30% MSE (Two Hours Test)
• 45% ESE (End Semester Exam)

Term Project (05%)


• Quizzes
Rules  Announced and Randomly
 No make-up
& Policies  No Best Quiz Policy

10
• Mobile phone usage
 Switch it to silent during the class
• Assignment submission
 Late submissions will not be

Rules accepted.
 Plagiarism is an offence and will

& Policies
result in zero marks.
• Plagiarism policy

Important Rule – Don’t Cheat! (There will


not be a 2nd warning)

11
• The use or presentation of the
work of another person, including

Coursework another student, as your own


work (or as part of your own
work) without acknowledging the
Plagiarism source.
• Plagiarism therefore includes
submitting the work of someone
else as your own.

Plagiarism is an offence and will


bear heavy consequences.

12
Let’s Start
Example: Motive is to secure the bag
Benefits of
Computer • What is the biggest hole or
the weakest point of the
Security security?
Awareness
• Answer. It is us, humans.
• Most of the security breaches
come from uninformed and
untrained persons which give
information to a third party or
publish data in Internet without
knowing the consequences
What is Security ?
• “Security” means different things to different people

• ‘Safety’ or ‘well-founded confidence’

• Protection against threat

• Computer Security
• ‘A computer is secured if you can depend on it and its software to behave as you expect’
• Garfinkel et al., Practical Unix & Internet Security
• Generally: the protection of Computing system (hardware, software, storage, the people
that operate them) and the information that they store and use
What is
Security ?
• Security as a process

• Security is a process, not a state or not


a product

• We can aim to be in a secure state, but we


need to have the process in place to maintain
’Security’

• Security involves
• People
• Process
• Technology
Why Security ?
• Cyberspace (Internet, work environment) is becoming dangerous place for all
organizations/individuals to protect their sensitive data or reputation, Because
• Numerous people and machines are accessing it.
• E.g. Whistleblower: Edward Snowden case
• Hacking tools are available just have to Google.
• Technology at end user has been increased (processing, high speed internet)
• Access to hacking manuals
What should we do?
• Locking down all the networks is not an options.
• Networks should be hardened.
• Applications and Operating systems to provide a reasonable level of safety, plus should have
disaster recovery plan.
Potential
Losses due
to Security
Attacks
• Losing your data
• Bad usage of your computer resources
(overloaded)
• Reputation loss
• Identity theft
• ….
• ….
What to Secure ?
• First, must check the Physical Security by setting control systems
• E.g. motion alarms, door accessing systems, humidity sensors, temperature sensors.
• People having access to computer systems should have their own user id with password
protection.
• Monitors/Displays should be protected by screen saver to hide the information from being
displayed when the user is away or inactive.
• Secure Network i.e., wireless/system, should be password protected.
• Internet equipment as routers to be protected with password.
• Data that we used to store information i.e. financial, or non-financial should be protected by
Encryption.
• Information should be protected in all types of its representation in transmission by
encrypting it.
General
Key points
• Data Encryption
• Virus Protection
• Data Storage
• Secure Data Exchange
• …
• ….
• …
Basic Security
Checklist
• Check with respect to OS
• Password protected ?
• OS should be updated ?
• Antiviruses installed and updated ?
• Identify the unusual services running that consumes resources ?
• Screen Saver ?
• Computer Firewall is on or not ?
• Doing backups regularly ?
• Verify the shared, whether useful or not ?
• Account has full rights or is restricted ?
• Updates of third-party software’s ?
https://www.youtube.com/channel/UC-hMiduFmkdtw1cvKSsM7bQ
End

You might also like