WITH EFFECT FROM THE ACADEMIC YEAR 2013 - 2014

 

CS 403

INFORMATION SECURITY

(ELECTIVE - II)


Instruction                                                                                                                                                                                          4  Periods per week

Duration of University Examination                                                                                                                                                      3  Hours

University Examination                                                                                                                                                                        75 Marks

Sessional                                                                                                                                                                                            25 Marks

 

UNIT-I

 

Introduction: History, critical characteristics of information, NSTISSC security model, Components of an information system, Securing the components, balancing security and access, The SDLC, The security SDLC Need for Security: Business needs, Threats, Attacks-secure software development

 

UNlT-ll

 

Legal, Ethical and Professional Issues: Law and ethics in information security, relevant U.S laws-international laws and legal bodies, Ethics and information security

 

Risk Management: Overview, Risk Identification, risk assessment, Risk Control strategies, selecting a risk control strategy, Quantitative versus qualitative risk control practices, Risk management discussion points, recommended risk control practices

 

UNIT-lII

 

Planning for Security: Security policy, Standards and practices, Security blue print, Security education, Continuity strategies, Security Technology: Firewalls and VPNs: Physical design, firewalls, protecting remote connections.

 

UNIT-IV

 

Security Technology: Intrusion detection, Access control and other security tools:

 

Intrusion detection and prevention systems, Scanning and analysis tools, Access control devices.

 

Cryptography: Foundations of cryptology, cipher methods, crypryptographic Algorithms, Cryptographic tools, Protocols for secure communications, Attacks on cryptosystems

152

UNIT-V

 

Implementing Information Security: information security project management, technical topics of implementation, Non- technical aspects of implementation, Security certification and accreditation Security and Personnel: Positioning and staffing security function, Employment policies and practices, internal control strategies. Information security Maintenance: Security management models. The maintenance model, Digital forensics

 

Suggesting Reading:

 

1.         Michael E. Whitman and Hebert J Mattord, Principles of Information Security, 4th editionEd. Cengage Learning 2011

 

2.         Thomas R Peltier, Justing Peltier, John Blackley, Information Security. Fundamentals, Auerbacj Publications 2010

 

3.         Detmar W Straub, Seymor Goodman, Richard L Baskerville,

Information Security. Policy Proceses and Practices, PHI 2008.

 

4.         Marks Merkow and Jim Breithaupt, Information Security. Principle and Practices, Pearson Education, 2007.


Articles View Hits
13009647
   Tue, 11-Feb-2020, 10:58 PMINFORMATION SECURITY.
Powered by Joomla 1.7 Templates
Developed by MVSREC