Information Security Course Specifications

Transcription

1 Assiut University Faculty of Computers & Information Information Systems Department Quality Assurance Unit Information Security Course Specifications Relevant program Department offers the program Department offers the course Academic year Date of specification approval B.Sc. in Computers and Information (Information Systems). Information Systems Information Systems 4th Year 24/9/2012 A. Basic Information 1. Course Title: Information Security 2. Course Code: INF Course hours per week: Lecture Tutorial / Practical Total B. Professional Information 1. Overall aims of the course Upon completing this course the student will have learned, through appropriate classroom and laboratory experiences, the following. Understanding the principles and fundamentals of information and network security with emphasis on: Basic concepts of information and computer network security; classical encryption techniques; modern symmetric encryption techniques; public-key encryption; system and network security tools and network security practice. Comprehensive knowledge, skills and attitudes appropriate for careers in information security. Understanding the organization s policies and processes, thereby reducing the organization s liability due to security failures. The latest advantages of information security. IS Program 4 th Year (2 nd Semester) Page 8-1

2 2. Intended Learning Outcomes (ILOs) of the course a. Knowledge and Understanding On successful completion of the program, graduates should be able to: a1. Identify contemporary issues in information security. a2. Define information security risks. a3. Define the three aspects of information security: services, mechanisms and attacks. a4. Describe cipher principles. a5. Discuss the cryptographic systems. a6. Describe the basic operations and applications of firewalls, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). a7. Discuss the Malicious Software and Antivirus Approaches. a8. Identify the policy and technology trade-offs involved in developing information security systems of adequate quality. b. Intellectual Skills b1. Evaluate classical techniques of information security. b2. Evaluate cryptographic systems algorithms. b3. Identify the impact of different security breaches on Information security. b4. Explain the guidelines and procedures of Information security investigations. b5. Perform comparisons between (methods, techniques...etc) related to information security. b6. Identify countermeasures and review techniques appropriate to the management of information security risks. c. Professional and Practical Skills c1. Institute Information security program management. c2. Perform contingency and disaster planning. c3. Use appropriate programming languages. c4. Implement cryptographic systems algorithms. c5. Implement different ciphers on Software. d. General and Transferable Skills d1. Work in stressful environment and within constraints. d2. Communicate effectively. d3. Demonstrate efficient IT capabilities. d4. Lead and motivate individuals. d5. Manage tasks and resources. IS Program 4 th Year (2 nd Semester) Page 8-2

3 3. Contents No Topic taught 1 Introduction to Information Security. Identification and authentication, authorization rules. 2 Data classification. Different encryption and decryption techniques, different types of ciphers, characteristics of good ciphers, crypt analysis, public key system, single key system and data encryption standards. 3 Threats, safeguards and security objectives, security with some existing systems, security levels. 4 Computer virus protection, privacy and data protection, designing of secure system, models of security, database security, reliability and integrity, sensitive data. 5 Multi- level data security, protection of files, copy protection. No. of hours Lecture Tut/Prac ILOs 6 4 a1-a3, b1, b4-b6, d1- d a1, a2, a4, a5, b1, b2, b5, b6, c2-c4, d1-d5 6 4 a1-a3, a6, b3, b5, b6, c2-c4, d1-d a1, a2, a6-a8, b1, b3- b6, c1, d1-d5 6 4 a1, a2, a8, b5, b6, c1, d1-d5 4. Teaching and Learning Methods 4a. Lectures 4b. Tutorial Exercises 4c. Practical Exercises 5. Student Assessment 5a. Tools Final Exam Mid-Term Exam Class Work 5b. Time Schedule Assessment Week No Final Exam 16 Mid-Term Exam 8 To measure knowledge, understanding, intellectual and professional skills. To measure following up and understanding the studied topics To measure the participation of the student during the tutorial, professional and general skills. IS Program 4 th Year (2 nd Semester) Page 8-3

4 5c. Grading System The students points are calculated through the following point distribution. Assessment Grade % Final Exam 70% Mid-Term Exam 20% Class Work 10% Then, the passing and failing grades are evaluated from the student achievement point X based on the following table. Very Poor Poor Pass Good Very Good Distinguished 0% X < 30% 30% X < 50% 50% X < 65% 65% X < 75% 75% X < 85% 85% X 100% 5d. Formative Assessment Regular quizzes distributed along the whole semester. 6. List of References 6a. Course Notes o Short course notes available at doctor s office. 6b. Required Books (Textbooks) o Stallings, William. "Cryptography and network security: principles and practices", Fourth edition, Prentice-Hall, Inc, c. Recommended Books o Arthur E. Hutt, Douglas B. Hoyt, Seymour Bosworth. "Computer Security Handbook", third edition, John Wiley & Sons, Inc, o Rick Lehtinen. "Computer Security Basics", second edition, O'Reilly Media, Inc, Facilities Required for Teaching and Learning A lecture hall is equipped with a projector and a computer. Tutorial rooms are equipped with projectors and computers. A library. Course Coordinator: Prof. Dr. Yousef B. Mahdy Signature: Date: 24/9/2012 Department Head: Dr. Taysir H. Abdel-Hamid Signature: Date: 24/9/2012 IS Program 4 th Year (2 nd Semester) Page 8-4

5 Criteria Oral Exam Class Work Practical Exam Mid-Term Exam Final Exam Data Collections Case Study Projects Workshops Practical Exercises Tutorial Exercises Lectures Teaching Weeks Student evaluation, course file, exam results Course Name Information Security Course Matrix ILOs Course Code INF423 Teaching and Learning Methods Assessment Tools Course Aims Course Content a s b s c s d s Understanding the principles and fundamentals of information and network security with emphasis on: Basic concepts of information and computer network security; classical encryption techniques; modern symmetric encryption techniques; public-key encryption; system and network security tools and network security practice. Comprehensive knowledge, skills and attitudes appropriate for careers in information security. Understanding the organization s policies and processes, thereby reducing the organization s liability due to security failures. The latest advantages of information security. Introduction to Information Security. Identification and authentication, authorization rules. Data classification. Different encryption and decryption techniques, different types of ciphers, characteristics of good ciphers, crypt analysis, public key system, single key system and data encryption standards. Threats, safeguards and security objectives, security with some existing systems, security levels. Computer virus protection, privacy and data protection, designing of secure system, models of security, database security, reliability and integrity, sensitive data. Multi- level data security, protection of files, copy protection , , 2, 4, , , 2, 6-8 1, 2, 5, 6 3, 5, 6, , , 2, 8 5, Course Coordinator Prof. Dr. Yousef B. Mahdy Signature Department Head Dr. Taysir H. Soliman Signature IS Program 4 th Year (2 nd Semester) Page 8-5