Sunday, September 29, 2019
Information Security and Management Syllabus Essay
Confidentiality and Security, Security Policy and Operations Life Cycle, Security System Development and Operations Secure Networking Threats The Attack Process. Attacker Types. Vulnerability Types. Attack Results. Attack Taxonomy. Threats to Security: Physical security, Biometric systems, monitoring controls, and Data security and intrusion and detection systems. Encryption Techniques Conventional techniques, Modern techniques, DES, DES chaining, Triple DES, RSA algorithm, Key management. Message Authentication and Hash Algorithm, Authentication requirements and functions secure Hash Algorithm, Message digest algorithm, digital signatures. AES Algorithms. Designing Secure Networks Components of a Hardening Strategy. Network Devices. Host Operating Systems. Applications. Appliance-Based Network Services. Rogue Device Detection, Network Security Technologies The Difficulties of Secure Networking. Security Technologies. Emerging Security Technologies General Design Considerations, Layer 2 Security Considerations. IP Addressing Design Considerations. ICMP Design Considerations. Routing Considerations. Transport Protocol Design Considerations. Network Security Platform Options Network Security Platform Options. Network Security Device Best Practices, Common Application Design Considerations. E-Mail. DNS. HTTP/HTTPS. FTP. Instant Messaging. IPsec VPN Design Considerations VPN Basics. Types of IPsec VPNs. IPsec Modes of Operation and Security Options. Topology Considerations. Design Considerations. Site-to-Site Deployment Examples. Secure Network Management and Network Security Management Organizational Realities. Protocol Capabilities. Tool Capabilities. Secure Management Design Options. Network Security Management, Firewalls, Trusted systems, IT act and cyber laws. Text Books: 1. Sean Convery, Ã¢â¬Å" Network Security Architectures, Published by Cisco Press, First Ed. 2004 2. William Stalling Ã¢â¬Å"Cryptography and Network SecurityÃ¢â¬ Fourth Ed. , Prentice Hall, 2006 Reference Books: 1. Charles P. Pfleeger, Shari Lawrence Pfleeger, Ã¢â¬Å"Security in ComputingÃ¢â¬ 3rd Edition, Prentice Hall, 2003 2. Jeff Crume Ã¢â¬Å"Inside Internet SecurityÃ¢â¬ Addison Wesley, 2003 ISM 184 INFORMATION SECURITY POLICIES IN INDUSTRY L T/P C 3 1 4 Introduction to Information Security Policies About Policies Ã¢â¬â why Policies are Important Ã¢â¬â When policies should be developed Ã¢â¬â How Policy should be developed Ã¢â¬â Policy needs Ã¢â¬â Identify what and from whom it is being protected Ã¢â¬â Data security consideration Ã¢â¬â Backups, Archival storage and disposal of data Ã¢â¬â Intellectual Property rights and Policies Ã¢â¬â Incident Response and Forensics Ã¢â¬â Management Responsibilities Ã¢â¬â Role of Information Security Department Ã¢â¬â Security Management and Law Enforcement Ã¢â¬â Security awareness training and support . The student will have to present the progress of the work through seminars and progress report. A report must be submitted to the University for evaluation purpose at the end of the semester in a specified format. ISM481 THESISL T/P C 0 0 16 The student will submit a synopsis at the beginning of the semester for the approval from the project committee in a specified format. Synopsis must be submitted within two weeks. The first defense, for the dissertation work, should be held with in two months time. Dissertation Report must be submitted in a specified format to the project committee for evaluation purpose at the end of semester.