Related Course/s:

Aims & Objectives:

• understanding the nature of security threats to IT systems
• being aware of deficiencies in modern software systems and will understand how to manage the security of computer networks
• being familiar with the tools used by hackers and crackers and be aware of ways of identifying and rectifying security breeches
• understanding how to assess the vulnerability of computing systems
• understanding the role of a programmer in developing secure systems
• being able to collect digital evidence and understand the rules of evidence gathering
• being able to describe and use a number of authentication tools

• Evaluate security of client computers
• Evaluate security of servers
• Perform security audits
• Understand concepts of social engineering
• Use a variety of security related tools
• Identify attacks and mitigate their effects
• Evaluate authentication and encryption systems
• Evaluate physical access threats

Teaching Methods:

Assessment:

Content:

• Overview of Internet Crime and computer security threats.
• Operating System Flaws.
• Introduction to maintaining a Secure System.
• Set up, patch and monitor.
• Tools.
• System logs.
• Firewalls, security: theory, practice, design and implementation.
• Ports scanning, packet sniffing and intrusion detection. 
• Understanding and responding to security alerts.
• Server technologies, risks and policies.
• Vulnerability analysis and Audit, how, what, when and why.
• Security, the role of the programmer.
• Defensive programming.
• Security Models.
• Physical Security.
• Authentication (identity, biometrics and digital signatures).
• Digital Forensics (the rules of evidence).
  

References:

Introduction to Computer Security, Matt Bishop, Addison-Wesley, 2005
Advanced Guide to Linux Networking and Security, Ed Sawicki, Nicholas Wells. Thomson 2006.
Network Defence and Countermeasures: Principles and Practices, Chuck Easttom. Thomson 2006
Computer Security Fundamentals, Chuck Easttom. Thomson 2006