Computer Information Security

Course Description

CSC4003 Computer and Information Security [3]. An advanced study of computer and information security. Topics include threats, vulnerabilities, and associated response mechanisms used to protect an organization. Hardware and software solutions are presented with security-related models, principles, and concepts for analyzing and implementing organizational security programs. This course includes hands-on lab experience using current tools for analysis, monitoring and testing.

Prerequisite: CSC3013 Computer Networks and Telecommunications.

Topic: Foundations of Information Security

  • Role and purpose of computer and network security
  • Security goals: confidentiality, integrity, availability triad
  • Security standards and policies
  • Security mindset
  • Defense in depth
  • Common threats: worms, viruses, trojans, denial of service
  • Risk assessment and cost-benefit analyses
  • Security versus usability, time, and/or money tradeoffs
Learning Objectives:
  1. Explain the objectives of information security
  2. Analyze the tradeoffs inherent in security
  3. Explain the importance and application of each of confidentiality, integrity, and availability
  4. Understand the basic categories of threats to computers and networks
  5. Discuss issues for creating security policy for a large organization
  6. Defend the need for protection and security, and the role of ethical considerations in computer use
  7. Add a very simple risk-assessment learning outcome here
Topic revision: r4 - 2013-10-24 - RobertKasper
 
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback