|Description||This course aims to provide a managerial perspective of contemporary issues in computer and network security, including an assessment of state-of-the-art approaches used to address security problems and their integration with organizational/informational systems audit, computer information systems, and management practices. Upon completing the course, students should have a practical understanding of how to design, implement, and maintain a network security plan that successfully defends a network from malicious or accidental intrusion. 3 Hours,|
|Learning Goals||Oral communication skills:
o Written communication skills:
o Technological skills:
o Ethical decision-making:
o Global awareness:
An Overview of Cybersecurity.
Risks; threats; vulnerabilities.
A TCP/IP Primer.
The TCP/IP Model; IP addressing; ICMP.
Viruses; worms; rootkits.
DOS; shellcode; SQL injection; man-in-the-middle.
Click fraud; phishing; pharming; spyware/malware.
Frameworks and Standards.
NIST Cybersecurity Framework; Zachmann; ISO27001/2; COBIT.
Lab-I: Types of Attack. UDP floods; network scanning; password crackers.
Lab-II: Forensics-I. Intrusion detection; packet sniffing.
Lab-III: Forensics-II. Advanced packet sniffing.
Lab-IV: Security Fundamentals. Firewalls; security policies; authentication.
Security Plan-I: Assessing Threats. Understanding the organizations primary risks.
Security Plan-II: Devising Solutions. Implementing policies.
Security Plan-III: Penetration Testing. Assessing the veracity of the security plan.