Part A
Introduction to Information System, classification and components of information system, Computer Security Concepts, CIA (Confidentiality, integrity and availability),Security Functional Requirements.[CO1] [CO2]
User Authentication: Means of Authentication, Password-Based Authentication, Token-Based Authentication, Biometric Authentication, Remote User Authentication, Security Issues for User Authentication. [CO2]
Access Control: Access Control Principles, Subjects, Objects, and Access Rights, Discretionary Access Control, File Access Control, Role-Based Access Control.
Database Security: The Need for Database Security, Database Access Control, Database Encryption.
Malicious Software: Types of Malicious Software (Malware)-Viruses, Worms,SPAM E-mail, Trojans, Zombie, Bots, Keyloggers, Phishing, Spyware, Backdoors, Rootkits, Preventive Measures.Denial-of-Service Attacks: Types of DoS attacks, Defenses Against Denial-of-Service Attacks.
Part B
Intrusion Detection: Intruders, Intrusion Detection, Host-Based Intrusion Detection, Distributed Host-Based Intrusion Detection, Network-Based Intrusion Detection, Honeypots. [CO3]
Firewalls & Intrusion Prevention Systems: The Need for Firewalls, Firewall Characteristics, Types of Firewalls, Firewall Basing, Intrusion Prevention Systems.
Cryptographic Algorithms: Symmetric Encryption Principles, Data Encryption Standards (DES) [CO4]
Introduction to Internet Security Protocols & Standards: SSL, TLS, HTTPS, IPv4 and IPv6 Security protocols.
Security Policies and Cyber Laws: Concept of Information Security Policy, ISO Standards, various Indian Cyber Laws, Information Technology Act 2000, Electronic Record and E-Governance, Classification and Provisions of Cyber Crimes, Regulation of Certifying Authorities, Patent, Copyright, Digital signature, Introduction to Cyberspace. [CO5]