IT8073-INFORMATION SECURITY Syllabus 2017 Regulation

INFORMATION SECURITY Syllabus 2017 Regulation,IT8073-INFORMATION SECURITY Syllabus 2017 Regulation

IT8073                                     INFORMATION SECURITY                                L T P C                                                                                                                             3 0 0 3

OBJECTIVES:

• To understand the basics of Information Security
• To know the legal, ethical and professional issues in Information Security
• To know the aspects of risk management
• To become aware of various standards in this area
• To know the technological aspects of Information Security

UNIT I INTRODUCTION                                                   9

History, What is Information Security?, Critical Characteristics of Information, NSTISSC Security Model, Components of an Information System, Securing the Components, Balancing Security and Access, The SDLC, The Security SDLC

UNIT II SECURITY INVESTIGATION                               9

Need for Security, Business Needs, Threats, Attacks, Legal, Ethical and Professional Issues – An Overview of Computer Security – Access Control Matrix, Policy-Security policies, Confidentiality policies, Integrity policies and Hybrid policies

UNIT III SECURITY ANALYSIS                                        9

Risk Management: Identifying and Assessing Risk, Assessing and Controlling Risk – Systems: Access Control Mechanisms, Information Flow and Confinement Problem

UNIT IV LOGICAL DESIGN                                             9

Blueprint for Security, Information Security Policy, Standards and Practices, ISO 17799/BS 7799, NIST Models, VISA International Security Model, Design of Security Architecture, Planning for Continuity

UNIT V PHYSICAL DESIGN                                            9

Security Technology, IDS, Scanning and Analysis Tools, Cryptography, Access Control Devices, Physical Security, Security and Personnel

                                                                                                       TOTAL 45 PERIODS

OUTCOMES:

At the end of this course, the students should be able to:

• Discuss the basics of information security
• Illustrate the legal, ethical and professional issues in information security
• Demonstrate the aspects of risk management.
• Become aware of various standards in the Information Security System
• Design and implementation of Security Techniques.

TEXT BOOK:

1. Michael E Whitman and Herbert J Mattord, ―Principles of Information Security, Vikas Publishing House, New Delhi, 2003

REFERENCES

1. Micki Krause, Harold F. Tipton, ― Handbook of Information Security Management, Vol 1-3 CRCPress LLC, 2004.
2. Stuart McClure, Joel Scrambray, George Kurtz, ―Hacking Exposed, Tata McGraw- Hill, 2003
3. Matt Bishop, ― Computer Security Art and Science, Pearson/PHI, 2002.

Print This Post