RP Tip Print New

Lovely Professional University, Punjab
Course Code Course Title Course Planner Lectures Tutorials Practicals Credits
INT407 INFORMATION SECURITY AND PRIVACY 17783::Komal Arora 3 0 0 3
Course Weightage ATT: 5 CA: 25 MTT: 20 ETT: 50 Exam Category: 55: Mid Term Exam: All Subjective – End Term Exam: All
Subjective
Course Orientation KNOWLEDGE ENHANCEMENT, RESEARCH
Course Outcomes :Through this course students should be able to
CO1 :: Describe basics of information security & privacy and step wise implementing controls for it
CO2 :: Apply safeguards to protect the organisation's information resources from theft, abuse, misuse and any form of damage
CO3 :: Apply methods and techniques of activity planning and risk assessment on security projects
CO4 :: Analyze the progress of security project using monitoring and controlling tools
TextBooks ( T )
Sr No Title Author Publisher Name
T-1 INFORMATION SYSTEMS NINA GODOLE WILEY
SECURITY WILEY
PUBLICATIONS
Reference Books ( R )
Sr No Title Author Publisher Name
R-1 NETWORK SECURITY: THE BRAGG, MCGRAW HILL EDUCATION
COMPLETE REFERENCE
ROBERTA: TATAMCGRAW HILL
R-2 CRYPTOGRAPHY & NETWORK ATUL KAHATE MCGRAW HILL EDUCATION
SECURITY
Relevant Websites ( RW )
Sr No (Web address) (only if relevant to the course) Salient Features
RW-1 csc.columbusstate.edu/summers/NOTES/6126/notes/6126-ch3.ppt program security
RW-2 http://www.infosec.gov.hk/english/technical/files/overview.pdf security standards
RW-3 https://www.cs.utexas.edu/~byoung/cs361/lecture14.pdf covert channel
RW-4 http://calstate.edu/icsuam/sections/8000/8065_FINAL_DRAFT_Data_Classification_C information classification

W_V4.pdf
RW-5 www.ijicic.org/ijicic-ksi-13.pdf biometric systems
An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
RW-6 csrc.nist.gov/publications/nistbul/Jan2010_securitymetrics.pdf Security metrics and trusted system
RW-7 http://www2.imm.dtu.dk/courses/02230/lect02.pdf Computer Security and Information Assurance
RW-8 Security features of Trusted OS csc.columbusstate.edu/summers/NOTES/6126/notes/6126-ch5.ppt
LTP week distribution: (LTP Weeks)

Weeks before MTE 7
Weeks After MTE 7
Spill Over (Lecture)
Detailed Plan For Lectures

Week Lecture Broad Topic(Sub Topic) Chapters/Sections of Other Readings, Lecture Description Learning Outcomes Pedagogical Tool Live Examples
Number Number Text/reference Relevant Websites, Demonstration/
books Audio Visual Aids, Case Study /
software and Virtual Images /
Labs animation / ppt
etc. Planned
Week 1 Lecture 1 Information Systems T-1 Zero Lecture on Student will get to Demonstration
(Information system security R-1 Information Security know about the scope Talk about Wiki
& threats) R-2 and need of the Leaks and other
subject security leaks
and how the
world is affected
by it?
Lecture 2 Information Systems T-1 L2: Student will be more Demonstration
(meaning and importance of Discussion about explored about
information systems) Meaning and information
importance of systems and their use
information systems in today world of IT
Lecture 3 Information Systems T-1 L3: Student will be more Demonstration

(information security and Information security and explored about
privacy threat) privacy, discussion information
about different types of systems and their use
threats in today world of IT
Week 2 Lecture 4 Building Blocks of T-1 L4: Discussion about Students will learn Demonstration Demonstration
Information Security Principles, Terms, Three the importance of through example
(principles, terms and three Pillars of information various rules about how many
pillars of information security,Information associated with factor may lead
security) classification: Need and information security to
Types and privacy along another and how
L5: with risk assessment , whole system
Risk Analysis basics, management and can
Role of Risk Analysis in information collapse form
Information and classification security point of
Security view
Building Blocks of T-1 L4: Discussion about Students will learn Demonstration Demonstration
Information Security(risk Principles, Terms, Three the importance of through example
management & risk Pillars of information various rules about how many
analysis) security,Information associated with factor may lead
classification: Need and information security to
Security view
Lecture 5 Building Blocks of T-1 L4: Discussion about Students will learn Demonstration Demonstration
Information Security Principles, Terms, Three the importance of through example
(principles, terms and three Pillars of information various rules about how many
pillars of information security,Information associated with factor may lead
security) classification: Need and information security to
Security view
Building Blocks of T-1 L4: Discussion about Students will learn Demonstration Demonstration
Information Security(risk Principles, Terms, Three the importance of through example
management & risk Pillars of information various rules about how many
analysis) security,Information associated with factor may lead
classification: Need and information security to
Security view
Week 2 Lecture 6 Building Blocks of T-1 L6:Risk management Students will learn Demonstration Demonstration
Information Security and the importance of through example
(information classification) Types: Qualitative and various rules about how many
Quantitative Risk associated with factor may lead
Analysis information security to
L7: and privacy along another and how
Approaches and with risk assessment , whole system
Considerations for Risk management and can
Analysis and discussion information collapse form
about the effectiveness classification security point of
of these approaches and view
information
classification
Building Blocks of T-1 L6:Risk management Students will learn Demonstration Demonstration
(approaches and Types: Qualitative and various rules about how many
considerations for risk Quantitative Risk associated with factor may lead
analysis) Analysis information security to
information
classification
(information classification) Types: Qualitative and various rules about how many
Quantitative Risk associated with factor may lead
Analysis information security to
information
classification
(approaches and Types: Qualitative and various rules about how many
considerations for risk Quantitative Risk associated with factor may lead
analysis) Analysis information security to
information
classification
Lecture 8 Threats(new technologies T-1 L8: Discussion about Student will learn Discussion live example of
open door threats) new technologies, Open about the Trojans, worms
Door Threats, Level of various threats which and viruses
Threats,Information we may face any time
Level in any type of I.T.
Threats and Network based
Level organization
Threats and Attacks
Threats(level of threats: T-1 L8: Discussion about Student will learn Discussion live example of
information, network Level) new technologies, Open about the Trojans, worms
Door Threats, Level of various threats which and viruses
Threats,Information we may face any time
Level in any type of I.T.
Threats and Network based
Level organization
Threats and Attacks
Lecture 9 Threats(classifications of T-1 RW-4 L9: Classification of Student will learn Discussion live example of
threats and assessing Threats based on the about the Trojans, worms
damages) threat level,Assessing various threats which and viruses
Damages from different we may face any time
types of threats in any type of I.T.
based
organization
Week 4 Lecture 10 Program security(overview RW-1 Outline of Program Purpose of Defining Discussion
of program security) RW-7 Security with examples & Testing secure
and various program and
programming flaws Understanding
Taxonomy of
program flaws
Program security(types of RW-1 Outline of Program Purpose of Defining Discussion
flaws) RW-7 Security with examples & Testing secure
and various program and
programming flaws Understanding
Taxonomy of
program flaws
Week 4 Lecture 11 Program security(viruses RW-1 Study of various viruses Understanding how Demonstration
and other malicious code) RW-7 and other malicious Malicious code or
code rogue pgm is written
to exploit flaws in
programs
Lecture 12 Program security(covert RW-1 L12:Controls against Definition and Discussion

channels) RW-3 program threats examples of covert
L13:Covert channels channels and controls
against program
threats
Week 5 Lecture 13 Program security(controls RW-1 L12:Controls against Definition and Discussion
against program threats) RW-7 program threats examples of covert
against program
threats
Lecture 14 Program security(controls RW-1 L12:Controls against Definition and Discussion
against program threats) RW-7 program threats examples of covert
against program
threats
Lecture 15 Biometrics Controls for T-1 RW-5 L15:Need of access Students will learn Demonstration Google Data
Security(access control, user control at different about controlling the Center Security
identification & levels access at
authentication) L16:Methods for the physical
implementing physical level,User
access control in Identification,Authen
organization tica
tion techniques and
need
,The various factors
which make
biometrics a
successful technology
in
the area of
identification
and authorizations
Week 5 Lecture 15 Biometrics Controls for T-1 RW-5 L15:Need of access Students will learn Demonstration Google Data
Security(biometric control at different about controlling the Center Security
techniques) levels access at
L16:Methods for the physical
organization tica
tion techniques and
need
which make
biometrics a
in
the area of
identification
and authorizations
Week 6 Lecture 16 Biometrics Controls for T-1 RW-5 L15:Need of access Students will learn Demonstration Google Data
Security(access control, user control at different about controlling the Center Security
identification & levels access at
authentication) L16:Methods for the physical
organization tica
tion techniques and
need
which make
biometrics a
in
the area of
identification
and authorizations
Biometrics Controls for T-1 RW-5 L15:Need of access Students will learn Demonstration Google Data
Security(biometric control at different about controlling the Center Security
techniques) levels access at
L16:Methods for the physical
organization tica
tion techniques and
need
which make
biometrics a
in
the area of
identification
and authorizations
Week 6 Lecture 17 Biometrics Controls for T-1 RW-5 L17:Discussion about Students will learn Demonstration Google Data
Security(face recognition different biometric about controlling the Center Security
and related issues) techniques for access access at
control and protection the physical
L18:Discussion about level,User
the corresponding Identification,Authen
advantages and tica
disadvantages of each tion techniques and
biometric access control need
technique and ,The various factors
Limitations of which make
using biometric based biometrics a
access control methods. successful technology
in
the area of
identification
and authorizations
Biometrics Controls for T-1 RW-5 L17:Discussion about Students will learn Demonstration Google Data
Security(advanced minutiae different biometric about controlling the Center Security
based algo) techniques for access access at
advantages and tica
in
the area of
identification
and authorizations
Lecture 18 Biometrics Controls for T-1 RW-5 L17:Discussion about Students will learn Demonstration Google Data
Security(face recognition different biometric about controlling the Center Security
and related issues) techniques for access access at
advantages and tica
in
the area of
identification
and authorizations
Week 6 Lecture 18 Biometrics Controls for T-1 RW-5 L17:Discussion about Students will learn Demonstration Google Data
Security(advanced minutiae different biometric about controlling the Center Security
based algo) techniques for access access at
advantages and tica
in
the area of
identification
and authorizations
Week 7 Lecture 19 Biometrics Controls for RW-5 L19: Challenges which Students will learn Demonstration Google Data
Security(key success are faced while about controlling the Center Security
factors) implementing biometric access at
based access control the physical
methods and Future level,User
biometric s Identification,Authen
tica
tion techniques and
need
which make
biometrics a
in
the area of
identification
and authorizations
SPILL OVER
Week 7 Lecture 21 Spill Over
MID-TERM
Week 8 Lecture 22 Security standards and T-1 RW-2 ISO 27001 security models for Discussion
policies(intro to ISO 27001. COBIT,SSECMM information
COBIT, SSE-CMM) Methodologies for protection
Information System ISO 27001
Security design and COBIT,SSECMM,M
implementation et
hodologies for
Information System
Security
Week 8 Lecture 23 Security standards and T-1 RW-2 Policy and its role in To understand how Discussion
policies(policies and their providing secure IT Policy and its role in
elements) infrastructure providing secure IT
infrastructure
Lecture 24 Security standards and T-1 RW-2 Security Models Student will get to Discussion
policies(HIPAA security and Frameworks related know about
guidelines) to designing a security terminology related
oriented infrastructure to
security models for
information
protection
Week 9 Lecture 25 Security standards and T-1 RW-2 Security Models Student will get to Discussion
policies(methodologies for and Frameworks related know about
information system to designing a security terminology related
security.: IAM, IEM, oriented infrastructure to
SIPES.) security models for
information
protection
IAM, IEM, SIPES
methodologies for
Information System
Security,Terminology
related to security
models for
information
protection
Lecture 26 Security standards and T-1 RW-2 Security Models Student will get to Discussion
policies(methodologies for and Frameworks related know about
information system to designing a security terminology related
security.: IAM, IEM, oriented infrastructure to
SIPES.) security models for
information
protection
IAM, IEM, SIPES
methodologies for
Information System
Security,Terminology
related to security
models for
information
protection
Week 9 Lecture 27 Security metrics and trusted RW-6 L28: Introduction and Student will get to Demonstration
system(Security matrix) discussion about know about need and
Security matrix basics of
Classification L29: Role security
of security metric in metrics,Classification
assessing the of security
effectiveness of security metrics,Privacy
infrastructure concerns with
business
transactions
Week 10 Lecture 28 Security metrics and trusted RW-6 L28: Introduction and Student will get to Demonstration
system(Security matrix) discussion about know about need and
business
transactions
Security metrics and trusted T-1 RW-6 L28: Introduction and Student will get to Demonstration
system(Classification) discussion about know about need and
business
transactions
Lecture 29 Security metrics and trusted T-1 RW-6 L28: Introduction and Student will get to Demonstration
system(Classification) discussion about know about need and
business
transactions
Lecture 30 Security metrics and trusted T-1 L30: Security Models Need and Demonstration
system(Privacy vs security) and basics of
standards and discussion security
about different types of metrics,Classification
security models. L31: of security
Discussion about the metrics,Privacy
security models concerns with
business
transactions
Week 10 Lecture 30 Security metrics and trusted T-1 L30: Security Models Need and Demonstration
system(Security Models) and basics of
business
transactions
Week 11 Lecture 31 Security metrics and trusted T-1 L30: Security Models Need and Demonstration
system(Privacy vs security) and basics of
business
transactions
Security metrics and trusted T-1 L30: Security Models Need and Demonstration
system(Security Models) and basics of
business
transactions
Lecture 32 Security metrics and trusted RW-8 Discuss trusted system Understanding that Demonstration
system(Trusted OS Design that incorporate what makes an
and Principles) technology to address operating system
both features and “secure” Or
assurance “trustworthy"
Lecture 33 Security metrics and trusted RW-8 L33: Models of Security Understanding how Discussion
system(Security features of L34:Trusted OS Design kernel security is
Trusted OS) and Security Kernel responsible for
L35: Trusted Computing enforcing security
Base mechanisms of the
entire OS and
security features of
Trusted OS
Week 12 Lecture 34 Security metrics and trusted RW-8 L33: Models of Security Understanding how Discussion
entire OS and
Trusted OS
Lecture 35 Security metrics and trusted RW-8 L33: Models of Security Understanding how Discussion
entire OS and
Trusted OS
Lecture 36 Privacy Technological T-1 Impact of Students will learn Demonstration and
Impacts(Impact of information technology about the impact of discussion
information technology on on privacy of an information
privacy of an individual) individual and privacy technology on
related privacy of an
incidents in the past individual, Affect of
where individual web technologies on
information was stolen privacy
and used inappropriately
Week 13 Lecture 37 Privacy Technological T-1 Impact of Students will learn Demonstration and
Impacts(Impact of information technology about the impact of discussion
information technology on on privacy of an information
privacy of an individual) individual and privacy technology on
related privacy of an
incidents in the past individual, Affect of
where individual web technologies on
information was stolen privacy
and used inappropriately
Lecture 38 Privacy Technological T-1 Internet related Students will learn Discussion
Impacts(Affect of web R-1 privacy issues and how about the impact of
technologies on privacy) R-2 these can be tackled to information
protect individual technology on
privacy and Discussion privacy of an
about individual, Affect of
Blackberry and Apple web technologies on
phone related privacy privacy,
issues
Week 13 Lecture 39 Privacy Technological T-1 Affect of web Affect of Demonstration
Impacts(RFID related R-1 technologies on privacy web technologies on
privacy issues) R-2 and RFID working and privacy,RFID related
privacy related issues privacy issues,
Internet related
privacy issues
Week 14 Lecture 40 Privacy Technological T-1 Internet related Students will learn Demonstration
Impacts(Internet related privacy issues and how about the impact of
privacy issues) these can be tackled to information
protect individual technology on
privacy privacy of an
individual, Affect of
web technologies on
privacy,
SPILL OVER
Lecture 44 Spill Over
Lecture 45 Spill Over
Scheme for CA:
CA Category of this Course Code is:A0203 (2 best out of 3)
Component Weightage (%) Mapped CO(s)

Term paper 50 CO1, CO2,
CO3, CO4
Test 50 CO1, CO2
Test - Code based 50 CO3, CO4
Details of Academic Task(s)
Academic Task Objective Detail of Academic Task Nature of Academic Academic Task Marks Allottment /
Task Mode submission
(group/individuals) Week
Term paper To give students a A topic will be chosen by students and research will be conducted Individual Online 30 3 / 12
team work problem to gain new insights in the field of information security. 30 marks (
to gather data, Mid Term report- 5 marks, End Term report- 15 marks , Viva
conduct research and /presentation- 10 marks)
produce meaningful
results.
Test To test the The syllabus of test1 will be from lecture 1 to lecture 12. Test will Individual Offline 30 4/5
knowledge of the consist of descriptive as well as analytical questions.
student related to the
subject for CA
Test - Code based To check the The syllabus of test2 will be from lecture 13 to lecture 27. Test will Individual Offline 30 8 / 10
understanding as consist of descriptive as well as analytical questions
well as performance
of the students based
upon the concepts
taught
List of suggested topics for term paper[at least 15] (Student to spend about 15 hrs on any one specified term paper)
Sr. No. Topic

1 Mobile Devices and Wireless security
2 Black Hat Hacking
3 Trojan Horse
4 Worms
5 Security Audit
6 Spoofing
7 Social Engineering
8 Mobile spoofing
9 Steganography
10 OWASP
11 Network Sniffing
12 BCP
13 DRP
14 Analysis of data packets
15 Authentication and Authorization
16 DOS and DDOS Attacks

RP Tip Print New

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

RP Tip Print New

Загружено:

Авторское право:

Доступные форматы

Lovely Professional University, Punjab

Course Outcomes :Through this course students should be able to

RW-2 http://www.infosec.gov.hk/english/technical/files/overview.pdf security standards

RW-3 https://www.cs.utexas.edu/~byoung/cs361/lecture14.pdf covert channel

RW-4 http://calstate.edu/icsuam/sections/8000/8065_FINAL_DRAFT_Data_Classification_C information classification

RW-7 http://www2.imm.dtu.dk/courses/02230/lect02.pdf Computer Security and Information Assurance

RW-8 Security features of Trusted OS csc.columbusstate.edu/summers/NOTES/6126/notes/6126-ch5.ppt

LTP week distribution: (LTP Weeks)

Detailed Plan For Lectures

Lecture 3 Information Systems T-1 L3: Student will be more Demonstration

Lecture 12 Program security(covert RW-1 L12:Controls against Definition and Discussion

Scheme for CA:

CA Category of this Course Code is:A0203 (2 best out of 3)

Component Weightage (%) Mapped CO(s)

Details of Academic Task(s)

Sr. No. Topic

Вам также может понравиться