Course content
1. Network Security: Advanced concepts and techniques related to securing computer networks, including network architecture design, firewall implementation, intrusion detection and prevention systems (IDPS), secure VPN connections, and network monitoring and analysis.
2. Operating System Security: In-depth study of securing operating systems (such as Windows, Linux, or macOS) against common threats and vulnerabilities. Topics may include access controls, secure configuration management, patch management, and user authentication mechanisms.
3. Application Security: Advanced techniques for securing software applications and development practices. This may include topics such as secure coding practices, input validation, session management, secure file handling, and encryption/decryption techniques.
4. Cloud Security: Understanding the unique security considerations and challenges in cloud computing environments. Topics may include securing cloud infrastructure, data protection in the cloud, identity and access management, and cloud-specific security controls.
5. Incident Response and Digital Forensics: Techniques for handling and responding to security incidents, including incident detection and analysis, incident response planning, evidence collection and preservation, and digital forensics investigation techniques.
6. Secure Software Development Lifecycle (SDLC): Understanding the security aspects of the software development lifecycle, including secure requirements gathering, threat modeling, secure coding practices, and security testing methodologies.
7. Cryptography and PKI: In-depth study of cryptographic principles and their applications in securing data and communication. Topics may include symmetric and asymmetric encryption, digital signatures, secure key exchange protocols, and Public Key Infrastructure (PKI).
8. Security Risk Assessment and Management: Techniques for identifying and managing security risks within an organization. This may include risk assessment methodologies, risk mitigation strategies, vulnerability management, and security awareness training.
9. Ethical Hacking and Penetration Testing: Advanced concepts and techniques for conducting ethical hacking and penetration testing. Students may learn about advanced penetration testing methodologies, network and web application vulnerabilities, and advanced exploitation techniques.
10. Security Governance and Compliance: Understanding security governance frameworks and compliance with industry regulations and standards. Topics may include security policies and procedures, risk management frameworks, regulatory compliance (e.g., GDPR, PCI DSS), and security audit methodologies.
Assessment
The assessment is done via submission of assignment. There are no written exams.