Course content
1. Introduction to Information Security: Students are introduced to the fundamental concepts and principles of information security. They learn about the importance of information security, the types of threats and vulnerabilities, and the legal and ethical considerations in the field.
2. Network Security: This module focuses on securing computer networks and network infrastructure. Students learn about network protocols, firewalls, intrusion detection systems (IDS), virtual private networks (VPNs), and network security best practices. They also gain hands-on experience in configuring and managing network security devices.
3. System Security: Students study the security measures and techniques to protect computer systems and servers. They learn about operating system security, secure configurations, access controls, and system hardening. They also explore techniques for securing server applications and databases.
4. Application Security: This module focuses on securing software applications and web applications. Students learn about common application vulnerabilities, such as cross-site scripting (XSS), SQL injection, and insecure direct object references. They study secure coding practices, secure software development life cycle (SDLC), and web application firewalls (WAF).
5. Cryptography and Encryption: Students gain an understanding of cryptographic principles and encryption techniques. They learn about symmetric and asymmetric encryption, digital signatures, hash functions, and cryptographic protocols. They also explore the practical implementation and management of encryption algorithms and keys.
6. Risk Assessment and Management: This module focuses on identifying and assessing security risks in an organization. Students learn about risk management frameworks, risk analysis methodologies, and risk mitigation strategies. They gain practical skills in conducting risk assessments and developing risk management plans.
7. Incident Response and Forensics: Students study the procedures and techniques for responding to security incidents and conducting digital forensics investigations. They learn about incident handling processes, evidence collection and preservation, and incident response planning. They also explore the legal and ethical considerations in incident response and forensics.
8. Security Governance and Compliance: This module covers the principles of security governance and the legal and regulatory frameworks governing information security. Students learn about security policies, standards, and guidelines, as well as compliance requirements such as the General Data Protection Regulation (GDPR) and the Payment Card Industry Data Security Standard (PCI DSS).
9. Ethical Hacking and Penetration Testing: Students gain practical skills in ethical hacking and penetration testing. They learn about the tools and techniques used to identify vulnerabilities in systems and networks, and they explore methodologies for conducting controlled and ethical penetration tests.
10. Security Operations and Monitoring: This module focuses on security operations and monitoring. Students learn about security incident management, security information and event management (SIEM), log analysis, and security monitoring tools. They gain practical experience in monitoring and analyzing security events and alerts.
11. Security Auditing and Compliance: Students study the processes and techniques for conducting security audits and compliance assessments. They learn about audit planning, audit techniques, and reporting. They also explore regulatory compliance requirements and industry standards such as ISO 27001.
Assessment
The assessment is done via submission of assignment. There are no written exams.