Embed Size (px)
Citation preview
Ministry of Higher Education and Scientific research
Directorate of Quality Assurance and Accreditation خشینبهتی دڵنیایی جۆری و متمانهرایهبهڕێوهبه
KHABAT TECHNICAL INSTITUTE
Department of Information technology
Subject: information security
Course Book – second year
Lecturer's name MSc Younus Ameen Muhammed
Academic Year: 2019/2020
Ministry of Higher Education and Scientific research
Directorate of Quality Assurance and Accreditation خشینبهتی دڵنیایی جۆری و متمانهرایهبهڕێوهبه
Course Book
1. Course name Information security
2. Lecturer in charge Younus Ameen muhammed
3. Department/ College
4. Contact e-mail: [email protected] Tel: 7504724634
5. Time (in hours) per week Theory: 2 Practical: 2
6. Office hours
7. Course code
8. Teacher's academic profile Education: MSc, wireless system, University of kahramanmaras , turkey, 2014 BSc, physics, College of science education Salahaddin University, Kurdistan, Iraq, 2008. School history and details: My first degree is BSC in physics thus I was employed as an assistance physics at Soran University. After 2 years of working in presidency of soran university, IT department . I started my MSC from beginning of 2012 in kahramanmaras University in the turkey and graduated on January 2014. My background MSC is wireless systems. Then I started as assistants lecture in Faculty of Science / Computer Department on June 2014, manager of IT in soran university, Previous work 2009 until 2011, I was assistant physics, the same time I thought practical side of Teaching computer (Computer Sciences, Object Oriented Programming, Databases, Operating System and Internet Programming, Networking). SKILLS Technical: Computer Network, Network Security, basic of programming and web application Languages: mother tongue, English and Arabic
9. Keywords
10. Course overview: Information Security is a comprehensive study of the principles and practices of computer system security including operating system security, network security, software security and web security. Topics include common attacking techniques such as virus, trojan, worms and memory exploits; the formalisms of information security such as the access control and information flow
Ministry of Higher Education and Scientific research
Directorate of Quality Assurance and Accreditation خشینبهتی دڵنیایی جۆری و متمانهرایهبهڕێوهبه
theory; the common security policies such as BLP and Biba model; the basic cryptography, RSA, cryptographic hash function, and password system; the real system implementations, with case study of SE-Linux, and Windows; network intrusion detection; software security theory; web security; legal and ethical issues in computer security. 11. Course objective:
Learning security fundamentals and some historic and modern encryption methods.
Knowing how to protect the computers against viruses via anti-virus programs.
Having good information about firewalls, internet security, viruses and anti-viruses
12. Student's obligation Every week there will be 2 hours theory. The first 10 minutes will be a review of last lectures by asking them some questions. To know how much the students understand the new topic there will be a discussion in terms of questions and answers in the last 10 minutes. Every week there will be 2 hours Practical. The lab will consist mainly of practical exercises. Each step of learning is followed by a practical session
13. Forms of teaching Using white board, Projector, PowerPoint Slides in theoretical lecture, and using computer lab and PCs in practical
14. Assessment scheme
Midterm Exam Activities Annual
Mark Final Exam
Total
Mark
Theory Practical Quizzes,
Seminar Homework,
Reports Absence Posters
40%
Theory Practical
100% 10% 10% 5 5 5 5 35% 25%
20% 20% 60%
15. Student learning outcome:
The student is capable of demonstrating advanced knowledge in the field of cyber and information
security in general and the following particular topics: computer and network security, security
management, incident response, computational and digital forensics, biometrics, privacy, and
security of critical infrastructure.
The students possesses special insight and can demonstrate expertise in information security
technology, digital forensics, or security management, depending on the chosen program track.
The student can demonstrate capabilities to apply knowledge in new areas within cyber and
information security, in particular cloud computer security, security on the Internet of Things (IoT),
and security of blockchain technology applications.
Ministry of Higher Education and Scientific research
Directorate of Quality Assurance and Accreditation خشینبهتی دڵنیایی جۆری و متمانهرایهبهڕێوهبه
16. Course Reading List and References:
▪ Key references:
▪ Useful references
▪ Magazines and review (internet):
17. The Topics: Lecturer's name -An introduction to cryptography.
-Attacks on cryptography.
- what is computer security
- important terms in computer security
-Block cipher and stream cipher.
DES method.
AES method.
Random number generators and unbreakable stream cipher. -Substitution and transposition methods.
-Classical cryptographic methods:
Polybius method.
Monoalphabetic and polyalphabetic.
Caesar cipher
- breaking Polybius, Monoalphabetic and Caesar method. - Modern cryptographic methods:
Hill cipher.
German ADFGVX Cipher.
Affine cipher. -Introduction to public-key cryptography
RSA encryption method.
Elgamal method. -Introduction to Cryptanalysis.
-Steganography:
Introduction to Steganography.
History of Steganography.
Steganography types and methods. -Introduction to computer security :
Viruses
Worms
Lecturer's name ex: (2 hrs)
1
2
3-4
6
7
8-10
11
12
13
14-16
17-19
20-24
Ministry of Higher Education and Scientific research
Directorate of Quality Assurance and Accreditation خشینبهتی دڵنیایی جۆری و متمانهرایهبهڕێوهبه
Trojan hours
Logic bomb
Anti-virus -Wireless Networks:
Wireless protocols.
Wi-Fi.
Intrusion detecting.
Internet security
IP security
Bluetooth security
Router security
-Network Security
Authentication
Confidentiality
Integrity
Non-reputation
Digital Signature
Firewall types and mechanisms.
VPN (Virtual Private Network)
-Project
25-28
29-30
18. Practical Topics (If there is any) Weeks Introduction to cryptography and C++.
Substitution method of cryptography program.
Transposition method of cryptography program. Polybius method of cryptography program.
Monoalphabetic method of cryptography program. Polyalphabetic method of cryptography program.
Caesar cypher method of cryptography program. Hill cypher method of cryptography program.
German ADFGVX Cypher method of cryptography program. Affine cypher method of cryptography program. Elgamal method of cryptography program. Project
1 2-3 4-6 7-9 10-12 13-15 16-17 18-20 21-23 24-25 25-27 28-29 30
19. Examinations: 1. choose the correct answer to complete each sentence:-
1. …………………………… Provide communication security between devices. a) Operating system security b) Security layers c) Software Security c) None of them
2. ……………………… The same key is used by both parties. a) Symmetric key b) Asymmetric key c) public key c) privet key
3. The Data Encryption Standard (DES) is a ……………….. block cipher.
Ministry of Higher Education and Scientific research
Directorate of Quality Assurance and Accreditation خشینبهتی دڵنیایی جۆری و متمانهرایهبهڕێوهبه
a) Symmetric key b) Asymmetric key c) public key c) privet key 4. Is an attack model for cryptanalysis where the attacker has access to both the plaintext,
and its encrypted version? a) Known plain text b) Cipher text-only c) Chosen cipher text c) none of them
2. True or false type of exams:
a) Decryption is one of the most active ways to reach data security in cryptography process. b) Gateway security is critically important and very essay to use. c) Network access control products are similar to firewalls and IPS/IDS in that they allow or disallow
network access.
d) Authorization is the process through which the user asserts his or her identity and the server
validates that identity.
e) IPSec connection requires some communication between the two computers, but this is minimal.
20. Extra notes: Here the lecturer shall write any note or comment that is not covered in this template and he/she wishes to enrich the course book with his/her valuable remarks.
21. Peer review 3la qeojrU3lql$
6*,{e< oe-sftry, . \uP
-/", ^urtt/i''"'/ ;( f-'* -O
n\)o'L1<A^\r
ol;Z"vo
Education and Scientific research
Directorate of Quality Assurance and Accreditation g*"i:al$& s cs -s-r.rr,r!fi .ja;l=9;ojr"4
///// r
