Course info

On completion of the course, students should be able to:

1. Identify and describe common security vulnerabilities
2. Identify and describe different types of attack on computers
3. Recommend security tools and procedures to protect against specific types of attack
4. Describe the nature of malware, how it may be identified and the attack mitigated
5. Explain the distinction between different types of cryptography and identify common algorithms that are weak and strong
6. Describe the use of cryptography in certification and authentication

Outline Syllabus

Introduction:

• Principles of security and privacy, introduction to the different types of computer attack
• Common security policies, techniques and tools:
• Good administrative procedures for computer systems. Data security (e.g. good backup policy).
• Combating social engineering. Tools for identifying system vulnerabilities. Monitoring for break-ins. Recovering from a break-in.

Overview of Encryption:

• Applications of encryption to computer security. Types of encryption algorithms.
• Examples of encryption algorithms commonly used.

User Authentication:

• Methods of user authentication. One way functions and MD5., Biometric access control (e.g. fingerprint, iris etc.). Other techniques (e.g. smartcard).

Protecting passwords from attack:

• Good and bad passwords. Methods to crack passwords and policies/techniques to reduce the problem.

Malicious software:

• History. Classification. How viruses spread. Identifying malware.
• Antivirus software.

Risk analysis:

• Analysis of risk. Steps in risk analysis. Using risk analysis to select new controls.