Unit - I Introduction to Computer and Information Security 1.1 Foundations of Computer Security : Definition and Need of computer security, Security Basics : Confidentiality, Intergrity, Availability, Accountability, Non - Repudiation and Reliability. l.2 Risk and Threat Analysis : Assets, Vulnerability, Threas, Risks, Counter measures. 1.3 Threat to Security : Viruses, Phases of Viruses, Types of Virus, Dealing with Viruses, Worms, Trojan Horse, Intruders, Insiders. 1.4 Type of Attacks : Active and Passive attacks, Denial of Service, DDOS, Backdoors and Trapdoors, Sniffing, Spoofing, Man in the Middle, Replay, TCP/IP, Hacking, Encryption attacks. 1.5 Operating system security : Operating system updates : Hotfix, Patch, Service Pack. 1.6 Information, Need and Importance of Information, information classification, criteria for information classification, Security, need of security, Basics principles of information security. Unit - II User Authentication and Access Control 2.1 Identification and Authentication : User name and Password, Guessing password, Password attacks-Piggybacking, Shoulder surfing, Dumpster diving. 2.2 Biometrics : Finger prints, Hand prints, Retina, patterns, Voice patterns, Signature and Writing patterns, Keystrokes. 2.3 Access controls : Definition, Authentication Mechanism, principle-Authentication, Authorization, Audit, Policies : DAC, MAC, RBAC. Unit - III Cryptography 3.1 Introduction : Plain text, Cipher text, Cryptography, Cryptanalysis, Cryptology, Encryption, Decryption. 3.2 Substitution Techniques : Caesar's cipher, Modified Caesar's Cipher, Transposition Techniques : Simple Columnar Transposition. 3.3 Steganography : Procedure 3.4 Symmetric and Asymmetric cryptography : Introduction to Symmetric encryption, DES (Data encryption Standard) algorithm, Asymmetric key cryptography : Digital Signature. Unit - IV Firewall and Intrusion Detection System 4.1 Firewall : Need of Firwall, types of firewall - Packet Filters, Stateful Packet Filters, Application Gateways, Circuit gateways. 4.2 Firewall Policies Configuration, limitations, DMZ. 4.3 Intrusion Detection System : Vulnerability Assement, Misuse detection, Anomaly Detection, Network-Based IDS, Host-Based IDS, Honeypots. Unit - V Network Security, Cyber Laws and Compliance Standards 5.1 Kerberos : Working, AS, TGS, SS 5.2 IP Security - Overview, Protocols - AH, ESP, Modes - transport and Tunnel. 5.3 Email security - SMTP, PEM, PGP. 5.4 Public key infrastructure (PKI) : Introduction, Certificates, Certificate authority, Registration Authority, X.509/PKIX certificate format. 5.5 Cyber Crime : Introduction, Hacking, Digital Forgery, Cyber, Stalking/Harassment, Cyber Pornography, Indentity Theft and Fraud, Cyber terrorism, Cyber Defamation. 5.6 Cyber Laws : Introduction, need Categories : Crime against Individual Government, Property. 5.7 Complaince standards : Implementing and Information Security Management System, ISO 27001, ISO 20000, BS 25999, PCI DSS, ITIL, framework, COBIT framework.
