CS880 - Information Security Fundamentals
TIMETABLE | TEACHING MATERIAL |
Credits | 10 |
Level | 5 |
Semester | Semester 1 |
Availability | |
Prerequisites | |
Learning Activities Breakdown | |
Items of Assessment | 2 |
Assessment | 40% Coursework, 60% Exam |
Lecturer | Pejman Saeghe |
Aims and Objectives
Learning Outcomes
Learning Objectives:
- To articulate the meaning of information security, key associated concepts, their relationships, and how they apply to a given organisation.
- To explain how access control can be used, in combination with authentication and encryption, to meet information security requirements, taking into consideration the context of an organisation and known exploits.
- To know how information security should be explicitly managed in accordance with international standards and regulation.
- To understand the importance of risk management for effective information security, and how to select and apply standard industry techniques to manage information security risks within the context of their organisation.
- To be confident with the fundamental practicalities of networking and cryptography.
Transferable skills:
- to confidently articulate and contextualise concepts
- to utilise tools to automate tasks
Syllabus
The first aim of this module is to act as an introduction to information security by introducing key concepts, such as vulnerability, threat, attack and exploit, control, risk, risk landscape, residual risk, and their relationships; the main security mechanisms, access control and cryptography; and the organisational context within which information security activities take place, covering aspects such as information security culture, the role of policy and standards, the business environment, and business resilience. The second aim of this module is to prepare students with practical experience of a typical networking setup involving Linux VMs that will prepare students with core skills that enabled them to better tackle more advanced security problems in the second semester. Finally, students will be able to position technical knowledge acquired in a regulatory and legal context within which organisations operate
Recommended Reading
This list is indicative only – the class lecturer may recommend alternative reading material. Please do not purchase any of the reading material listed below until you have confirmed with the class lecturer that it will be used for this class.
- W. Stallings and L. Brown, 2018, Computer Security: Principles and Practice, 4th eds., Pearson.
- C.P. Pfleeger, S.L. Pfleeger and J. Margulies, 2015, Security in Computing, 5th eds., Prentice Hall.
- Ross Anderson. Security Engineering third edition. 2021.
- Paul C. van Oorschot: Computer Security and the Internet - Tools and Jewels from Malware to Bitcoin, Second Edition. Information Security and Cryptography, Springer 2021, ISBN 978-3-030-83410-4
Last updated: 2024-07-18 15:13:27