This course presents students with the theoretical and practical features of information security, ethics and legal aspects as it relates to data and information in organisations. It covers security fundamentals like cryptography, ciphers and message hashes. It also examines policies related to ethics and enterprise security, privacy legislation and the threats to security and privacy faced by organizations. Students in pursuit of careers in IT security, IT consulting or IT management will benefit from this course. This course will be delivered using a combination of interactive lectures, online and face-to-face discussions and laboratories.
On successful completion of this course, students will be able to:
· Explain the concept and role of information technology monitoring
· Explain the concepts of identity theft, phishing, content filtering, encryption and firewalls
· Identify and explain the difference between authorization and authentication
· Categorize security threats to e-Business
· Distinguish ethical from legal issues as they relate to information within the organization
· Distinguish information security policies from information security plans
· Evaluate different monitoring technologies
· Evaluate the security of an e-commerce/e-business website, a game or a mobile application
· Create e-Policies that address ethical use of information and devices in the business environment
· Create an information security plan.
IT managers; IT team leaders; Application developers; Web Application Developers; Network Adminstrators; Systems Administrators; Software Quality Assurance Analysts; Application Security Analysts; Computer Science/ IT graduates interested in a career in software and system security
In today’s electronic environment, security of assets is becoming increasingly important as businesses and consumers become more dependent on complex systems that span multiple companies and countries. Therefore in this course students will gain deep insight into the policies, law and technologies that surround privacy and security in businesses. They will develop the knowledge and skills required to make important policy and implementation decisions that take into account security, privacy and ethical issues. Upon successful completion it is anticipated that students will be highly information literate, creative thinkers that are capable of defining innovative solutions that address organisational security challenges.
The following topics/concepts/theories/issues will be addressed:
· Security fundamentals
o Cryptography, block and stream ciphers
o DES, RSA
o MAC, message hashes,
o Public/private key, secret keys
o PGP, X.509, SSL, IPsec, secure e-mail · Information-related ethics.
o Deterring unethical and illegal behaviour
o Ethics and education
o Professional organizations and their code of ethics · ePolicies: Enterprise security policies; Issue-specific policies; system-specific policies; effective policy guidelines · Information technology monitoring systems.
o Intrusion detection systems
o Firewalls
o Remote access protection
o Wireless Networking Protection · Information and system security planning.
o Key distribution and recovery and Trusted Third Parties
o Digital signatures and certificates
· Information and system security threats.
o Viruses, virus protection, worms, Trojan horses, Adware, Spyware, firewalls, software patches o Operating system and web application vulnerabilities; attacks
o Network security, Web application and operating system security
There are no specific requirements to be eligible to enroll is this course.
This course is delivered using a combination of interactive lectures, online and face-to-face discussions and laboratories. Students are required to read preparatory material and complete assigned homework given by the lecturer and be prepared to participate in discussions. Laboratory sessions will be used to provide students with the opportunity apply theory to practice. Students are expected to prepare assigned exercises prior to arriving at the laboratory.
Credit Hours Five (5) hours of lectures and two (2) hours of labs each week for eight (8) weeks.
