Introduction to computer security including formal models of security, security goals and fundamentals (confidentiality, integrity, availability, etc.), introduction to risk assessment and management, security standards in government and industry (e.g., Common Criteria, Orange Book, etc.), corporate and institutional security policies, evaluation process and levels, computer system protection principles, access controls, cryptography fundamentals, authentication, security operations, software attacks including malicious code and buffer overflows, social engineering, injection attacks, and related defense tools, network attacks including denial of service, flooding, sniffing and traffic redirection, defense tools and strategies, web sites attacks including cross-site scripting, IPSec, Virtual Private networks and Network Address Translation, and ethics. Hands-on experience is part of the class.
Course Learning Outcomes:
1) Students shall be able to explain the various threats to computer systems, and assess the risk levels associated with these threats.
2) Students shall be able to explain and develop various computer security mechanisms.
3) Students shall be able to understand, explain, and develop essential authentication and access control mechanisms.
4) Students shall be able to understand, explain, and develop basic and modern cryptography concepts.
5) Students shall be able to write security policies.
3.000 Credit hours
3.000 Lecture hours
Schedule Types: Lecture, Tutorial
Computer Science & Mathematics Division
Computer Science Department
May not be enrolled in one of the following Programs:
May not be enrolled in one of the following Degrees:
Undergraduate level CSC 326 Minimum Grade of D or Undergraduate level CSC 415 Minimum Grade of D or Undergraduate level COE 414 Minimum Grade of D or Undergraduate level COE 541 Minimum Grade of D