Scribd
Upload
35 views

RCS 322 Computer System Security

The document outlines a course on computer system security. It provides the course title, code, credits, objectives, learning outcomes, and detailed contents covering topics such as cryptography, access control, network security, operating systems security, web security, malware analysis, cloud security, mobile device security, emerging trends, case studies and references.

Uploaded by

mkweleboi
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
35 views

RCS 322 Computer System Security

The document outlines a course on computer system security. It provides the course title, code, credits, objectives, learning outcomes, and detailed contents covering topics such as cryptography, access control, network security, operating systems security, web security, malware analysis, cloud security, mobile device security, emerging trends, case studies and references.

Uploaded by

mkweleboi
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Course Title: Computer System Security

Course code: RCS 322 CREDIT: 8 (2 L,2P)


Course Objective:
The objective of the course is to provide students with a comprehensive understanding of
computer system security principles, techniques, and best practices. Through theoretical
knowledge, practical exercises, and real-world case studies, students will develop the skills
necessary to analyze, design, implement, and maintain secure computer systems and
networks.

Learning Outcomes:
1. Understand the importance of computer system security and its role in protecting
digital assets, privacy, and confidentiality.
2. Identify common security threats and vulnerabilities that exist in computer systems,
networks, and applications.
3. Explain the fundamental concepts and principles of cryptography, including
symmetric and asymmetric encryption, hash functions, and digital signatures.
4. Apply access control mechanisms such as authentication, authorization, and
accountability to mitigate security risks.
5. Evaluate network security architectures and technologies to design and implement
secure network infrastructures.
6. Assess operating system security measures including secure boot processes, user and
group management, and file system permissions.
7. Analyze web security issues and implement secure coding practices to mitigate web-
based attacks.
8. Describe malware types and behaviors, and apply malware analysis techniques to
detect and mitigate malware threats.
9. Evaluate cloud security challenges and implement security controls to secure cloud-
based services and applications.
10. Implement mobile device security measures including mobile device management
(MDM) and secure app development guidelines.
11. Analyze emerging trends and technologies in security, such as Internet of Things
(IoT) security, blockchain security, and artificial intelligence (AI) in security.
12. Apply ethical and legal considerations in computer system security, including
compliance with industry regulations and standards.
13. Demonstrate critical thinking and problem-solving skills through hands-on labs,
practical exercises, and real-world case studies.
14. Communicate effectively about security risks, solutions, and best practices to
technical and non-technical stakeholders.
15. Reflect on personal and professional growth in the field of computer system security
and pursue ongoing learning and development opportunities.
Course contents:
I. Introduction to Computer System Security
i. Importance of Computer System Security
ii. Overview of Common Security Threats
iii. Historical Perspectives on Security Breaches
iv. Goals of Computer System Security

II. Fundamentals of Cryptography


i. Basic Concepts of Cryptography
ii. Symmetric Encryption Algorithms
iii. Asymmetric Encryption Algorithms
iv. Hash Functions and Message Authentication Codes
v. Digital Signatures
vi. Cryptographic Protocols

III. Access Control Mechanisms


i. Authentication Methods
ii. Authorization and Accountability
iii. Role-Based Access Control (RBAC)
iv. Mandatory Access Control (MAC) vs. Discretionary Access Control (DAC)
v. Multi-factor Authentication (MFA)
vi. Biometric Authentication

IV. Network Security


i. Secure Network Design Principles
ii. Firewalls and Intrusion Detection Systems (IDS)
iii. Virtual Private Networks (VPNs)
iv. Secure Socket Layer/Transport Layer Security (SSL/TLS)
v. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
vi. Wireless Network Security

V. Operating System Security


i. Secure Boot Process
ii. User and Group Management
iii. File System Permissions and Access Controls
iv. Patch Management and Software Updates
v. Sandboxing and Virtualization
vi. Trusted Execution Environments (TEEs)

VI. Web Security


i. Common Web Vulnerabilities (e.g., Cross-Site Scripting, SQL Injection)
ii. Secure Coding Practices
iii. Web Application Firewalls (WAFs)
iv. Session Management and Cookies
v. Secure File Uploads and Downloads
vi. Content Security Policy (CSP)

VII. Malware Analysis and Defense


i. Types of Malware (e.g., Viruses, Worms, Trojans)
ii. Malware Detection Techniques
iii. Incident Response and Handling
iv. Anti-virus Software and Endpoint Protection
v. Sandboxing and Honeypots
vi. Digital Forensics

VIII. Cloud Security


i. Cloud Computing Security Challenges
ii. Shared Responsibility Model
iii. Identity and Access Management (IAM) in the Cloud
iv. Data Encryption and Key Management
v. Security Monitoring and Logging
vi. Compliance and Governance in Cloud Environments

IX. Mobile Device Security


i. Mobile Device Management (MDM)
ii. Secure App Development Guidelines
iii. Mobile Device Encryption
iv. Remote Wipe and Lock Features
v. Jailbreaking and Rooting Risks
vi. Bring Your Own Device (BYOD) Policies

X. Emerging Trends and Technologies in Security


i. Internet of Things (IoT) Security
ii. Blockchain Security
iii. Artificial Intelligence (AI) and Machine Learning in Security
iv. Quantum Computing and its Implications for Cryptography
v. Threat Intelligence and Information Sharing
vi. Ethical and Legal Considerations in Computer System Security

XI. Case Studies and Practical Applications


i. Real-world Examples of Security Breaches
ii. Incident Response Scenarios
iii. Security Best Practices in Industry
iv. Hands-on Labs and Exercises

XII. Conclusion and Future Directions


i. Recap of Key Concepts
ii. Ongoing Challenges in Computer System Security
iii. Future Trends and Developments
iv. Continuing Education and Professional Growth in Security

REFERENCES:

Cryptography Essentials

1. Cryptography Engineering: Design Principles and Practical Applications by


Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno (2010): This classic
textbook provides a comprehensive introduction to cryptographic concepts,
algorithms, and protocols. It covers a wide range of topics relevant to computer
system security, including symmetric and asymmetric encryption, hashing, digital
signatures, and message authentication codes.

2. Introduction to Modern Cryptography, Second Edition by Jonathan Katz and


Yehuda Lindell (2014): This more theoretically oriented book delves deeper into the
mathematical foundations of cryptography. It's a valuable resource for students who
want to understand the underlying principles behind cryptographic algorithms

Computer and Network Security

3. Computer Security: Art and Science by Matt Bishop (2003): This broad-ranging
book covers a wide range of topics in computer and network security, from basic
concepts like access control and authentication to more advanced topics like intrusion
detection and secure programming.

4. Network Security Essentials: Applications and Standards (5th Edition) by


William Stallings (2013): This practical guide focuses on the security of computer
networks, covering topics like firewalls, intrusion detection systems, virtual private
networks (VPNs), and wireless security.
Operating System Security

5. Operating Systems Security by William R. Cheswick and Steven M. Bellovin


(2003): This classic text explores the security vulnerabilities of operating systems and
provides guidance on how to mitigate them. It covers topics like memory protection,
process isolation, and file system security.

6. Windows Internals (7th Edition) by Mark Russinovich, David Solomon, and


Alex Ionescu (2017): While not specifically a security book, this comprehensive
guide to the internal workings of Microsoft Windows provides valuable insights into
the security architecture of a widely used operating system.

Web Application Security

7. Web Application Security by Michael Howard, David LeBlanc, Richard Rowley,


and Steve Webb (2010): This book provides a practical guide to securing web
applications, covering topics like injection attacks, cross-site scripting (XSS), and
session management.

8. The Tangled Web: A Guide to Securing Modern Web Applications by Michal


Zalewski (2011): This book takes a more in-depth look at the security challenges of
web applications, exploring advanced topics like web application firewalls (WAFs)
and secure coding practices

You might also like