PANIMALAR ENGINEERING COLLEGE

(An Autonomous Institution, Affiliated to Anna University,

Chennai)
JAISAKTHI EDUCATIONAL TRUST
Bangalore Trunk Road, Varadharajapuram,
Poonamallee, Chennai – 600 123
DEPARTMENT OF COMPUTER SCIENCE AND BUSINESS SYSTEMS

SYLLABUS DEVELOPMENT – Regulation 2021

Name of the Course : INFORMATION SECURITY AND MANAGEMENT

Course Code : 21CB1702
Semester of Study : VII
Course offering Department : CSBS
Category of the Course : PC
(Humanities and Social
Studies / Basic Science /
Engineering Science /
Professional Core /
Professional Elective / Open
Elective/ Employability
enabled Course / Mandatory
Course)
Nature of the Course : PC
Number of Theory Hours per : 3
week
Number of Tutorial Hours : NIL
per week
Number of Practical Hours : NIL
per week
No. of Credits :3
Pre-requisites / Co- : 21CS1303 Computer Networks
requisites
Course Objective  To understand the basics of Information Security.
 To learn the basics of Cryptography and its algorithms.
 To understand the methods of public key encryption.
 To know the aspects of risk management and the information
security policy.
 To acquire knowledge of various Security Technology.
 To learn about the concepts of Information Security Project
 Management
Course Outcome 21CB1702.1 Discuss the basics of information security
21CB1702.2 Understand the fundamentals of networks security, attacks,
services and substitution techniques
21CB1702.3 Apply the different cryptographic algorithms for practical
applications.
21CB1702.4 Demonstrate the aspects of Risk Management and
Information Security Policy
21CB1702.5 Design and implement new Technologies for security of
Information
21CB1702.6 Analyse and develop project plan for Information Security
Project Management and Maintenance
Course Content
Unit I INTRODUCTION No. of Hours : 9
History - What is Information Security?, Critical Characteristics of Information, CNSS (Committee on
National Security Systems) Security Model - Components of an Information System - Balancing Information
Security and Access -The System Development Life Cycle(SDLC) -The Security SDLC.
Unit II OVERVIEW OF COMPUTER SECURITY No. of Hours : 9
Overview: Computer Security concepts – Security attacks – Security services - Symmetric Cipher Model –
Substitution Techniques. Block Ciphers and Data Encryption Standard(DES) - A DES example – Advanced
Encryption Standard(AES) structure – AES Transformation functions – AES key expansion example -
Public-key Cryptography - The RSA (Rivest–Shamir–Adleman) algorithm –Diffie Hellman key exchange.
Unit III SECURITY ANALYSIS No. of Hours : 9

Risk Management: Introduction – Risk Identification - Risk Assessment – Risk Control Strategies – Selecting
a Risk control strategy - Information Security Policy, Standards and Practices – The Information Security
blueprint..
Unit IV SECURITY TECHNOLOGY No. of Hours : 9
Introduction ; Access Control : Identification, Authentication, Authorization, Accountability; Firewalls :
Firewall Processing Modes, Firewalls Categorized by Generation, Firewalls Categorized by Structure,
Firewall Architectures, Selecting the Right Firewall, Configuring and Managing Firewalls, Content Filters;
Protecting Remote Connections : Remote Access, Virtual Private Networks (VPNs).
Intrusion Detection and Prevention Systems : IDPS Terminology, Why Use an IDPS? , Types of IDPS ,
IDPS Detection Methods , IDPS Response Behavior, Selecting IDPS Approaches and Products, Strengths
and Limitations of IDPSs, Deployment and Implementation of an IDPS, Measuring the Effectiveness of
IDPSs; Honeypots, Honeynets, and Padded Cell Systems : Trap-and-Trace Systems , Active Intrusion
Prevention.

Unit V INFORMATION SECURITY PROJECT MANAGEMENT No. of Hours : 9

Introduction ; Information Security Project Management: Developing the project plan, project planning
consideration, Scope consideration, The need for project Management; Technical Aspects of Implementation:
Conversion strategies, The Bull’s- Eye Model, To Outsource or not, Technology Governance and Change
Control; Non-Technical Aspects of Implementation: The Culture of change management, Consideration of
Organizational Change. Security Management Maintenance Models : The Security Maintenance Model,
Monitoring the External Environment, Monitoring the Internal Environment, Planning and Risk Assessment,
Vulnerability Assessment and Remediation

Total Hours : 45
Text Books
1. Michael E Whitman and Herbert J Mattord, “Principles of Information Security”, Vikas Publishing
House, New Delhi, Fourth Edition, 2012.
2. William Stallings, Cryptography and Network Security: Principles and Practice, PHI 6th Edition, 2014.

Reference Books
1. Christo Paar and Jan Pelzl, “Understanding Cryptography: A Textbook for Students and
Practitioners”, First Edition, Springer, 2010
2. Douglas R. Stinson,” Cryptography: Theory and Practice”, Third Edition, by, CRC Press, Taylor and
Francis Group (Indian Edition),2006
3. MarjieT.Britz, “Computer Forensics and Cyber Crime”: An Introduction”, 3 rd Edition, Prentice
Hall, 2013.
Web references
1. https://www.simplilearn.com/what-is-des-article/
2. https://www.techtarget.com/searchsecurity/definition/Advanced-Encryption-Standard
3. https://www.geeksforgeeks.org/implementation-diffie-hellman-algorithm/
4. https://www.checkpoint.com/cyber-hub/network-security/what-is-firewall/
Online Courses / Resources:

Details of Modification in the Existing Anna University Curriculum

 Course Content

S. No. Course Content Un Addition / Justification Source of the added

it Deletion content
No
.
1. Substitution Techniques II Addition One of the basic https://
methods to be learnt www.uomustansiriyah.edu.i
before learning q
cryptographic
advanced
algorithms.
2. IV Addition According to recent https://www.kuk.ac.in/lms/
DES ,AES and RSA
Algorithms
trends and
technologies
3. V Addition Every student has to https://
know and implement sushantuniversity.edu.in/
a solution with
innovative thinking.
It may be business ,
education or any
field.

Text Book

S.No. Name of the Text Book Justification

1. Michael E Whitman and Herbert J Mattord, Unit 1, 2, 3, 4 are covered
“Principles of Information Security”, Vikas Publishing
House, New Delhi, Fourth Edition, 2012.
2. William Stallings, Cryptography and Network Unit -5 covered
Security: Principles and Practice, PHI 6th Edition,
2014.
Reference Book

S.No. Name of the Reference Book Justification

1 Christo Paar and Jan Pelzl, “Understanding Covers the basics of why design thinking is
Cryptography: A Textbook for Students and necessary? In an in depth way.
Practitioners”, First Edition, Springer, 2010
2 Douglas R. Stinson,” Cryptography: Theory and Covers the topic Design Thinking in
Practice”, Third Edition, by, CRC Press, Taylor and Business-Linking Design Thinking Solution
Francis Group (Indian Edition),2006 to Business Challenges under in a detailed
way.
3 MarjieT.Britz, “Computer Forensics and Cyber Helpful for case studies to learn in a better
Crime”: An Introduction”, 3 rd Edition, Prentice Hall, way.
2013.

Online Resources:
S.No. Name of the topic Web link of the resource Justification
1.

2.

Course Instructor Course Co-ordinator Department Advisory Committee Head of the Department