Topic outline


  • logo

    • Welcome Announcement

      Dear Students,
      Welcome to your Information Security class. We'll discuss our class, generate ideas and solve our problems through this platform. Hope you'll have a great Experience. 
      Let's get started with Information Security!!!

      • Basic Information:

        Course Code: CSE 423
        Course Title: Information Security
        Program: B.Sc in Computer Science and Engineering
        Faculty: Science and Information Technology
        Semester: Spring; Year: 2023
        Credit: 3.0; Contact Hour: 3 Hours/ Week
        Course Category: Core Engineering


        Course Instructor:

        Nasima Islam Bithi
        Lecturer
        Office: Room # 505, AB04 Building, Daffodil Smart City
        Cell Number# +880 1629665310

        Email: bithi.cse@diu.edu.bd

         

        Course Rationale:

        Information security — or infosec —  is the protection of information by people and organizations in order to keep information safe for themselves, their company, and their clients. Every organization needs protection against cyber attacks and security threats. Cybercrime and malware are constant threats to anyone with an Internet presence, and data breaches are time-consuming and expensive. The goal of IT security is to protect these assets, devices and services from being disrupted, stolen or exploited by unauthorized users, otherwise known as threat actors.


        Course Objectives:

        • To learn the basic concepts of Information Security.
        • To learn the types of Cyber crime and Attacks.
        • To learn the value of information to the modern organization.
        • To learn company Policies and Strategies to mitigate the security problems.
        • To learn CIA triad of Confidentiality, Integrity and Availability.
        • To learn the human role in security systems with an emphasis on ethics, social engineering vulnerabilities and training.

         

        Course Outcomes (CO's):

        CO1       Interpret the components, tools and techniques of Information Security systems.

        CO2       Analyze various Information security threats, risks and propose controls for it.

        CO3       Explain the Ethical issues and Laws in the field of Information Security.


        Assessment Strategies:



      • Week - 1: Information Security and It’s Elements

        a


        Discussion Points: 

              • Introduction of information security
              • Principles of Security (CIA Triad)
              • Five major Elements (Confidentiality, Integrity, Availability, Authenticity and Non-Repudiation)
              • Types of Attack
              • Information warfare

        Expected Learning Outcomes:

              • Understanding the principles of Security and its elements

        Resources of Learning:

      • Week - 2: Ethical Hacking and Concept

        o


        Discussion Points: 

              • Concept of Hacking
              • Characteristics of hacker
              • Types of hacker
              • Cyber attack
              • Cyber security vs information security
              • Art and philosophy of hackers

        Expected Learning Outcomes:

              • Recognize the concept of hacking and the tendencies of hackers
              • Differentiate between Cyber security and information security

        Resources of Learning:


      • Week 5: Class test 01

        Class Test-01 



        Syllabus

        • Lecture 1, Lecture 2 
        • Mark: 15; Time: 25min;
      • Week - 3: Security Risk Management

        7


        Discussion Points: 

              • Concept of Information assurance.
              • Risk and risk level
              • Risk management process
              • Differences among vulnerabilities, risk and threat

        Expected Learning Outcomes:

              • Understanding the importance of information assurance in daily life
              • Understanding the steps of risk management process

        Resources of Learning:

      • Week - 4: Security Risk Management(Contd.)

        y


        Discussion Points: 

              • Risk Identification
              • Risk analysis
              • Computation of Risk score
              • Risk rating matrix
              • Classification of risk triggers
              • Business impact analysis
              • Estimated downtime

        Expected Learning Outcomes:

              • To understand the probability and impact of risk and define the risk level of a real life information system.

        Resources of Learning:

      • Week 6: Incident Management

        p

        Discussion Points: 

              • Security Incident
              • Incident Management
              • Incident Handling & Response

        Expected Learning Outcomes:

              • To understand how any organization can handle and response in step by step when a security incident occurs.

        Resources of Learning:

      • Week 7: AI & ML in Information security

        i


        Discussion Points: 

              • AI and ML in information security
              • Differences between AI and ML
              • Role of AI and ML in information security
              • Application areas
              • Benefits of AI and ML
              • Challenges of AI and ML

        Expected Learning Outcomes:

              • To understand how the organization's can benefit from AI and ML in information security.

        Resources of Learning:

      • Week - 8: Malware

        i

        Discussion Points: 

        Expected Learning Outcomes:

              • To understand the concept of malware and type of it.

        Resources of Learning:

      • Week 09

        Class Test-02



        Syllabus

        • Malware & Incident Management
        • Mark: 15; Time: 35min;
      • Week- 10

        Assignment

      • Week - 11: Midterm Exam



        Contents for Exam:

                • Lecture 01 to Lecture 7

      • Week 12

        l


        Discussion Points: 

              • Anti-virus
              • Firewall

        Expected Learning Outcomes:

              • To understand the concept of puiersonal device security such as anti-virus and firewall

        Resources of Learning:

      • Week 13

        l


        Discussion Points: 

              • IDS
              • IPS
              • Honeypot

        Expected Learning Outcomes:

              • To understand the concept of personal device security such as IDS, IPS, honeypot etc.

        Resources of Learning:

      • Week 14

        m


        Discussion Points: 

              • Zero day attack
              • CVE
              • CVSS
              • Vulnerability Assessment
              • Penetration Testing

        Expected Learning Outcomes:

              • To understand the concept of VAPT.

        Resources of Learning:


      • Week 15

        Class Test-03



        Syllabus

        • Lecture-9 & 10
        • Mark: 15; Time: 35min;
      • Week 16

        i


        Discussion Points: 

              • System hacking and its steps

        Expected Learning Outcomes:

              • To understand the concept of system hacking

        Resources of Learning:

      • Week 17

        l


        Discussion Points: 

              • Symmetric encryption
              • Asymmetric encryption
              • Message digest

        Expected Learning Outcomes:

              • To understand the concept of cryptography

        Resources of Learning:


      • Week 18

        l


        Discussion Points: 

              • Cybercrime
              • ICT ACT 2006
              • Digital Security ACT 2018

        Expected Learning Outcomes:

              • To understand the concept of cyber law.

        Resources of Learning:

      • Week 19

        Presentation


        Present any research paper on Information Security.

        Mark: 8                
        Time: 5-7min
        Number of Slides: 10-13
        Slides must be eye catching.
        q

        Rubric of presentation (out of 100):

        • getup & outfit : formal/semi formal (10%)
        • Body language 10%
        • Communication style : bangla/ english 10%
        • eye contact 10%
        • knowledge 40%
        • Handling Ques/Ans 20%

      • Week 19

        Assignment

        • Opened: Saturday, 10 June 2023, 12:00 AM
          Due: Sunday, 11 June 2023, 12:00 PM
      • Week 20

        Class Test-04



        Syllabus

        • Lecture-8,11 and 13
        • Mark: 15; Time: 15min;
        • Week 21

          Final



          Contents for Exam

          • Lecture-8 to 14 (except lecture 12)

          Assessment Plan

          Total Marks: 40

          Examination Schedule

          Date: _14_/12/22 ;

          Time: _3pm to 5pm_




          End of the Semester.