IT2030 – Introduction to Computer Security

This subject provides the students with a background and an overview of basic principles and techniques to establish computer security in an organization. Starting from the fundamental computer security concepts, this subject introduces students to the current threats which computer systems face in the modern world such as cyber stalking, fraud, abuse, DNS attacks, malware, cyber terrorism, information warfare and discusses the protection mechanisms against them. The techniques used by hackers, are introduced and hackers’ mentality is discussed enabling the student to develop security management skills. This subject further will look at the security policies, models and mechanisms related to confidentiality, integrity, authentication, identification, and availability issues to establish protection against security violations. Other topics covered include basics of encryption, cryptography digital signatures, hashing, VPN, computer security software, firewalls, antispyware, IDS etc. Issues such as organizational security policy, legal and ethical issues in security, standards and methodologies for security evaluation and certification will also be covered. At the latter part of this subject, students will be introduced to the concepts of forensics.