Podcast
Questions and Answers
ما هي البنية النجمية؟
ما هي البنية النجمية؟
من هم المستخدمون؟
من هم المستخدمون؟
ما هو مفهوم "Information Security"؟
ما هو مفهوم "Information Security"؟
ما هي أهمية أمن المعلومات؟
ما هي أهمية أمن المعلومات؟
Signup and view all the answers
ما هي أنواع الشبكات من حيث المساحة الجغرافية؟
ما هي أنواع الشبكات من حيث المساحة الجغرافية؟
Signup and view all the answers
ما هو مفهوم "Intranet"؟
ما هو مفهوم "Intranet"؟
Signup and view all the answers
ماذا تُعني "Data"؟
ماذا تُعني "Data"؟
Signup and view all the answers
ما هي أنواع التهديدات المعلوماتية؟
ما هي أنواع التهديدات المعلوماتية؟
Signup and view all the answers
ماذا تُعني "Information"؟
ماذا تُعني "Information"؟
Signup and view all the answers
ما هي أهم مميزات الحوسبة السحابية؟
ما هي أهم مميزات الحوسبة السحابية؟
Signup and view all the answers
تعتبر أمن المعلومات حلا اختيارياً للمؤسسات - وليس ضرورة
تعتبر أمن المعلومات حلا اختيارياً للمؤسسات - وليس ضرورة
Signup and view all the answers
يُعدّ المستخدمون الحلقة الأضعف في برنامج أمن المعلومات .
يُعدّ المستخدمون الحلقة الأضعف في برنامج أمن المعلومات .
Signup and view all the answers
ما هي أهم سياسات أمن المعلومات؟
ما هي أهم سياسات أمن المعلومات؟
Signup and view all the answers
Study Notes
General Information
- Course Title: أساسيات أمن المعلومات (Fundamentals of Information Security)
- Course Code: BX-103, BN-227
- Instructor: د. بشری شریف
- Term: نوفمبر 2024
Instructor Information
- Dr. Bushra Shareef holds a Bachelor's degree in Information Technology from King Abdulaziz University, Jeddah, specializing in Software Engineering.
- She holds a Master's and a Ph.D. in Information Technology from the Arab Academy for Science, Technology and Maritime Transport, specializing in Information Security and Blockchain Technology,including Machine Learning (ML) algorithms.
Contact Information
- Email: [email protected]
- WhatsApp Group: (Included)
- Contact Hours: By Appointment
Course Content (Information Security)
- Definition: Information security is the science that studies the theories and strategies to protect information from the threats which threaten it and from the acts that harm it.
- Technical Aspect: Methods, tools and procedures for ensuring that information is protected from internal and external dangers.
Learning Objectives
- Overview of fundamental concepts and terminology related to information security.
- Methods for maintaining the security of various technologies (hardware, software, networks).
- Covering fundamental topics like symmetric and asymmetric encryption algorithms, various security threats and protection measures.
- Understanding key security policies for protection.
- Exploring digital crime investigations and documenting evidence for identifying cyberattacks against organizations.
Schedule
- First 6 Weeks: Fundamental concepts, terminologies related to information security, and hardware-related information.
- Weeks 7 - 11: Security policies, related to both physical and software aspects of information systems.
- Weeks 12-16: Digital evidence documentation, and the science of computer forensics.
- Final Week(s): Final Exam
Resources (Textbooks and References)
- Textbook: أمن المعلومات - د ذيب القحطاني, King Abdulaziz University (2015)
- Additional Resources: Network and Infrastructure security by Dr. Ghassan Saba (2018)
- Other References: -Cryptography and Network Security by Stallings (4th Ed., 2006) -Fundamentals of Information Systems Security by Kim & Solomon (3rd Ed., 2018)
Evaluation
- Attendance: 20%
- Assignments: 20%
- Midterm Exam: 20%
- Final Exam: 40%
Chapter 1: Introduction to Information Security
-
Introduction (1.1): Definitions of Data & Information
- Data: Raw, unprocessed figures, symbols, or characters.
- Information: Processed data, organized in a meaningful way.
-
System Components (2.1):
- الأجهزة: المكونات المادية
- Software: Programs and applications
- البيانات: بيانات منظمة (بيانات منظمة) وغير منظمة (بيانات غير منظمة).
- المستخدمون: الأفراد الذين يتفاعلون مع النظام.
- الشبكات: أنظمة التوصيل.
- الإجراءات: التعليمات والعمليات
Chapter 2: Components of Information Systems
(Further elaborates on the 6 components mentioned above, plus their relationship: Hardware, Software, Data, Users, Networks, Procedures.)
Chapter 2-1: Hardware Components
- Description of various hardware components (computers, printers, routers, switches, modems, hard drives, etc.).
Chapter 2-2-1: Software Components
- Definition of operating systems (OS) and their roles (managing hardware, running applications, memory management, I/O management, data/file management & network communication).
- Description of applications (software that performs specific tasks).
Chapter 3-2-1: Data Types
- Structured data (databases) and unstructured data (files).
Chapter 4-2-1: Users
- Users are the active element in Information Systems.
Chapter 5-2-1: Procedures
- Procedures are defined as instructions/commands for accomplishing specific tasks.
Chapter 6-2-1: Networks
- Definition of computer networks and components.
Chapter 6-2-1-1: Network Topologies
- Types of network topologies: Bus Topology, Star Topology, Ring Topology, and Star-Tree Topology.
- Definitions of Local Area Networks (LANs) and Wide Area Networks (WANs).
Chapter 6-2-1-2: Network Types (Centralization)
- Client/Server Networks
- Peer-to-Peer Networks
Chapter 6-2-1-3: Internet
- Definitions of the Internet and access methods (Dial-up, DSL, Wi-Fi, LAN, Satellite).
Chapter 6-2-1-4: Internet Components
- Browsers and their role in internet access.
- HTTP and other internet protocols like URLs (protocol, domain name, top-level domain).
Chapter 6-2-1-5: Intranet
- Definition of intranet as a private local area network.
Chapter 6-2-1-6: Extranet
- Definition of extranet as connection between multiple intranets.
Chapter 7-6-2-1: Cloud Computing
- Definition of cloud computing as a service-based delivery model for resources.
Chapter 8-6-2-1: Network Layers
- OSI model and its seven layers (application layer, presentation layer, session layer, transport layer, network layer, data link layer, physical layer.)
- Description of TCP/IP protocol suite and its roles in network communication.
Chapter 1-2: Why Information Security?
- Importance of information security as a necessity, not an option.
- Threats to Information Systems (as a cause for security needs).
Chapter 2-2: Definition of Information Security
- Definition of Information Security emphasizing protection from harm of all forms; unauthorized access; and enabling uninterrupted operation.
Chapter 2-4: Need for Information Security
- Need for information security due to critical assets (data centers, databases, servers, storage, websites, etc.).
- Importance to the organization's operations.
- Importance for users receiving services.
- Effects of remote services and remote working.
- Need to understand institutional capabilities to protect against various threats.
Chapter 4-2: Threats to Information Systems
- Classification of threats: technical, human, environmental (natural disasters).
Chapter 1-4-2: Technical Threats
- Design and operation flaws (e.g., open ports, incorrect data backups, data fragmentation).
Chapter 2-4-2: Human Threats
- Malicious users and staff; unaware users and staff; malicious organizations; hardware/software vendors; external engineers, technicians, and support personnel.
Chapter 3-4-2: Natural Threats
- Natural disasters (earthquakes, floods, fires, etc.).
Chapter 5-2: Cyberattacks and Security Needs
- Types of cyberattacks: Malware, Backdoors, Password cracking, Brute-Force attacks, Man-in-the-Middle attacks, Denial-of-Service attacks, Spoofing and other deception techniques.
Chapter 5-2-x: Advanced Cyber Threats
- Other threats, such as: Dictionary Attacks, E-mail Bombing, Sniffing, Social Engineering, Shoulder Surfing, and Side-Channel Attacks.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
