Information Security IT 502 Overview

Questions and Answers

What is one of the main objectives of the course?

To understand network security threats and countermeasures. (correct)

To create new programming languages.

To learn about operating system development.

To design network hardware.

Which topic is NOT covered in the course on information security?

Vulnerability analysis.

Cryptography fundamentals.

Intrusion detection techniques.

Web development techniques. (correct)

What hands-on experience does the course aim to provide?

Designing graphics for user interfaces.

Managing databases for business applications.

Creating websites using HTML.

Programming security protocols and simulations. (correct)

Which concept is part of the vulnerability analysis in network security?

Applying methods for access control.

What aspect of network security is emphasized in the course regarding original research?

Wireless network and MANET security.

What percentage of lecture hours is allocated to 'Security in Networks'?

23%

Which topic has the highest percentage of lecture hours dedicated to it?

Program Security

How many total hours are allocated for lab sessions in the course?

30 hours

Which cryptographic technique is classified under Symmetric and Asymmetric Cryptographic Techniques?

RSA

Which topic has the least number of lecture hours assigned?

Introduction to Information Security

Study Notes

Course Overview

• Subject Name: Information Security
• Subject Code: IT 502
• Total Credits: 5
• Teaching Hours: 90 (60 theory, 30 lab)
• Evaluation Marks: 150 (Theory: 70, Mid Sem: 30, CIA: 20, Practical: 30)

Learning Objectives

• Grasp the fundamentals of cryptography and its role in network security.
• Identify network security threats, security services, and countermeasures.
• Conduct vulnerability analysis in network security.
• Gain insights into hash functions, authentication methods, firewalls, and intrusion detection.
• Acquire practical experience with programming and simulation of security protocols.
• Build a foundation for original research in network security, particularly in wireless networks and MANET.
• Assess trade-offs and concerns concerning security countermeasures.
• Implement authentication, access control, and intrusion detection/prevention methods.
• Detect and resolve software security vulnerabilities in existing systems.

Course Units

• Introduction to Information Security: Covers attacks, vulnerabilities, security goals, services, and mechanisms (5 hours).
• Conventional Cryptographic Techniques: Involves substitution and transposition ciphers, one-time pad, block cipher, stream cipher, and steganography (10 hours).
• Symmetric and Asymmetric Cryptographic Techniques: Includes DES, AES, and RSA algorithms (10 hours).
• Authentication and Digital Signatures: Focuses on cryptographic techniques for authentication, secure hash functions, and key management (Kerberos) (9 hours).
• Program Security: Discusses non-malicious errors, buffer overflow, viruses, and various attack methods (12 hours).
• Security in Networks: Addresses threats, network security controls, architecture, encryption, authentication, and firewall types (14 hours).

Instructional Method

• Course delivery through multimedia, blackboard, and OHP.
• Mandatory attendance in lectures and labs contributes to overall evaluation (10 marks).
• Internal exam as part of evaluation.
• Regular assignments based on content, evaluated systematically.
• Surprise tests/quizzes contributed to overall evaluation (5 marks).
• Laboratory sessions for practical application of theoretical concepts.

Learning Outcomes

• Articulate the risks faced by computer systems and networks.
• Identify and analyze security challenges in systems and networks.
• Understand the functionality of standard security mechanisms.
• Develop mechanisms to secure computer systems and networks.
• Write programs that enhance security.
• Utilize cryptographic algorithms and protocols for computer security.

Reference Books

• "Security in Computing" by Charles P. Pfleeger, Pearson Education.
• "Cryptography And Network Security Principles And Practice" by William Stallings, Pearson.
• "Modern Cryptography: Theory and Practice" by Wenbo Mao, Prentice Hall.
• "Network Security Essentials: Applications and Standards" by William Stallings, Prentice Hall.

Practical Experiments

• Implement Caesar Cipher.
• Implement Affine Cipher (c=3x+12).
• Implement Playfair Cipher using user-provided key.
• Implement Polyalphabetic Cipher.
• Implement AutoKey Cipher.
• Implement Hill Cipher.

Description

This quiz assesses your understanding of the fundamentals of information security covered in IT 502. Topics include cryptography, network security threats, and practical experience with security protocols. Test your knowledge on authentication methods, firewalls, and vulnerability analysis in this comprehensive overview.