Data Security Concepts
Rationale
Data security concepts is an advanced course that focuses on one of the most important and critically needed skill areas in information assurance and networking: network security. It builds upon an introductory course on the fundamentals of networking, TCP/IP, and the internet, to investigate the concepts and practices for securing networks and network communications. The Data Security course also leverages key information assurance concepts and practices such as encryption, authentication, risk analysis, security policy design, and implementation, etc.
Course Description
This course provides students with the knowledge and skills to begin supporting network security within an organization. Students who complete this course will be able to identify security threats and vulnerabilities and help respond to and recover from security incidents.
Learning Outcomes
On completion of this course students should be able to:
- Explain how to secure information.
- Identify and counteract social engineering exploits.
- Identify and solve security issues with the network of an organization.
- Create a process to maintain file security.
- Design policies to guard against security breaches.
- Create measures to prevent attacks on an organization’s network.
ASSESSMENT SUMMARY
Task / Assignment No. & Name | Due Date | Time | Weight | Type | Learning Outcomes |
1. Oral Presentation / Video | 15th Feb. | 12:30 pm | 20% | Class Work (Group) | 1, 2 |
2. Practical / Video | 15th Mar. | 12:30 pm | 30% | Project (Group) | 3, 4 |
3. Mid Term / Video | 12th April. | 3:30 pm | 20% | Project / Presentation (Group) | 5, 6 |
4. Final Exam | May | 30% | Individual | 1 – 6 |
Nb: Dates are subjected to be changed.
Textbooks and References
- Weaver. R., (2007). Guide to network defense and countermeasures (2nded.). Boston, MA: Thomson Course Technology.
- Reading List
- Simpson, M. (2006). Hands-on ethical hacking and network Defense. Boston, MA: Thomson Course Technology.
- Howlett, T. (2004). Open-source security tools: A practical guide to security applications. Upper Saddle River, New Jersey: Prentice Hall.
- Harris, S., Harper, A., Eagle, C., & Ness, J. (2005). Gray hat hacking: The ethical hacker’s handbook. McGraw Hill Osborne Media.
Lessons
1. SECURING INFORMATION
- Physical Security Controls - CompTIA Network+ N10-006 - 3.4
- Best Practices in Physical Security Management: Safeguard your Organization against Threats
- What is physical security and why does it matter?
- Where and how much physical security is needed?
- Why physical security is important in organizations?
- How can effective physical security be achieved in organizations?
- Full-fledged approach
- Identify your security risks
- High priority risks
- Identifying assets
- Preparing risk matrix
- Identifying possible loss events
- Determine likelihood of event
- Determine consequences of events
- Entering data in risk matrix
- Determine level of security risk
- List ranking on risk matrix
- Multi-layer implementation of physical security
- Common security mistakes
- Conclusion
2. COUNTERACTING SOCIAL ENGINEERING EXPLOITS
- How to avoid social engineering attacks
- Social engineering explained: How criminals exploit human behavior
- Social engineering techniques
- Social engineering examples
- Famous social engineering attacks
- Social engineering prevention
- 5 tips for defending against social engineering
- Social engineering toolkit
3. IDENTIFYING SECURITY MEASURES
- Computer Security | What Is Computer Security | Cyber Security Tutorial | Simplilearn
- Why Is Desktop Security Important?
- Evaluating Your Desktop Security
- User Classification
- Process and Implementation
- Technologies That Protect Your Data
- What Are the Most Vulnerable Components of Desktop Security?
- Social Engineering & Desktop Security Awareness Programs
- Measures and Measurement for Secure Software Development
- Measurement and the Software Development Life Cycle
- Software Engineering Measurement Process
- Process Measures for Secure Development
- Product Measures for Secure Development
- Community of Interest
- Tools & Maturity of Practice
- Maturity of Practice
- Appendix: Indicator Template
4. MAINTAINING FILE SECURITY
5. GUARDING AGAINST ATTACKS
6. HANDLING SECURITY BREACHES
7. NETWORK DEFENSE
- Introduction to Firewall: Types and their working, Design Principles and Limitations
- Choosing a Firewall: the Most Important Features and Types You Need to Know
- Important Features to Consider When Choosing a Firewall
- Size and Scope Considerations When Choosing a Firewall
- The 3 Types of Firewall to Choose From
- Choosing a Firewall that Delivers Everything You Need
informative Course