Information Security OU Syllabus

Leave a Comment / Syllabus / By
4.5
(33)

UNIT-I
Introduction: History, Critical Characteristics of Information, NSTISSC Security Model, Components of an
Information System, Securing the Components, Balancing Security and Access,
The SDLC, The Security SDLC.
Need for Security: Business Needs, Threats, Attacks, and Secure Software Development
UNIT-II
Legal, Ethical and Professional Issues: Law and ethics in Information Security, Relevant U.S. Laws,
International Laws and Legal Bodies, Ethics and Information Security.
Risk Management: Overview, Risk Identification, Risk Assessment, Risk Control Strategies, selecting a
Risk Control Strategy, Quantitative versus Qualitative Risk Control Practices, Risk Management Discussion
Points, Recommended Risk Control Practices.
UNIT-III
Planning for Security: Security policy, Standards and Practices, Security Blue Print, Security Education,
Continuity strategies.
Security Technology: Firewalls and VPNs: Physical Design, Firewalls, Protecting Remote connections.
UNIT-IV
Security Technology: Intrusion Detection, Access Control, and other Security Tools: Intrusion Detection
and Prevention Systems-Scanning, and Analysis Tools- Access Control Devices.
Cryptography: Foundations of Cryptology, Cipher methods, Cryptographic Algorithms, Cryptographic
Tools, Protocols for Secure Communications, Attacks on Cryptosystems

UNIT-V
Implementing Information Security: Information security project management, Technical topics of
implementation, Non-Technical Aspects of implementation, Security Certification and Accreditation.
Security and Personnel: Positioning and staffing security function, Employment Policies and Practices, and
Internal Control Strategies.
Information Security Maintenance: Security management models, Maintenance model, and Digital
Forensics.
Suggested Readings:
1. Michael E Whitman and Herbert J Mattord, Principles of Information Security, Cengage Learning,
2011.
2. Thomas R Peltier, Justin Peltier, John Blackley, Information Security Fundamentals, Auerbach
Publications, 2010.
3. Detmar W Straub, Seymour Goodman, Richard L Baskerville, Information Security, Policy,
Processes, and Practices, PHI, 2008.
4. Mark Merkow and Jim Breithaupt, Information Security Principle and Practices, Pearson Education,
2007

How useful was this post?

Click on a star to rate it!

Average rating 4.5 / 5. Vote count: 33

No votes so far! Be the first to rate this post.

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Leave a Comment

Scroll to Top