CICS597C Introduction to Computer Security

CICS 597C Introduction to Computer Security

Credits: 

3

This course will soon be renamed as Infosec 690C Computer Secuirty. 

Syllabus

  • When: April 3 – May 24, 2018. This is a 3-credit, semester-length course that is scheduled at an accelerated pace of 8 weeks. Each week is comprised of two 2-hour sessions.
  • Where: Students can choose to take the class either 1) in-person at the UMass Center at Springfield, Tu/Th 6pm–8pm; 2) or as remote participants. All class sessions will be recorded, which online students can view later in the day or week. Readings, discussion forums, and other interactive sessions are required of remote participants.
  • Instructor: Dr. Parviz Kermani
  • Enrollment for Spring 2018 is not active yet. 
     

This course provides an introduction to the principles and practice of computer and network security with a focus on both fundamentals and practical information. The key topics of this course are applied cryptography; protecting users, data, and services; network security, and common threats and defense strategies. Students will complete several practical lab assignments involving security tools (e.g., OpenSSL, Wireshark, Malware detection). The course includes homework assignments, quizzes, and exams. Prerequisites are CICS 290S or equivalent experience with instructor permission.

Textbook: Network Security Essentials: Applications and Standards (6th Edition) by William Stallings (Pearson)

  • Fundamentals 
    • Basic definitions (security; confidentiality, integrity, authentication, availability, etc)
    • Ethics
    • Policy basics
    • Threat and risk basics
    • Recovery from attacks
  • Applied Cryptography
    • Symmetric-key crypto
    • Cryptographic hash functions
    • Public/private key cryptography
  • Protecting users, data, and services
    • Passwords and user authentication
    • Brief introduction to Kerberos
    • Encrypted file systems
  • Network security
    • TCP/IP networking basics 
    • Port scanning
    • Transport-Level Security; SSL/TLS
    • Network Attacks: BGP, DNS, DoS
    • Wi-Fi security
  • Threats and Mitigation
    • Firewalls and Intrusion Detection Systems
    • Online Tracking, VPNs, and Tor
    • Phishing 
    • Malware: Viruses and Rootkits 
    • Malware: Worms and Botnets