IS Program – 4th Year (2nd Semester) Page 8-1
Assiut University
Faculty of Computers & Information Information Systems Department
Quality Assurance Unit
Information Security
Course Specifications2011-2012
Relevant program B.Sc. in Computers and Information
(Information Systems).
Department offers the program Information Systems Department offers the course Information Systems
Academic year 4th Year
Date of specification approval 24/9/2012
A. Basic Information
1. Course Title: Information Security 2. Course Code: INF423
3. Course hours per week:
Lecture Tutorial / Practical Total
3 2 5
B. Professional Information
1. Overall aims of the course
Upon completing this course the student will have learned, through
appropriate classroom and laboratory experiences, the following.
Understanding the principles and fundamentals of information and
network security with emphasis on: Basic concepts of information and
computer network security; classical encryption techniques; modern
symmetric encryption techniques; public-key encryption; system and
network security tools and network security practice.
Comprehensive knowledge, skills and attitudes appropriate for careers in
information security.
Understanding the organization’s policies and processes, thereby reducing
the organization’s liability due to security failures.
IS Program – 4th Year (2nd Semester) Page 8-2
2. Intended Learning Outcomes (ILOs) of the course
a. Knowledge and Understanding
On successful completion of the program, graduates should be able to: a1. Identify contemporary issues in information security.
a2. Define information security risks.
a3. Define the three aspects of information security: services, mechanisms and attacks. a4. Describe cipher principles.
a5. Discuss the cryptographic systems.
a6. Describe the basic operations and applications of firewalls, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS).
a7. Discuss the Malicious Software and Antivirus Approaches.
a8. Identify the policy and technology trade-offs involved in developing information security systems of adequate quality.
b. Intellectual Skills
On successful completion of this program, graduates should be able to: b1. Evaluate classical techniques of information security.
b2. Evaluate cryptographic systems algorithms.
b3. Identify the impact of different security breaches on Information security. b4. Explain the guidelines and procedures of Information security investigations. b5. Perform comparisons between (methods, techniques...etc) related to information
security.
b6. Identify countermeasures and review techniques appropriate to the management of information security risks.
c. Professional and Practical Skills
On successful completion of this program, graduates should be able to: c1. Institute Information security program management.
c2. Perform contingency and disaster planning. c3. Use appropriate programming languages. c4. Implement cryptographic systems algorithms. c5. Implement different ciphers on Software.
d. General and Transferable Skills
On successful completion of this program, graduates should be able to: d1. Work in stressful environment and within constraints.
d2. Communicate effectively.
d3. Demonstrate efficient IT capabilities. d4. Lead and motivate individuals. d5. Manage tasks and resources.
IS Program – 4th Year (2nd Semester) Page 8-3
3. Contents
No Topic taught Lecture Tut/Prac No. of hours ILOs 1 Introduction to Information
Security.
Identification and authentication, authorization rules.
6 4 a1-a3, b1, b4-b6, d1-d5
2 Data classification. Different encryption and decryption techniques, different types of ciphers, characteristics of good ciphers, crypt analysis, public– key system, single–key system and data encryption standards.
12 8 a1, a2, a4, a5, b1, b2, b5, b6, c2-c4, d1-d5
3 Threats, safeguards and security objectives, security with some existing systems, security levels.
6 4 a1-a3, a6, b3, b5, b6, c2-c4, d1-d5
4 Computer virus protection, privacy and data protection, designing of secure system, models of security, database security, reliability and integrity, sensitive data.
12 8 a1, a2, a6-a8, b1, b3-b6, c1, d1-d5
5 Multi- level data security, protection of files, copy protection.
6 4 a1, a2, a8, b5, b6, c1, d1-d5
4. Teaching and Learning Methods
4a. Lectures4b. Tutorial Exercises 4c. Practical Exercises
5. Student Assessment
5a. Tools
Final Exam To measure knowledge, understanding, intellectual and professional skills.
Mid-Term Exam To measure following up and understanding the studied topics Class Work To measure the participation of the student during the tutorial,
professional and general skills. 5b. Time Schedule
Assessment Week No
Final Exam 16
IS Program – 4th Year (2nd Semester) Page 8-4 5c. Grading System
The students’ points are calculated through the following point distribution.
Assessment Grade %
Final Exam 70%
Mid-Term Exam 20%
Class Work 10%
Then, the passing and failing grades are evaluated from the student achievement point “X” based on the following table.
Very Poor Poor Pass Good Very Good Distinguished
0% ≤ X < 30% 30% ≤ X < 50% 50% ≤ X < 65% 65% ≤ X < 75% 75% ≤ X < 85% 85% ≤ X ≤ 100%
5d. Formative Assessment
Regular quizzes distributed along the whole semester.
6. List of References
6a. Course Notes
o Short course notes available at doctor’s office. 6b. Required Books (Textbooks)
o Stallings, William. "Cryptography and network security: principles and practices", Fourth edition, Prentice-Hall, Inc, 2005
6c. Recommended Books
o Arthur E. Hutt, Douglas B. Hoyt, Seymour Bosworth. "Computer Security Handbook", third edition, John Wiley & Sons, Inc, 1995. o Rick Lehtinen. "Computer Security Basics", second edition, O'Reilly
Media, Inc, 2006.
7. Facilities Required for Teaching and Learning
A lecture hall is equipped with a projector and a computer.
Tutorial rooms are equipped with projectors and computers.
A library.
Course Coordinator: Prof. Dr. Yousef B. Mahdy Signature:
Date: 24/9/2012
Department Head: Dr. Taysir H. Abdel-Hamid Signature:
IS Program – 4th Year (2nd Semester) Page 8-5
Course Matrix
Course Name Information Security Course Code INF423
Course Aims Course Content
T ea ch in g We ek s
ILOs Teaching and Learning
Methods Assessment Tools
Crit er ia a’s b’s c’s d’s Le cture s Tuto ria l E xe rc is es Pra ctic al Ex erc is es Wo rks ho ps Pro je cts Ca se Stu d y D ata Colle ctio ns Fina l E xa m Mid -Te rm E xa m Pra ctic al Ex am Cla ss Wo rk O ra l E xa m
• Understanding the principles and fundamentals of information and network security with emphasis on: Basic concepts of information and computer network security; classical encryption techniques; modern symmetric encryption techniques; public-key encryption; system and network security tools and network security practice.
• Comprehensive knowledge, skills and attitudes appropriate for careers in information security.
• Understanding the organization’s policies and processes, thereby reducing the organization’s liability due to security failures.
• The latest advantages of information security.
Introduction to Information Security. Identification and authentication,
authorization rules. 1-2 1-3 1, 4-6 − 1-5 Studen t ev alua tio n, cours e fil e, ex am res ult s
Data classification. Different encryption and decryption
techniques, different types of ciphers, characteristics of good ciphers, crypt analysis, public–key system, single– key system and data encryption standards. 3-6 1, 2, 4, 5 1, 2, 5, 6 2-4 1-5
Threats, safeguards and security objectives, security with some
existing systems, security levels. 7-8 1-3, 6
3, 5,
6, 2-4 1-5
Computer virus protection, privacy and data protection, designing of secure system, models of security, database security, reliability and integrity, sensitive data.
8-11 1, 2, 6-8 1, 3-6 1 1-5
Multi- level data security, protection
of files, copy protection. 12-14 1, 2, 8 5, 6 1 1-5