e-code Academy Information Security Diploma Training Discerption

(1)

e-Code Academy

Information Security Diploma

Training Discerption

(2)

1

I. C

ONTENTS

II. INTRODUCTION ... 2

O

VERVIEW

... 2

C

OPYRIGHTS AND

T

RADEMARKS

... 2

III. OBJECTIVE ... 3

L

IST OF

P

OSTGRADUATE

C

OURSES

... 3

F

IRST

S

EMESTER

(2

M

ONTHS

) ... 4

S

ECOND

S

EMESTER

(2

M

ONTHS

) ... 4

P

ROJECT

(1

M

ONTH

) ... 4

L

ABORATORY

R

EQUIREMENTS

... 5

P

REREQUISITES

... 5

IV. COURSE SYLLABUSES ... 5

ISC

901 S

ECURITY

E

NGINEERING

... 5

ISC

910 C

RYPTOGRAPHY

... 6

ISC

912 S

ECURITY

P

ROGRAMMING

... 6

ISC

913 S

ECURITY

S

TANDARDS

... 6

ISC

920 N

ETWORK AND

S

YSTEMS

S

ECURITY

... 7

ISC

921 E

THICAL

H

ACKING

... 7

ISC

930 S

OFTWARE

S

ECURITY

... 8

ISC

940 S

ECURE

H

ARDWARE

P

ROGRAMMING

... 8

ISC

950 S

ECURITY

P

ROJECT

... 9

(3)

2

II. I

NTRODUCTION

Overview

In this diploma, candidates will study the Digital Security basics. The candidate will be aware of following topics: cryptography theory, the differences between cryptographic techniques, the strength and the weakness, the software and hardware implementation of cryptographic techniques, data encryption, data integrity, digital signature, data security attacks and cryptanalysis techniques, security standards, security software and smart card programming, security hardware and security hardware programming.

The diploma takes a duration of five months, divided into two semester followed by project. In each semester there are practical lap with experiments related to studied topics. The curriculum provides detailed plan of courses schedule, lab requirements, prerequisites, and course details. By the end of each course there is an exam. In the last month there is a practical project ends with demonstration and evaluation. By the end of diploma successful candidates take a certification with the archived grade.

Copyrights and Trademarks

All of the content on this manual and accompanying software(including all text, graphics, sounds, demos, patches, hints and other files) is covered under KSA and international copyright and trademark laws by E-Code and other companies, and are property of E-Code, or are presented with permission and/or under license. This content may not be used for any commercial use without express written permission of E-Code, and possibly other copyright or trademark owners. All other trademarks and copyrights are the property of their respective owners.

(4)

3

III. O

BJECTIVE

List of Postgraduate Courses

First Semester  ISC 901 Security Engineering

 ISC 910 Cryptography

 ISC 921 Ethical Hacking

 ISC 912 Security Programming

 Using Security Software Laboratory Second Semester  ISC 930 Software Security

 ISC 913 Security Standards

 ISC 920 Network and Systems Security

 ISC 940 Secure Hardware Programming

 Using Security Hardware Laboratory

Project  ISC 950 Security Project

Prepare student to advanced digital security studies like

Master and PHD Provide theoretical background related to digital security Provide recent technology and techniques related to digital security Provide practical experience related to digital security

Provide the market with digital security experts

(5)

4 First Semester (2 Months)

No Code Name Final Work Lab Total Hours

1 ISC 901 Security Engineering 70 30 0 100 48

2 ISC 910 Cryptography 70 30 0 100 48

3 ISC 921 Ethical Hacking 70 30 0 100 48

4 ISC 912 Security Programming 70 30 0 100 48

5 - - Using Security Hardware

Laboratory

- - - - 24

Total in Two Months 216

Second Semester (2 Months)

1 ISC 930 Software Security 70 30 0 100 48

2 ISC 913 Security Standards 70 30 0 100 48

3 ISC 920 Network and Systems Security 70 30 0 100 48

4 ISC 940 Secure Hardware Programming 70 30 0 100 48

5 - - Using Security Hardware

Laboratory

- - - - 24

Total in Two Months 216

Project (1 Month)

(6)

5 Laboratory Requirements

 High Speed Computers (i5/8GB)

 Secure Microcontroller Boards or Emulators

Prerequisites

 Math

 Probability and Statistics

 C Programming

 C++ Programming

 Microcontroller Programming

IV. C

OURSE

S

YLLABUSES

ISC 901 Security Engineering

Course Security Engineering Code ISC 901

Discerption Introduction to Security Engineering, Usability and Psychology, Protocols, Access Control, Cryptography, Distributed Systems, Economics, Multilevel Security, Multilateral Security, Banking and Bookkeeping, Physical Protection, Monitoring and Metering, Nuclear Command and Control, Security Printing and Seals, Biometrics, Physical Tamper Resistance, Emission Security, API Security, Electronic and Information Warfare, Telecom System Security, Network Attack and Defense, Copyright and DRM, The Bleeding Edge, Terror, Justice and Freedom, Managing the Development of Secure Systems, System Evaluation and Assurance.

References Ross J. Anderson, “Security Engineering: A Guide to Building Dependable Distributed Systems”, Wiley, 2008

(7)

6 ISC 910 Cryptography

Course Cryptography Code ISC 910

Discerption Introduction to Cryptography Systems, Classical Ciphers, Block Ciphers and DES, Finite Fields, Advanced Encryption Standards, Block Cipher Operations, Pseudorandom Number Generation and Stream Ciphers, Number Theory, Public-Key Cryptography and RSA, Other Public-Public-Key Cryptosystems, Cryptographic Hash Functions, Message Authentication Codes, Digital Signatures.

References William Stallings, “Cryptography and Network Security, William Stallings”, 5th

Edition, Prentice Hall, 2010

ISC 912 Security Programming

Course Security Programming Code ISC 912

Discerption Using Microsoft Cryptography Service Provider SDK (CSP, CNG), Using RSA Public Key Cryptographic System SDK (PKCS11), And Using Java Security SDK.

References  Microsoft CSP SDK Reference Guide

 Microsoft CNG SDK Reference Guide

 RSA PKCS11 SDK Reference Guide

 Java Security Reference Guide

 Basics of Smart Card Programming using Java

ISC 913 Security Standards

Course Security Standards Code ISC 913

Discerption Common Criteria, Introduction, Common Criteria Standards, Process Overview, Pre-Evaluation Preparation, Developing the Business Case, Resource Allocation, Managing Project Scope, Partner Selection, Evidence Developments Tips, Security Target, Development Evidence, Lifecycle Support Evidence, Test, Vulnerabilities Assessment and Guidance Evidence, Case Studies.

(8)

7

FIPS, Introduction, Threats and Risks, FIPS 140 Overview, Algorithm Validation,

Module Validation, Cost and Timeline, Security Requirements, Case Studies.

References  Wesley Hisao Higaki and Yukie Higaki, “Successful Common Criteria Evaluations: A Practical Guide for Vendors”, CreateSpace Independent Publishing Platform, 2010

 Wesley Hisao Higaki, Ray Potter and Yukie Higaki , “FIPS 140 Demystified: An Introductory Guide for Vendors”, CreateSpace Independent Publishing Platform, 2010

 Common Criteria Standards

 FIPS 140 Standards

ISC 920 Network and Systems Security

Course Network and Systems Security Code ISC 920

Discerption Mutual Authentication, Key Management and Distribution, User Authentication Protocols, Network Security, Transport-Level Security, Wireless Network Security, Electronic Mail Security, IP Security, System Security, Intruders, Malicious Software, Firewalls, Legal and Ethical Issues.

References William Stallings, “Cryptography and Network Security”, 5th_{Edition, Prentice Hall,}

2010

ISC 921 Ethical Hacking

Course Ethical Hacking Code ISC 921

Discerption Overview, TCP/IP Concepts Review, Network and Computers Attacks, Foot-printing and Social Engineering, Port Scanning, Enumeration, Programming for Security Professionals, Desktop and Server OS Vulnerabilities, Embedded Operating Systems the Hidden Threat, Hacking Web Servers, Hacking Wireless Network, Cryptography and Cryptographic Attacks, Network Protection Systems.

(9)

8

References  Michael T. Simpson, Kent Backman and James Corley, “Hands-On Ethical Hacking and Network Defense”, 2nd_{Edition, Delmar Cengage Learning,}

2010

ISC 930 Software Security

Course Software Security Code ISC 930

Discerption Software Cracking, Assembly Language, Windows Reverse Engineering, Linux Reverse Engineering, Windows CE Reverse Engineering, Overflow Attack, Network Stalking, TCP/IP Analysis, Social Engineering, Reconnaissance, OS Fingerprinting, Hiding the Tracks, Platform Attacks, Unix Defense, Unix, Attacks, Windows Client Attacks, Windows Server Attacks, SOAP XML Web Services Security, SQL Injection, Wireless Security, Advanced Defense, Audit Trail Analysis, Intrusion Detection Systems, Honeypots, Incident Response, Forensics and Anti forensics.

References  Cyrus Peikari and Anton Chuvakin, “Security Warrior”, O'Reilly Media, 2004

ISC 940 Secure Hardware Programming

Course Secure Hardware Programming Code ISC 940

Discerption Introduction to 8051, Introduction to Smart MX, Using UART, Using CIU, Using MMU, Using Checksum, Using Copy Machines, Using SBC Module for Symmetric Ciphers, Using Fame2 for Asymmetric Ciphers.

References  NXP P60 Datasheet

 Muhammad Ali Mazidi, Janice G. Mazidi and Rolin D. McKinlay, “The 8051 Microcontroller and Embedded Systems”, 2nd_{Edition, Prentice Hall, 2005}

(10)

9 ISC 950 Security Project

Practical project in one of the following areas: Cryptography and Data Security, Networks and Systems security, Software Security, Hardware Security.

(11)

10 V. A

BOUT

E-C

ODE

E-Code is a leading progressive, innovative company in the field of information security providing

technology, state of the art solutions, consulting, integration and testing services to safeguard

the information assets, identities and the supporting infrastructure against unauthorized use. Our high quality service and excellent benefits and the ability of being reliable and responsible put us as a leader on the top of digital security companies.

E-Code provides unique products and solutions, which cover many security areas fulfilling customers need in different market sectors. We provide a set of products and solutions covering the following areas: software protection, data encryption, security hardware, digital signature, secure identification and authentication, secure online distribution of digital Contents.

We supports different market sectors like; governmental institutes, organizations, banks, software development companies, multimedia software and game producers, media and eBooks publishers and individual users.

Website www.e-code.com

Email [email protected], [email protected], [email protected]

Telephone Fax Dongle Smart Token Fingerprint Smart Token Fingerprint OTP Token Smart Card Secure SD Card Fingerprint Smart OTP Card Secure Flash with Fingerprint

(12)