CS1015 – INFORMATION SECURITY

CS1015 – INFORMATION SECURITY

(Common to CSE and IT)
L T P
3 0 0
UNIT 1 FUNDAMENTALS 9
History − What is information security? − Critical characteristics of information − NSTISSC security
Model − Components of an information system − Securing the components − Balancing security and
access − SDLC − Security SDLC.
UNIT II SECURITY INVESTIGATION 9
Need for security − Business needs − Threats − Attacks − Legal, ethical and professional issues.
UNIT III SECURITY ANALYSIS 9
Risk management − Identifying and assessing risk − Assessing and controlling risk.
UNIT IV LOGICAL DESIGN 9
Blueprint for security − Information security policy − Standards and practices − ISO 17799/BS 7799 −
NIST models − VISA international security mode l − Design of security architecture − Planning for
continuity.
UNIT V PHYSICAL DESIGN 9
Security technology − IDS − Scanning and analysis tools − Cryptography − Access control devices −
Physical security − Security and personnel.
Total: 45
TEXT BOOKS
1. Michael E. Whitman and Herbert J. Mattord, “Principles of Information Security”, Vikas
Publishing House, 2003.
2. Straub, “Information Security : Policy, Processes and Practices”, PHI, 2009.
REFERENCES
1. Micki Krause and Harold F. Tipton, “Handbook of Information Security Management”, Vol 1-
3, CRC Press LLC, 2004.
2. Stuart Mc Clure, Joel Scrambray and George Kurtz, “Hacking Exposed”, Tata McGraw-Hill,
2003.
3. Matt Bishop, “Computer Security Art and Science”, Pearson/PHI, 2002.
4. Patel, “Information Security : Theory and Practice”, PHI, 2006.