Course Info
|
Course Category
|
Computer Science/Information Technology
|
Course Level
|
Graduate
|
Credit Hours
|
3
|
Pre-requisites
|
N/A
|
Instructor
|
Nahil Mahmood
BSc Electrical Engineering
The University of Texas at Austin, USA
|
|
Course Contents
|
|
Course Introduction,
Introduction to Classical Cryptography,
The Threat Environment, Basic Security Terminology, Case Study: The Tjx Data Breach,
Employee and Ex-Employee (Insider) Threats,
Traditional External Attackers, Classic Malware: Viruses and Worms, Trojan Horses and Rootkits,
Other Malware Attacks,
Hackers, Social Engineering used by Hackers,
Cryptography :Definitions & Concepts, Kerckhoff's Principle, Strength of the Cryptosystem, Services of Cryptosystems,
Cryptography (cont...), One-Time Pad, Steganography, Types of Ciphers,
Methods of Encryption, Symmetric Cryptography, Asymmetric Cryptography, Symmetric vs Asymmetric Algorithms,
Symmetric Algorithms, Block Ciphers, Stream Ciphers, Hybrid Encryption Systems,
Types of Symmetric Systems, Data Encryption Standard (DES),
Triple DES (3DES),
Advanced Encryption Standard (AES), International Data Encryption Algorithm (IDEA), Blowfish, RC4, RC5, RC6, Review of Cryptography,
Asymmetric Key Algorithms, Diffie Hellman Algorithm, RSA Algorithm,
Difference between Public Key Cryptography and Public Key Infrastructure (PKI), One-Way Functions, El Gamal, Elliptic Curve Cryptosystems, Knapsack,
Message Integrity, Message Authentication Codes (MAC), HMAC Example, CBC-MAC,
CMAC, Types of Hashing Algorithms, Desired Features of Cryptographic Hash Functions, Hashing Algorithms used Today,
Review of Symmetric Asymmetric and Hashing Algorithms, Digital Signatures, Digital Signature Standard (DSS), Public Key Infrastructure (PKI),
PKI Components, Certificate Authority (CA), Functions of a Certificate Authority, Certificate Revocation List (CRL),
Online Certificate Status Protocol (OCSP), Certificates and X.509, Registration Authority (RA), PKI Example, PKI Components, PKI Security Services,
Review of PKI Digital Certificates Certificate Structure and PKI Services, Key Management, Kerberos Protocol, Key Management Principles, Rules for Keys,
Link Encryption vs End-to-End Encryption, Encryption at Different Layers, Hardware vs Software Cryptography Systems, Email Standards,
Review of Link Encryption vs End-to-End Encryption,
Quantum Cryptography, Internet Security, Internet Protocols,
Secure HTTP(S-HTTP), Secure Electronic Transaction (SET), Cookies and How They Work,
Typical Cryptographic System Working, Secure Shell (SSH), Virtual Private Networks (VPNs), IPSEC (Internet Protocol Security),
Attacks: Passive and Active,
Enterprise Network Architecture, Different Traffic Flows in the Enterprise, Implementing Security in the Enterprise,
Firewalls, Types of Firewalls,
Firewall Configurations and Demilitarized Zone (DMZ), Distributed Firewalls,
Enterprise Network Architecture, Intrusion Detection and Prevention System (IDPS),
IPS Technologies, IPS Response Techniques, Common IPS Detection Methodologies,
Stateful Protocol Analysis, Types of IDPS technologies,
System and Server Security,
Web Application Security, Open Web Application Security Project (OWASP),
OWASP top 10, Secure SDLC,
Information Security Assessments, Technical Assessment Techniques, Testing Viewpoints, Vulnerability Scanning,
Target Vulnerability Validation Techniques, Penetration Testing Overview and Phases,
Security Features on Switches, Layer 2 Security, Types of Layer 2 Attacks, Port Level Traffic Controls,
Spanning Tree Protocol (STP) Features, Access Control Lists on Switches, Layer 2 Security Best Practices,
Twenty Critical Security Controls, Award-winning Security Products,
|
|
|