Nama Kuliah : KEAMANAN SISTEM INFORMASI Kode Kuliah

advertisement
Nama Kuliah :
Semester :
Course Type :
Pre-requicite (prasyarat) :
Short syllabus :
Course Goals Statement :
Related Outcomes :
Offered to/Prodi Peserta
Related Course :
Prosentase elemen tujuan
pendidikan :
Activity (hour/week) :
Penilaian/Assessment :
KEAMANAN SISTEM INFORMASI
Kelompok : MKK
Prog. Studi/Peminatan : S1 - SI/IS
Tutorial, class assignment and laboratory assignment
Sifat : Wajib
Kode Kuliah : ISG314
Kredit : 4 SKS
This course is a study of key security issues and procedures in computer and mobile communication networks. Among the issues to be
discussed are: the security of LANs, WANs, databases, and network operating systems; threats to computer networks through
exploitation of network infrastructure design weaknesses; security flaws in the network infrastructure protocols; security of content in
computer network services; risk assessment and security policies; and security in mobile communication networks. Procedures will
include: networks intrusion detection and forensics technologies, cryptographic and authentication systems, capability and access
control mechanisms, and new developments in Internet routing and transport protocols, secure mail, directory, and multimedia
multicast services. Current trends and research in security policies and technologies will also be discussed.
a. To make students aware of the security perils and vulnerabilities in computing in general and in both fixed computer and mobile
networks in particular
b. To familiarize students with the important issues pertaining to protecting computer systems against unauthorized penetration and
access and denial of service to computing systems
c. To introduce to students current and effective procedures to deal with network security threats, including use of “best practices”
software tools.
d. To cultivate students’ interests in the search for network security solutions with the hope that some of them, in later years, may
become lead scientists in this search for durable solutions
a. To create and nurture an ideal atmosphere for academic dialogue, debate, and question-answer sessions among students intended
to deepen the understanding of security of their computerized and networked environments
b. To improve, students' oral and written communication skills
c. To affect students' behavior by challenging them to examine the role ethical and moral deliberations play in the security of their
highly networked environments.
S1 – Information System
Knowledge :
Skill :
Attitude :
Kuliah/course :
Responsi/tutorial :
Praktikum/lab-works :
Lain-lain : (presentasi,eksekursi)
UTS :
UAS :
Quiz/Class Assignment :
Lab Assignment:
45
45
10
26
2
20 %
30 %
20 %
30 %
Sarana/Media
√
√
√
Papan Tulis/White Board
Multimedia Projector
Courseware : Lect. Note, Hand Out, dsb
Perangkat Keras
Perangkat Lunak
Lain-lain
Nilai :
A > nilai 75
65 < B < 75
55 < C < 65
45 < D < 55
Referensi/Pustaka :
Strategi Pedagogi dan Catatan
untuk Pengajar :
Tugas
Lab. Penyelenggara MK :
Pengajar :
Lain-lain :
E < 45
a. Joseph Migga Kizza, Guide to Computer Network Security 2 nd edition, Springer, 2013
b. ISO 27001
c. NIST Special Publications on Security
a. Tutorial
b. Class assignment
c. Lab assignment
a. Class assignment
b. Lab assignment (will be announced at the beginning of lab sessions)
Penganggung Jawab :
Anggota :
Week
Session
Topic
(1)
I.
(2)
1.
II.
2.
3.
(3)
Basic Security Concepts–(Security:
General, Information, Computer, and
Network).
Responsi
The Status of Computer Network Security:
Security Threats; How pervasive are
security attacks
III.
4.
5.
Responsi
Vulnerability of Computer Networks
IV.
6.
7.
Responsi
Cyber Crimes and Hackers & Hostile Scripts
Basuki Rahmad, Dr, CISA, CISM, CRISC
Agus Setiawan, ST
Sub Topics
Reference


(4)
Computer network fundamental
Understanding computer security
(5)





Sources of security threats
Security threat motives
Security threat management
Security threat correlation
Security threat awareness
Chapter 3


Source of vulnerabilities
Vulnerabilities assessment
Chapter 4






Cyber crimes
Hackers
Dealing with the rising tide of cyber crimes
Introduction to CGI
CGI scripts in a three-way handshake
CGI interface
Chapter 5 & 6
Chapter 1 & 2
V.
8.
9.
Responsi
Security Assessment, Analysis and
Assurance
VI.
10.
11.
Responsi
Access Control and Authorization
VII.
12.
13.
Responsi
Authentication
14.
Responsi
VIII.
15.
Cryptography (I)
IX.
16.
17.
Responsi
Cryptography (II)




CGI script security issues
Web script security issues
Dealing with the script security problems
Scripting languange








System security policy
Building a security policy
Security requirement specifiation
Threat identification
Threat analysis
Vulnerability identification and assessment
Security certification
Security monitoring and auditing
Chapter 7







Access rights
Access control systems
Authorization
Types of authorization systems
Authorization principles
Authorization granularity
Web access and authorization
Chapter 9




Multiple factors and effectiveness of authentication
Authentication elements
Authentication methods
Developing an authentication policy
Chapter 10


Ujian Tengah Semester
Conventional and public-key encryption
Hash Functions





Encryption algorithms
Confidentiality
key distribution
message authentication
digital signatures
Chapter 11
Chapter 11
X.
18.
19.
Responsi
Firewalls, Virus/Content Filtering &
Intrusion Detection/Prevention

Chapter 12, 14, 15

Firewall
o Types of firewall
o Configuration and implementation of a firewall
o The demilitarized zone (DMZ)
o Improving security through the firewall
o Firewall forensics
o Firewalls services and limitation
Virus and Content filtering
o Virus filtering
o Content filtering
IDS/IPS




Application-level security
Security in transport layer
Security in network layer
Security in the link layer and over LANS
Chapter 17




Cellular wireless communication network infrastructure
Wireless LAN or WIFI
Standards of wireless networks
Security in wireless networks
Chapter 18





Current major mobile OS
The security in the mobile ecosystems
General mobile device attacks
Mitigation of mobile device attacks
User roles in securing mobile devices
Chapter 19



Security evaluation of computer products
Disaster management
Overview of ISMS Implementation
Chapter 8, 16

XI.
20.
21.
Responsi
Network security Protocols
XII.
22.
23.
Responsi
Security in wireless network
XIII.
24.
25.
Responsi
Mobile network infrastructure and
protocols (Security protocols
and operations
XIV.
26.
27.
Responsi
Security Management
28.
Responsi
Ujian Akhir Semester
Download