Nama Kuliah : Semester : Course Type : Pre-requicite (prasyarat) : Short syllabus : Course Goals Statement : Related Outcomes : Offered to/Prodi Peserta Related Course : Prosentase elemen tujuan pendidikan : Activity (hour/week) : Penilaian/Assessment : KEAMANAN SISTEM INFORMASI Kelompok : MKK Prog. Studi/Peminatan : S1 - SI/IS Tutorial, class assignment and laboratory assignment Sifat : Wajib Kode Kuliah : ISG314 Kredit : 4 SKS This course is a study of key security issues and procedures in computer and mobile communication networks. Among the issues to be discussed are: the security of LANs, WANs, databases, and network operating systems; threats to computer networks through exploitation of network infrastructure design weaknesses; security flaws in the network infrastructure protocols; security of content in computer network services; risk assessment and security policies; and security in mobile communication networks. Procedures will include: networks intrusion detection and forensics technologies, cryptographic and authentication systems, capability and access control mechanisms, and new developments in Internet routing and transport protocols, secure mail, directory, and multimedia multicast services. Current trends and research in security policies and technologies will also be discussed. a. To make students aware of the security perils and vulnerabilities in computing in general and in both fixed computer and mobile networks in particular b. To familiarize students with the important issues pertaining to protecting computer systems against unauthorized penetration and access and denial of service to computing systems c. To introduce to students current and effective procedures to deal with network security threats, including use of “best practices” software tools. d. To cultivate students’ interests in the search for network security solutions with the hope that some of them, in later years, may become lead scientists in this search for durable solutions a. To create and nurture an ideal atmosphere for academic dialogue, debate, and question-answer sessions among students intended to deepen the understanding of security of their computerized and networked environments b. To improve, students' oral and written communication skills c. To affect students' behavior by challenging them to examine the role ethical and moral deliberations play in the security of their highly networked environments. S1 – Information System Knowledge : Skill : Attitude : Kuliah/course : Responsi/tutorial : Praktikum/lab-works : Lain-lain : (presentasi,eksekursi) UTS : UAS : Quiz/Class Assignment : Lab Assignment: 45 45 10 26 2 20 % 30 % 20 % 30 % Sarana/Media √ √ √ Papan Tulis/White Board Multimedia Projector Courseware : Lect. Note, Hand Out, dsb Perangkat Keras Perangkat Lunak Lain-lain Nilai : A > nilai 75 65 < B < 75 55 < C < 65 45 < D < 55 Referensi/Pustaka : Strategi Pedagogi dan Catatan untuk Pengajar : Tugas Lab. Penyelenggara MK : Pengajar : Lain-lain : E < 45 a. Joseph Migga Kizza, Guide to Computer Network Security 2 nd edition, Springer, 2013 b. ISO 27001 c. NIST Special Publications on Security a. Tutorial b. Class assignment c. Lab assignment a. Class assignment b. Lab assignment (will be announced at the beginning of lab sessions) Penganggung Jawab : Anggota : Week Session Topic (1) I. (2) 1. II. 2. 3. (3) Basic Security Concepts–(Security: General, Information, Computer, and Network). Responsi The Status of Computer Network Security: Security Threats; How pervasive are security attacks III. 4. 5. Responsi Vulnerability of Computer Networks IV. 6. 7. Responsi Cyber Crimes and Hackers & Hostile Scripts Basuki Rahmad, Dr, CISA, CISM, CRISC Agus Setiawan, ST Sub Topics Reference (4) Computer network fundamental Understanding computer security (5) Sources of security threats Security threat motives Security threat management Security threat correlation Security threat awareness Chapter 3 Source of vulnerabilities Vulnerabilities assessment Chapter 4 Cyber crimes Hackers Dealing with the rising tide of cyber crimes Introduction to CGI CGI scripts in a three-way handshake CGI interface Chapter 5 & 6 Chapter 1 & 2 V. 8. 9. Responsi Security Assessment, Analysis and Assurance VI. 10. 11. Responsi Access Control and Authorization VII. 12. 13. Responsi Authentication 14. Responsi VIII. 15. Cryptography (I) IX. 16. 17. Responsi Cryptography (II) CGI script security issues Web script security issues Dealing with the script security problems Scripting languange System security policy Building a security policy Security requirement specifiation Threat identification Threat analysis Vulnerability identification and assessment Security certification Security monitoring and auditing Chapter 7 Access rights Access control systems Authorization Types of authorization systems Authorization principles Authorization granularity Web access and authorization Chapter 9 Multiple factors and effectiveness of authentication Authentication elements Authentication methods Developing an authentication policy Chapter 10 Ujian Tengah Semester Conventional and public-key encryption Hash Functions Encryption algorithms Confidentiality key distribution message authentication digital signatures Chapter 11 Chapter 11 X. 18. 19. Responsi Firewalls, Virus/Content Filtering & Intrusion Detection/Prevention Chapter 12, 14, 15 Firewall o Types of firewall o Configuration and implementation of a firewall o The demilitarized zone (DMZ) o Improving security through the firewall o Firewall forensics o Firewalls services and limitation Virus and Content filtering o Virus filtering o Content filtering IDS/IPS Application-level security Security in transport layer Security in network layer Security in the link layer and over LANS Chapter 17 Cellular wireless communication network infrastructure Wireless LAN or WIFI Standards of wireless networks Security in wireless networks Chapter 18 Current major mobile OS The security in the mobile ecosystems General mobile device attacks Mitigation of mobile device attacks User roles in securing mobile devices Chapter 19 Security evaluation of computer products Disaster management Overview of ISMS Implementation Chapter 8, 16 XI. 20. 21. Responsi Network security Protocols XII. 22. 23. Responsi Security in wireless network XIII. 24. 25. Responsi Mobile network infrastructure and protocols (Security protocols and operations XIV. 26. 27. Responsi Security Management 28. Responsi Ujian Akhir Semester