Teaching Scheme
advertisement
Computer Security Topic 1 Name: Introduction to Computer Security and Security Trends Knowledge Category Example/s of category Teaching methodology FACT Security Use appropriate example of security (security guards in college gate) CONCEPT Assets Show any peripheral devices of Computer or Network( Hard disk) Viruses Corrupted Files in pen drive Terrorists News, Videos of terrorist attack like 26/11 attack Malware Use any appropriate examplemalicious code transfer through mobile while sharing the data (Bluetooth)among people Use any appropriate Confidentiality, Integrity, Availability, example – email Accountability Risk PRINCIPLE PROCEDUR E Application and Use any appropriate example – person having large amount of cash in travelling Security Attacks CIA Model Use example of Hacker trying to attack on any email account Use any appropriate PPT Risk Analysis Use any appropriate PPT or Video Steps in Attack Online application Learning Resources: Books: PPT Online Shopping Banking and Online Lecture No. 1 Topic/ Subtopic to be covered Why focus on Security?– “Principals of Computer Security CompTIASecurity+andBeyndo” by Wm. Arthur Conklinchapter 1 Page No 1 E.g The Secureness of precious materials being stolen like gold, money, Mark sheet of student etc.) Definition of Computer Security “Computer Security” by Dieter Gollman Chapter 2, Page No 18 Why security is important (Need of security) “Cryptography and Network Security” by AtulKahate Chapter 1, Page no 1 Eg. Confidential information of defense save on computer of govt dept Basics of computer security – C, I, A Model Confidentiality - “Computer Security” by Dieter Gollman Chapter 2, Page No 20 Integrity - “Computer Security” by Dieter Gollman Chapter 2, Page No 21 Availability - “Computer Security” by Dieter Gollman Chapter 2, Page No 22 Accountability - “Computer Security” by Dieter Gollman Chapter 2, Page No 23 Non-repudiation - “Computer Security” by Dieter Gollman Chapter 2, Page No 23 * Draw pyramid model of CIA Web Site - http://it.med.miami.edu/x904.xml *Note- Conclude the lecture with Block keywords & definitions and suitable diagram 2 Examples of Application where security is important Eg: Bank where locker facility is provided Challenges in security – which are different barriers in security Eg: person tries different ways to crack the password of Computer Models of security 3 Define Risk “Computer Security” by Dieter Gollman Chapter 1, Page No 13 4 What is Assets, Vulnerability and threats “Computer Security” by Dieter Gollman Chapter 1, Page No 10,11 (Harddisk is assest ) Formula for calculation of Risk “Computer Security” by Dieter Gollman Chapter 1, Page No 10 PPTs - www.cs.uiuc.edu/class/sp07/cs498ia/slides/CS46106.RiskAnalysis.ppt What Quantitative & Qualitative Risk Analysis “Computer Security” by Dieter Gollman Chapter 1, Page No 13 Counter measures to mitigate the risk “Computer Security” by Dieter Gollman Chapter 1, Page No 14 Web Site – http://www.digitalthreat.net/2009/06/threat-vs-vulnerability-vs-risk/ 5 What is Threat- Definition What is different categories of Threats Definition of Virus and Worms – Differentiate between them “Principles of Computer Security: Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 7 “Cryptography and Network Security” by AtulKahate Chapter 1 Page no 16, 18 Different types of Viruses – Life Cycle of Viruses (Draw Diagram) “Cryptography and Network Security” by AtulKahate Chapter 1 Page no 16 to 18 Define Intruders & Insiders – Differentiate between them (Give real life example or any movie example) “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 7,8 Web Sites – http://www.f-secure.com/en/web/labs_global/threat-types http://support.kaspersky.com/viruses/general/614 http://peterhgregory.wordpress.com/2009/03/14/security-basics-definitionsof-threat-attack-and-vulnerability/ 6 Who is Criminal purpose(any movie example) Organization – what is their “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 9 Who is Terrorists – what is their aim/goals(any movie example) “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 9 Information Warfare Why there is need of Information Warfare “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 9 Avenues of Attacks (Example of any Criminal Activity) “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 11 Steps in Attack – How attack can happen in any organization like Bank robbery “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 12 7 What is Attack – Definition of attack Active and Passive Attack – Differentiate between them, Classification of passive and active attacks “Cryptography and Network Security” by Atul Kahate Chapter 1 Page no 12 to 15 Denial of Service Attack (DOS & DDOS) “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 400 Web Site - http://www.slideshare.net/chintanjpatel/unit-1-33882940 8 Backdoor, Trapdoors “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 403 Sniffing “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 404 Spoofing “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 405, 406 Encryption Attack “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 410 9 Web Site – https://www.parkbank.com/about/security/computer-security http://vickyvikramaditya1.blogspot.in/2011/08/sniffing-and-spoofing.html PPT – https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web &cd=4&cad=rja&uact=8&sqi=2&ved=0CD8QFjAD&url=http%3A%2F%2 Fwww.pcs.cnu.edu%2F~dgame%2Fcs446Gen%2Ftopics%2FSniffing%2FS niffing.PPT&ei=5WKhU7a2E4OiugTag4CACQ&usg=AFQjCNE2f2hwh4v f1vWecSJh8I8D47Wy0g&bvm=bv.69137298,d.c2E Man-in-middle attack “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 408 Replay Attack TCP/IP Hacking “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 409 Web Site – http://careerride.com/Networking-replay-attacks.aspx PPT – 10 https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web &cd=14&cad=rja&uact=8&ved=0CF0QFjAN&url=http%3A%2F%2Fcsc.c olumbusstate.edu%2Fsummers%2Fnotes%2Fcs557%2F3mf%2FReplayAttacks.ppt&ei=S2OhU9T8GdGdugTCyoLQBw&usg=AFQjCNG0tQwkX Uxg0-6LnH-_ZzDNqSHlzw&bvm=bv.69137298,d.c2E Definition of Malware “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 415 Various categories of Malwares What is Virus and Logic Bombs “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 418 Web site – http://www.malwaretruth.com/the-list-of-malware-types/ http://www.kaspersky.co.in/internet-security-center/threats/malwareclassifications Topic 2 Name: Authentication and Operational Security Objectives Knowledge Category Example/s of category Teaching methodology FACT People Use appropriate example of people- Internet Users Password Show appropriate example- create password to authenticate user for PC or laptop or password for enrollment of admission Use appropriate example-(Iris) retina scan in Adhar Card Office Example-Login screen Biometrics CONCEPT Managing Password Example-Cash withdrawal at ATM Role of People Example-Changing PIN of ATM User Use appropriate PPT's PRINCIPLE Choosing a password APPLICATION Individual Responsibilities Thumb Reader Use Appropriate example of Biometric like Attendance System using Thumb Learning Resources: Books: Title: 1) “Cryptography and Network Security” by Atul Kahate Publisher – Tata McGraw Hill 2) “Computer Security” by Dieter Gollman Publisher – Wiley India 3) “Principles of Computer Security + and Beyond” by Wm. Arthur Conkin Publisher - Tata McGraw Hill Teaching Aids: Black Board, PPTS, Transparencies, Reference Book, Notes. PPTs: Preferably prepare PPTs containing https://depts.washington.edu/...security/your_role_information_secur.ppt http://www.slideshare.net/vidita123/biometrics-final-ppt Lecture No. 1 Topic/ Subtopic to be covered Introduction to operational Security Understand meaning - role of people What is password? “Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 3 “Operational and Organizational Security *Note- Conclude the lecture with Block keywords & definitions and suitable diagram Introduction to terms -identification, Authentication & operational Security To understand role of people in security Cryptography & Network Security by AtulKahateChapter-7pg.nos 271-73 2 3 4 User Name & Password Computer Security by Dieter Gollman Chapter-3, Pg.Nos.36 How to choose & manage password? Computer Security by Dieter Gollman Chapter-3, Pg.Nos.37,38, 39 To understand what are threats while creating passwords. Introduction to terms -identification, Authentication Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.nos-262 Describe different areas where security comes into picture. Cryptography & Network Security by AtulKahateChapte1 Page No.1 to 3 5 Discuss role of people in security Password Selection Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-72 Piggybacking Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-73 Shoulder Surfing Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-70 Dumpster Diving Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-74 6 Installing Unauthorized Software/Hardware Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.Nos-74,75 Access By Non-employee Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-75 Security Awareness Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-76 Individual User Responsibilities Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.Nos-77 Examples of role of people using suitable techniques. http://www.slideshare.net/Clarice_Wilson/atm-frauds-and-solutions 7 Define Access Control Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.no-268 Discuss their principles & policies Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.no-269 " Types of Access controls Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.nos-269,270 8 9 Introduction to Biometrics Types of Biometrics 10 Types of Biometrics & example Finger prints Hand print Retina Patterns Voice Patterns Signature &Writing Patterns Keystrokes Computer Security Principles & Practices " by William Stalling, Lawrie Brown Chapter-3 " pg.nos.92 to 97 PPT: http://www.slideshare.net/vidita123/biometrics-final-ppt Topic 3 Name: Cryptography Knowledge Category Example/s of category Teaching methodology FACT Plaintext Use example of Plaintext–Human language (message:“welcometo third year diploma”) Show any message is Codified by using. KEY Key Cipher Text CONCEPT Cryptography, Cryptanalysis, Cryptology Encryption Decryption Private Key Alphabet A Codified by key “3” to Alphabet “C” Show example of codified message like “ABC” is code to “CDE” Use appropriate example to show the converting of plaintext to cipher text and vice-versa. Show example of encoding plaintext to Cipher text: Eg.”Computer” to” retupmoc” Show example of decoding Cipher text to Plaintext Eg.“retupmoc” to “Computer” Show example of key which need to be kept secret: Eg. door key of own house or password of Lecture No. 1 Topic/ Subtopic to be covered Introduction to Cryptography “Computer Security” by Dieter Gollman Chapter 11, Page No 186 “Principles of Computer Security + and Beyond” by Wm. Arthur” chapter -5 ,Page No- 83 Definition of Cryptography, Cryptanalysis and Cryptology “Cryptography and Network Security” by AtulKahateChapter2, Page No 38-39 Identify and describe the types of cryptography “Principles of Computer Security + and Beyond” by Wm. Arthur” chapter -5 ,Page No- 84 What is Plain text and Cipher Text? Plain text and cipher Text - “Cryptography and Network Security” by AtulKahateChapter2, Page No 40-41” Website http://en.wikipedia.org/wiki/Cryptography http://www.apprendre-en-ligne.net/crypto/bibliotheque/PDF/Kwang.pdf http://cs.stanford.edu/people/eroberts/cs181/projects/dvd- css/cryptography.htm PPT – http://www.sce.uhcl.edu/yang/teaching/csci5931netSecuritySpr05/nsech 02a.ppt 2 What is Substitution Technique? Cryptography and Network Security” by AtulKahate Chapter 2, Page No 41 State different type of substitution technique Cryptography and Network Security” by AtulKahate Chapter 2, Page No 42 Define Caesar’ciper? Explain with example ? Cryptography and Network Security” by AtulKahate Chapter 2, Page No 41-43 Working principle of mono alphabetic substitution technique Cryptography and Network Security” by AtulKahate Chapter 2, Page No 44-46 How Poly alphabetic technique is different from mono alphabetic Cryptography and Network Security” by AtulKahate Chapter 2, Page No 47 Drawback of Substitution technique Cryptography and Network Security” by AtulKahate Chapter 2, Page No 48-54 Website http://www.cimt.plymouth.ac.uk/resources/codes/codes_u1_text.pdf PPTs sce.uhcl.edu/yang/public/Modules/.../Substitution%20Ciphers.ppt 3 What is Transposition Technique? Cryptography and Network Security” by AtulKahate Chapter 2, Page No 54 Working principle of rail fence technique with example Cryptography and Network Security” by AtulKahate Chapter 2, Page No 54-55 Working principle of Simple Columnar with example Cryptography and Network Security” by AtulKahate Chapter 2, Page No 54-58 What is Stenography? State its advantage and disadvantages Cryptography and Network Security” by AtulKahate Chapter 2, Page No 73-74 “Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 Cryptography, page 101-103 Websitehttp://www.cs.man.ac.uk/~banach/COMP61411.Info/CourseSlides/Wk1.2.Classical .pdf PPTs -www.eecis.udel.edu/~mills/teaching/eleg867b/crypto_slides/ch02.ppt 4 Define Encryption? Show a block diagram of encryption Cryptography and Network Security” by AtulKahate Chapter 2, Page No 59 Define Decryption? Show a block diagram of Decryption Cryptography and Network Security” by AtulKahate Chapter 2, Page No 59-62 State the sketch of Symmetric key cryptography and problem of Key Distribution Cryptography and Network Security” by AtulKahate Chapter 2, Page No 62-71 Website: http://www4.ncsu.edu/~kksivara/sfwr4c03/lectures/lecture9.pdf PPTs - cs.ecust.edu.cn/~yhq/course_files/security/topic2.ppt 5 Name the algorithm uses for Symmetric key cryptography Cryptography and Network Security” by AtulKahate Chapter 2, Page No 100 “Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 Cryptography, page 91-94 Conceptual working of DES along with diagram Cryptography and Network Security” by AtulKahate Chapter 2, Page No 101 Computer Security” by Dieter GollmanChapter -11,Page No-199-202” Processing step in DES Cryptography and Network Security” by AtulKahate Chapter 2, Page No 102-103 Website: http://cs.ucsb.edu/~koc/cs178/docx/w04x-des.pdf PPTs - islab.csie.ncku.edu.tw/course/slide/ch_06.ppt 6 Details of each step in DES Algorithm along with block diagram a) What is happening the Initial permutation (IP) Cryptography and Network Security” by AtulKahate Chapter 3, Page No -102-103 b) Details of one Round in DES Cryptography and Network Security” by AtulKahate Chapter 3, Page No -103 i. Step 1- Key transformation Cryptography and Network Security” by AtulKahate Chapter 3, Page No -104 ii. Step2- Expansion permutation Cryptography and Network Security” by AtulKahate Chapter 3, Page No -104-105 iii. Step3- S- Box Substitution Cryptography and Network Security” by AtulKahate Chapter 3, Page No -105-108 iv. Step 4-P- Box substitution Cryptography and Network Security” by AtulKahate Chapter 3, Page No -108-109 v. Step 5- XOR and swap Cryptography and Network Security” by AtulKahate Chapter 3, Page No -109-110 c)Variation of DES Cryptography and Network Security” by AtulKahate Chapter 3, Page No -111 Website http://cs.ucsb.edu/~koc/cs178/docx/w04x-des.pdf https://www.google.co.in/search?q=des%20algorithm&tbm=isch&ei=LGW mU8m1MtaD8gWpnYKwAQ#facrc=_&imgdii=_&imgrc=GRgKBo8qM0i ufM%253A%3BXIxHOqkYyDZ7mM%3Bhttp%253A%252F%252Fi1.ytim g.com%252Fvi%252FiayDUAGu9Ec%252Fhqdefault.jpg%3Bhttp%253A %252F%252Fwww.youtube.com%252Fwatch%253Fv%253DiayDUAGu9E c%3B480%3B360 PPTs -islab.csie.ncku.edu.tw/course/slide/ch_06.ppt 7 i. “What is Asymmetric key cryptography? “Cryptography and Network Security” by AtulKahate Chapter 4,Page No-154-156 Compare Symmetric key cryptography and Asymmetric key cryptography “Cryptography and Network Security” by AtulKahate Chapter 4,Page No-161 Introduction to Digital Signature “ Cryptography and Network Security” by AtulKahate Chapter 4,Page No-165-166 “Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 Cryptography, page 106-107,126,130 “Computer Security” by Dieter GollmanChapter -11,Page No-194-195 Website http://www.icg.isy.liu.se/courses/tsit03/forelasningar/cryptolecture08.pdf http://technet.microsoft.com/en-us/library/cc962021.aspx PPTs -http://www.slideshare.net/rohitbhatta/introduction-to-digital-signatures 8 Basis of Digital signature Cryptography and Network Security” by AtulKahate Chapter 4,Page No-166-167 Computer Security” by Dieter GollmanChapter -11,Page No-194-195” Basis for Hashing Concept Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter 5 page 87-89 Computer Security” by Dieter Gollman Chapter -11,Page No-192-194” http://technet.microsoft.com/en-us/library/cc962016.aspx Message digest Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 page 90 Cryptography and Network Security” by AtulKahate Chapter 4,Page No-167-196 Web Site – http://www.cs.iit.edu/~cs549/lectures/CNS-5.pdf http://www.cs.uiuc.edu/class/fa07/cs498mmp/slides/TFC-F07-Lect15.pdf https://www.entrust.com/wp-content/uploads/2013/05/cryptointro.pdf http://technet.microsoft.com/en-us/library/cc962033.aspx Topic 4 Name: Computer Security Technology and Intrusion Detection Knowledge Category Example/s of category Teaching methodology FACT Attack Use appropriate example to show how attacker attack on Computer security –Eg- attack on particular personal computer to obtained bank account number . Show Attacker try to enter from weak entry point or bypass the security level Eg: illegal accessing particular bank account to transfer money Intrusion Eg-Theft try to enter through window or door Standard Protocols CONCEPT Firewall Virtual Network Kerberos appropriate exampleEgFile transfer –FTP Use appropriate example to show firewall mechanismEg Compound wall for Building, Barrier on Road sides. Restricted access to particular website in College Use appropriate example to private communication Private over public network E.g.: Walky Talky in Army for communicating between soldiers. Use appropriate ppt to show Lecture no 1 Topic/ Subtopic to be covered Introduction to Firewall “Computer Security” by Dieter Gollman Chapter 13, Page No 247 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:435-436 Definition of Firewall “Computer Security” by Dieter Gollman Chapter 13, Page No 247 Need for Firewall in Computer security and network “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:436 Characteristics of Good Firewall “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:437 Types of Firewall and Firewall polices “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:437 “Computer Security” by Dieter Gollman Chapter 13, Page No 248, 249 Limitation and problem in Firewall “Computer Security” by Dieter Gollman Chapter 13, Page No 250 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:452 Website http://www.dis.uniroma1.it/~alberto/didattica/cns-slides/firewalls.pdf http://www.cs.iit.edu/~cs549/slides/chapter-14.pdf PPT www.cs.kau.se/cs/education/courses/dvgc03/p4/Firewalls.ppt 2 Working of packet filtering in firewall “Computer Security” by Dieter Gollman Chapter 13, Page No 248 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:438 Working of Application gateway “Computer Security” by Dieter Gollman Chapter 13, Page No 249 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:441 Working of Circuit level gateways “Computer Security” by Dieter Gollman Chapter 13, Page No 249 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:442 Implementation of Firewall and Firewall configuration “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:448-451 Website: http://www.interpole.net/interpole/products/firewall/interwall/details 3 i. Introduction to VPN “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:469 “Principles of ComputerCompTIA Security +and beyond” by WM.ArthurConklin,Page No 283 VPN Architecture “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:470-472 Types of VPN “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:472 Website http://ptgmedia.pearsoncmg.com/images/1587051796/samplechapter/1587051796c ontent.pdf PPT www.csun.edu/~vcact00f/311/termProjects/.../VPNpresentation.ppt 4 Introduction to Kerberos Computer Security” by Dieter Gollman Chapter 12, Page No 219-221 Relation of Kerberos with Authentication “Principles of ComputerCompTIA Security +and beyond” by WM.Arthur Conklin i.Chapter 11Page No- 263-264 5 How does Kerberos work “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 11 Page No -263-264 “Cryptography and Network Security” by AtulKahateChapter 7Page No-372-377 “Cryptography and Network Security” by William Stallings Chapter 14 Page No 412-413 Website: http://cs.brown.edu/cgc/net.secbook/se01/handouts/Ch09-Kerberos.pdf http://www.cs.kent.edu/~farrell/grid06/lectures/KERBEROS.pdf http://technet.microsoft.com/en-us/library/cc780469(v=ws.10).aspx https://www.google.co.in/search?q=kerberos+authentication&espv=2&source=lnm s&tbm=isch&sa=X&ei=BOimU6HJCNCQuASPr4C4BQ&ved=0CAYQ_AUoAQ &biw=1024&bih=634#facrc=_&imgdii=_&imgrc=IuJfsiiiaao9WM%253A%3BRh 0gI3z74Tb68M%3Bhttp%253A%252F%252Fwww.zeroshell.org%252Fkerberos% 252Fimage%252Fkrbmsg.gif%3Bhttp%253A%252F%252Fwww.zeroshell.org%2 52Fkerberos%252FKerberos-operation%252F%3B638%3B532 6 State different types of Security topology “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 9 Page No206-207 What are Security Zones “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 9 Page No218--221 How the DMZ work “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 9 Page No219 “Cryptography and Network Security” by AtulKahate chapter13 Page no-451-452 Working of VLAN “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 9 Page No222 Website https://www.google.co.in/ search?q=Security+zone&espv=2&source=lnms&tbm=isch&sa=X&ei=oeimU6v MMdeeugTzloJA&ved=0CAYQ_AUoAQ&biw=1024&bih=634#facrc=_&imgdii =_&imgrc=mJa95BMkxqnx_M%253A%3BI06ak8wtCiM2M%3Bhttp%253A%252F%252Fi.msdn.microsoft.com%252Fdynimg%252F IC11169.gif%3Bhttp%253A%252F%252Fmsdn.microsoft.com%252Fenus%252Flibrary%252Fcc507438(v%253Dvs.85).aspx%3B451%3B399 http://www.cse.wustl.edu/ ~jain/cis788-97/ftp/virtual_lans/ PPT-www.cc.gatech.edu/classes/AY2014/cs4270.../4270-vlan-tutorial.ppt 7 What Intruders? state its three types “Cryptography and Network Security” by AtulKahatechapter 13 Page No 472-473 “Computer Security” by Dieter Gollman. Chapter 13 Page No-251 Basic of Intrusion detection System “Cryptography and Network Security” by AtulKahatechapter 13 Page No 473-474 “Computer Security” by Dieter Gollman. Chapter 13 Page No-252 Types of IDS “Cryptography and Network Security” by AtulKahatechapter 13 Page No 474-475 “Computer Security” by Dieter Gollman. Chapter 13 Page No-253 Three Logical Component of IDS “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 13 Page No 321 Honey pots “Cryptography and Network Security” by AtulKahatechapter 13 Page No 475 “Computer Security” by Dieter GollmanChapter 13 Page No 254 Websites http://www.ee.tamu.edu/~reddy/ee689_04/pres_sumitha_james.pdf PPT -www.cs.utexas.edu/users/ygz/395T-01F/reading/arun.ppt 8 What is Host based IDS ?Show its Components “Computer Security” by Dieter GollmanChapter 13 Page No.253 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin .Chapter 13 Page No-323 Cryptography and Network Security” by AtulKahatechapter 13 Page No 474—475 What is Network Based IDS? Show its Components Computer Security” by Dieter GollmanChapter 13 Page No.253 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin .Chapter 13Page No -323 Cryptography and Network Security” by AtulKahatechapter 13 Page No 475 State Advantage of NIDS and Disadvantage of NIDS “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin .Chapter 13Page No -32 PPT - www.cs.northwestern.edu/~ychen/classes/msit458-f11/ids.ppt 9 Why Email security standard is required ? Cryptography and Network Security” by AtulKahate chapter 6 Page No- 307-308 Working Principle of SMTP along its diagram Cryptography and Network Security” by AtulKahate chapter 6 Page No- 308-310 What is PEM? Cryptography and Network Security” by AtulKahate chapter 6 Page No- 310-311 State Four Operation in PEM ? Cryptography and Network Security” by AtulKahate chapter 6 Page No- 311-312 Describe each Step in PEM Operation in detail Cryptography and Network Security” by AtulKahate chapter 6 Page No- 311-314 Website: http://www.hydtechwriter.com/what-is-simple-mail-transfer-protocol-smtp/ PPT- www.cs.huji.ac.il/~sans/students_lectures/PEM.ppt 10 Describe PGP Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocol Page No- 314-315 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin . Chapter 16Page No 433 How PGP Works Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocol Page No- 314-315 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin . Chapter 16Page No 433 State step wise Operation in PGP Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocal Page No- 315-316 What is S/MIME ?Describe working principle of S/MIME Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocal Page No- 322-326 11 Introduction of IP Security Cryptography and Network Security” by AtulKahate chapter9 Page No-452-453 “Computer Security” by Dieter Gollman Chapter 13 Page No -239 Overview of IPSecalong with its Application and advantage Cryptography and Network Security” by AtulKahatechapter9 Page No-454-455 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-485486 2 types IPsec Protocol Cryptography and Network Security” by AtulKahatechapter9 Page No-455-457 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-486487 Draw the format of AH Header in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-459-463 “Computer Security” by Dieter Gollman Chapter 13 Page No -239 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-494496 Draw the format of ESP in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-464-465 “Computer Security” by Dieter Gollman Chapter 13 Page No -239 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-498500 Website: http://securityweekly.com/presentations/IPSEC.pdf http://technet.microsoft.com/en-us/library/cc776369(v=ws.10).aspx https://sc1.checkpoint.com/documents/R76/CP_R76_VPN_AdminGuide/13847.ht m http://www.isaserver.org/articles-tutorials/articles/IPSec_Passthrough.html 12 What is Security Association “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter11 Page No:284-285 What is IPSec Configuration “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter11 Page no-285-286 Describe the Tranport and Tunnel Modes of AH Header in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-463 Describe the Transport and Tunnel Modes of ESP in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-464-466 Website: http://www.isaserver.org/articles-tutorials/articles/IPSec_Passthrough.html http://www.deepsh.it/networking/IPSec.html https://techlib.barracuda.com/display/bngv52/how+to+create+an+ipsec+vpn+tunne l+between+the+barracuda+ng+firewall+and+a+pfsense+firewall http://flylib.com/books/en/3.190.1.135/1/ https://training.apnic.net/docs/eSEC03_IPSec_Basics.pdf PPT-www.cs.northwestern.edu/~ychen/classes/mitp-458/ipsec.pp Topic 5 Name: IT Act and Cyber Law Knowledge Category Example/s of category Teaching methodology FACT File Use appropriate example of any Software File like DOC, PPT or EXE file Act Use appropriate example of any Government Ragging Act 2009 or any related IT Act or IPC Act, Copyright Act Crime Use appropriate example of Crime For example – Internet Fraud, any Criminal Activity or Hacking Computer System Law CONCEPT Cyber Crime Hacking & Cracking Piracy Investigation Use appropriate example of Indian Government Law like Murder Law etc Use any appropriate PPT Use any appropriate example of Hacking like Facebook hacking etc. Use any appropriate example like Software Piracy, CD Piracy etc Use any appropriate Lecture No. 1 Topic/ Subtopic to be covered PPTs What is Data Recovery What is Computer File - Reasons of Data lost Procedure to recover Deleted file from FAT & NTFS Partition What is Partitioning in Computer System – Types of Partitions Reasons of Partition damage Formatted Partition Recovery Procedure (FAT / NFTS) Data Recovery Categories & different Tools available Procedure of Data Recovery & Ethics http://www.aboutpartition.com/types-of-hard-drive-partitions/ http://www.recuperationdedonneesperdues.com/data-recovery http://www.robertuniverse.com/introduction-to-data-recovery/ http://psonlinehelp.equallogic.com/V4.2/Content/AdminNewBook/AdminN ew_recover.htm http://transparen.com/data-protection-group/data-recovery-ethics 2 What is Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 181 Different Types of Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 182 What is Hacking & Cracking – Types of Hackers Virus & its attacks Define terms – Pornography, Software Piracy “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 174 PPTs – http://www.slideshare.net/aemankhan/cybercrimeppt-27376284 https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=7 &cad=rja&uact=8&sqi=2&ved=0CEIQFjAG&url=http%3A%2F%2Fwww. cyberseminar.cdit.org%2Fpdf%2F09_02_09%2Floknath.ppt&ei=kceiU_aJ9OHuATko4BA&usg=AFQjCNGmpx90JfvtJWuJde2U7XfLaVF7Zg&bv m=bv.69411363,d.c2E 3 4 Intellectual Property – Copyright & Industrial Property “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 166 http://www.wipo.int/export/sites/www/freepublications/en/intproperty/450/ wipo_pub_450.pd Which are different types of legal Systems & its laws Define term – Mail Bombs, Bug Exploits Cyber Crime Investigation – its procedure PPTs – http://www.slideshare.net/mahmoodttc/intellectual-property-ppt-final http://www.slideshare.net/tabrezahmad/cybercrime-investigation http://www.scribd.com/doc/94789254/Ppt-on-Investigation-Method-ofCyber-Crime Need of Cyber Law & What is Cyber Law “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 184 & 187 IT Act 2000- Objectives, Scope, Provisions, Advantages & disadvantages “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 185 IT Act 2008 – Modification in IT Act 2000, Characteristics PPTs http://www.slideshare.net/YogendraWagh/it-act-ppt-1111 http://www.powershow.com/view1/268863ZDc1Z/Information_Technology_Act_2000_v_s_2008_powerpoint_ppt_pre sentation http://www.slideshare.net/Arnab_Roy_Chowdhury/cyber-law-15036761 Topic 6 Name: Application and Web Security Knowledge Category Example/s of category Teaching methodology FACT Standard Protocols Demonstrate with SSL,TLS suitable Chart Web security threats CONCEPT Hotfix Patch Upgrades Small section of code designed to fix problems Ex- Any work done on Windows 2000 is targeted at the next service pack and hotfixes are built against the existing available base. Lecture No. 1 Topic/ Subtopic to be covered What is application hardening ? What is Patches? What is Web security? “Principles of Computer Security CompTIA Security +and beyond” by WM.Arthur Conklin Chapter-14 pg.nos-373 to 378 2 How web server works? What is active Directory? Web security threats Web security approaches 3 Working of SSL,TLS i. "Cryptography & Security" by C.K.ShyamalaN.HariniDr T R Padmanabhan Chapter-11 Pg. nos358 to391 ii. AtulKahate Cryptography & Network Security Chapter-6. Pg.nos-218 to 231 PPT4 www.smsvaranasi.com/KMC/kmc_ppt/islc/SET.ppt Working of SET i. "Cryptography & Security" by C.K.ShyamalaN.HariniDr T R Padmanabhan Chapter-11 Pg. nos391 to 415 ii. "Cryptography & Network Security "by AtulKahate Security Protocols" Pg.nos 231 to 251 PPT euclid.barry.edu/~zuniga/courses/cs477/SET.ppt Chapter-6. "Internet Information Security Topic 1 Name: Introduction security & Model Knowledge Category Example/s of category FACT Security CONCEPT PRINCIPLE Teaching methodology Use appropriate example of security – security guards outside office Ex: Students data that is Data details through which you can easily find out any student. Three pillars of Use any appropriate PPT and example – email information security Confidentiality, Integrity, Availability Information security CIA principles Learning Resources: Books: “Principles of Information Security” By Whitman Publisher - Cengage india “Information System Security” by Godbole Nina Publisher - John Wiley “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Publisher – Pearson “Information Security & Cyber Laws” by Saurabh Sharma Publisher Vikas Publishing House Teaching Aids: Black board, Chalk, Transparencies, Power point presentation slides(PPTs), Reference books, notes, LCD projector/OHP Projector PPTs- PPT with Sample: Preferably prepare PPTs containing(Keyword in Google search:- “ppt for event classification in information security” Select “ 2nd Link”) www.oic-ci.gc.ca/eng/DownloadHandler.ashx?...security.ppt Websites https://www.cs.duke.edu/courses/summer04/cps001/.../Lecture15.ppt Lecture No. Topic/ Subtopic to be covered 1 2 Define Security – Example of Security Guard Define Information – Example like Student / Employee Data What is the need of information? – Area where information is used Why information is important? – what are the advantages of Information in day to day life “Principles of Information Security” By Nina Godbole Chapter -5 Note – Summarize the key points & definitions of Topic Example of application where information is important Example: Governments, commercial businesses, and individuals are all storing information electronically - compact, instantaneous transfer, easy access Ability to use information more efficiently has resulted in a rapid increase in the value of information Define Information Security “Principles of Information Security” By Nina Godbole Chapter -1 Page No 1 to 5 PPT 3 4 5 6 7 8 iii. https://www.cs.duke.edu/courses/summer04/cps001/.../Lecture15.ppt How information is classified? Which criteria is required for classification of Information – List various criteria “Principles of Information Security” By Nina Godbole Chapter -5 Page No 76 to 80 What is the need of security Why information security is important? “Principles of Information Security” By Nina Godbole Chapter -1 Page No 2,3 Basic principles of information security – Show Pyramidal Model of CIA Confidentiality- Authorized user should able to access information Integrity- Authorized user should able to modify information Availability- whether authorized users or host should be available Which are pillars of Information security? Demonstrate with diagram “Principles of Information Security” By Nina Godbole Chapter -5 Page No 73 to 75 What is data obfuscation? Example for data obfuscation “Principles of Information Security” By Nina Godbole Chapter -5 Page No 81, 82 Event classification “Principles of Information Security” By Nina Godbole Chapter -5 Page No 83 to8 5 PPT iv. www.oic-ci.gc.ca/eng/DownloadHandler.ashx?...security.ppt Topic 2 Name: Information Security Architecture and Model Knowledge Category Example/s of category Teaching methodology FACT Information Use example like Data Security CONCEPT Management Use appropriate example of Management – College management system etc. Standards User appropriate examples like ISO standard Guidelines Policy PROCEDURE User appropriate examples like Guidelines of writing paper, experiments etc. User appropriate examples like Password Selection Policy Confidentiality Model User appropriate examples like belief in relationship User appropriate PPTs & Integrity Model examples Trust PRINCIPLE Use appropriate example of security – security guards Evaluation Criteria – User appropriate PPTs & TCSEC examples Department of Defense (India/U.S.) Learning Resources:: Books: “Information System Security” by Godbole Nina Publisher - John Wiley “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt Publisher – Pearson Teaching Aids: Black board, Chalk, Transparencies, Power point presentation slides(PPTs), Reference books, notes, LCD projector/OHP Projector Lecture No. Topic/ Subtopic to be covered 1 What is Information Security, Why Information Security (Revision) Definition of Risk Management o Use suitable example like organization, College etc. Components of Risk Management o Diagram of Components & explain each component Web Site – http://demop.com/articles/what-is-information-security.pdf http://www.investopedia.com/terms/r/riskmanagement.asp http://www.whatisriskmanagement.net/ https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1& cad=rja&uact=8&ved=0CBsQFjAA&url=http%3A%2F%2Fwww.specialoly mpics.bc.ca%2Fsites%2Fdefault%2Ffiles%2FSanctioning%2520%2520Risk%2520Management.doc&ei=MFOlU4WRO9CVuATUtoDoCw& usg=AFQjCNF6CfirRE9Si7HfgGcz0KoL2HLzuA&bvm=bv.69411363,d.c2 E PPts – https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=8& cad=rja&uact=8&sqi=2&ved=0CDoQFjAH&url=http%3A%2F%2Fwww.ju st.edu.jo%2F~tawalbeh%2Faabfs%2Fiss6753%2Fpresentations%2FRMP.ppt &ei=ZlOlU8SkE9CKuATpzYDoCg&usg=AFQjCNHFQFBF90DQB0kiin7e EJr1zoDvHA&bvm=bv.69411363,d.c2E How to Identify Risk Calculation of Risk – Show formula for calculation of Risk Quantitative & Qualitative Risk Analysis – Give comparison with example “Information System Security” by Nina Godbole Chapter No 6, Page no 92,93 “Computer Security” by Dieter Gollman Chapter 2, Page No 26 “Information System Security” By Nina Godbole What is Security Policy – Types of Policies “Information System Security” by Nina Godbole Chapter No 4, Page no 57, 58 What is Guidelines & Standards – o Give example like Guidelines for Online exam etc. o Give example like ISO etc. “Information System Security” by Nina Godbole Chapter No 4, Page no -61 Web Site – http://www.pearsonitcertification.com/articles/article.aspx?p=418007&seqN um=5 2 3 4 5 Trusted Computing Base (TCB)- Definition, Features & Elements “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -118 What is Ring of Trust – Use diagram “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -119 Ring of Trust for Stand-alone systems & for Network environment o Use diagram “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -120, 121 Web Site – http://searchsecurity.techtarget.com/definition/trusted-computing-base http://link.springer.com/chapter/10.1007/978-3-642-04831-9_10#page-1 PPTs – https://wiki.engr.illinois.edu/download/attachments/183272958/trustelements-and-examples.pdf?version=1&modificationDate=1318426648000 What is Protection mechanisms o Use example like Antivirus, CCTV cameras etc. Different Protection Mechanisms in TCB– Prepare Chart “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -121 to 123 Process Isolation Principles of least privilege Hardware Segmentation Layering Abstraction Data Hiding 6 7 Information Storage – Prepare the Chart & display Primary & Secondary Storage Real & Virtual Memory Random Memory Sequential Storage Volatile Memory Closed & Open System Multitasking, Multiprogramming & Multiprocessing System Finite State Machine Web Site – http://www.cl.cam.ac.uk/~rja14/policy11/node22.html#SECTION000490000 00000000000 PPTs https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=7& cad=rja&uact=8&ved=0CEAQFjAG&url=http%3A%2F%2Fwww.aast.edu %2Fpheed%2Fstaffadminview%2Fpdf_retreive.php%3Furl%3D373_23865_ CR415_2011_1__1_1_merkow_ppt_05.ppt%26stafftype%3Dstaffcourses&e i=gFilU6PwJtiXuAT99oLQCQ&usg=AFQjCNGWq3ilHnruRPVVKLYpuqxTUWGRA&bvm=bv.69411363,d.c2E System Security Assurance Concepts ii. Functional & Assurance Requirement iii. Goals of Security Testing iv. Formal Security Testing Models “Principles of Information Security” By Nina Godbole Chapter -5 Page No 83 to8 5 8 What is Trusted Computer Security Evaluation Criteria (TCSEC) “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -125 Purpose of TCSEC Classes of Divisions of TCSEC Prepare Chart for use of Divisions and Classes “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -126, 127 c) Division D d) Division C – Class C1 & Class C2 9 e) Division B – Class B1,Class B2, Class B3 f) Division A – Class A1 “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt Chapter No 5 Page No -127, 128, 129 Web Site – http://www.cse.psu.edu/~tjaeger/cse443-s12/docs/ch12.pdf http://www.boran.com/security/tcsec.html 10 What is Information Technology Security Evaluation Criteria (ITSEC) “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -129 Comparison of ITSEC & TCSEC “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -130 ITSEC Purposes & Assurance Classes – E0 to E6 o Prepare chart for description of E0 to E6 Web Site – http://www.iwar.org.uk/comsec/resources/standards/itsec.htm http://www.newstaff.com/criteria/itsec/levels/index.html http://www.cse.dcu.ie/essiscope/sm2/beyond/itsec.html 11 What is Confidentiality & Integrity Model – Different Models “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -141, 142 Bell-LaPadula Model Biba Integrity Model “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt Chapter No 5 12 Web Sites – http://www.digitalthreat.net/2010/05/information-security-models-forconfidentiality-and-integrity/ PPTs https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=8& cad=rja&uact=8&ved=0CEUQFjAH&url=http%3A%2F%2Fwww.cs.gsu.ed u%2F~cscyqz%2Fcourses%2Faos%2Fslides09%2Fch8.3-Fall09XiaoChen.ppt&ei=01ylU80n1J66BM6TgLgD&usg=AFQjCNF75f57UF6r4d CxBVAEZVSPZEJHzw&bvm=bv.69411363,d.c2E https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=10 &cad=rja&uact=8&ved=0CFEQFjAJ&url=http%3A%2F%2Fwww.etcs.ipfw .edu%2F~steffen%2FITT%2FOld-PP%2FChapter%25205Network%2520SecurityITT.ppt&ei=01ylU80n1J66BM6TgLgD&usg=AFQjCNFsMY6g2X8tr2dPvo mZbaIldMrVvg&bvm=bv.69411363,d.c2E Advanced Models- Definition and Use “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -142 vi. Clark &Wilson Model vii. Noninterference Model viii. State Machine Model ix. Access Matrix Model x. Information Flow Model Web Sites – http://www.commondork.com/2010/05/16/bell-la-padula-biba-andclark-wilson-security-models/ http://crypto.stanford.edu/~ninghui/courses/Fall03/papers/landwehr_s urvey.pdf Topic 3 Name: Cryptography Knowledge Category Example/s of category Teaching methodology FACT Plaintext Use example of Plaintext–Human language understandable by Sender and receiver. Key (message:“welcome to third year diploma”) Cipher Text Show any message is Codified by replacing or reposting. KEY is “3” Alphabet A Codified by key “3” to Alphabet “C” Show example of codified message like MOUSE is code to “UEMOS” CONCEPT Cryptography, Cryptanalysis Use appropriate example to show the converting of plaintext to cipher text and vice-versa – “In war times message is cryptograph and sent in order to protect from enemy.” Encryption Decryption Private Key Public Key Show example of encoding plaintext to Cipher text: Eg. ”Computer” to” retupmoc” Show example of decoding Cipher text to Plaintext Eg.“retupmoc” to “Computer” Show example of key which need to be kept secret: Lecture No. Topic/ Subtopic to be covered 1 Introduction to Data Encryption Technique “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 11 What is Cryptography? – Draw diagram “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No1314 What is Cryptanalysis? “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 14-15 Application of Cryptography “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 14-15 Website http://en.wikipedia.org/wiki/Cryptography http://www.apprendre-en-ligne.net/crypto/bibliotheque/PDF/Kwang.pdf http://cs.stanford.edu/people/eroberts/cs181/projects/dvd- css/cryptography.htm Classical Encryption Technique used by Sender and Recipient 2 “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 11 State 2 types of Encryption Methods? “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 12 iii. Give various components of Symmetric Encryption And Decryption Process – Use Diagram “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 12-13 Website: http://www.apprendre-en-ligne.net/crypto/bibliotheque/PDF/Kwang.pdf PPT – 1. https://www.cs.purdue.edu/homes/ninghui/.../526_Fall12_topic02.ppt 3 iv. Define Substitution Cipher “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 15 v. Working principle of Caesar cipher “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 15-16 Ex: message “MOUSE” CODED MSG: UEMOS vi. State advantage and disadvantages of Caesar Cipher “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 16 vii. Working principle of Monoalphabetic cipher “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 16-17 Website http://www.math.uic.edu/CryptoClubProject/CCpacket.pdf PPT – https://www.cs.usfca.edu/~brooks/S03classes/cs486/lectures/lecture-3.ppt 4 1. Working principal of Playfair cipher – Show example “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 17-19 2. Hill cipher – Show example “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 19-21 Website http://www.ling.ohio-state.edu/~cbrew/2008/spring/playfair.pdf PPT https://www.uop.edu.jo/material/1843212812010.ppt 5 a) Define Transposition cipher. State its 2 types “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 26-27 b) How Row transposition cipher works – Use example “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 2627 Website 6 http://courses.cs.tamu.edu/pooch/665_spring2008/Australian-sec-2006/less05.html a) Working principle of One Time Pad – Give example & Solve it “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 24 PPT https://www.cs.usfca.edu/~brooks/S03classes/cs486/lectures/lecture-3.ppt 7 b) What is Stegnography? – Flow diagram “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 28 Uses of Stegnography “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 28 Stegnography and security “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 28 Website8 http://arxiv.org/ftp/arxiv/papers/0912/0912.2319.pdf Introduction to Digital Signatures, “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no -204 Implementation of Digital Signature o Use Flow diagram for explanation “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no -206 Association of Digital signature and Encryption “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no -206 Website http://www.youdzone.com/signature.html http://www.infosec.gov.hk/english/itpro/public_main.html 9 What are Digital Signature Algorithm “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 208 Working Principle of Various Digital Signature Algorithm “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 209-212 Websitea) http://www.cs.haifa.ac.il/~orrd/IntroToCrypto/online/fips_186-3.pdf 10 Authentication Protocols – List different Protocols “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 214 11 What is Digital Signature Standards “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 213 Website12 http://www.cs.haifa.ac.il/~orrd/IntroToCrypto/online/fips_186-3.pdf http://courses.cs.tamu.edu/pooch/665_spring2008/Australian-sec-2006/less19.html Give Application Digital Signature Standards “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 213-214 Website http://www.cs.haifa.ac.il/~orrd/IntroToCrypto/online/fips_186-3.pdf Topic 4 Name: Data Recovery and Cyber Security Knowledge Category Example/s of category Teaching methodology FACT File Use appropriate example of any Software File like DOC, PPT or EXE file Act Use appropriate example of any Government Ragging Act 2009 or any related IT Act or IPC Act, Copyright Act Crime Use appropriate example of Crime For example – Internet Fraud, any Criminal Activity or Hacking Computer System Law CONCEPT Cyber Crime Hacking & Cracking Piracy Investigation PROCEDURE Use any appropriate example of Hacking like Facebook hacking etc. Use any appropriate example like Software Piracy, CD Piracy etc Use any appropriate example of investigation bureau Cyber Law Use any appropriate PPT or example like IT Act 1961 etc. Use any appropriate PPT IT Act 2000, 2008 Use any appropriate PPT Data Recovery Tools Use IT Act PRINCIPLE Use appropriate example of Indian Government Law like Murder Law etc Use any appropriate PPT any appropriate Freely available tool like - Lecture No. 1 Topic/ Subtopic to be covered PPTs 2 What is Data Recovery What is Computer File - Reasons of Data lost Procedure to recover Deleted file from FAT & NTFS Partition What is Partitioning in Computer System – Types of Partitions Reasons of Partition damage o List out the reasons Formatted Partition Recovery Procedure (FAT / NFTS) http://www.aboutpartition.com/types-of-hard-drive-partitions/ http://www.recuperationdedonneesperdues.com/data-recovery http://www.robertuniverse.com/introduction-to-data-recovery/ http://psonlinehelp.equallogic.com/V4.2/Content/AdminNewBook/AdminNe w_recover.htm Data Recovery Categories Different Tools available for Windows etc. – List of various freely available tools on Internet Procedure of Data Recovery – Give step wise example Data Recovery Ethics Website a) http://pcsupport.about.com/od/filerecovery/tp/free-file-recoveryprograms.htm b) http://transparen.com/data-protection-group/data-recovery-ethics 3 What is Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 181 Different Types of Cyber Crime o Use tree diagram for Types of Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 182 PPTs – http://www.slideshare.net/aemankhan/cybercrimeppt-27376284 https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=7& cad=rja&uact=8&sqi=2&ved=0CEIQFjAG&url=http%3A%2F%2Fwww.cy berseminar.cdit.org%2Fpdf%2F09_02_09%2Floknath.ppt&ei=kceiU_aJ9OHuATko4BA&usg=AFQjCNGmpx90JfvtJWuJde2U7XfLaVF7Zg&bvm =bv.69411363,d.c2E 4 What is Hacking & Cracking – Types of Hackers Virus & its attacks – List types of attacks like Dos, DDos… Define terms – Pornography, Software Piracy o Use example like CD Piracy etc. “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 174 Website – a) http://www.legalservicesindia.com/articles/cyhac.htm b) http://evestigate.com/cyber-crime-hacker-terms-to-know/ 5 What is Intellectual Property Copyright, Patents Industrial Design Rights Trademark – Use example like logo of MSBTE etc. What is Industrial Property “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 166 Define term – Mail Bombs, Bug Exploits Website – a) http://www.wipo.int/export/sites/www/freepublications/en/intproperty/450/ wipo_pub_450.pdf 6 7 PPTs – http://www.slideshare.net/mahmoodttc/intellectual-property-ppt-final Which are different types of legal Systems & its laws Cyber Crime Investigation – its procedure Website http://www.slideshare.net/tabrezahmad/cybercrime-investigation http://www.scribd.com/doc/94789254/Ppt-on-Investigation-Method-ofCyber-Crime Need of Cyber Law “Cyber Crimes and related Laws” by Saurabh Sharma Chapter 8 Page no 184 & 187 What is Cyber Laws – Definition of Cyber Law “Cyber Crimes and related Laws” by Saurabh Sharma Chapter 8 Page no 184 PPTs http://www.slideshare.net/Arnab_Roy_Chowdhury/cyber-law-15036761 8 IT Act 2000- Objectives, Scope, Provisions, Advantages & disadvantages “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 185 o List out the Chapters IT Act 2008 – Modification in IT Act 2000, Characteristics o List out the Chapters PPT – http://www.slideshare.net/YogendraWagh/it-act-ppt-1111 http://www.powershow.com/view1/268863ZDc1Z/Information_Technology_Act_2000_v_s_2008_powerpoint_ppt_pre sentation Topic 5 Name: Access, Physical Control and Compliance Standards Knowledge Category Example/s of category FACT Identification CONCEPT Use any physical mark of identification example like Green color eyes . Use appropriate example Biometrics of Biometrics – Thumb impression used in attendance system of Physical access control college. Use example of Door Security system or Digital Locker –Thumb impression is used to open lock etc. Compliance Standards Acting according to certain accepted standard .Eg like ISO standard Authorization Authentication Framework PRINCIPLE Teaching methodology Kerberos Model Specifying access rights to particular resources Eg: human resources staff is normally authorized to access employee records. It includes formalized as access control rules in a computer system. Accepting proof of identity given by a credible person examples like College ID card or Employee ID, Passport Structure of Computer System Use example of Software frameworks include support programs, compilers, code libraries, tool sets, and API User appropriate PPTs & Lecture No. Topic/ Subtopic to be covered 1 What is Identification? – Use example like Photo ID card “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 234 Define Authorization? State its features “Principles of Information Security” by By Michael E. Whitman , Herbert J. Mattord Chapter 6 Page no 249 What is Authentication? “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 234 State features of Biometrics? – Use example like Thumb Reader etc. “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 241 Give various element involved in Biometrics System – Show diagram “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 241 How Single Sign- on works? – Use diagram “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 242 Website – http://www.cyberciti.biz/faq/authentication-vs-authorization/ http://www.cse.iitk.ac.in/users/biometrics/pages/what_is_biom_more.h http://www.biometrics.gov/ PPT – www.cse.fau.edu/~security/public/BiometricsPresentation.ppt https://www.owasp.org/.../OWASPSanAntonio_2006_08_SingleSignO n. 2 Describe Kerberos Model? o Use various servers used in Kerberos o Draw diagram “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 243 Show relation of Kerberos with Authentication Ex: Student is allowed to enter in Library hall by checking College ID and entering name in Register and Verify by Librarian or any other suitable examples “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 243 How Remote Access works? “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 247 Remote user access and Authentication “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 247 Website: a) http://technet.microsoft.com/en-us/library/cc780469(v=ws.10).aspx b) http://www.google.co.in/imgres?imgurl=&imgrefurl=http%3A%2F%2Fwww.codep roject.com%2FArticles%2F27554%2FAuthentication-in-web-services-using-C-andKerbero&h=0&w=0&tbnid=qv2CJmNFmv7QYM&zoom=1&tbnh=186&tbnw=27 0&docid=IGaJwLDTXe1FmM&tbm=isch&ei=GeoU_3TCZKgugS8r4LwCQ&ved=0CAIQsCUoAA c) https://software.intel.com/sites/manageability/AMT_Implementation_and_Referenc e_Guide/default.htm?turl=WordDocuments%2Fintroductiontokerberosauthenticatio n.htm PPT: a) www.obscure.org/~jafitz/250_p1/Kerberos.ppt b) www.isi.edu/~annc/classes/grid/lectures/sivaLecture.ppt 3 What is Physical access control? Ex: Use example of Door Security system or Digital Locker –Thumb impression is used to open lock etc “Principles of Information Security” by By Michael E. Whitman , Herbert J. Mattord Chapter 9 Page no 400 a) What are threat invoked in Physical access “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 8 Page No 195. a) Need for Physical Security “Information System Security” by Nina Godbole Chapter 7 Page No 101 Website – http://www.cdn.com/securitysystemPhysical.aspx 4 b) What is Physical Security – example like wall, security dogs, safety doors etc. “Information System Security” by Nina Godbole Chapter 7 Page No 102 c) How to provide physical security “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 8 Page No 197, 198 Website – http://www.cdn.com/securitysystemPhysical.aspx 5 Define Compliance in general term What is Compliance Standard Implementing and Information Security Management System (ISMS) “Information System Security” by Nina Godbole Chapter 4 Page No 64 and Chapter 23Page No 424 Website: www.oxforddictionaries.com/definition/english/compliance http://www.immusec.com/en/implementation-information-securitymanagement-system https://www.aiche.org/ccps/topics/elements-process-safety/commitmentprocess-safety/compliance-standards/introduction 6 ISO 27001“Information System Security” by Nina Godbole Chapter 22 Page No 400 ISO 20000 “Information System Security” by Nina Godbole Chapter26 Page No 470 BS25999 PCI DSS “Information System Security” by Nina Godbole Website www.iso.org/iso/home/standards/management-standards/iso27001.htm www.iso27001security.com http://www.standards.org/standards/listing/iso_20000 https://www.pcisecuritystandards.org/security_standards/ http://www.securityassessment.com/files/presentations/PCI_DSS_Presentation_0107.pdf https://www.set.or.th/.../BCM%20with%20PWC%2027%20April%20v3. PPT 7 www.ermantaskin.com/bcm/BS25999_ERMAN_TASKIN.ppt How ITIL frameworks help the IT organization? “Information System Security” by Nina Godbole Chapter26 Page No 470 Website http://www.itil-officialsite.com/AboutITIL/WhatisITIL.aspx http://www.best-management-practice.com/gempdf/itil_the_basics.pdf PPT a) https://www.ok.gov/OSF/documents/ITILOverview.ppt b) www.chakarov.com/powerpoints/itilv3overview.ppt 8 How COBIT framework works in IT organization “Information System Security” by Nina Godbole Chapter 22 Page No 400 and Chapter 25 Page No 449 Website: a) http://www.isaca.org/cobit/documents/cobit-5-introduction.pdf b) http://www.counterpoint.co.za/pages/cobit.htm c) http://www.isaca.org/COBIT/Documents/COBIT5-Ver2-FrameWork.pdf ppt: a) www.isaca.org/cobit/documents/cobit5-introduction.ppt b) https://www.vpit.ualberta.ca/frameworks/ppt/cobit_introduction.pp
