Course Outline
IAS3333 – Computer and Network Security
Faculty of Computer Science and Information technology
Lecturer : Zuraidy bin Adnan
Phone : 012-2200762
zuraidy@unisel.edu.my
SYNOPSIS
Having knowledge in computer and network security is important in securing computer systems
and network environment. This subject will provide students with a necessary knowledge and
good understanding on the concepts of computer security and the methods to secure the
networks from malicious attacks.
OBJECTIVE
Students should know the importance of security policy and user awareness on a secure network
operation, and its positive impacts to the organization.
TIMETABLE
Day/
Time
Time
Venue
Tuesday (Lab)
Tuesday (Lab)
Thursday
11-1pm
GL105
2-4pm
GL105
2-4pm
BS3
REFERENCES
1. Eric Cole, Ronald L. Kruz, James W. Conley, “Network Security Fundamentals, Wiley 2007 (Main
reference).
2. Wm. Arthur Conklin et al., Principles of Computer Security, Security+ and Beyond, McGraw Hill 2004.
3. Charles P. Pfleeger, Shari Lawrence Pfleeger, “Security in Computing”, Third edition, Prentice Hall
2003.
4. Joseph M. Kizza, “Computer Network Security”, Springer 2005.
5. Rick Lehtinen, “Computer Security Basics”, O'Reilly Media 2006.
ASSESSMENT
Type of Assessment
Assignment
Project
Quizzes/ Test
Mid Sem Test.
Final Exam.
Weightage
10 %
15 %
15 %
20 %
40 %
Frequency
2
1
3
1
1
1
Course Outline:
Week
1&2
3
4
5
6
7
8
9
10
Topic
Chapter 1
General Security Concepts
 Basic Security Terminology
 Security Models
Chapter 2
Network Fundamentals
 Network Architecture
 Network Topology
 Network Protocols
 Packet Delivery
Coursework
Chapter 2, main
reference
(1) Quiz 1
Chapter 3
Attacks and Malware
 Attacking Computer Systems and
Networks
 Auditing
Chapter 6
The role of people in security
 People – A Security problem
 People as a security tool
Chapter 16, main
reference
(1) Quiz 2
(2) Assignment 1
initiated
Chapter 17, main
reference
(1) Midterm exam
(2) Group project
initiated
Chapter 4, main
reference
Semester Break
Chapter 7
Security Baselines
 Overview baselines
(1) Assignment 1
 Password selection
submission
 Operating system and NOS hardening
(2) Assignment 2
 Network hardening
initiated
 Application hardening
Chapter 8
Infrastructure security
 Devices
 Media
 Security concerns for transmission
media
 Removable media
Chapter 9, main
reference
Chapter 15, main
reference
Chapter 4
Email
 Security of email transmissions
 Malicious code
 Hoax emails
 Spam emails
 Mail Encryption
Chapter 5
Web Components
 Current web components and concerns
 Protocols
 Code-based vulnerabilities
Reference
Chapter 14, main
reference
Chapter 10, main
reference
2


11
12
13
14
Security topologies
Tunneling
Chapter 9
Risk Management
 Overview of risk management
 Business risk
 Risk management models
 Qualitatively assessing risk
 Quantitatively assessing risk
 Quali vs Quanti risk assessment
 Tools
Chapter 10
Disaster recovery, business continuity,
and organizational policies
 Disaster recovery
 Policies and procedures
Chapter 11
Computer forensics
 Evidence
 Collecting evidence
 Chain of custody
 Free space vs slack space
 Message digest and Hash
 Analysis
(1) Assignment 2
submitted
Chapter 20, main
reference
(1) Quiz 3
Chapter 19, main
reference
(1) Group project
presentation
Chapter 23, main
reference
(1) Group project
presentation
Revision Week
Final exam
REMINDER
1. Students who fail to comply 80% of attendance can be subjected to be barred
from taking final examination
2. You are now bachelor degree students. So, act, behave, and dress like one.
3. Simple rules - attend class, attend all the quizzes, submit all assignments, and
finished your project.
3