Lecture1

Lecture1 - TEL2813/IS2820 SecurityManagement Lecture1...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
TEL2813/IS2820  Security Management Lecture 1 Jan 10, 2006
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Course objective The course is aimed at imparting  knowledge and skill sets required to  assume the overall responsibilities of  administration and management of  security of an enterprise information  system. 
Background image of page 2
Course objective After the course, ability to to carry out detailed  analysis  of enterprise security by  performing various types of analysis  vulnerability analysis, penetration testing,  audit trail analysis,  system and network monitoring, and  Configuration management, etc. Carry out the task of security  risk management   using various practical and theoretical tools. 
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Course objective After the course, ability to carry out Design  detailed enterprise wide security plans and  policies, and deploy appropriate safeguards  (models, mechanisms and tools) at all the levels  due consideration to the life-cycle of the enterprise information systems and  networks,  legal and social environment Be able to  certify  products according to IA  standards (Common Criteria Evaluations)
Background image of page 4
Course content Introduction to Security  Management Security  policies/models/mechanisms Security Management Principles,  Models and Practices Security Planning/ Asset  Protection Security Programs and Disaster  Recovery Plans  Standards and Security  Certification Issues Rainbow Series, Common Criteria Security Certification Process National/International Security  Laws and Ethical Issues Security Analysis and Safeguards  Penetration testing Risk Management Protection Mechanisms and Incident  handling Access Control and Authentication  architecture Configuration Management Auditing systems audit trail analysis Network defense and countermeasures Intrusion Detection Systems (SNORT) Architectural configurations and survivability Firewall configurations Virtual private networks Computer and network forensic Privacy Protection Case studies on OS and application  software (e.g., SELinux, Unix and Windows  Security)
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Course Material Recommended course material  Management of Information Security , M. E. Whitman, H. J.  Mattord Guide to Disaster Recovery , M. Erbschilde Guide to Network Defense and Countermeasures , G.  Holden Real Digital Forensics: Computer Security and Incident   Response , 1/e; Keith J. Jones, Richard Bejtlich, Curtis W.  Rose Computer Security: Art and Science , Matt Bishop (ISBN: 0- 201-44099-7), Addison-Wesley 2003 Security in Computing , 2nd Edition, Charles P. Pfleeger,  Prentice Hall A list of papers will be provided
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 108

Lecture1 - TEL2813/IS2820 SecurityManagement Lecture1...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online