Course information

Fundamental Aspects; History and terminology; Security mindset (reasoned paranoia): Design principles (defense in depth); System/security life-cycle; Security implementation mechanisms: Gates, guards, guns; cryptography; Information assurance analysis model: MSR model*, threats, vulnerabilities, attacks, countermeasures; Disaster recovery (natural and man-made) Forensics. Security Mechanisms (Countermeasures) Cryptography: Cryptosystems, Keys: symmetric & asymmetric, Performance (software/hardware), Implementation; Authentication: "Who you are, what you have, what you know", Bio-authentication (use of biometrics); Redundancy: Intrusion detection. Attacks; Social engineering; Denial of service; Protocol attacks; Active attacks; Passive attacks’Buffer overflow attacks; Malware (viruses, Trojan horses, worms) Security Services Availability, Integrity, Confidentiality, Authentication (source reliability), Non-repudiation VulnerabilitiesPerpetrators; Inside attacks; External attacks; Black hat; White hat; Ignorance; Carelessness; Network; Hardware (design, implementation, installation, etc.); Software (design, implementation, installation, etc.); Physical access.