Professional Documents
Culture Documents
Revised: 13/08/2013
PREREQUISITE(S):
None
COURSE DESCRIPTION:
This module will immerse the student into understanding on making online activities, software/ application,
and computer services safer. A trustworthy computer system is one which will not be compromised. Lab
lesson will include imparting knowledge and practical experience with the current essential security
solutions and lab work on how to scan, test, and hack, as well as securing their own systems. Students will
begin by understanding how perimeter defenses work and then be lead into scanning and attacking their
own networks, no real network is harmed. Students then learn how intruders escalate privileges and what
steps can be taken to secure a system. Students will learn about framework of TwC, Intrusion Detection,
Information security metrics, password management and issues, Social Engineering, malwares,
cryptography, configuring and design safer Web Servers and Web Applications.
LEARNING OBJECTIVES:
The aims of this course are to enable students to:
Define and explain computer security fundamentals and Trustworthy Computing (TwC) framework
Define and recognize various computer security threats
Recognize operating system vulnerabilities and security issues
Define and explain password management and its issues
Define how cryptography works
Learn threats for web servers and web applications and to safeguard them
Define and explain information security metrics
Learn the Saltzer and Schroeder secure design principles for software and/ or application development
Understand the concept of ethical hacking and hacking stages
Learn how to detect intrusion, threats, and attacks using Intrusion Detection System (IDS), firewalls
and honeypots
LEARNING OUTCOMES:
Upon completion, successful students should be able to:
Identify and explain the information security fundamentals
Explain that TwC is a multi-dimensional set of issues with four goals: Security, Privacy, Reliability,
and Business Integrity
Identify and take precaution on computer security threats such as unscrupulous individuals and their
activities, types of malwares, risks of software engineering
Explain operating system vulnerabilities and security issues
Practice good password management and make use of public key encryption
Explain how cryptography works
Configure web servers and design web applications to avoid and reduce web security threats and
issues, take corrective steps to perform after detection of intrusion, threats and/ or attack
Create and establish good information security metrics
Practice Saltzer and Schroeder secure design principles for software and/ or application development
Explain the concept of ethical hacking and recognizes the stages of hacking stages
Differentiate various types of IDS, firewalls, and honeypots.
COURSE FORMAT:
Lecture/Instructional Hours: 3 hrs per week, Laboratory Session: 2 hrs per week
[For short semester, Lecture Instructional Hours: 6 hrs per week, Laboratory Session: 4 hrs per week]
DICTN: ICT2106 FUNDAMENTALS OF TRUSTWORTHY COMPUTING
Page 1 of 3
IICS/IICP/IU/IICKL
Revised: 13/08/2013
Page 2 of 3
IICS/IICP/IU/IICKL
21-24
25-26
27-28
Revised: 13/08/2013
LABORATORY WORK:
Lab
Practical Work
1
Security assessment
2
Threats: Vulnerabilities
3
Threats: Viruses
4
Threats: Malware
5
Threats: Vulnerabilities of Operating Systems
6
Password management and issues
7
Cryptography
8
Information Security Metrics
9-10
Web Security management and issues
11-12
Ethical Hacking
Page 3 of 3