Computer Security and Disaster Recovery
 
 
Subject Code: ECP4126
Aim of Subject: To expose the students to the importance of computer security and disaster recovery in the organization.
Learning Outcome of Subject: At the completion of the subject, students should be able to:
  • Identify, analyse and discuss the basic issues underlying computer security and disaster recovery.
  • Identify the objectives of computer security and the role of security services to achieve these objectives.
  • Identify the role of cryptographic techniques in computer security.
  • Apply various cryptographic algorithms and protocols.
  • Identify, analyse and discuss the mechanisms underlying various kinds of malware and the methods used to mitigate them.
  • Explain the scope of various information security standards and their limitations.
  • Identify and explain the role of disaster recovery and business continuity planning and strategies.
  • Present technical information and study/project results through report writing.
  • Work as a team and interact effectively.
Programme Outcomes:
  • Ability to acquire and apply fundamental principles of science and engineering(10%)
  • Capability to communicate effectively(5%)
  • Acquisition of technical competence in specialised areas of engineering discipline(60%)
  • Ability to identify, formulate and model problems and find engineering solutions based on a systems approach(5%)
  • Ability to conduct investigation and research on engineering problems in a chosen field of study.(5%)
  • Understanding of the importance of sustainability and cost-effectiveness in design and development of engineering solutions(5%)
  • Ability to work effectively as an individual, and as a member/leader in a team.(5%)
  • Capability and enthusiasm for self-improvement through continuous professional development and life-long learning(5%)
Assessment Scheme:
  • Test/Quiz - written exam(10%)
  • Tutorial / Assignment - group/individual assignment,group discussion and Q&A session in tutorial,to enhance understanding of basic concepts and application examples of the subjects(30%)
  • Final Exam - written exam(60%)
Teaching and Learning Activities: 45 hours (lectures and tutorials)
Credit Hours: 3
Pre-Requisite: ECP2056: Data Communications and Computer Networking
References:
  • William Stallings, “Cryptography and Network Security”, Prentice Hall, 2003.
  • Richard H Baker, "Network Security", McGraw Hill, 1995.
  • Bates, "Disaster Recovery for LANs", McGraw Hill, 1994.

Subject Contents

  • Computer Security

  • Overview of computer security. Attacks and services. Control of usage: hardware and software.
     
  • Encryption and Authentication

  • Conventional encryption model. Data encryption standard (DES). Traffic confidentiality. Key distribution. Public-key cryptology. The RSA algorithm. Key management. Authentication requirements, functions and protocols. Digital signatures.
     
  • Intruders, Viruses and Worms

  • Intrusion techniques. Nontechnical attacks. Password protection and its vulnerability. Intrusion detection. Nature of viruses. Malicious programs. Types of viruses. Antivirus approaches. Worm propagation and countermeasures: access control, intrusion detection and firewalls.
     
  • Disaster Recovery

  • Recovery requirements. Recovery policy, and strategy. Recovery technical team. Execution of recovery plans. Documentation and backup system. Loss estimation.