summary of course description · distribution, keys management, security protocols. course...

1

وكالة الجامعة

للدراسات العليا والبحث العلمي

Course Name: Cryptography for

Cyber and Network Security. Course Code: CS 611

Prerequisites: Course Teaching Language: English

Course Level : 1 Credit Hours: 3(3, 0, 0)

Course Description

Information Security elements, mathematical and practical foundation of

cryptography, Kerckhoffs's principle, classical cryptography , attack models,

cryptanalysis, block and stream ciphers, symmetric crypto, crypto modes,

asymmetric crypto, public key infrastructure, message authentication & digital

signature , hash functions, key agreement schemes, crypto protocols, user

identification & authentication, passwords, secret sharing schemes , keys

distribution, keys management, security protocols.

Course Objectives

This course provides the essential foundation on cryptograph algorithms and schemes necessary for cyber security and network security It presents in-depth review of commonly-used security mechanisms and techniques.

Summary of Course Description

2



Learning outcomes: (comprehension, knowledge, intellectual & scientific skills)

By completion of this course students are expected to be able to:

Describe the major types of cryptographic algorithms and typical

applications.

Recognize hash function ,digital signatures and their roles in

integrity and authenticity.

Outline the crypto protocols and the associated attacks.

Knowledge

Develop implementations for some of the common cryptographic

algorithms.

Explain the difference between symmetric and asymmetric

cryptography.

Cognitive Skills

Evaluate the performance of different cryptographic algorithms

and protocols to secure communication systems.

Interpersonal Skills &

Responsibility

Assess effectively in a group the security status of a range of

technologies based on crypto algorithms and protocols used.

Communication,

Information Technology,

Numerical

Course Content:

List of Topics No. of

Weeks

Contact

hours

Introduction of Information security 1 3

Mathematical Foundation 2 6

Classical Cryptography 2 6

Attack , Threats, Vulnerabilities, 1 3

Symmetric Cryptography 2 6

Asymmetric Cryptography 2 6

3



Key management & Public Key Infrastructure 1 3

Message Authentication & Digital signature 1 3

Authentication schemes 1 3

Security Protocols 2 6

Course Supportive Books & References

Book Title Author Publisher Publication Year

Understanding

Cryptography,

Paar ,Pelzl ,

Springer-

Verlag Berlin

Heidelberg

2010

Cryptography

and Network

Security:

Principles and

Practice,

William

Stallings Pearson. 2016

Applied

Cryptography:

Protocols,

Algorithms and

Source Code in

C

Bruce Schneier

Wiley 2015

4



Course Name: Digital Crime and Forensics

Course Code: (CS 616)

Prerequisites: Ethical Hacking

and Penetration Testing (CS 615) Course Teaching Language: English

Course Level : 3rd level Credit Hours: 3(3, 0, 0)

Course Description

This course provides student with an introduction to digital crime and with insight

to system forensics investigation and response. He will also gain the ability to

analyze potential vulnerabilities that can have an adverse impact on digital assets.

In addition, the student will learn procedures for investigating computer and

cybercrime, and concepts for collecting, analyzing, recovering, and preserving

forensic evidence. Students will learn how to respond to cyber breaches, including

the recovery, preservation, analysis of digital evidence, and proper incident

response. In addition to the tools of the digital forensics trade, students will

become familiar with relevant federal statutes. They will be presented with

various scenarios a digital forensics investigator may face and be asked how they

would react.


5



Course Objectives

The student should be able to:

1. Define and discuss types of computer crime, intellectual property, and

codes of ethics in Information technology professions.

2. Describe the basic concepts of forensics.

3. Describe major forensic methodologies.

4. Describe the various storage formats.

5. Describe the functionality of e-mail and e-mail protocols.

6. Explain how major forensic software is used.

7. Analyze varying forensic approaches to different crimes.

8. Use steganography.

9. Illustrate how to retrieve evidence from logs, directories, and the index

file.

Learning outcomes: (comprehension, knowledge, intellectual & scientificskills)By completion of this course students are expected to be able to:

Recognize types of computer crimes.

Recognize the basic concepts of forensics and major forensic

methodologies.

Knowledge

Analyze varying forensic approaches to different crimes. Cognitive Skills

Work effectively as an individual and as a member of a team to

accomplish a goal.

Interpersonal Skills

& Responsibility

Communicate effectively by oral, written and visual means with a

range of audiences.

Communication,

Information

Technology,

Numerical

6



Course Content

List of Topics No. of Weeks Contact hours

Security Awareness, Policies, and Digital Crime. 1 3 Describe common computer crimes. 2 6 Introduction to Digital Forensics and Investigations.

2 6

Forensic Methods and Labs. 2 6 Collecting, Seizing, and Protecting Evidence. 1 3 Understanding Techniques for Hiding and Scrambling Information.

2 6

E-mail Forensics. 1 3 Mobile Forensics 1 3 Explain how major forensic software is used 1 3 Windows Forensics. 1 3


Book Title Author Publisher Publication

Year

System Forensics,

Investigation, and

Response, Second

Chuck Easttom

Edition, jones &

Bartlett 2014,:

ISBN-13: 978-1-

284-03105-8.

2014

Computer

security:

Principles and

practice (3rd ed.).

Stallings, W., & Brown L.

Upper Saddle

River, NJ:

Pearson

Education, Inc.

ISBN-13:

9780133773927

(2015).

7



Cybercrime and

Digital Forensics:

An Introduction,

Thomas J. Holt, Adam M.

Bossler, Kathryn C. and

Seigfried-Spellar

Routledge, 2nd

edition, 2018 2018

Digital Forensics André Årnes John Wiley, 1st

Edition, 2018 2018

Digital Forensics

with Open Source

Tools

Cory Altheide and

Harlan Carvey

Elsevier, 1st

Edition, 2011 2011

Digital Forensics

and Incident

Response

Gerard Johansen Packet, 2017 2017

Practical Mobile

Forensics

Rohit Tamma , Oleg

Skulkin , Heather

Mahalik , and Satish

Bommisetty

3rd Edition,

Packet ,2018 2018

8



Course Name: Ethical Hacking and Penetration Testing

Course Code: CS 615

Prerequisites: Security Risk Analysis Management Systems (CS 612)

Course Teaching Language: English

Course Level : 2nd level Credit Hours: 3(3, 0, 0)

Course Description

This course provides an introduction to the principles and techniques associated

with penetration testing and ethical hacking. The course covers planning,

reconnaissance, scanning, exploitation, post-exploitation, and result reporting.

The student will learn how system vulnerabilities can be exploited and how to

avoid such problems.

Course Objectives

The main purpose of this course is to:

- Teach students the underlying principles and techniques associated with

penetration testing and ethical hacking.

- Introduce students to the entire penetration testing process including

planning, reconnaissance, scanning, exploitation, post-exploitation, and

result reporting.

- Provide students with the fundamental information associated with each

of the methods employed and insecurities identified.


9



- Explore remedial techniques that enable students to develop an excellent

understanding of current cybersecurity issues and ways that user,

administrator, and programmer errors can lead to exploitable

insecurities.

Learning outcomes: (comprehension, knowledge, intellectual & scientific skills) By completion of this course students are expected to be able to:

Knowledge

Recognize the underlying principles and techniques associated with penetration testing and ethical hacking.

Cognitive Skills Analyze the stages an ethical hacker requires to take in order to compromise a target system.

Interpersonal Skills & Responsibility

Critically evaluate security techniques used to protect system and user data.

Capability/Transferable Skills Critically evaluate security techniques used to protect system and user data.

Course Content:


Weeks Contact hours

Introduction to Hacking and Penetration Testing 1 3

Reconnaissance, Scanning and Exploitation 2 6

Information Gathering Techniques 1 6

Target Enumeration and Port Scanning Techniques 2 6

Vulnerability Assessment 1 3

Network Sniffing 2 6

Remote Exploitation 2 6

Post-exploitation 1 3

Wireless Hacking 1 3

Web Hacking 2 6

11





Year

Ethical Hacking and

Penetration Testing Guide Rafay Baloch

Routledge

Publications, CRC

Press, ISBN-

10: 1482231611,

ISBN-13: 978-

1482231618.

1st Edition

(2014)

The Basics of Hacking and

Penetration Testing: Ethical

Hacking and Penetration

Testing Made Easy

Patrick

Engebretson

Syngress

Publications, ISBN-

10: 9780124116443,

ISBN-13: 978-

0124116443.

2nd Edition

(2013)

https://www.amazon.com/Basics-Hacking-Penetration-Testing-Ethical/dp/0124116442/ref=sr_1_2?s=books&ie=UTF8&qid=1544649004&sr=1-2&keywords=ethical+hacking+and+penetration+testing






11



Course Name: Network Security. Course Code: CS 625


Course Level : 2nd or 3rd Credit Hours: 3(3, 0, 0)

Course Description

Network security attacks and impacts, Network and protocols vulnerabilities,

DDoS attacks, Botnets, DNS cache poisoning, BGP security, Security models,

Network security protocols (IPsec, SSL, and Kerberos), VPN , Application layer

security protocols ( POP, IMAP, SMB, Web Services Security), Access control,

Firewall, Intrusion detection systems, Network security management (SIEM

technology), Wireless infrastructure security.

Course Objectives

The main purpose of the course is to provide a solid understanding of the main

issues related to security in modern networked computer systems. This covers

underlying concepts and foundations of network vulnerabilities and attacks, basic

knowledge about security-relevant decisions in designing IT infrastructures,

security models and protocols, techniques and technologies to defend networks

and security management.


12




Knowledge

Recognize network vulnerabilities and security issues practical networks. Describe network security protocols (wired and wireless) and in practice.

Outline network defense tools and technologies.

Cognitive Skills

Explain how the architecture of communication networks and the internet gives rise to security challenges.


Analyze and evaluate network security status using network security management tools.

Capability/Transferable Skills

Demonstrate how security defense technologies can protect networks from attacks by analysis of traffic data collected from simulation environments.

Course Content

List of Topics No. of Weeks Contact hours

Introduction to Network security 1 3

Network Vulnerabilities & attacks 1 3

Network layer security protocols 1 3

Application layer protocols 2 6

Access control and security models 2 6

Firewalls 2 6

Intrusion detection systems 2 6

Network security management (SIEM

technology) 2 6

Wireless infrastructure security. 2. 6

13





Year

Network Security

Essentials: Applications

and Standards

William Stallings Pearson. 2016

CCNA Security 210-260

Official Cert Guide

Omar Santos ,

John Stuppi CISCO. 2015

Information Security:

Principles and Practice,

Marks Stamp

Wiley 2018

14



Course Name: Secure Programming Course Code: CS 614

Prerequisites: Cryptography for

Cyber and Network Security (CS 611) Course Teaching Language: English

Course Level : 2nd level Credit Hours: 3(3, 0, 0)

Course Description

This course will present the basic topics in computer security and their relation to

secure programming. Security models, threats, design principles and secure

coding practices will be discussed. We will also look at programming language

features and semantics to evaluate whether they help or hurt the ability to write

secure programs.

Course Objectives

The main purpose of this course is to teach students:

- The principles of secure programming.

- How to identify common application vulnerabilities.

- Perform security attacks (e.g., buffer overflow, format string

vulnerabilities).

- How to mitigate exploits of common application vulnerabilities.

- The adoption of secure coding practices.


15



Learning outcomes: (comprehension, knowledge, intellectual & scientific

skills) By completion of this course students are expected to be able to:

Knowledge Recognize the fundamental principles and mechanisms of

software security.

Cognitive Skills

Compare and contrast programming languages for secure

features.

Develop secure applications and products.

Interpersonal Skills &

Responsibility

Identify common security vulnerabilities in application code and

develop solutions to overcome these vulnerabilities. Capability/Transferable

Skills Explain effectively the techniques of secure coding.

Course Content:

List of Topics No. of Weeks Contact

hours

Overview of Secure Programming 1 3

Integer Security, Integer Overflow and Security

Vulnerabilities 1 3

Stack-based Buffer Overflow 1 3

Data Pointer and Function Pointer Vulnerabilities 1 3

Advanced Buffer Overflow Attacks 2 6

Load-time Exploitation 1 3

Basics of Static and Dynamic Linking 1 3

Format String Vulnerabilities 1 3

Path Traversal Vulnerabilities 1 3

File I/O Race Conditions 1 3

Concurrency and Multithreads 2 6

Deadlock and Vulnerabilities 2 6

16





Secure Coding in

C and C++

Robert C.

Seacord,

Addison-Wesley

Professional, ISBN-

10: 9780321822130,

ISBN-13: 978-

0321822130.

2nd Edition (2013)

Computer

Security: A Hands

on Approach

Wenliang Du,

CreateSpace

Independent

Publishing, ISBN-

10: 154836794X,

ISBN-13: 978-

1548367947.

1st Edition (2017)

https://www.amazon.com/Computer-Security-Hands-Approach-Wenliang/dp/154836794X/ref=sr_1_2?s=books&ie=UTF8&qid=1544730291&sr=1-2&keywords=Computer+Security




17



Course Name: Security of Cloud

Computing Systems Course Code: (CS 621)

Prerequisites: NA Course Teaching Language: English

Course Level : : 2nd or 3rd level Credit Hours: 3(3, 0, 0)

Course Description

This course provides the ground-up coverage on the high level concepts of cloud

landscape, architectural principles, techniques, design patterns and real-world

best practices applied to Cloud service providers and consumers and delivering

secure Cloud based services. The course will describe the Cloud security

architecture and explore the guiding security design principles, design patterns,

industry standards, applied technologies and addressing regulatory compliance

requirements critical to design, implement, deliver and manage secure cloud-

based services. The course delves deep into the secure cloud architectural aspects

with regards to identifying and mitigating risks, protection and isolation of

physical & logical infrastructures including compute, network and storage,

comprehensive data protection at all OSI layers, end-to-end identity management

& access control, monitoring and auditing processes and meeting compliance with

industry and regulatory mandates.

Course Objectives


Understand the Fundamentals of cloud computing architectures based on

current standards, protocols, and best practices intended for delivering

Cloud based enterprise IT services and business applications.

Identify the known threats, risks, vulnerabilities and privacy issues

associated with Cloud based IT services.


18



Understand the concepts and guiding principles for designing and

implementing appropriate safeguards and countermeasures for Cloud

based IT services.

design cloud services that meets essential Cloud infrastructure

characteristics – on demand computing, shared resources, elasticity and

measuring usage.

Design security architectures that assures secure isolation of physical and

logical infrastructures.

Understand the industry security standards, regulatory mandates, audit

policies and compliance requirements for Cloud based infrastructures

Learning outcomes: (comprehension, knowledge, intellectual & scientific

skills) By completion of this course students are expected to be able to:

Knowledge

Recognize the Fundamentals of cloud computing architectures based on current standards. Recognize threats, risks, vulnerabilities and privacy

issues associated with Cloud based IT services.

Cognitive Skills Design security architectures that assures secure isolation of physical and logical infrastructures.


Work effectively as an individual and as a member of a team to accomplish a goal.


Communicate effectively by oral, written and visual means with a range of audiences.

Course Content:


hours

Fundamentals of Cloud Computing and Architectural Characteristics.

Understand what is Cloud computing?

Architectural and Technological Influences of Cloud Computing.

Understand the Cloud deployment models.

Scope of Control.

Cloud Computing Roles.

Risks and Security Concerns.

2 6

19



Security Design and Architecture for Cloud Computing

Guiding Security design principles for Cloud Computing.

Quick look at CSA, NIST and ENISA guidelines for Cloud Security.

Common attack vectors and threats.

2 6

Secure Isolation of Physical & Logical Infrastructure

Isolation.


Secure Isolation Strategies.

2 6

Data Protection for Cloud Infrastructure and Services

Understand the Cloud based Information Life Cycle.

Data protection for Confidentiality and Integrity.


Encryption, Data Redaction, Tokenization, Obfuscation, PKI and Key

Management, Assuring data deletion.

Data retention, deletion and archiving procedures for tenant data.

Data Protection Strategies.

2 6

Enforcing Access Control for Cloud Infrastructure based Services

Understand the access control requirements for Cloud

infrastructure.


Enforcing Access Control Strategies.

1 3

Monitoring, Auditing and Management

Proactive activity monitoring, Incident Response

Monitoring for unauthorized access, malicious traffic, abuse of

system privileges, intrusion detection, events and alerts

Auditing – Record generation, Reporting and Management

Tamper-proofing audit logs

Quality of Services

Secure Management

2 6

Introduction to Identity Management in Cloud Computing

User Identification, Authentication, and Authorization in Cloud

Infrastructure

Be able to understand the concepts of Identity & Access

Management.

The role of Identity provisioning.

1 3

21



Cloud Computing Security Design Patterns – I

Trusted Platform

Geo-tagging

Cloud VM Platform Encryption

Trusted Cloud Resource Pools

Secure Cloud Interfaces

Cloud Resource Access Control

Cloud Data Breach Protection

Permanent Data Loss Protection

In-Transit Cloud Data Encryption

2 6

Cloud Service Providers – Technology Review

OpenStack Platform

Docker

Amazon Web Services

1 3



Securing The

Cloud: Cloud

Computing

Security

Techniques

and Tactics

by Vic (J.R.)

Winkler (

Syngress/Elsevier)

- 978-1-59749-

592-9-2015

2015

Cloud

Computing

Design

Patterns

Thomas Erl

(Prentice Hall),

2015 - 978-

0133858563

2015

21



Course Name: Security of Database Systems

Course Code: CS 623

Prerequisites: None Course Teaching Language: English Course Level : 2nd level or 3rd level Credit Hours: 3(3, 0, 0)

Course Description

The course provides a strong foundation in database security and auditing. This

course utilizes real scenarios and step-by‐step examples. The following topics are

covered: security, profiles, password policies, privileges and roles, Virtual Private

Databases, and auditing. The course also covers advanced topics such as SQL

injection, database management security issues such as securing the DBMS,

enforcing access controls, and related issues.

Course Objectives

The main purpose of this course is to teach students:

How to identify risks and vulnerabilities in operating systems from a

database perspective.

Good password policies, and techniques to secure passwords in your

organization

How to implement administration policies for users.

The various database security models and their advantages or

disadvantages.

How to implement a Virtual Private Database using views, roles, and

application context.

An overview of auditing fundamentals, and create your own auditing

model.


22



The purpose and use of data dictionaries, encryption and SQL injection

How to explore an interesting research topic of your choice related to

database security


Knowledge Recognize the principles of access control and its

applications to database security.

Cognitive Skills

Design and implement access control rules to assign

privileges and protect data in databases.

Develop and implement Virtual Private Database to

protect data in databases.


Use and practice various access control theories and

techniques including mandatory access control,

discretionary access control, and role‐based access

control. Capability/Transferable Skills

Explain effectively the concepts of database auditing.

Course Content


Weeks Contact hours

Overview of Database Security 1 3

Profiles, Password Policies, Privileges and Roles 1 3

Access Control of Relational Databases 1 3

Role-based Access Control in Database

Management 1 3

Access Control Models for XML Databases 1 3

23



Database Applications Security Models 1 3

Virtual Private Databases 2 6

SQL Injection Exploitation and Defense 2 6

Database Auditing Models 1 3

Application Data Auditing 1 3

Auditing Database Activities 1 3

Security and Auditing Project Cases 2 6



Database

Security and

Auditing:

Protecting Data

Integrity and

Accessibility

Hassan A.

Afyouni,

Cengage

Learning, ISBN-

10: 0619215593,

ISBN-13: 978-

0619215590.

1st Edition (2005)

Database

Security

Alfred Basta and

Melissa Zgola,

Cengage

Learning, ISBN-

10: 1435453905,

ISBN-13: 978-

1435453906.

1st Edition (2011)

24



Course Name: Security of Operating

System

Course Code: (CS 622)

Prerequisites: NA Course Teaching Language: English

Course Level : 2nd or 3rd level Credit Hours: 3(3, 0, 0)

Course Description

This course provides Understanding of secure operating system requirements,

design principles and theories, protection methods, access control, authentication,

vulnerability, analysis and case studies

Course Objectives


Explain what security in computing systems means.

Describe at a high level the vulnerabilities and threats in the software and

operating systems.

Describe computer architectures and identify support for designing

secure operating systems and virtual machines.

Apply formal methods to design secure operating systems.

Describe security auditing, controls, plans, procedures, administration,

and risk assessment in managing computing systems


25




Knowledge

Recognize the vulnerabilities and threats in the software and operating systems. Describe computer architectures and identify

support for designing secure operating systems and

virtual machines.

Cognitive Skills Design secure operating systems.


Work effectively as an individual and as a member of a team to accomplish a goal


Communicate effectively by oral, written and visual

means with a range of audiences.

Course Content


hours

Review: Operating Systems, Computer Architecture,

Assembly Language. 2 6

Common vulnerabilities 2 6

Requirements of secure operating systems and design

principles 2 6

Theoretical foundation for designing trusted OS 2 6

Access control and authentication methods 1 3

Virtualization and its effect on secure OS 2 6

Reverse Code Engineering 1 3

Case studies of secure OS 2 6

System administration 1 3

26





Computer

Security

Principles and

Practice

William

Stallings and

Lawrie Brown

2nd Edition, Peason

Prentice Hall, Inc., 2011,

(ISBN-10: 0132775069,

ISBN-13: 978-

0132775069,

Publication Date:

November 19, 2011)

2011

27



Course Name: Security Risk Analysis

and Management Systems Course Code: CS612


Course Level : 1st Credit Hours: 3(3, 0, 0)

Course Description

Threat analysis , Assessing Vulnerability, Information , Critical infrastructure and

Key Assets, Security policy, Risk analysis process, Risk analysis models, tools and

technologies, Risk identification , Risk assessment, Prioritizing Risk, Risk control,

selecting risk control strategies, Risk control practices, planning and strategies to

mitigate risk.

Course Objectives

This course analyzes the practical challenges in managing information technology systems and cyber risks. It focuses on the costs and tradeoffs that are involved in all security decisions based on evaluation and prioritization of information assets . Projects will assist students to develop strategic planning using operational skills and application of security background.


28




Knowledge

Recognize the main issues of risk in information and

communication technologies.

List models, and tools used in security risk analysis and

crisis management in information systems context.

Outline the strategies to mitigate risk and control practices.

Cognitive Skills

Analyze the security risks associated with the critical

infrastructure.

Examine key infrastructure sector asset types, functions,

and regulatory structures.

Analyze a risk of a key infrastructure sector and develop a

protection strategy.


Evaluate the risk management program development

process.


Demonstrate how to select and then apply a risk

methodology/framework in an organization.

Course Content


Weeks Contact hours

Introduction to information security management 1 3

Information, Critical infrastructure and Key Assets 1 3

Threat and vulnerabilities analysis 2 6

Security policy 2 6

Risk analysis process 2 6

Risk analysis models, tools, and technologies 2 6

Risk identification, assessment, and prioritization 2 6

Risk control 1 3

Risk control practice 1 3

Planning and strategies to mitigate risk 1 3

29





Management of Information Security

Whitman, Mattord

Cengage Learning

2018

Risk Analysis and Security Countermeasure Selection

Thomas L. Norman ,

CRC Press 2015

Effective Security Management

Charles Sennewald

Curtis Baillie

Butterworth-Heinemann

2015

31



Course Name: Security of Mobile

computing Course Code: CS 624

Prerequisites: None Course Teaching Language: English

Course Level : 2nd level or 3rd level Credit Hours: 3(3, 0, 0)

Course Description

The purpose of this course is to provide students with the theoretical knowledge

and practical skills needed to appraise vulnerabilities and threat vectors

associated with mobile computing devices. This course provides an in-depth

technical overview of the security features and limitations of modern mobile

devices and systems, including the top risks and vulnerabilities, every IT

professional needs to know. The following topics are covered: mobile computing

overview, wireless communications infrastructure vulnerabilities, wireless

communications infrastructure vulnerabilities mitigation techniques, mobile

platform vulnerabilities, mobile platform vulnerabilities mitigation techniques,

mobile applications vulnerabilities, mobile applications vulnerabilities mitigation

techniques, mobile device vulnerabilities, mobile device vulnerabilities mitigation

techniques and organizational mobile device security policy requirements.


31



Course Objectives

The main purpose of this course is to make students able to:

Understand fundamental mobile computing principles and models.

Examine secure mobile computing principles.

Understand security trade-offs of most popular platforms.

Analyze mobile computing threats and vulnerabilities.

Understand how to design and to implement secure mobile applications.

Appraise methodologies and best practices for secure mobile computing.

Examine secure mobile computing strategies and policy elements.


Knowledge

Demonstrate the ability to recognize the mobile

computing infrastructure, communications, devices,

platforms, and applications.

Demonstrate the ability to recognize mobile

communications, infrastructure and devices

vulnerabilities mitigation techniques.

Cognitive Skills

Analyze mobile device physical threats and mobile

application/platforms vulnerabilities.

Develop mobile computing security controls.


Work effectively as an individual and as a member of

a team to accomplish a goal.

Uses secure mobile computing principals and models

to identify secure mobile computing strategies and

policy elements.


Explain effectively the methodologies and best practices for secure mobile computing.

32



Course Content:


Weeks Contact hours

Information security overview 1 3

Mobile computing technologies 1 3

Mobile computing security risks 2 6

Mobile infrastructure threat vectors and attack

scenarios 1 3

Mobile infrastructure vulnerabilities mitigation

techniques 2 6

Mobile communications threats, security controls

and analysis 1 3

Mobile device vulnerabilities, safeguards and

controls 1 3

Mobile platform security controls and testing 1 3

Mobile applications security 1 3

Mobile cloud computing security 1 3

Mobile computing security compliance drivers 1 3

Mobile computing security policy specification and

gap analysis 2 6


Book Title Author Publisher Publication Year Hacking Exposed Mobile: Security Secrets & Solutions.

Bergman, N., Stanfield, M., Rouse, J., Scambray, J., et al.

McGraw Hill Osbourne Media: New York, NY

2013

Mobile Application Security

Himanshu Dwivedi, Chris Clark, David Thiel

Mcgraw-hill

2010

summary of course description · distribution, keys management, security protocols. course...

Documents