IS5104: Information Security Management
This module is offered in 2019-20.
The aims of this module are:
- To give a broad understanding and introduction to the field of Information Security Management, including current commercial and financial security issues and areas of concern.
On successful completion of this module, the student should:
- Be able to categorize a representative sample of security threats, issues, technologies and theories.
- Be able to analyse legal and social contexts where they impinge on computer security.
- Be able to examine and distinguish a variety of problems affecting system and people centred security.
- Be able to assemble and organize the current trends and latest issues affecting industrial or commercial IT security.
- Be able to examine and create commercial security policies.
- Be aware of and prepare for certification standards and concerns.
- Be able to question and debate Government and Information Warfare, privacy regulations and current events in Information Security
- Be able to perform basic penetration testing and examine vulnerabilities in web based systems.
- Security applications and policy models; authorisation and authentication, vulnerabilities and threats; Internet security; firewalls, intrusion detection, malicious code and countermeasures; information hiding; stream and block ciphers; symmetric and asymmetric cryptographic protocols; digital signatures, public key infrastructures, certification authorities; security engineering, risk models, robustness, legal and organisational aspects of computer security; legal and international aspects.
This module has no compulsory elements beyond those common to all modules (mark of 4 in each assessment component).