B23-CTS-402 Basics of Information Security
Part A – Introduction | |||
Subject | BCA (CTIS) | ||
Semester | IV | ||
Name of the Course | Basics of Information Security | ||
Course Code | B23-CTS-402 | ||
Course Type: (CC/MCC/MDC/CC- M/DSEC/VOC/DSE/PC/AEC/ VAC) | CC-B4 | ||
Level of the course (As per Annexure-I | 200-299 | ||
Pre-requisite for the course (if any) | B23-CTS-202 | ||
Course Learning Outcomes(CLO): | After completing this course, the learner will be able to:
1. understand the fundamental principles of information security. 2. learn about various types of security threats and vulnerabilities. 3. develop skills for implementing basic security measures. 4. understand the concepts of operating systems and web securities. 5*. Understand the practical aspects of security. |
||
Credits | Theory | Practical | Total |
3 | 1 | 4 | |
Contact Hours | 3 | 2 | 5 |
Max. Marks:100(70(T)+30(P))
Internal Assessment Marks:30(20(T)+10(P)) End Term Exam Marks: 70(50(T)+20(P)) |
Time: 3 Hrs.(T), 3Hrs.(P) | ||
Part B- Contents of the Course | |||
Instructions for Paper-Setter
The examiner will set a total of nine questions. Out of which the first question will be compulsory. The remaining eight questions will be set from four units selecting two questions from each unit. The examination will be of three-hour duration. All questions will carry equal marks. The first question will comprise short answer-type questions covering the entire syllabus. The candidate will have to attempt five questions in all, selecting one question from each unit. The first question will be compulsory. |
The practicum will be evaluated by an external and an internal examiner. The examination will be of three-hour duration. | ||
Unit | Topics | Contact Hours |
I | Introduction to Information Security: Definition, importance, and goals of information security (CIA triad: Confidentiality, Integrity, Availability).
Security Threats and Vulnerabilities: Types of threats (viruses, worms, Trojans, spyware, ransomware), vulnerabilities, and risk assessment. |
11 |
II | Cryptography Basics: Introduction to cryptography, symmetric vs. asymmetric encryption, hashing, and digital signatures.
Authentication and Access Control: Authentication methods (passwords, biometrics, multi-factor), and access control models (DAC, MAC, RBAC). |
11 |
III | Network Security Fundamentals: Network security basics, firewalls, VPNs, IDS/IPS
Secure Software Development: Secure coding practices, common vulnerabilities (SQL injection, XSS), and secure software development lifecycle (SDLC). |
11 |
IV | Operating System Security: Security features of modern operating systems, patch management, and system hardening.
Web Security: Web security threats, HTTPS, secure web application development, and common web security tools. |
12 |
V* | Practicum:
Students are advised to do laboratory/practical practice not limited to but including the following types of problems: · Introduction to basic security tools and software. · Conducting a basic vulnerability assessment using tools like Nessus or OpenVAS. · Implementing basic encryption and decryption using tools like OpenSSL. · Configuring and managing user accounts and permissions in an operating system. · Setting up a basic firewall and VPN. · Identifying and fixing vulnerabilities in a simple web application. · Hardening a Windows or Linux system. · Securing a simple web server and application. |
30 |
Suggested Evaluation Methods | ||
Internal Assessment:
➢ Theory · Class Participation: 5 · Seminar/presentation/assignment/quiz/class test etc.: 5 · Mid-Term Exam: 10 ➢ Practicum · Class Participation: NA |
End-Term Examination: A three-hour exam for both theory and practicum.
End Term Exam Marks: |
· Seminar/Demonstration/Viva-voce/Lab records etc.: 10
· Mid-Term Exam: NA |
70(50(T)+20(P
)) |
Part C-Learning Resources | |
Recommended Books/e-resources/LMS:
· David Flanagan, JavaScript: The Definitive Guide: The Definitive Guide. · Kogent Learning, Web Technologies: HTML, JavaScript, PHP, Java, JSP, XML, AJAX – Black Book, Wiley India Pvt. Ltd. · JavaScript and jQuery: Interactive Front-End Web Development by Jon Duckett · Head First JavaScript Programming: A Brain-Friendly Guide by Elisabeth Robson and Eric Freeman |