UNIT - 1
Introduction to information systems, Types of information systems, Development of information systems, Introduction to information security, Need for information security, Threats to information systems, Information assurance, Cyber security and security risk analysis.
UNIT - 2
Application security (database, e-mail and internet), Data security considerations - Backups, Archival storage and disposal of data, Security technology - Firewall and VPNs, Intrusion detection, Access control.
Security threats - Viruses, Worms, Trojan horse, Bombs, Trapdoors, Spoofs, E-mail viruses, Macro viruses, Malicious software, Network and denial of services attack, Security threats to e-Commerce - Electronic payment system, e-Cash, Credit / Debit cards. Digital signature, Public key cryptography.
UNIT - 3
Developing secure information systems, Application development security, Information security governance and risk management, Security architecture and design.
Security issues in hardware, Data storage and downloadable devices, Physical security of IT assets, Access control, CCTV and intrusion detection systems, Backup security measures.
UNIT - 4
Security policies, Why policies should be developed, WWW policies, Email security policies, Policy review process - Corporate policies - Sample security policies, Publishing and notification requirement of the policies.
Information security standards-ISO, IT act, Copyright act, Patent law, IPR. Cyber laws in India; IT act 2000 provisions, Intellectual property law : Copyright law, Software license, Semiconductor law and patent law.