|Assessment Type||Assessment length / details||Proportion|
|Semester Exam||1.5 Hours Computer exam||100%|
|Supplementary Exam||1.5 Hours Computer exam||100%|
On successful completion of this module students should be able to:
1. Demonstrate an understanding of the risks involved in building secure computing systems.
2. Describe various types of cyber-attacks and determine appropriate defences against attack.
3. Demonstrate an understanding of, and apply appropriate encryption methods.
4. Evaluate aspects of computer systems with reference to confidentiality, integrity and availability (the CIA framework).
This module introduces key concepts in information security, providing an overview of theoretical frameworks for secure systems and practical recommendations. It will cover aspects of software, hardware and network security.
1. The CIA Model of security: Confidentiality, Integrity, Availability.
2. Risk management in information security.
3. Passwords and password management.
4. Access control and network security.
5. Codes and ciphers.
6. Symmetric key encryption - DES, AES.
7. Public key encryption - RSA.
8. Attacks and their mitigation: Brute force, man in the middle, denial of service, privilege escalation, code injection, phishing.
9. Social engineering.
10. Secure design and defensive programming.
|Skills Type||Skills details|
|Application of Number||In worksheets, practicals and exam.|
|Improving own Learning and Performance||Problem solving in practicals and completing worksheets.|
|Information Technology||Inherent in the module.|
|Personal Development and Career planning||Working on a topic that is important to building professional systems in industry.|
|Problem solving||In worksheets and practicals.|
|Research skills||Through independent study and preparation for the exam.|
|Subject Specific Skills||See module content.|
This module is at CQFW Level 4