I took this course along with an easier course CS6250 Computer Networks in my second semester (Spring 2021).

Topics Covered

This is an introductory course that teaches the basic concepts and principles of information security and the fundamental approaches to secure computers and networks. Here's the list of very brief topics that touches upon in this course:

  • Security basics and mindsets
  • CIA - Confidentiality, Integrity, Availability
  • Security management and risk assessment
  • Software security (buffer overflow, shellcode, etc.)
  • Operating systems security
  • Trusted Computing Bases (TCB)
  • Authentication vs. Authorization (access control)
  • Discretionary Access Control (DAC) vs Mandatory Access Control (MAC)
  • Access Control List (ACL) vs Capability List (C-List)
  • Database security (sql injections, inference attacks, etc.)
  • Malicious malwares
  • Malware types:
    • Need a host: trap door, logic bomb, trojan, virus, etc.
    • Independent: worm, botnet, APT (Advanced Persistent Threat)
  • Network authentication and secure network applications
  • Network threats and defenses
  • Firewalls and filterings
  • Intrusion detection systems (IDS)
  • Network-based intrusion detection systems (NIDS)
  • Intrusion Prevention Systems (IPS)
  • Honeypots
  • Cryptography algorithms (ex: simple ciphers, DES, AES, RSA, SHA, etc.)
  • Symmetric encryption vs. asymmetric encryption vs. hashing
  • Security protocols (ex: IPSec, SSL/TLS, etc.)
  • Wireless & Mobile security (ex: WEP, WPA, etc.)
  • Web security (ex: XSS, XSRF, SQL injection, etc.)
  • Cyber security
  • Cyber laws (ex: CFAA, DMCA, etc.)
  • Ethical issues and privacy

Course Review

It was not a difficult course so to speak, but I did bump into a problem that almost caused me to give up on one of the projects. It was so much relieved when I managed to get it right before the project due date. Otherwise, I would have dropped the course (or maybe not) if I screwed up big time in it though. I can't give out too much information about the projects, my advice is that, do not procrastinate and have faith in yourself, don't overthink and overcomplicate stuff, focus on the learning outcome and how can link and relate them together, you certainly can do it and make it through!

The course is an introduction to information system, so most of the topics that are covered in this course might be familiar to you. They are quite basic and fundamental (depends on your knowledge and skill-sets), the study material (books, articles, lecture videos) are definitely a good resource for you to learn or to brush up your knowledge. The projects are worth the most (60% total, 4 projects), each project covers different topics. The projects are quite interesting too, however, you might spend quite some time doing the research on your own to understand and solve them. My advice for the projects is that do not procrastinate and start as early as possible. You might not know how much time and effort you need to finish them all. As for the exams (30% total, 2 exams), studying the textbooks as well as watching those lecture videos should be sufficient. Same for the quizzes (10% total, 10 quizzes). There is also an extra credit project which might help you with bumping up your grade (3% total).

There are a lot of things to study, but those things are not complicated. It is just that you need to learn, understand, and most importantly, memorize them (concepts, technical terms, etc.) in order to do well in this class. If you have put in enough effort in this class, you are certainly getting an A, no doubts. Anyway, I got an A for this class. Statistically, over 50% of students will get an A in this class (my statistics might be off, but trust me, getting an A is not hard, extra credit does help!).

Difficulty : ★★★☆☆ (3 out of 5)
Quality : ★★★☆☆ (3 out of 5)
Workload : 0 - 10 hours / week
Overall Rating : ★★★☆☆ (3 out of 5)

Post was published on , last updated on .

Like the content? Support the author by paypal.me!