Course Outcomes for CSC 405 - Introduction to Computer Security

Upon successful completion of this course, a student will be able to...

  1. State the basic concepts in information security, including security policies, security models, and security mechanisms.
  2. Explain concepts related to applied cryptography, including plain-text, cipher-text, the four techniques for crypto-analysis, symmetric cryptography, asymmetric cryptography, digital signature, message authentication code, hash functions, and modes of encryption operations.
  3. Explain the concepts of malicious code, including virus, Trojan horse, and worms.
  4. Explain common vulnerabilities in computer programs, including buffer overflow vulnerabilities, time-of-check to time-of-use flaws, incomplete mediation.
  5. Outline the requirements and mechanisms for identification and authentication.
  6. Explain issues about password authentication, including dictionary attacks (password guessing attacks), password management policies, and one-time password mechanisms.
  7. Explain and compare security mechanisms for conventional operating systems, including memory, time, file, object protection requirements and techniques and protection in contemporary operating systems.
  8. Explain the requirements for trusted operating systems, and describe the independent evaluation, including evaluation criteria and evaluation process.
  9. Describe security requirements for database security, and describe techniques for ensuring database reliability and integrity, secrecy, inference control, and multi-level databases.
  10. Explain the requirements and techniques for security management, including security policies, risk analysis, and physical threats and controls.

See Course Listings

See Course Coordinators