Scribd Logo
Upload

Welcome to Scribd!

  • Week 12 Sample and Review

    Uploaded by

    Tiago Silveira
    18 views12 pages
    inf sec review

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    inf sec review

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    18 views12 pages

    Week 12 Sample and Review

    Uploaded by

    Tiago Silveira
    inf sec review

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    NIT5140 – Information Security

    Week 12 – Sample and Review

    Prepared By: Dr. Khandakar Ahmed


    Overview

    Overview of
    Information
    Security

    Cryptography

    Malware & Social


    Exam Paper
    Engineering
    Structure
    Attack
    Review
    Application &
    Review
    Network Security

    Access Control &


    Vulnerability

    OS & Cloud
    Security

    Problem Based
    Question
    Exam Paper Structure

    • Number of questions (sets): 6


    • Each question will have sub-question
    • Number of questions to be attempted: 6
    • Total Marks - 100
    Exam Paper Structure

    • Six set of questions out of the following clusters -


    • Overview of Info. Security
    • Cryptography & Steganography
    • Malware & Social Eng. Attack
    • Application & Network Security
    • Access Control & Vulnerability
    • OS & Cloud Security
    • Problem Based Questions
    Overview of Info. Security

    • Week 1 - Overview of Information Security


    • CIA, AAA
    • Hackers – Black, White & Grey Hat
    • Categories of Attackers
    • Five Fundamental Security Principles
    Cryptography & Steganography

    • Week 2 – Cryptography I + Week 3 – Cryptography II +


    Week 4 – Cryptography III
    • Cryptography Terminologies
    • Hashing
    • Symmetric Cryptography
    • Classical Encryption Techniques
    • Asymmetric Cryptography
    • Digital Signature
    • Digital Certificate
    • Trust Model
    Malware & Social Eng. Attack

    • Week 5 – Malware & Social Engineering Attack


    • Malware
    • Viruses, Worms and Trojans
    • Social Engineering Attack
    • Impersonation, Phishing, Spam, Hoaxes,
    Application & Network Security

    • Week 6 – Application & Network Based Attack + Week


    7 - Network Security Fundamentals
    • Server Side Web Application Attacks
    • Cross-Site Scripting (XSS)
    • SQL Injection
    • Client Side Attacks
    • Cookies, Types of Cookies
    • DoS, DDoS
    • ARP Poisoning
    • DNS Poisoning
    • Proxy and Reverse Proxy Server
    • SMAP Filter
    • NAT & PAT
    • DMZ, Subnetting, VLAN
    Access Control & Vulnerability

    • Week 8 – Access Control Fundamentals + Week 9 –


    Vulnerability Assessment
    • Access Control Terminology
    • Four access control models (DAC, MAC, RBAC, RBAC)
    • Best Practices for access control
    • Authentication Server
    • RADIUS, Kerberos, TACACS
    • Aspects of Vulnerability Assessment
    • Attack Tree
    • Risk Calculation Method
    • Honeypots, Honeynets
    • Vulnerability Scanning
    • Penetration Testing
    OS & Cloud Security

    • Week 10 – OS Security + Week 11 – Cloud Security


    • Key Functions of OS
    • OS Security Environment
    • Linux/Unix File Permission
    • Virtualization
    • Native Virtualization
    • Hosted Virtualization
    • Cloud Models
    • Vulnerability management
    • Identity and access management in Cloud
    Problem Based Questions

    • Based on Practicals
    • Main focus on Wireshark Labs
    Good Luck

    You might also like