Information System Security

The course is structured into 12 key thematic areas:

1. Foundations: Introduction to the CIA Triad and the evolution of security.
2. Threat Landscape: Analysis of Malware, Phishing, DDoS, and Social Engineering.
3. Policy & Governance: Developing Access Control and RBAC policies.
4. Architecture: Security models (Bell-LaPadula, Biba) and Network Security (Firewalls, IDS).
5. Cryptography: Symmetric vs. Asymmetric encryption and PKI.
6. Identity Management: Multi-factor Authentication (MFA) and Single Sign-On (SSO).
7. Testing: Vulnerability Assessment and Penetration Testing (VAPT).
8. App Security: Secure SDLC and OWASP Top 10.
9. Network Defense: VPNs, Tunneling, and Packet Analysis.
10. Incident Response: Containment, eradication, and post-incident analysis.
11. Legal & Ethics: Privacy laws and responsible disclosure.
12. Future Trends: Cloud, IoT security, and AI in cyber defense.