Officelocation: CG-11, Integrated Sciences Building

Module code / TF-4307
Module Title / Information Communication Security
Degree/Diploma / Bachelor of Engineering (Information Communication Systems)
Type of Module / Major Option
Modular Credits / 2 / Total student Workload / 4hours/week
Contact hours / 2hours/week
Prerequisite / None
Anti-requisite / SS-4310 Computer Security
Instructor
Pg Dr EmeroylariffionAbas

• OfficeLocation: CG-11, Integrated Sciences Building
• Tel: +673 719 2304
• E-mail:

Office Hours Monday: 7:30 a.m – 8:45 a.m & Wednesday: 2:30 p.m –3:45 p.m
Course Objectives

1. Introduces the different elements that need to be considered in maintaining and securing communication network
2. Introduces the management aspect of IT security such as security and risk management, etc.
3. Introduces the software and hardware aspects of IT security such as network architecture, access control, identity management and cryptography

Course Outcomes
On successful completion of this module, a student will be expected to be able to:

1. Knowledge

/

1. Comprehend the procedure for risk assessment and its relationship withthe development of policies, standard and guidelines
2. Understand different network archietectures and devices that are employed
3. comprehend cryptographic concepts and explain its role in differentapplications

2. Cognitive Skills /

1. Analyse different network configurations, identify threat andvulnerabilities
2. Implement appropriate authentication, authorisation and accesscontrol to satisfy different requirements
3. Analyse different methods to mitigate identified application, dataand host security risks
4. Interpret analysis result and recommend appropriate security improvements
5. Design network elements and controls to fulfil given communicationrequirement

1. Interpersonal Skills and Responsibilities

/

1. Ability to analyse and discuss security issues; given some IT networks and architectures

1. Communication, IT, and Numerical Skills

/

1. Ability to perform proper engineering reporting; either through written reports or technical presentation
2. Utilise appropriate softwares for the analysis of data

Module Contents

• General security requirement, risk management and the development of policies, standard and

guidelines

• Common attacks (malware, social engineering, application attacks) and tools to identify andmitigate against the attacks
• Different network devices (firewalls, routers, load balancers, UTM security appliances, etc.) andcomponents (DMZ, Virtualisation, sub-netting etc.) and its usage in different networkarchitecture design
• Application, data and host securities – identification, tools and techniques
• Access control, authentication, authorization and identity management as well as the differentservices available
• General cryptography concepts and its applications (Symmetric vs. Asymmetric encryption,hash algorithm)

Assessment / Formative assessment / Monthly Quizzes and MCQs; composed of different questions with differing difficulties shall be used to test and to give feedback for their learning
Summative assessment / Examination: 60%
-Coursework: 40%
-2Class Tests (10% each)
-2Individual Laboratory Assignments (10% each)
Text Books and References / DulaneyE. and EasttomC. “CompTIA security+”,6thEdition,Wiley, 2014

Faculty of Integrated Technologies

Universiti Brunei Darussalam

TENTATIVE COURSE SCHEDULE:

Topic / Outcomes / Week No.
Measuring and Weighing Risk / 1.1, 3.1 / 1
Network Monitoring and Diagnosis / 1.2, 2.1, 3.1 / 2, 3
Network devices and Infrastructure / 1.2, 2.1, 2.4, 2.5, 3.1, 4.1, 4.2 / 3, 4, 5
Access Control, Authentication and Authorisation / 2.2, 2.4, 2.5, 3.1, 4.1 / 6,7
Security consideration in Wireless Networks / 1.2, 2.4, 2.5, 3.1 / 8,9
Host, Data and Application Security / 2.3, 2.4, 2.5, 3.1, 4.1 / 9,10
Cryptography / 1.3, 2.4, 2.5, 3.1, 4.1 / 10, 11, 12, 13
Social Security / 1.1, 2.4, 3.1 / 13, 14