University of Central Punjab

Faculty of Information Technology

PROGRAM (S) TO BE
BSCS
EVALUATED

A. Course Description
Course Code CSNC 3413
Course Title Information Security
Credit Hours 3(3-0)
Prerequisites by Course(s) and Knowledge of information technology fundamentals (computer application,
Topics operating systems, applications, and networking) is required, or permission of
the instructor is also required.
Assessment Instruments with  Quizzes: 10%
Weights (homework, quizzes,  Assignments: 15%
midterms, final, programming  Class Participation: 10%
assignments, lab work, etc.)  Mid Term: 25%
 Final: 40%
Semester 6&7
Course Instructor (s) Mahwish Shahid
Course Instructor Email [email protected]
Course Coordinator Dr Ghulam Mustafa
Course Coordinator Email [email protected]
Office Hours Monday (02:00 PM - 03:00 PM), Tuesday (02:00 PM - 03:00 PM)
Office Location Sports Building (Gym Faculty), 2nd floor, Cabin no.13
Plagiarism Policy  Cheating and plagiarism will not be tolerated in any course offered
by UCP. Such activities/behavior will result in no credit for the
assignment or examination and may lead to disciplinary actions.
Please take the time to review the Rules & Regulations :

https://ucp.edu.pk/rules-regulations/

 Such activities/behavior include copying (even with modifications)

Tools Used in the Course
another student’s work or letting your work be copied. Your
participation in interactions with the instructor and your classmates
is encouraged, but the work you submit must be your own.
Collaboration is not permitted.
 Any General Purpose Programming Language (C/C++,Java, Python), PGP
Plugin, Thunderbird, Zone Alarm or Windows Defender Firewall, SQL

Course Description Students take this course to study the fundamentals of information security,
both from a managerial and technological standpoint. Students gain an
understanding of the various types of security incidents and assaults as well as
techniques for preventing, detecting, and responding to such events.
Additionally, students will study the fundamentals of using cryptography, a
critical technology for implementing security features. Teams of students will
present their research projects on subjects linked to information security at the
final session.
1 NCEAC.FORM.001.C
 Course Objectives
Textbook (or Laboratory Manual for 
Laboratory Courses)  Cryptography and Network Security: Principles and Practice 7th Edition
Reference Material
Programming Assignments Done in
the Course
Class Time Spent on (in credit hours)
Oral and Written Communications
 To learn how to describe different information security threats and
countermeasures.
 To learn how to assess security issues and create defenses.
 To learn how to describe the response to an information security event.
 To be able to describe how Common Key and Public Key cryptography
are used.
 To be able to describe the mechanism used to safeguard the privacy and
accuracy of data.
Computer Security Fundamentals, 3rd edition by William Easttom
by William Stallings (Author)
 Computer Security: Principles and Practice, 3rd /4th Edition by William
Stallings (Author), Lawrie Brown (Author)
 Security in computing, Charles P. Pfleeger and Shari Lawrence Pfleeger
(2015), 5th edition, Prentice Hall, ISBN-13: 978-0132390774.
 Understanding Cryptography, Christof Paar and Jan Pelzl (2009), 1st
edition, Springer Publishing Company, ISBN: 3642041000
9783642041006.
 Official (ISC)2 Guide to the CISSP CBK, 3rd edition
 Principles of Information Security, Michael E. Whitman, and Herbert J.
Mattord, Cengage Learning, ISBN: 1285448367
 Understand cryptography in-depth, Christof Paa and Jan Pelzl, Springer,
ISBN: 3642041000
 Security Engineering, a guide to building dependable distributed
systems, Ross J. Anderson (2020), 3rd Edition, Wiley Publications.
 Building secure software, John Viega, and Gary McGraw (2011), How
to avoid security problems the right way, Addison-Wesley Professional
Computing Series, 1st edition, ISBN-13: 978-0321774958.
 Applied Cryptography, Bruce Schneier, Protocols, Algorithms, and
Source Code in C, 2nd Edition, Wiley, ISBN-13: 978-0471117094.
N/A
Theory
3ch
Yes

CLO CLO STATEMENT Bloom’s Taxonomy PLO

Level
Identify and comprehend basics terms and PLO 1-Academic
1 technologies and concepts of information security 2
Education
Investigate and analyze real situations from the
2 information security point of view and model them 4 PLO 3- Problem Analysis
using various security control measures
Apply the concepts of confidentiality, integrity, and PLO 4- Design/
3 availability into practice 3
Development of Solutions
1: Remember, 2: Understand, 3: Apply, 4: Analyse, 5: Evaluate, 6: Create

2 NCEAC.FORM.001.C
 Lec References CLO
We Evaluation
tur Topics Covered
ek Instrument
e

Introduction of Information Security William 1

1.
 Basics of Information Security Stallings
1  CIA Model
 Basic terminologies
2.  Social Engineering William 1
 Solution of CIA related Issues? Stallings

Classical Ciphers Quiz #1 William 1,2

3.
 Caesar Cipher, Stallings
 Substitution Cipher
2  Playfair Cipher
4.  Hill Cipher William 1,2
 Monoalphabetic Ciphers Stallings

5.  Substitution cipher William 1,2

 Playfair Cipher Stallings
 Vigenere Cipher
3 6. Cryptanalysis Assignment William 2,3
 Cryptanalysis of Caesar cipher #1 Stallings

7. Stream Ciphers Quiz #2 William 2,3

 RC4 Stallings
4
8. Block Ciphers William 1,2,3
 Introduction of DES Stallings

9.  DES (cont) William 1,2,3

 DES key generation Stallings
5
10.  Introduction of AES William 1,2,3
Stallings

11.  AES cont, 1,2,3

6

12. Public Key Cryptography Quiz #3 1

 Difference between Public and private
key cryptosystems
13.  Introduction to Modular Arithmetic, Assignment 1,2
Basic Operation. #2

7  Finding GCD and Inverse using

3 NCEAC.FORM.001.C
 Euclidian and Extended Euclidian
Algorithm

14.  RSA Algorithm 2,3

15.  Revision
8

16. Review

9 Mid Term Week

Hashes and Digital Signatures Charles 3
 Hash functions P.
10 17  Digital signature Pfleeger
 Digital Certificates and use of certificates
as public identities
Authentication Charles 3
 User authentication P.
18
 Password based authentication Pfleeger
 Token based authentication
System Security Quiz #4 Charles 1,2
 Introduction to Malware P.
19
11  Virus Pfleeger
 Worms
 Rootkits Assignment Charles 1,2
 Trojans #3 P.
20
 Virus countermeasures Pfleeger

Software Security Charles 1,2,3

 Buffer overflow P.
21  Defending against buffer overflow Pfleeger
12  Other types of buffer overflow attacks

Database Security Charles 1,2,3

22  Grantt and Revoke P.
Pfleeger
Operating System Security William 1,2,3
 Mandatory access control Stallings
 Discretionary access control
23
13  Access Control list
 Role based access control

24 Network Security William 1,2,3

 Network Attacks Quiz #5 Stallings
 Honeypots
 Firewall
4 NCEAC.FORM.001.C
  Firewall types
 Firewall basing, location and
configuration
 Intruders William 1,2,3
25  Host based intrusion detection Stallings
 Distributed host-based intrusion detection
14  Host base IPS William 1,2,3
26  Network based IPS Stallings
 Snort inline
Web Security William 1,2,3
27  SQL injection attack Stallings
 Cross-site scripting (XSS) attack
Legal and Ethical Issues in Computer Quiz #6 Charles 1,2,3
Security P.
15
 Cyber Crimes and computer crimes Pfleeger
28  Intellectual property
 Protecting Program and Risk
Assessment

 Information and law Charles 1,2,3

 Privacy P.
29
 Ethical issues in computer security Pfleeger
16
30 Review

5 NCEAC.FORM.001.C