Academic Catalog 2018–2019

jump to navigation


CSC435 Computer Security

[3–0, 3 cr.]

This course is an introduction to computer security including formal models of security, security goals and fundamentals (confidentiality, integrity, availability, etc.), introduction to risk assessment and management, security standards in government and industry (e.g., Common Criteria, Orange Book, etc.), corporate and institutional security policies, evaluation process and levels, computer system protection principles, access controls, cryptography fundamentals, authentication, security operations, software attacks including malicious code and buffer overflows, social engineering, injection attacks, and related defense tools, network attacks including denial of service, flooding, sniffing and traffic redirection, defense tools and strategies, web sites attacks including cross-site scripting, IPSec, Virtual Private networks and Network Address Translation, and ethics. Hands-on experience is part of the class.

Prerequisite: CSC326 Operating Systems