MCA-20-25 (iii): Security in Computing
Type: Elective
Contact Hours: 4 hours/week
Examination Duration: 3 Hours
Mode: Lecture
External Maximum Marks: 75
External Pass Marks: 30(i.e. 40%)
Internal Maximum Marks: 25
Total Maximum Marks: 100
Total Pass Marks: 40(i.e. 40%)
Instructions to paper setter for End semester examination:
Total number of questions shall be nine. Question number one will be compulsory and will be consisting of short/objective type questions from complete syllabus. In addition to compulsory first question there shall be four units in the question paper each consisting of two questions. Student will attempt one question from each unit in addition to compulsory question. All questions will carry equal marks.
Course Objectives: The objective of this course is to provide the coverage of various security parameters and vulnerabilities. This course enables the students to handle various security issues in real-world.
Course Outcomes (COs) At the end of this course, the student will be able to:
MCA-20-25 (iii).1 learn the concepts of computer security and various cryptographic techniques for securing a system;
MCA-20-25 (iii).2 understand the concepts of database security and various network security controls;
MCA-20-25 (iii).3 get familiar with various Internet security protocols;
MCA-20-25 (iii).4 understand various physical security breaches and Intellectual property rights.
Unit – I
Computer Security Concepts, Threats, Attacks and Assets, Security Functional Requirements, Security
Architecture and Scope of Computer Security, Computer Security Trends and Strategies. Cryptography: Terminology and Background, Substitution Ciphers, Transpositions, Cryptanalysis,
Program Security: Secure Program, Non-malicious Program Error, Viruses and other Malicious Code, Targeted Malicious Code, Control against Program Threats.
Unit – II
Database Security: Database Management System, Relational Databases, Database Access Control, Inference, Security Requirements, Reliability and Integrity, Sensitive Data, Database Encryption.
Network Security: Threats in Network, Network Security Controls, and Firewall- Need for firewall, Characteristics, Types of firewall, Firewall Basing, Intrusion Detection System- Types, Goals of IDS, IDS strengths and Limitations.
Unit – III
Internet Security Protocols and Standards: Secure Socket Layer (SSL) and Transport Layer Security (TLS), IPv4 and IPv6 Security, Kerberos 672, X.509, Public Key Infrastructure.
Linux Security Model, File System Security, Linux Vulnerability, Linux System Hardening, Application
Security. Window Security Architecture, Windows Vulnerability, Windows Security Defense, Browser Defenses.
Unit – IV
Physical Security Threats, Physical Security Prevention and Mitigation Measures, Recovery form Physical
Security Breaches, Security Auditing Architecture, Security Audit Trail, Security Risk assessment, Security Controls or Safeguard, IT Security Plan, Implementation of Controls, Cybercrime and Computer Crime, Intellectual Property, Privacy, Ethical Issues.
Text Books:
⦁ Charles. P. Pfleeger & Shari Lawrence Pfleeger, Security in Computing, Pearson Education.
Reference Books:
⦁ William Stalling, Lawrie Brown, Computer Security Principles and Practice, Pearson Education.
⦁ Atul Kahate, Cryptography and Network Security, Tata McGraw-Hill Education