MC4205 CYBER SECURITY
UNIT I PLANNING FOR CYBER SECURITY
• Best Practices-Standards and a plan of Action (8M)
• Security Governance Principles, components and Approach(13M)
1)Information Risk Management: (13M,15M) IMPORTANT QUESTION
• Asset Identification (2M)
• Threat Identification (2M)
• Vulnerability Identification (2M)
2)Risk Assessment Approaches(13M,15M) IMPORTANT QUESTION
• Likelihood Assessment (2M)
• Impact Assessment (2M)
• Risk Determination, Evaluation and Treatment
3)Security Management Function (13M)
• Security Policy(2M)
• Acceptable Use Policy
• Security Management Best Practices
•
4)Security Models:(13M)(7M)
• Bell La Padula model(2M)
• Biba Integrity Model (2M)
• Chinese Wall model (2M)
UNIT II-SECURITY CONTROLS
1) People Management (13M)
• Human Resource Security
• Security Awareness and Education
2) Information Management- (13M)
• Information Classification and handling
, • Privacy-Documents and Record Management
3)Physical Asset Management
• Office Equipment
• Industrial Control Systems
4) Mobile Device Security (13M)
5) System Development (13M , 15M) VERY IMPORTANT QUESTION
• Incorporating Security into SDLC
6) Disaster management and Incident response planning.( 8M)
UNIT III CYBER SECURITY FOR BUSINESS APPLICATIONS AND
NETWORKS
Business Application Management
• Corporate Business Application Security
• End user DevelopedApplications (13M)
• System Access
Authentication Mechanisms-
• Access Control (13M)
• System Management (13M)
• Virtual Servers-
• Network Storage Systems (8M)
• Network Management Concepts (8M)
• Firewall (13M)
• IP Security(13M)
Electronic Communications –
Case study on OWASP vulnerabilities using OWASP ZAP tool. (2M,13M)
UNIT VI TECHNICAL SECURITY
Supply Chain Management-
• Cloud Security
UNIT I PLANNING FOR CYBER SECURITY
• Best Practices-Standards and a plan of Action (8M)
• Security Governance Principles, components and Approach(13M)
1)Information Risk Management: (13M,15M) IMPORTANT QUESTION
• Asset Identification (2M)
• Threat Identification (2M)
• Vulnerability Identification (2M)
2)Risk Assessment Approaches(13M,15M) IMPORTANT QUESTION
• Likelihood Assessment (2M)
• Impact Assessment (2M)
• Risk Determination, Evaluation and Treatment
3)Security Management Function (13M)
• Security Policy(2M)
• Acceptable Use Policy
• Security Management Best Practices
•
4)Security Models:(13M)(7M)
• Bell La Padula model(2M)
• Biba Integrity Model (2M)
• Chinese Wall model (2M)
UNIT II-SECURITY CONTROLS
1) People Management (13M)
• Human Resource Security
• Security Awareness and Education
2) Information Management- (13M)
• Information Classification and handling
, • Privacy-Documents and Record Management
3)Physical Asset Management
• Office Equipment
• Industrial Control Systems
4) Mobile Device Security (13M)
5) System Development (13M , 15M) VERY IMPORTANT QUESTION
• Incorporating Security into SDLC
6) Disaster management and Incident response planning.( 8M)
UNIT III CYBER SECURITY FOR BUSINESS APPLICATIONS AND
NETWORKS
Business Application Management
• Corporate Business Application Security
• End user DevelopedApplications (13M)
• System Access
Authentication Mechanisms-
• Access Control (13M)
• System Management (13M)
• Virtual Servers-
• Network Storage Systems (8M)
• Network Management Concepts (8M)
• Firewall (13M)
• IP Security(13M)
Electronic Communications –
Case study on OWASP vulnerabilities using OWASP ZAP tool. (2M,13M)
UNIT VI TECHNICAL SECURITY
Supply Chain Management-
• Cloud Security
