Module Database Search
MODULE DESCRIPTOR | |||
---|---|---|---|
Module Title | |||
Information Security Management | |||
Reference | CMM517 | Version | 4 |
Created | March 2022 | SCQF Level | SCQF 11 |
Approved | January 2013 | SCQF Points | 15 |
Amended | July 2022 | ECTS Points | 7.5 |
Aims of Module | |||
---|---|---|---|
To enable the student to explore and critically appraise a wide spectrum of security concepts including information security management, cryptography and security services and enable them to analyse, assess the risks, design and implement a secure system in a given context. |
Learning Outcomes for Module | |
---|---|
On completion of this module, students are expected to be able to: | |
1 | Identify and discuss information security risks in a variety of environments. |
2 | Demonstrate an understanding of information security management requirements. |
3 | Apply and justify the use of appropriate cryptographic algorithms for the design and implementation of secure systems. |
4 | Select appropriate security services for a particular computer system. |
Indicative Module Content |
---|
Security concepts: threats, vulnerabilities, and risk. Confidentiality, Integrity and Availability. Information security governance, policies, standards (e.g. ISO 27001), procedures and guidelines (e.g. Cyber Essentials). Security models. Security risk analysis and management. Security services: Authentication, Access Controls. Cryptography: symmetric and asymmetric encryption (AES, RSA, and Diffie-Hellman) and Hash Functions. Authentication systems: symmetric (Kerberos) and asymmetric (Certificates and Public Key Infrastructures) techniques. Crypto Systems (e.g. Secure Sockets Layer/Transport Layer Security). |
Module Delivery |
---|
Key concepts are introduced and illustrated through lectures and directed reading. The understanding of students is tested and further enhanced through lab sessions. |
Indicative Student Workload | Full Time | Part Time |
---|---|---|
Contact Hours | 30 | 30 |
Non-Contact Hours | 120 | 120 |
Placement/Work-Based Learning Experience [Notional] Hours | N/A | N/A |
TOTAL | 150 | 150 |
Actual Placement hours for professional, statutory or regulatory body |   |   |
ASSESSMENT PLAN | |||||
---|---|---|---|---|---|
If a major/minor model is used and box is ticked, % weightings below are indicative only. | |||||
Component 1 | |||||
Type: | Coursework | Weighting: | 100% | Outcomes Assessed: | 1, 2, 3, 4 |
Description: | A report where the student will discuss risks and appraise security services. |
MODULE PERFORMANCE DESCRIPTOR | |
---|---|
Explanatory Text | |
The calculation of the overall grade for this module is based on 100% weighting of C1. An overall minimum grade D is required to pass the module. | |
Module Grade | Minimum Requirements to achieve Module Grade: |
A | The student needs to achieve an A in Component 1. |
B | The student needs to achieve a B in Component 1. |
C | The student needs to achieve a C in Component 1. |
D | The student needs to achieve a D in Component 1. |
E | The student needs to achieve an E in Component 1. |
F | The student needs to achieve an F in Component 1. |
NS | Non-submission of work by published deadline or non-attendance for examination |
Module Requirements | |
---|---|
Prerequisites for Module | For short course students only: previous computing experience is beneficial. For School of Computing MSc students: none in addition to course entry requirements. |
Corequisites for module | None. |
Precluded Modules | None. |
INDICATIVE BIBLIOGRAPHY | |
---|---|
1 | NORMAN, T.L., 2016. Risk analysis and security countermeasure selection. CRC Press. |
2 | JACOBS, S. 2016. Engineering Information Security. Wiley. |
3 | GREGORY, P. 2018. CISM Certified Information Security Manager All-in-One Exam Guide. McGraw-Hill. |
4 | ALEXANDER,D.,FINCH,A.,SUTTON,D.,TAYLOR,A.,2013.Information Security Management Principles. British Computer Society. |
5 | CAMPBELL, G., 2014, The manager's handbook for business security. Elsevier. |
6 | SMART, N.P., 2015. Cryptography made simple. Springer. |