BC4016 Security Assessment and Risk Analysis Syllabus:

BC4016 Security Assessment and Risk Analysis Syllabus – Anna University PG Syllabus Regulation 2021

COURSE OBJECTIVES:

 Describe the concepts of risk management
 Define and differentiate various Contingency Planning components
 Integrate the IRP, DRP, and BCP plans into a coherent strategy to support sustained organizational operations.
 Define and be able to discuss incident response options, and design an Incident Response Plan for sustained organizational operations.

UNIT I SECURITY BASICS

Information Security Overview: critical information characteristics – availability information states – processing security Countermeasures- education, training and awareness, critical information characteristics -confidentiality – critical information characteristics – integrity, information states – storage, information states – transmission, security countermeasures-policy, procedures and practices, threats, vulnerabilities.

UNIT II THREATS AND VULNERABILITIES OF SYSTEMS & RISK MANAGEMENT

Threats and Vulnerabilities of Systems: Major categories of threats, threat impact areas, Countermeasures: assessments, Concepts of Risk Management: consequences, cost/benefit analysis of controls, implementation of cost-effective controls, monitoring the efficiency and effectiveness of controls , threat and vulnerability assessment.

UNIT III SECURITY PLANNING

Security Planning: directives and procedures for policy mechanism, Risk Management: acceptance of risk corrective actions information identification, risk analysis and/or vulnerability assessment components, risk analysis results evaluation, roles and responsibilities, Contingency Planning/Disaster Recovery: agency response procedures and continuity of operations, contingency plan components, determination of backup requirements, development of plans for recovery actions after a disruptive event, development of procedures for off-site processing, emergency destruction procedures, guidelines for determining critical and essential workload, team member responsibilities in responding to an emergency situation

UNIT IV PHYSICAL SECURITY MEASURES, PRACTICES AND PROCEDURES

Physical Security Measures: alarms, building construction, cabling, communications centre, environmental controls, filtered power, physical access control systems. Security Practices and Procedures: access authorization/verification, contractors, employee clearances, position sensitivity, security training and awareness, systems maintenance personnel, Administrative Security Procedural Controls: attribution, copyright protection and licensing, Auditing and Monitoring: conducting security reviews, effectiveness of security programs, investigation of security breaches, privacy review of accountability controls, review of audit trails and logs.

UNIT V OPERATIONS SECURITY

Operations Security (OPSEC): OPSEC surveys/OPSEC planning INFOSEC: computer security – audit, cryptography-encryption – Cryptography-strength – Case study of threat and vulnerability assessment

TOTAL: 45 PERIODS

PRACTICALS:

1. To audit the C/ C++ / Python code using RATS code checking tool.
2. Implement Flawfinder stand-alone script to check for calls to know potentially vulnerable library function calls.
3. Implement FindBugs standalone GUI application, or Eclipse plugin for loading custom rules set.
4. Implement pychecker stand-alone script to find bugs in the code.
5. Installation of splunk and study basic working as to stores data in its index and therefore separate database required
6. Implement splunk to discovers useful information automatically without searching manually
7. Implement splunk to converts log data into Visual graphs and reports to simplify analysis, reporting and troubleshooting
8. Assess and submit a report on cyber security risk assessment for SCADA and DCS networks.

TOTAL: 30 PERIODS

TOTAL:45+30=75 PERIODS

COURSE OUTCOMES:

After the completion of this course, student will be able to
CO1: Recommend contingency strategies including data backup and recovery and alternate site selection for business resumption planning.
CO2: Describe the escalation process from incident to disaster in case of security disaster.
CO3: Design a Disaster Recovery Plan for sustained organizational operations.
CO4: Design a Business Continuity Plan for sustained organizational operations.
CO5: Explain the concept of Operations Security and assessment of threat and vulnerability.

REFERENCES

1. Michael Whitman and Herbert Mattord, “Principles of Incident Response and Disaster Recovery”, Thomson Course Technology, 2007, ISBN: 141883663X
2. http://www.cnss.gov/Assets/pdf/nstissi_4011.pdf
3. Atle Refsdal, Bj rnar Solhaug, Ketil St len.Cyber-Risk Management, Springer, 2015
4. Martin Weiss; Michael G. Solomon, “Auditing IT Infrastructures for Compliance”, Second Edition, Jones & Bartlett Learning, 2016, ISBN: 9781284090703
5. Mark Talabis and Jason Martin, “Information Security Risk Assessment Toolkit”, 1st Edition, Syngres /Elsevier, 2012, ISBN: 9781597497350