Dr. Soper provides an introduction to computer security. Topics covered include dependence on technology, information assets, threats, vulnerabilities, controls, confidentiality, integrity, availability, types of attackers, methods of defense, and multi-layered security.
Dr. Soper discusses identification and authentication issues in the context of computer security. Topics covered include controlled access, impersonation, authentication failures, methods of attacking passwords (including dictionary attacks, brute-force attacks, identifying passwords likely for a specific user, etc.), biometric authentication, and multifactor authentication.
Dr. Soper discusses software program security. Topics covered include incomplete mediation, race conditions, time-of-check to time-of-use vulnerabilities, backdoors, intentional and unintentional program flaws, the "penetrate and patch" method, security in the context of the software development life cycle, controls against software program threats, modularity, encapsulation and information hiding, mutual suspicion and confinement, fault detection and fault tolerance, configuration management, testing, and software development standards in the context of information security.
Dr. Soper discusses malware in the context of information security. Topics covered include viruses, worms, Trojan horses, zombies, logic bombs, rabbits, trapdoors, script attacks, attributes of malicious code, how viruses work, methods of hiding a virus, virus detection and removal, and malware hygiene.
Dr. Soper discusses illicit data interception and illicit data access in the context of information security. Topics covered include man-in-the-middle attacks, keystroke loggers, physical attacks, social engineering, insider threats, computer forensics, and the principle of least privilege.
Dr. Soper discusses encryption concepts. Topics covered include encryption algorithms, keyed and keyless cryptosystems, cryptanalysis, breaking encrypted messages, substitution, transposition, and product ciphers, the Caesar cipher, the Vigenère cipher, one-time pads, the Vernam cipher, book ciphers, symmetric and asymmetric cryptosystems, public-key encryption, stream ciphers, block ciphers, the data encryption standard (DES), and the advanced encryption standard (AES).
Dr. Soper discusses firewalls and network security. Topics covered include network vulnerabilities, port scanning, network segmentation, firewall security policies, the OSI reference model, packet filtering gateways, stateful inspection firewalls, application proxy gateways, circuit-level gateways, guards, personal firewalls, encryption in the context of network security, network address translation (NAT), and establishing a network security perimeter.
Dr. Soper discusses security for wireless networks. Topics covered include wireless network concepts, wireless communication, the 802.11 protocol suite, wireless data frames, management frames, wireless network vulnerabilities, MAC spoofing, wired equivalent privacy (WEP), Wi-Fi protected access (WPA and WPA2), and methods of attacking wireless networks.
Dr. Soper discusses malicious data interception and public key encryption. Topics covered include wiretapping, defending against message interception, network encryption methods, the key exchange problem, public key encryption, RSA encryption, and key exchange using public key encryption.
Dr. Soper discusses forgeries of digital artifacts and digital identities. Topics covered include forged email messages, phishing, spam, forged websites and software, online impersonation, cryptographic seals, online identities, digital signatures, using public key encryption for digital signatures, trust in cyberspace, digital certificates, and certificate authorities.
Dr. Soper discusses denial of service attacks and intrusion detection systems. Topics covered include types of denial of service (DoS) attacks, connection flooding, echo chargen attacks, ping of death attacks, smurf attacks, SYN flood attacks, teardrop attacks, distributed denial of service (DDoS) attacks, the scope and operational modes of intrusion detection systems (IDS), and IDS goals and responses to attacks.
Dr. Soper discusses issues relating to information privacy. Topics covered include technology-related privacy concerns, fair information collection principles, privacy laws, information privacy and the government, multiple identities, identity theft, privacy policies, privacy and social networks, privacy and online payments, preference tracking, targeted advertising, tracking cookies, privacy and email, and privacy and emerging technologies.