Information Package / Course Catalogue - Adnan Menderes University

General Information Unit Staff Academic Information Programme Outcomes Course Structure Diagram Contact Information

Person Responsible for Information Package

Assoc. Prof. Büşra KUTLU KARABIYIK

Assoc. Prof. Pınar Zarif TAN

Lec. Ecem Buse SEVİNÇ ÇUBUK

Information Systems Security and Control

Course Code	: YBS458
Course Type	: Required
Couse Group	: First Cycle (Bachelor's Degree)
Education Language	: Turkish
Work Placement	: N/A

Theory	: 2
Prt.	: 1
Credit	: 3
Lab	: 0
ECTS	: 6

Objectives of the Course

To gain necessary knowledge and skills for IT systems security and control.

Course Content

Protected qualities of information, secure file storage and deletion methods, access control, authentication, intrusion detection and prevention systems, network mapping and alarm strategies, web-based attacks, password and e-mail security, TS ISO / IEC 27001: 2013 Information Security Management System, management and responsibilities of information security breach incidents

Name of Lecturer(s)

Assoc. Prof. Türkay HENKOĞLU

Learning Outcomes

1.	Know the concepts of information security and the characteristics of information.
2.	Know basic cryptology terms and techniques
3.	S/he information about secure file storage and deletion methods in computer systems.
4.	S/he has information about Access Control and Authentication.
5.	Know intrusion detection systems, network mapping and alarm strategies
6.	Know web based attacks and intrusion prevention systems
7.	S/he has information about password security, email security and firewall applications
8.	S/he can apply the TS ISO / IEC 27001: 2013 Information Security Management System Standard.
9.	S/he has information about the management of information security breach incidents.

Recommended or Required Reading

1.	ISO/IEC 27001 Bilgi Güvenliği Standardı. Eren Veysel Ersoy, ODTÜ, 2012
2.	ISO27001 in a Windows® Environment: The best practice handbook for a Microsoft® Windows® environment, Brian Honan, IT Governance Publishing, 2010
3.	Cyber Security Standards, Practices and Industrial Applications: Systems and Methodologies, Zubairi& Mahboob, IGI Global, 2012
4.	The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice. Jason Andress. Syngress, 2011
5.	The Basics of Digital Privacy: Simple Tools to Protect Your Personal Information and Your Identity Online, Cherry & LaRock, Elsevier, 2014

Weekly Detailed Course Contents

Week 1 - Theoretical

Identification of the concepts of information security and the characteristics of information

Week 1 - Preparation Work

Course Material

Week 2 - Theoretical

Basic cryptology terms and techniques

Week 2 - Preparation Work

Course Material

Week 3 - Theoretical

Secure File Storage and Deletion Methods in Computer Systems

Week 3 - Preparation Work

Course Material

Week 4 - Theoretical

Access Control and Authentication

Week 4 - Preparation Work

Course Material

Week 5 - Theoretical

Intrusion detection systems, network mapping and alarm strategies

Week 5 - Preparation Work

Course Material

Week 6 - Theoretical

Web based attacks and intrusion prevention systems

Week 6 - Preparation Work

Course Material

Week 7 - Theoretical

Password and email security

Week 7 - Preparation Work

Course Material

Week 8 - Theoretical

Communication security and Firewall applications

Week 8 - Preparation Work

Course Material

Week 9 - Theoretical

Management, responsibilities and procedures of information security breach incidents

Week 9 - Preparation Work

Course Material

Week 10 - Theoretical

Management, responsibilities and procedures of information security breach incidents

Week 10 - Preparation Work

Course Material

Week 11 - Theoretical

TS ISO / IEC 27001: 2013 Information Security Management System Standard

Week 11 - Preparation Work

Course Material

Week 12 - Theoretical

TS ISO / IEC 27001: 2013 Risk Risk Assessment and Analysis

Week 12 - Preparation Work

Course Material

Week 13 - Theoretical

Reference Control Objectives and Controls

Week 13 - Preparation Work

Course Material

Week 14 - Theoretical

Information security policies, organization, asset management and system development

Week 14 - Preparation Work

Course Material

Assessment Methods and Criteria

Type of Assessment	Count	Percent
Midterm Examination	1	%40
Final Examination	1	%60

Workload Calculation

Activities	Count	Preparation	Time	Total Work Load (hours)
Lecture - Theory	13	2	2	52
Lecture - Practice	13	0	1	13
Assignment	13	2	0	26
Individual Work	13	2	0	26
Quiz	2	4	1	10
Midterm Examination	1	9	1	10
Final Examination	1	12	1	13
TOTAL WORKLOAD (hours)				150

Contribution of Learning Outcomes to Programme Outcomes

PÇ-1

PÇ-2

PÇ-3

PÇ-4

PÇ-5

PÇ-6

PÇ-7

PÇ-8

PÇ-9

PÇ-10

PÇ-11

PÇ-12

PÇ-13

PÇ-14

PÇ-15

OÇ-1

OÇ-2

OÇ-3

OÇ-4

OÇ-5

OÇ-6

OÇ-7

OÇ-8

OÇ-9

Person Responsible for Information Package

Assoc. Prof. Büşra KUTLU KARABIYIK

Assoc. Prof. Pınar Zarif TAN

Lec. Ecem Buse SEVİNÇ ÇUBUK