CW3004 Enterprise Security Syllabus:

CW3004 Enterprise Security Syllabus – Anna University Regulation 2021

COURSE OBJECTIVES:

 To understand enterprise security in today’s world.
 To learn how to evaluate business processes related to risk management
 To learn business continuity
 To understand auditing and security issues in software development.

UNIT I INTRODUCTION

Developing a Secure Foundation-threat and vulnerabilities-Security Categorization Applied to Information Types & Information Systems-Minimum Security Requirements-Infrastructure Security Model Components-Systems Security Categorization-Business Impact Analysis-Risk Management.

UNIT II PLANNING, MANAGEMENT AND MONITORING

Phases of Security-Focused Configuration Management-Security Configuration Management Plan-Baseline Identification-Roles and Responsibilities-Measurements-Configuration Audits-Types of Plans-Continuous Monitoring Strategy-Continuous Monitoring Program-Monitoring and Assessment Frequencies.

UNIT III SECURITY ARCHITECTURE

The Meaning of Security – Measuring and Prioritizing Business Risk-Empowering the Customers Protecting Relationships and Leveraging Trust-The Meaning of Architecture-Information Systems Architecture-Enterprise Security Architecture-Security Architecture Model-The SABSA ModelContextual and Conceptual Security Architecture

UNIT IV SECURITY POLICY , OPERATIONAL RISK AND ASSURANCE MANAGEMENT

Structuring the Content of a Security Policy-Policy Hierarchy and Architecture-Policy Principles Types of Security Policies-Complexity of Operational Risk Management-Approaches to Risk Assessment-Risk Mitigation-Risk Financing-Assurance of Operational Continuity-Security AuditsFunctional & Penetration Testing.

UNIT V SECURITY ADMINISTRATION, OPERATIONS AND VALIDATION

Introduction-Managing the People-Managing Physical and Environmental Security-Managing ICT Operations and Support-Access Control Management-Compliance Management-Security-Specific Operations- Managed Security Services-Product Evaluation and Selection-Business Continuity Management-Certification and Accreditation Process-General Process Phase I & II.

TOTAL:45 PERIODS

COURSE OUTCOMES:

CO1: Design appropriate security architecture with an understanding of the technology
CO2: Create and deploy enterprise solutions in support of organizational goals
CO3: Plan and implement projects related to infrastructure, security, software development.
CO4: Interpret governance policies.
CO5: Manage IT governance policies.

TEXT BOOK:

1. James A. Scholz, Enterprise Architecture and Information Assurance Developing a Secure Foundation, CRC Press, 2013.(UNIT –I &II)
2. John Sherwood, Andrew Clark, David Lynas, Enterprise Security Architecture A BusinessDriven Approach, CRC Press, 2005. (UNIT-III,IV and V)

REFERENCES :

1. John R.Vacca, Computer and Information Security Handbook, Second Edition, Elsevier 2013.
2. Michael E. Whitman, Herbert J. Mattord, Principal of Information Security, Fourth Edition, Cengage Learning, 2012.

Related posts:

  1. MC4205 Cyber Security Syllabus
  2. GI3011 Enterprise GIS Syllabus
  3. CW3551 Data and Information Security Syllabus
  4. IF4301 Information and Network Security Syllabus
  5. BC4016 Security Assessment and Risk Analysis Syllabus
  6. BN4008 Enterprise Information System Syllabus
  7. CP4391 Security Practices Syllabus
  8. MI4606 Enterprise Resource Planning Syllabus
  9. CE4151 Principles of Cyber Security Syllabus
  10. CIE335 Enterprise Resource Planning Syllabus
  11. PD4002 Enterprise Resource Planning and Management Syllabus
  12. IL4072 Enterprise Resource Planning Syllabus
  13. BA4031 Enterprise Resource Planning Syllabus
  14. BA4054 Supply Chain Information System Syllabus
  15. MI4054 Supply Chain Information System Syllabus
  16. CCS362 Security and Privacy in Cloud Syllabus
  17. CW3401 Introduction to Business Systems Syllabus
  18. CEI336 Cyber Security Syllabus
  19. CB3491 Cryptography and Cyber Security Syllabus
  20. AI3019 Sustainable Agriculture and Food Security Syllabus