Master of Science (Information Assurance)

Click to See :

Synopsis of Subjects

A. CORE COURSES

MNS 1523 Data Quality Assurance
A data quality assurance program is an explicit combination of organization, methodologies, and activities that exist for the purpose of reaching and maintaining high levels of data quality. The term assurance puts it in the same category as other functions organizations are used to funding and maintaining. Quality assurance, quality control, inspection, and audit are terms applied to other activities that exist for the purpose of maintaining some aspect of the organization’s activities or products at a high level of excellence. Data quality assurance should take place alongside these others, with the same expectations

MNS 1543 Access Control And Perimeter Protection
This course provides students in-depth knowledge on administrative, technical and physical controls to perimeter protection. Perimeter security risks, its threats and counter measures are discussed. At the end of this course students are able to articulate critically  and recommend the various perimeter protection and access control systems in aligning administrative strategies and technical capabilities for any type of organization.

MNS 1563 E-crime Investigation And Incident Response Management
This course will discuss on how to conduct computer forensic from acquiring digital evidence to reporting their findings. It includes how to set up a forensics lab, how to acquire the necessary tools and how to conduct an investigation and subsequent digital analysis. The laboratory part of this course will include working with Encase – a suite of digital forensics tools from Guidance Software. In addition there will be labs on network forensics, VoIP (Voice over IP) forensics and video forensics which will give students practical and applied experience with wireless and mobile forensics tools and analysis techniques.

MNS 1513 Information Engineering
Information engineering course focuses on the principles of data models of information in a business enterprise using appropriate software architecture and design methods. The topics include four main components which are (1) Advanced Information System and Information Engineering; (2) Enterprise and Technology Architecture and Organizational Business Strategy; (3) Software Design and Information Retrieval and (4) Managing Digital Data.

MNS 1533 Enterprise Information Assurance
The purpose of enterprise information assurance and management strategy is to protect an organization’s valuable assets and resources, such as information, people and services. Through the selection and application of appropriate safeguards and control helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets. This course will examine the elements of information security assurance, employee roles and responsibilities, and common threats. It also examines the need for management controls, policies, procedures, and strategy. Finally, this course will present a comprehensive list of tasks, responsibilities, and objectives that make up a typical information protection program.

MNS 1573 Cyber Law and Ethical Issues
With the emergence of the technology the misuse of the technology has also expanded to its optimum level eg cyber fraud, cyber defamation, hacking, etc. The misuse of the technology has created the need of the enactment and implementation of the cyber laws but whether this cyber laws are capable to control the cyber crime activities, the question requires the at most attention. Today in the present era we need to evolve a ‘cyber-jurisprudence’ based on what can be evaluated and criticized ‘cyber-ethics’. Further, there is a dire need for evolving Code of Ethics on the Cyber Space and its discipline through cyber law.

MNS 1014 Project 1
After being assigned problem individually by the supervisor or proposed by student, each student implement his/her own project based on making use of knowledge and skills obtained in previous courses. Student will be guided during the Research Methodology topic provided in this project.  Although Information Assurance Project 1 and Information Assurance Project 2 make a set, these are assessed and presented separately at the end of the semester. A complete report must be written and adhere to the UTM Thesis Writing Guideline.

MNS 2026 Project 2
Each student must pursue his/her project by using various methods and ways available or they have in hand. At the end of this course, each student has to make a presentation in the presence of other students and examiners for the final assessment.  A complete report must be written and adhere to the UTM Thesis Writing Guideline.

 

B. ELECTIVE COURSES: SELECT THREE (3) COURSES ONLY

MNS 2633  Information Assurance Architecture and Technologies

Information Assurance and the application of security assurance models involves the theory and application of a variety of network security architectures and technologies. Implementation of a security policy and its testing is crucial to the satisfactory operation of a network and its applications. The firewall (perimeter and internal) provides a range of techniques and tools in support of policy implementation and for protection against penetrations and resulting exploits. This course provides background theory together with a substantial amount of hands-on workshop experience using very recent security technology and covering the following topics:

  • packet filters, proxies, stateful packet inspection
  • app level security, content security and authentication
  • cryptographic tools using AES encryption and MD5 & SHA authentication
  • NAT (Network Address Translation)
  • SSL/TLS and X.509 digital certificates
  • IPSec and SSL security tunnelling
  • Virtual Private Network design, implementation & testing
  • Monitoring and performance

MNS 2733 Enterprise Risk Management

This course discusses in depth the risk management in organization. Emphasize is given on the risk management model development, control process, risk evaluation and development control. Students will be asked to view the issues related to risk management from the human factor, process and technical perspective. Relevant technical topics will be included as hands-on exercise.

MNS 2833 Penetration Testing  and Counter measures
With the exponential growth of the Internet and networked computers, cyber crime has become one of the most important problems in the computer world. Online credit card fraud, compromised computer servers and other privacy enormities have created a cloud of distrust among online customers. We need to find the best way possible to protect our information systems. A single intrusion of a computer network can result in loss, unauthorized utilization or modification of large amount of data, and cause the paralyses of normal usage of the network communications. Intrusion Detection is identifying unauthorized users in a computer system. This subject is aimed at educating the students with various attack types available and the way to countermeasure those attacks using different Intrusion Detection Systems (IDS) types available. In addition, lab exercises will cover the applications of tools in finding the vulnerabilities and securing the infrastructure.

MNS 2433 Critical Infrastructure Security and Cyber threats
This course discusses various aspects of critical infrastructure security. The course will consider why and how the critical infrastructure problems will impact the public agenda, why some solutions can be adopted and the others are rejected. The course will primarily examine the policy making at a national level in Malaysia, but will also analyze examples from different countries available.

MNS 2533 Biometrics in Information Assurance
The course discusses in depth the principles of biometric in the field of Information security.The course emphasizes the technological aspects of Biometrics and multimedia security (Steganography and Watermarking) and the applications while giving importance to state-of-art technology. The course highlights the technological merger of the Biometrics and multimedia Security in industries such as: Fingerprinting, Face recognition, and others biometrics technologies. Relevant technical topics will be included as hands-on exercise. MATLAB software is used to implement some of hands-on exercise application.

MNS2623 Wireless Infrastructure Security

This course will cover the theory and practice of wireless and mobile network technologies and address a range of risks and vulnerabilities which require specific penetration testing techniques. The characteristics of a variety of wireless and mobile personal, local and wide area networks, including Bluetooth, NFC/RFID, Android, IP Camera CCTV streaming will be studied in a laboratory environment. The manner in which these networks can be compromised by attacks on the network (such as, sniffing, spoofing, hijacking, man-in-the-middle , traffic injection, brute force, or denial of service) as well as host-based attacks such as spyware and buffer overflow will be evaluated in the laboratory. A range of equipment will be connected to the Virtual Machines including, Wireless Access Points, Android Mobiles, Bluetooth Mobiles, Contactless Cards, IP Cameras and others. The laboratory part of this course (50%) will illustrate vulnerabilities in security implementations in various types of commonly used networks and demonstrate how penetration testing is carried out in a wireless and mobile environment.

MNS 2123 Issues in Information Assurance
The objective of this course is to expose students with issues in information assurance (IA) and the solutions to these problems from the case study, industrial visits and experts view. This course will focus on the IA technology as well as IA policy and management aspects in Malaysia.

MNS 2723 Software  Development and Vulnerability  Analysis
This course discusses in depth the principles of developing software in a secure manner. Emphasize is given on the process of developing the software, covering software development requirement analysis, design, implementation, testing, and deployment. Students will be asked to view the issues related to secure software development from the management perspective. Relevant technical topics such as source code vulnerabilities will be included as hands-on exercise.

MNS 2223 Applied Cryptography
The main aims of this course are to discuss:

  • the need for different types of security services
  • the main types of cryptographic mechanism
  • various cryptographic mechanisms provide different services
  • some of the issues relating to the management of these services.

MNS 2133 Principles of Business Continuity Management
This course discusses in depth the principles of business continuity planning. Emphasize is given on the business continuity planning model, disaster recovery, backup system and planning and securing online document. Students will be asked to view the issues related to business continuity planning from the management and technical perspective. Relevant technical topics will be included as hands-on exercise.

 

C. UNIVERSITY COURSES

UHAP 6013 Seminar on Global Development, Economic and Social Issues
Discussion on this subject includes issues related to globalization and development, economic and social crisis that has become a global concern. It aims in developing skills in understanding and analyzing global issues and recommending relevant solutions. Issues will be discussed in details.

UHAZ 6123 Malaysian Society and Culture
This course is designed for international postgraduates from countries of non-Malay origins. Students will be exposed to various aspects of the Malaysian culture such as  belief system, religious festivals, customs and etiquettes of different ethnic groups in Malaysia. Emphasis will be given to the Malay culture as it makes the core for the Dasar Kebudayaan Kebangsaan. Students will also be briefly introduced to basics of Malay language as the national language of Malaysia.

ULAM 6323 Malay Language for Postgraduates
This course is designed for international Master and Doctor of Philosophy students from countries of Malay origins such as Indonesia, Brunei, Singapore and South Thailand. Students will be exposed to scientific paper writing. In this course, students are given an overview of scientific writing. They are also taught about the scientific paper writing method, particularly academic writing style. Furthermore, students are also thought about writing formats such as collections, bibliographies and editing to fit the format described academic writing UTM.

 

Print Friendly