Ders Tanımları

The definition of information assurance, its scope and subfields. Attackers and their motivation. Computer networks, open system interconnection, TCP-IP protocal suite. Wireless networks and protocols. 2G-3G-4G-5G wireless communications and protocols. Satellite communication. Software defined network and network virtualization. Computing paradigms, Cloud computing. Operating systems. Programming paradigms and languages. Vulnerabilities and threats specific to each of these fields, malware. Security metrics, security standards.

The web, web application security, bypassing client-side protection, attacking web application. Authentication, attacking web application sessions, attacking web application access control, attacking application logic flaws. Advanced cross-site scripting vulnerabilities, automated vulnerability analysis tools. Client-side web application security, mobile web application security. Managing software vulnerability tests, managing software vulnerabilities.

General Elective-I

General Elective-II

Network Vulnerability Analysis

Incident response and forensics definitions. Incident response procedures and standards. Cyber security and forensics law, containment, eradiction and recovery. Forensics and first response toolbox, packet analysis, log analysis, ram analysis, deadbox analysis. Sandboxing. Networking for incident response. Digital Evidence collection, evidentiary reporting.

General Elective-III

Preparation of a project by the student under the supervision of the academic advisor.

General Elective-IV

General Elective-V