Basics of Information Security Course Code: 4360702

GUJARAT TECHNOLOGICAL UNIVERSITY (GTU)

Competency-focused Outcome-based Green Curriculum-2021 (COGC-2021)

Semester -VI
Course Title: Basics of Information Security
(Course Code: 4360702)

Diploma programme in which this course is offered Semester in which offered

Computer Engineering 6th semester

1. RATIONALE
Present computing era is based on the internet; Information security is crucial for
safeguarding sensitive data and protecting individuals, organizations, and nations
from a wide range of threats. The rationale for information security is multifaceted
and encompasses various aspects of our digital world. Protecting Confidentiality,
Preserving Integrity, Ensuring Availability, Mitigating Risks, Protecting Privacy. This
course aims at learning basic cryptography techniques and applying security
mechanisms for operating systems as well as private and public networks to protect
them from various threats.

2. COMPETENCY
The purpose of this course is to help the student to attain the following industry
identified competency through various teaching-learning experiences:
● Evaluate and apply diverse cryptographic techniques to safeguard networked
systems, integrating foundational knowledge of basic information systems and
principles of cyber security.

3. COURSE OUTCOMES (COs)

The theory should be taught and practical should be carried out in such a manner
that students are able to acquire different learning outcomes in cognitive,
psychomotor and affective domain to demonstrate following course outcomes:

a) Describe fundamentals of information security.

b) Demonstrate substitution, transposition technique and symmetric cryptography
algorithm.
c) Demonstrate the public key encryption with public key cryptography.
d) Apply measures to protect the network communication from attacks using
firewalls and intrusion detection systems.
e) Describe the basics of cyber security, cyber attacks, cyber crime.

GTU - COGC-2021 Curriculum

Page 1 of 8
Basics of Information Security Course Code: 4360702

4. TEACHING AND EXAMINATION SCHEME

Teaching Scheme Total Credits Examination Scheme

(In Hours) (L+T/2+P/2)
Theory Marks Practical Marks
Total Marks
L T P C CA ESE CA ESE

3 - 2 4 30 70 25 25 150
(*): Out of 30 marks under the theory CA, 10 marks are for assessment of the micro-project to
facilitate integration of COs and the remaining 20 marks is the average of 2 tests to be taken
during the semester for the assessing the attainment of the cognitive domain UOs required for
the attainment of the COs.
Legends: L-Lecture; T – Tutorial/Teacher Guided Theory Practice; P -Practical; C – Credit, CA -
Continuous Assessment; ESE -End Semester Examination.

5. SUGGESTED PRACTICAL EXERCISES

The following practical outcomes (PrOs) are the subcomponents of the COs. These
PrOs need to be attained to achieve the COs.

Approx.
Sr. Unit
Practical Outcomes (PrOs) Hrs.
No. No.
required

Execute Basic TCP/IP utilities and commands. (eg: ping, ipconfig, tracert, I 02
1
arp, tcpdump, whois, host, netstat, nslookup, ftp, telnet etc... )

Write a Program to implement Caesar Cipher for basic encryption and II 02

2
decryption. (Any of the Language C/C++/Java/Python)

Write a Program to implement Hill Cipher for basic encryption techniques. II 04

3
(Any of the Language C/C++/Java/Python)

Write a Program to implement the Play-Fair Cipher Technique for II 02

4
encryption. (Any of the Language C/C++/Java/Python)

Write a Program to implement the Rail Fence Technique for encryption. II 02

5
(Any of the Language C/C++/Java/Python)

Write a Program to implement RSA algorithm for asymmetric key III 02

6
encryption. (Any of the Language C/C++/Java/Python)

Demonstrate traffic analysis of different network protocols using tools. i.e. IV 04

7
Wireshark.

8 Simulate the concept of Virtual LAN using Cisco Packet Tracer. IV 02

Simulate the concept of demilitarized zone network (DMZ) using Cisco IV 02

9
Packet Tracer.

10 Simulate the working of Firewall using Cisco Packet Tracer. IV 02

Study cyber security fundamentals, including common threats and V 02

11
mitigation strategies.

GTU - COGC-2021 Curriculum

Page 2 of 8
Basics of Information Security Course Code: 4360702

12 Study of Kali Linux Operating System for cybersecurity. V 02

Total 28

Note
i. More Practical Exercises can be designed and offered by the respective course teacher to
develop the industry relevant skills/outcomes to match the COs. The above table is only a
suggestive list.
ii. The following are some sample ‘Process’ and ‘Product’ related skills (more may be
added/deleted depending on the course) that occur in the above listed Practical Exercises
of this course required which are embedded in the COs and ultimately the competency.

S. No. Sample Performance Indicators for the PrOs Weightage in %

1 Regularity 20

2 Problem Analysis 20

3 Development of the Solution 20

4 Testing of the Solution 20

5 Mock viva test 20

Total 100

6. MAJOR EQUIPMENT/ INSTRUMENTS REQUIRED

1. Hardware: Computer System with latest configuration and laptops
2. Software: C/C++/Java(Compiler), Python Interpreter, Wireshark, Cisco Packet
Tracer, Kali Linux

7. AFFECTIVE DOMAIN OUTCOMES

The following sample Affective Domain Outcomes (ADOs) are embedded in many of
the above-mentioned COs and PrOs. More could be added to fulfill the development
of this competency.
a) Work as an Information Security Analyst.
b) Follow ethical practices.
c) Complying with procedures.
d) Work collaboratively in a team.
e) Workforce capable of preventing and mitigating cyber-attacks.

The ADOs are best developed through the laboratory/field based exercises. Moreover,
the level of achievement of the ADOs according to Krathwohl’s ‘Affective Domain
Taxonomy’ should gradually increase as planned below:
i. ‘Valuing Level’ in 1st year
ii. ‘Organization Level’ in 2nd year.
iii. ‘Characterization Level’ in 3rd year.

GTU - COGC-2021 Curriculum

Page 3 of 8
Basics of Information Security Course Code: 4360702

8. UNDERPINNING THEORY
Only the major Underpinning Theory is formulated as higher-level UOs of Revised
Bloom’s taxonomy in order development of the COs and competency is not missed out
by the students and teachers. If required, more such higher-level UOs could be included
by the course teacher to focus on the attainment of COs and competency.

Unit Unit Outcomes (UOs) Topics and Sub-topics

(4 to 6 UOs at Application and
above level)

Unit – I 1.a Describe basic concept of 1.1 Introduction to Information Security

Introduction Information Security and 1.2 Need for Security
to security attacks 1.3 Security Attacks : Active, Passive
Information and Denial of Service
Security 1.4 Security Basics : Confidentiality,
Integrity and Availability
1.5 Services and Mechanisms

Unit – II 2.a Encrypt and Decrypt the given 2.1 Introduction: Plain text, Cipher
Conventional text using different text, Cryptography,
and substitution methods. Cryptanalysis, Cryptology,
Symmetric 2.b Describe the given technique Encryption and Decryption.
Cryptography of cryptography using an 2.2 Substitution and Transposition
example. Techniques: Monoalphabetic
Cipher, Caesar Cipher,
Polyalphabetic Cipher, Playfair
Cipher, Hill Cipher, One Time Pad,
Rail fence
2.3 Steganography: Introduction,
Types of steganography
techniques
2.4 Symmetric Cryptography : Data
Encryption Standard- Structure,
Advantages and Disadvantages

Unit– III 3.a Describe Public-Key 3.1 Public-Key Cryptography : Principles

Public key Cryptography and its of public-key cryptosystems,
Cryptography applications. Applications of Public-key
3.b Describe the RSA algorithm cryptosystems
with its working. 3.2 The RSA algorithm: Description of
3.c Describe digital signature and the Algorithm, Computational
working of Public Key aspects, Security of RSA.
Infrastructure 3.3 Public key infrastructures : basics
digital signatures, digital
certificates, certificate
authorities, registration
authorities, steps for obtaining a
digital certificate, steps for

GTU - COGC-2021 Curriculum

Page 4 of 8
Basics of Information Security Course Code: 4360702

verifying authenticity and

integrity of a certificate

Unit– IV 4.a Describe the security 4.1 Security topologies – security zones,
Network topologies. DMZ, Internet, Intranet, VLAN,
Security 4.b Explain function of Firewall Security implication, Tunneling.
and different types of 4.2 Firewalls: Need of Firewall, Working
Firewall. of Firewall, Types of Firewall:
4.c Distinguish various types of Packet Filtering, Stateful
IDS with advantages and Inspection, Application Level
disadvantages. Gateway, Circuit-Level Gateway
and Next-Generation Firewall
4.3 Intrusion detection systems (IDS):
Intruders, Components of IDS,
Host based IDS: Host based IDS,
Advantages and Disadvantages of
HIDS, Network based IDS:
Network IDS, advantages and
disadvantages of NIDS

Unit– V 5.a Describe basic concepts of 5.1 Introduction to Cyber Security,

Cyber Security cyber security and Network Cyber Threats, Types of Cyber
threats. Attacks, Vulnerabilities, Intruders
5.b Describe Cyber crime and and Hackers, Threats: Worms,
problems associated with Virus, Ad- ware, Spy-ware,
computer crime Trojans and covert channels,
Backdoors, Bots, IP Spoofing, ARP
spoofing, Session Hijacking
5.2 Cyber Crimes, Types of Cybercrime,
Hacking, Attack vectors,
Cyberspace and Criminal
Behavior, Traditional Problems
Associated with Computer Crime
Note: The UOs need to be formulated at the ‘Application Level’ and above of Revised Bloom’s
Taxonomy’ to accelerate the attainment of the COs and the competency.

9. SUGGESTED SPECIFICATION TABLE FOR QUESTION PAPER DESIGN

Unit Unit Title Teaching Distribution of Theory Marks

No. Hours
R U A Total
Level Level Level Marks

I Introduction to Information Security 06 4 2 2 8

II Conventional and Symmetric 12 2 6 12 20

Cryptography

III Public key Cryptography 10 2 8 6 16

GTU - COGC-2021 Curriculum

Page 5 of 8
Basics of Information Security Course Code: 4360702

IV Network Security 10 4 6 6 16

V Cyber Security 04 4 4 2 10

Total 42 16 26 28 70
Legends: R=Remember, U=Understand, A=Apply and above (Revised Bloom’s taxonomy)
Note: This specification table provides general guidelines to assist students for their learning
and to teachers to teach and question paper designers/setters to formulate test
items/questions assess the attainment of the UOs. The actual distribution of marks at different
taxonomy levels (of R, U and A) in the question paper may vary slightly from the above table.

10. SUGGESTED STUDENT ACTIVITIES

Other than the classroom and laboratory learning, following are the suggested student-
related co-curricular activities which can be undertaken to accelerate the attainment
of the various outcomes in this course: Students should conduct following activities in
group and prepare reports of about 5 pages for each activity, also collect/record
physical evidences for their (student’s) portfolio which will be useful for their
placement interviews:
a) Visit to an Internet Service Provider.
b) Study measures are taken by small computer industries.
c) Seminars on various security tools, algorithms from the course content.
d) Seminars on current threats of system/network.

11. SUGGESTED SPECIAL INSTRUCTIONAL STRATEGIES (if any)

These are sample strategies, which the teacher can use to accelerate the attainment of
the various outcomes in this course:
a) Massive open online courses (MOOCs) may be used to teach various
topics/subtopics.
b) Guide student(s) in undertaking micro-projects.
c) ‘L’ in section No. 4 means different types of teaching methods that are to be
employed by teachers to develop the outcomes.
d) About 20% of the topics/sub-topics which are relatively simpler or descriptive in
nature is to be given to the students for self-learning, but to be assessed using
different assessment methods.
e) With respect to section No.10, teachers need to ensure to create opportunities
and provisions for co-curricular activities.

12. SUGGESTED MICRO-PROJECTS

Only one micro-project is planned to be undertaken by a student that needs to be
assigned to him/her in the beginning of the semester. In the first four semesters, the
micro-project are group-based. However, in the fifth and sixth semesters, it should be
preferably be individually undertaken to build up the skill and confidence in every
student to become problem solver so that s/he contributes to the projects of the
industry. In special situations where groups have to be formed for micro-projects, the
number of students in the group should not exceed three.
The micro-project could be industry application based, internet-based, workshop-
based, laboratory-based or field-based. Each micro-project should encompass two or
more COs which are in fact, an integration of PrOs, UOs and ADOs. Each student will
have to maintain a dated work diary consisting of individual contributions in the
GTU - COGC-2021 Curriculum
Page 6 of 8
Basics of Information Security Course Code: 4360702

project work and give a seminar presentation of it before submission. The total
duration of the micro-project should not be less than 16 (sixteen) student
engagement hours during the course. The student ought to submit a micro-project by
the end of the semester to develop the industry oriented COs.
A suggestive list of micro-projects is given here. This has to match the competency and
the COs. Similar micro-projects could be added by the concerned course teacher:
● Project idea 1: Build a password strength checker. This project helps beginners to
learn about information security, as it can be done with a little bit of coding
knowledge. You can use existing password strength algorithms or create your own.
● Project idea 2: Create a simple steganography tool that allows users to hide text
or an image within another image.
● Project idea 3: Write a white paper on a cybersecurity topic. Writing a white paper
is a great way to share your knowledge with others and establish yourself as an
expert in the field.
13. SUGGESTED LEARNING RESOURCES

S. Author Publication with

Title of Book
No. place, year and ISBN

1 Cryptography and Network Security Williams Stallings Pearson Education,

Principles and Practices Third Edition

2 Principles of Computer Security Vincent Nestler, Gregory Tata-McGraw Hill

CompTIA Security+ and Beyond Lab White, Wm. Arthur Conklin,
Manual Matthew Hirsch, Corey
Schou

3 Cryptography and Network Security Atul Kahate Tata-McGraw-Hill

Principal and Practices

4 Cryptography and Network Security B A Forouzan Tata-McGraw-Hill

5 Computer Security Basics Deborah Russell G.T. O’Reilly publication

Gangenisr

6 Computer Security Dieter Gollman Wiley India Education,

14. SOFTWARE/LEARNING WEBSITES

a. [Link]
b. [Link]
c. [Link]
d. [Link]
e. Software: Wireshark Traffic Analysis/Packet Sniffing Tool, Snort Packet Sniffing
tool
15. PO-COMPETENCY-CO MAPPING

Semester VI Basics of Information Security(Course Code: 4360702)

POs and PSOs

GTU - COGC-2021 Curriculum

Page 7 of 8
Basics of Information Security Course Code: 4360702

PO 1 Basic PO 2 PO 3 Design/ PO 4 PO 5 PO 6 PO 7
& Discipline Problem development Engineering Engineering Project Life-long
specific Analysis of solutions Tools, practices for Manage learning
Competency knowledge Experimentatio society, ment
& Course Outcomes n & Testing sustainability
&
environment

Competency
● Evaluate and apply diverse cryptographic techniques to safeguard networked systems,
integrating foundational knowledge of basic information systems and principles of cyber
security.
Course Outcomes
CO a)
Describe fundamentals of information 3 - - - 3 - 3
security.

CO b)
Demonstrate substitution, transposition
3 2 3 2 - 2 3
technique and symmetric cryptography
algorithm.

CO c)
Demonstrate the public key encryption with 3 3 3 3 - 3 3
public key cryptography.

CO d)
Apply measures to protect the network
3 3 3 3 - 3 3
communication from attacks using firewalls
and intrusion detection systems.

CO e)
Describe the basics of cyber security, cyber 3 2 2 3 3 - 3
attacks, cyber crime.

Legend: ‘3’ for high, ‘2’ for medium, ‘1’ for low or ‘-’ for the relevant correlation of each competency, CO, with PO/ PSO

16. COURSE CURRICULUM DEVELOPMENT COMMITTEE

GTU Resource Persons

Sr.
Name and Designation Institute Email
No.
Government Polytechnic
1 Ms. Manisha P. Mehta (HOD) manishamehtain@[Link]
Himmatnagar

Government Polytechnic
2 Mrs. M. V. Prajapati - Lect.(CE) mvprajapati2014@[Link]
Gandhinagar

Government Polytechnic
3 Mr. Amit S. Vaishnav - Lect.(CE) amitvaishnav1112@[Link]
Gandhinagar

Government Polytechnic
4 Mr. Punit Saswadkar - Lect.(CE) psgpg20@[Link]
Gandhinagar

GTU - COGC-2021 Curriculum

Page 8 of 8