This course focuses on basic concepts, principles and practice of Information Systems Security (ISS). It is containing the topics like: Ethics, legality and the need for ISS, overview of networking and operating systems, their vulnerabilities and prevention. Active-passive attacks and their countermeasures. Access, authentication and user privileges. Foot printing. Scanning. Enumerations and system hacking. Trojans and backdoors. Sniffers. Denial of service attacks. Social engineering techniques. Session hijacking. WEB servers and WEB applications, vulnerabilities, attacks and countermeasures. Wireless networks, vulnerabilities, attacks and protection techniques. Malicious programs; viruses, worms, bacteria. Physical security issues. Evading IDS, honey pots and firewalls. Buffer overflow attacks. Cryptography and crypto analysis. Penetration testing methodologies.