PART 01 Information Security Overview
SECTION 01 Concept of Information Security Management
1.
Information Protection in the Information Society / 2.
Information Security Management / 3. OSI Security Architecture
4.
Definition of basic security terms

PART 02 Cryptography
SECTION 01 Cryptography Overview
1.
Basic Concepts of Cryptography / 2.
Classification of cryptography / 3.
Cryptography (Cryptography) / 4.
Security Evaluation of Cryptographic Algorithms / 5.
Intellectual Property Rights Protection

SECTION 02 Symmetric Key Cryptography
1.
Classical symmetric key encryption / 2.
Modern Symmetric Key Cryptography / 3. DES (Data Encryption Standard)
4. AES / 5.
Other symmetric key encryption algorithms / 6.
Encryption techniques using modern symmetric key cryptography

SECTION 03 Asymmetric Key Cryptography
1.
Asymmetric key cryptography / 2.
Hybrid cryptosystem

SECTION 04 Hash Functions and Applications
1.
One-way hash function / 2.
Examples of cryptographic hash functions / 3.
Message Authentication Code (MAC)

SECTION 05 Electronic Signatures and PKI
1.
Electronic Signature / 2. PKI (Public Key Infrastructure)

SECTION 06 Key, Random Number
1.
Key / 2.
random number

PART 03 Access Control
SECTION 01 Access Control Overview
1.
Access Control Overview

SECTION 02 User Authentication
1.
Authentication / 2.
User authentication techniques / 3.
Single Sign On (SSO)

SECTION 03 Access Control Security Model
1.
Model of access control / 2.
Security model

SECTION 04 Access Control Security Threats and Countermeasures
1.
Access Control Security Threats and Countermeasures

PART 04 SYSTEM SECURITY
SECTION 01 Secure Operating System
1.
Hardening operating system security / 2.
Secure operating system / 3.
Key features of the secure operating system
4.
Secure Operating System and Secure Kernel / 5.
Trusted Platform Module (TPM)

SECTION 02 Client Security
1.
Malicious software (malicious code) / 2.
Internet Utilization Security

SECTION 03 Windows Server Security
1.
Windows / 2.
Windows Security / 3.
Windows Server Security Settings

SECTION 04 Unix/Linux Server Security
1.
UNIX / 2. Basic UNIX Usage / 3. UNIX Server Security

SECTION 05 Server Security Management
1.
Server Administrator's Duties / 2.
Log settings and management

SECTION 06 Various System Security Threats and Countermeasures
1.
Buffer Overflow Attack / 2.
Format String Attack / 3.
Race Condition Attack
4.
Back door / 5.
System resource exhaustion attack (system denial of service attack)
6.
Reverse Engineering / 7.
Other System Security Threats and Countermeasures

SECTION 07 Latest Security Topics
1.
Blockchain / 2.
Internet of Things (IoT) / 3.
Cloud Security
4.
Ransomware / 5. Advanced Persistent Threat (APT) / 6.
Other Latest Security Topics

PART 05 NETWORK SECURITY
SECTION 01 Network Overview
1.
Overview / 2. OSI Model and TCP/IP Protocol

SECTION 02 TCP/IP
1.
Physical layer / 2.
Data link layer / 3.
Network Layer / 4.
Transport Layer / 5.
Application layer

SECTION 03 ROUTING
1.
Routing Overview / 2.
unicast routing

SECTION 04 Understanding Network Equipment
1.
Understanding Network Equipment / 2. Configuring and Managing VLANs

SECTION 05 Wireless Communication Security
1.
Wireless Communication / 2.
Wireless LAN Security / 3. WAP (Wireless Application Protocol)
4.
Device authentication technology (device authentication) / 5. RFID (Radio-Frequency Identification) / 6.
Mobile Security

SECTION 06 NETWORK MANAGEMENT
1.
Network Management / 2. SNMP / 3.
remote access service

SECTION 07 Utilizing Network-Based Programs
1.
Leverage network-based programs

SECTION 08 Understanding Network-Based Attacks
1.
Network-based threats / 2.
Network-based security threats and countermeasures

SECTION 09 IDS/IPS
1.
Intrusion Detection System (IDS) / 2.
Intrusion Prevention System (IPS)

SECTION 10 Firewall
1.
Intrusion Prevention System (Firewall) Overview / 2.
Classification of types of intrusion prevention systems
3.
Types of intrusion prevention systems (construction types)

SECTION 11 VPN
1. VPN (Virtual Private Network) / 2. IPSec (IP Security Protocol) / 3.
Internet Key Exchange

SECTION 12: Latest Network Security Technologies
1.
Latest network security technology

PART 06 APPLICATION SECURITY
SECTION 01 FTP Security
1.
File-related protocols / 2. FTP security threats and countermeasures

SECTION 02 Email Security
1.
Email related protocols / 2.
Security technologies for email content security
3.
Spam Email Security Response Technology

SECTION 03 Web Security
1.
Web Security Overview / 2.
The World Wide Web and HTTP/3. SSL/TLS
4.
Web Security Threats and Countermeasures / 5.
Software Development Security

SECTION 04 DHCP and DNS Security
1.
Host Configuration and Host Configuration Protocol / 2. Domain Name System (DNS)
3. DNS Security

SECTION 05 DATABASE SECURITY
1.
Database Security Requirements / 2.
Database Security Controls

SECTION 06 E-Commerce Security
1.
Information Protection in E-Commerce / 2. SET (Secure Electronic Transaction)

SECTION 07: Breach Incident Response (Digital Forensics)
1.
Hacking / 2.
Incident Response and Forensics

SECTION 08 Various Application Security Threats and Countermeasures
1.
Various application security threats and countermeasures / 2.
Java Security

PART 07 Information Security Management and Regulations
SECTION 01 Establishing an Information Security Governance and Management System
1.
Information Security Governance / 2. IT Security Management / 3.
Information security policies, procedures, standards, guidelines, and baselines
4.
Human Resource Security

SECTION 02 Information Security Risk Management
1.
Risk Management / 2.
Risk Analysis

SECTION 03 BCP/DRP
1. BCP/DRP

SECTION 04 Information Security Certification System
1.
Security Product Evaluation Methods and Criteria / 2.
Information Security Management System Certification
3.
Information Security and Personal Information Protection Management System (ISMS-P Certification) / 4.
Other certification systems and information protection activities

SECTION 05 Information Protection-Related Laws
1.
Personal Information Protection Act (October 2, 2025) / 2.
Act on Promotion of Information and Communications Network Utilization and Information Protection (July 22, 2025)
3.
Information and Communications Network Protection Act (January 24, 2025)

Single volume of major university textbooks
The subject of information security theory has characteristics that cannot be summarized in just one or two university textbooks.
This textbook was compiled from several specialized books to enable students to efficiently study content that would otherwise require a significant amount of study time on their own.

Includes past exam questions
It was designed to systematize theoretical concepts through frequently asked questions from each unit.
It can be seen as a foundation for solving the past exam questions that will be published in the future, the past exam questions by year for the past 10 years, and the highest level N-level questions.

Ⅲ Book Structure and Usage
Theory
It consists of a total of 7 chapters: Chapter 1 - Introduction to Information Security, Chapter 2 - Cryptography, Chapter 3 - Access Control, Chapter 4 - System Security), Chapter 5 - Network Security, Chapter 6 - Application Security, Chapter 7 - Information Security Management and Regulations.

Catch up on past question types by unit
The past exam questions for each unit are representative of the past exam questions for that unit, and I believe they will be very helpful in gaining a feel for the actual exam.

Ⅳ Acknowledgments
I would like to express my deepest gratitude to the CEO and staff of Gian Edu Co., Ltd., who helped publish this textbook.
Also, I would like to express my gratitude to everyone who provided me with the first proofreading.