Prerequisites

There are no prerequisites for this course.

Class Structure

Class time will contain lectures, demonstrations, class discussions, and labs.

Exams

Two exams will be given, a midterm and a final. Exams may be multiple choice or essay or a combination of both. Exams must be taken on the scheduled date or within the scheduled time frame. If you miss an exam you will receive a grade of zero for that exam, unless prior arrangements have been made to take the comprehensive final, or there was a compelling, verifiable personal emergency that prevented your attendance and giving as soon as possible notice to the instructor. There are no “make-up exams,” rather the student will be permitted, if approved by the instructor, to take a comprehensive final exam in lieu of the missing exam.

Lab Exercises

Labs exercises in class will a part of the course.  The instructor will brief the class on lab exercises at appropriate times during the course. Some lab exercises may be assigned as homework depending upon the needs of the class.

Grade Policy:

Grades will be based both on concepts and practical applications.

Exams = 80%

Classroom Participation = 20%

Grade Scale:

A = 90 - 100

B = 80 - 89

C = 70 - 79

D = 60 - 69

F = below 60

Required texts

Principles of Computer Security: Security+ and Beyond

Wm. Arthur Conking, Gregory B. White, et al

(McGraw Hill, 2010) ISBN: 978-0-07-163375-8

Recommended but not required texts:

 Security+ by Emmett Dulaney, Sybex 2009, ISBN: 978-0-470-37297-5.

 Computer Forensics by Marie-Helen Maras, Jones & Bartlett 2012, ISBN: 978-1-4496-0072-3

Description

The course provides instruction in security for network hardware, software, and data including using physical security measures, instituting backup procedures, protecting systems against attacks and intrusions, and gaining protection from malware. And, the course covers applying these concepts to the theme of “Protecting Yourself in the Digital Age.”

Class Schedule: The following is a tentative schedule for the course. The instructor reserves the right to make schedule changes based on the needs of the students in the class.

At the completion of this course, the student will have demonstrated the ability to:

Understand how information security can counteract attempts to attack an individual’s “infosphere,” the person’s sensitive information.

Understand how people are the weakest components in any security system.

Identify social engineering schemes.

Develop appropriate countermeasures.

Learn the fundamentals of cryptography and how cryptography serves as the central language of information security.

Identify the basic cryptographic tools.

Implement cryptography to protect the confidentiality and integrity of data.

Develop and Implement Physical Security

Identify and assess current and anticipated security risks and vulnerabilities

Monitor, evaluate, and test security conditions and environment

Implement, extend, and refine physical security plans and policies

Ensure Infrastructure and Network Security

Gather data and analyze security requirements

Identify, analyze, and evaluate infrastructure and network vulnerabilities

Develop critical situation contingency plans and disaster recovery plan

Implement/test contingency and backup plans and coordinate with stakeholders

Monitor, report, and resolve security problems

Designing Perimeter Security for a Network

Understand Security Baselines

Establishing baselines for computer systems

Testing networks and computers for vulnerabilities

Understand the Roles of Computer Forensics and the Law in Information Security.

Using basic computer forensics software to analyze information on a personal computer.

Using a digital camera as a tool in forensics and information security work.

Understand the basic software tools for assessing the security posture of a computer or a network.

Understanding how issues of privacy affect information security.