Syllabus Sections
Publish Date
08/01/2011 09:53:21
Fundamentals of Information Security
ITSY-1300
Fall 2011
08/22/2011 - 12/11/2011
Course Information
Section 003
Lecture
MW 19:35 - 21:20
RGC1 117
Ronald Mendell
Section 004
Lecture
Sa 09:00 - 12:45
RGC1 004
Ronald Mendell
Office Hours
No office hours have been entered for this term
Course Requirements
Prerequisites
There are no prerequisites for this course.
Class Structure
Class time will contain lectures, demonstrations, class discussions, and labs.
Exams
Two exams will be given, a midterm and a final. Exams may be multiple choice or essay or a combination of both. Exams must be taken on the scheduled date or within the scheduled time frame. If you miss an exam you will receive a grade of zero for that exam, unless prior arrangements have been made to take the comprehensive final, or there was a compelling, verifiable personal emergency that prevented your attendance and giving as soon as possible notice to the instructor. There are no “make-up exams,” rather the student will be permitted, if approved by the instructor, to take a comprehensive final exam in lieu of the missing exam.
Lab Exercises
Labs exercises in class will a part of the course. The instructor will brief the class on lab exercises at appropriate times during the course. Some lab exercises may be assigned as homework depending upon the needs of the class.
Grade Policy:
Grades will be based both on concepts and practical applications.
Exams = 80%
Classroom Participation = 20%
Grade Scale:
A = 90 - 100
B = 80 - 89
C = 70 - 79
D = 60 - 69
F = below 60
Readings
Required texts
Principles of Computer Security: Security+ and Beyond
Wm. Arthur Conking, Gregory B. White, et al
(McGraw Hill, 2010) ISBN: 978-0-07-163375-8
Recommended but not required texts:
Security+ by Emmett Dulaney, Sybex 2009, ISBN: 978-0-470-37297-5.
Computer Forensics by Marie-Helen Maras, Jones & Bartlett 2012, ISBN: 978-1-4496-0072-3
Course Subjects
Description
The course provides instruction in security for network hardware, software, and data including using physical security measures, instituting backup procedures, protecting systems against attacks and intrusions, and gaining protection from malware. And, the course covers applying these concepts to the theme of “Protecting Yourself in the Digital Age.”
Class Schedule: The following is a tentative schedule for the course. The instructor reserves the right to make schedule changes based on the needs of the students in the class.
Chapters |
Assignment |
1 & 2 |
Introduction and Security Trends Inside the Security Mind |
3 & 4
|
Operational Security and People’s Role in Information Security |
5 |
Cryptography |
6
|
PKI
|
7 & 8 |
Internet Standards and Physical Security |
9 & 10 |
Network Security and Infrastructure |
11 & 12 EXAM 1 Assigned
|
Authentication and Wireless Midterm Exam Assigned
|
13 & 14 EXAM 1 Due |
Intrusion Detection Systems and Security Baselines Midterm Exam due |
15 & 16 |
Attacks and E-mail |
17 & 18 |
Web Security and Software Security
|
19 & 20 |
Disaster Planning and Risk Management
|
21 & 22 |
Change and Privilege Management |
23 &24 |
Computer Forensics and the Law
|
25 |
Privacy Issues and Review for Final |
EXAM 2 |
Final Exam – emphasis on last half of course |
Student Learning Outcomes/Learning Objectives
At the completion of this course, the student will have demonstrated the ability to:
Understand how information security can counteract attempts to attack an individual’s “infosphere,” the person’s sensitive information.
Understand how people are the weakest components in any security system.
Identify social engineering schemes.
Develop appropriate countermeasures.
Learn the fundamentals of cryptography and how cryptography serves as the central language of information security.
Identify the basic cryptographic tools.
Implement cryptography to protect the confidentiality and integrity of data.
Develop and Implement Physical Security
Identify and assess current and anticipated security risks and vulnerabilities
Monitor, evaluate, and test security conditions and environment
Implement, extend, and refine physical security plans and policies
Ensure Infrastructure and Network Security
Gather data and analyze security requirements
Identify, analyze, and evaluate infrastructure and network vulnerabilities
Develop critical situation contingency plans and disaster recovery plan
Implement/test contingency and backup plans and coordinate with stakeholders
Monitor, report, and resolve security problems
Designing Perimeter Security for a Network
Understand Security Baselines
Establishing baselines for computer systems
Testing networks and computers for vulnerabilities
Understand the Roles of Computer Forensics and the Law in Information Security.
Using basic computer forensics software to analyze information on a personal computer.
Using a digital camera as a tool in forensics and information security work.
Understand the basic software tools for assessing the security posture of a computer or a network.
Understanding how issues of privacy affect information security.