iSYS 350: Information Security
Contents
In-depth examination of topics in the management of information technology security including access control systems and methodology, business continuity and disaster recovery planning, legal issues in information system security, ethics, computer operations security, physical security and security architecture & models using current standards and models. Cross-listed with IT as IT 350.
This course (iSYS 350) is a prerequisite for the following iSYS course(s):
This course is normally scheduled every fall and spring semester.
(
under construction...)
The following content areas will be covered.
- Security Management Practices (about 3 hours)
- Confidentiality, Integrity, Availability (about 3 hours)
- Security Architecture and Models (about 6 hours)
- Access Control Systems and Methodology (about 6 hours)
- Applications and Systems Development Security (about 12 hours)
- Telecommunications and Network Security (about 12 hours)
- Cryptography/Cryptology (about 6 hours)
- Operations Security (about 6 hours)
- Law, Investigations, and Ethics (about 3 hours)
- Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) (about 3 hours)
Additional topics may also be covered based on time and student interest.
By the end of this course, you should be able to
- explain how to find an organization's information assets
- explain how to find threats, classify assets, and rate vulnerabilities so that effective security controls can be implemented
- explain how to know whether a firewall or intrusion-detection system is required
- explain the importance of implementing policies, standards, procedures, and guidelines that ensure confidentiality, integrity, and availability
- explain how to assign confidentiality values to data
- explain how to create policies used to define the standards, guidelines, and procedures used by an organization
- explain how to identify how and where data can be used
- explain why it is important that employees understand their responsibilities in the security and operation of an information system
- demonstrate how to design and implement operating systems, equipment, networks, and applications so they can be monitored and secure
- demonstrate the ability to implement simple security with access control lists and with capability-based approach
- write and implement a computer program that illustrates how an access control system works
- demonstrate the ability to implement an example of buffer overflow and how to guard against this problem
- demonstrate the ability to implement an example of SQL injection and how to guard against this problem
- apply responsibilities inherent in providing telecommunication services, including security, privacy, reliability and performance
- explain (in general terms) how information can be encrypted and validated to ensure that it remains secure and complete, and that only authorized persons can access the encrypted data
- explain how a "man in the middle" attack works
- explain how key length affects security
- explain how to use digital signatures to authenticate the source of a message and for non-repudiation
- explain the concept that encryption techniques can be subverted using many methods of attack
- explain the difference between symmetric and asymmetric encryption
- define and explain the purpose of an intrusion-detection program
- define the term "disaster recovery" and explain how it is implemented
- explain how risks are assessed
- explain how to identify critical information
- explain how to identify threats
- explain how to use countermeasures
- explain how vulnerabilities are assessed
- explain the importance of proper administrative and management processes that define how employees are hired/fired
- explain the importance of using log files, auditing, and other forms of monitoring and observation in operations security
- explain the need to put oneself "in a "cracker's shoes", then building a defensive system based on what is discovered
- explain the process of penetration testing
- list and explain several ways to safeguard as system against internal attack, and how to handle a successful attack
- define "expert technical witness", civil law, criminal law, forensics
- define incident report and list important details that go into an incident report
- list and define several types of computer crime (e.g., access private information, destroy data, steal intellectual property)
- list ethical and legal issues in development, ownership, sales, acquisition, use and maintenance of computer systems and software
- define business continuity plan
- define disaster recovery plan
- list the steps involved in conducting a business impact assessment
Final textbook choice is determined by the instructor, who may choose a textbook similar to one the following. This list can give you an idea of the course topics, coverage, and depth.
- Dhillon, Principles of Information Systems Security: Texts and Cases, Wiley , 2006(ISBN: 0471450561)
- Merkow, Breithaupt, Information Security: Principles and Practices, Prentice Hall, 2005(ISBN: 0131547291)
- Viega, McGraw, Building Secure Software: How to Avoid Security Problems the Right Way (1st), Addison-Wesley Professional, 2001(ISBN: 020172152X)
- Whitman, Mattord, Principles of Information Security (2nd), Course Technology, 2004(ISBN: 0619216255)
Additional readings may be assigned by the instructor.
