IT 350: Information Security
Contents
Security concepts and mechanisms; security technologies; authentication mechanisms;
mandatory and discretionary controls; cryptography and applications;
threats; intrusion detection and prevention; regulations; vulnerability assessment;
information assurance; forensics; anonymity and privacy issues; disaster recovery
planning, legal issues and ethics.
This course (IT 350) is a prerequisite for the following IT course(s):
This course is normally scheduled every fall and spring semester.
(
under construction...)
The following content areas will be covered.
- Security Management Practices (about 3 hours)
- Confidentiality, Integrity, Availability (about 3 hours)
- Security Architecture and Models (about 6 hours)
- Access Control Systems and Methodology (about 6 hours)
- Applications and Systems Development Security (about 12 hours)
- Telecommunications and Network Security (about 12 hours)
- Cryptography/Cryptology (about 6 hours)
- Operations Security (about 6 hours)
- Law, Investigations, and Ethics (about 3 hours)
- Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) (about 3 hours)
Additional topics may also be covered based on time and student interest.
By the end of this course, you should be able to
- explain how to find an organization's information assets
- explain how to find threats, classify assets, and rate vulnerabilities so that effective security controls can be implemented
- explain how to know whether a firewall or intrusion-detection system is required
- explain the importance of implementing policies, standards, procedures, and guidelines that ensure confidentiality, integrity, and availability
- explain how to assign confidentiality values to data
- explain how to create policies used to define the standards, guidelines, and procedures used by an organization
- explain how to identify how and where data can be used
- explain why it is important that employees understand their responsibilities in the security and operation of an information system
- demonstrate how to design and implement operating systems, equipment, networks, and applications so they can be monitored and secure
- demonstrate the ability to implement simple security with access control lists and with capability-based approach
- write and implement a computer program that illustrates how an access control system works
- demonstrate the ability to implement an example of buffer overflow and how to guard against this problem
- demonstrate the ability to implement an example of SQL injection and how to guard against this problem
- apply responsibilities inherent in providing telecommunication services, including security, privacy, reliability and performance
- explain (in general terms) how information can be encrypted and validated to ensure that it remains secure and complete, and that only authorized persons can access the encrypted data
- explain how a "man in the middle" attack works
- explain how key length affects security
- explain how to use digital signatures to authenticate the source of a message and for non-repudiation
- explain the concept that encryption techniques can be subverted using many methods of attack
- explain the difference between symmetric and asymmetric encryption
- define and explain the purpose of an intrusion-detection program
- define the term "disaster recovery" and explain how it is implemented
- explain how risks are assessed
- explain how to identify critical information
- explain how to identify threats
- explain how to use countermeasures
- explain how vulnerabilities are assessed
- explain the importance of proper administrative and management processes that define how employees are hired/fired
- explain the importance of using log files, auditing, and other forms of monitoring and observation in operations security
- explain the need to put oneself "in a "cracker's shoes", then building a defensive system based on what is discovered
- explain the process of penetration testing
- list and explain several ways to safeguard as system against internal attack, and how to handle a successful attack
- define "expert technical witness", civil law, criminal law, forensics
- define incident report and list important details that go into an incident report
- list and define several types of computer crime (e.g., access private information, destroy data, steal intellectual property)
- list ethical and legal issues in development, ownership, sales, acquisition, use and maintenance of computer systems and software
- define business continuity plan
- define disaster recovery plan
- list the steps involved in conducting a business impact assessment
Final textbook choice is determined by the instructor, who may
choose a textbook similar to one the following. This list can give you an
idea of the course topics, coverage, and depth.
- Dhillon, Principles of Information Systems Security: Texts and Cases, Wiley , 2006(ISBN: 0471450561)
- Merkow, Breithaupt, Information Security: Principles and Practices, Prentice Hall, 2005(ISBN: 0131547291)
- Viega, McGraw, Building Secure Software: How to Avoid Security Problems the Right Way (1st), Addison-Wesley Professional, 2001(ISBN: 020172152X)
- Whitman, Mattord, Principles of Information Security (2nd), Course Technology, 2004(ISBN: 0619216255)
Additional readings may be assigned by the instructor.
