COURSE
SYLLABUS
ITSY 1342
Information Technology Security
Course Description: Instruction in security for
network hardware, software, and data, including physical security, backup
procedures, relevant tools; encryption, and protection from viruses.
Prerequisite:
I.
ITSY
1342 Information Technology Security
II. Textbook: Principles of
Information Security, Authors - Michael E. Whitman and Herbert J. Mattord, Second Edition, Course Technology Publishing.
III. Number of semester
hours and length of course:
Three
semester hours of college credit: One
Hour lab hour per week.
IV. General
Objectives:
Ensure
the physical security of file servers and other network components using best
practices, develop backup procedures to provide for data security: use network
operating system features to implement network security: describe the nature of
computer viruses, their methods of spreading, and means of protecting networks
from viruses: use relevant tools to provide for network security; and use
encryption techniques to protect network data.
V. Major Divisions of the Course:
A. Introduction to Information Security
1. History of Information Security
2. What is Information Security?
3. Critical Characteristics of Information
4. Components of an Information System
5. The Systems Development Life Cycle
6. Security Systems Development Life Cycle
B. Security Investigation Phase
1. The Need for Security
2. Threats and Attacks
C. Legal, Ethical and Professional Issues in
Information Security
1.
Law and Ethics in Information Security
2. Policy Verses Law
D. Security Analysis
1. Risk Management: Identifying and Assessing
Risk
2. Information Assess Valuation
3. Security Clearances
E. Risk Management: Assessing and Controlling
Risk
1. Risk Control Strategies
2. Evaluation, Assessment, and Maintenance of
Risk Controls
3. Practices in Controlling Risk
F. Logical Design
1. Blueprint for Security
2. Security Policies, Standards, and Practices
3. NIST Security Models
4. Security Education, Training, and Awareness
Program
5. Design of Security Architecture
G. Planning for Continuity
1. Business Impact Analysis
2. Incident Response Planning
3. Incident Reaction and Recovery
4. Disaster Recovery Planning
H. Physical Design
1. Security Technology
2. Firewalls and VPNs
3. Dial-up Protection
4. Intrusion Detection Systems
5. Scanning and Analysis Tools
6. Cryptography and Encryption
7. Access Control Devices
I. Physical Security
1.
Access Controls
2. Fire Safety
3. Interception of Data
4.
J. Implementing Security
1.
Project Management in the Implementation Phase
2. Technical and Non-technical Aspects of
Implementation
K. Security and Personnel
1. Security Considerations for Employees and
Non-employees
2. Employment Policies and Practices
3. Privacy and Security of Personal Data
L. Maintenance and Change
1. Information and Management Change
2. The ISO Network Model
3. The Maintenance Model
4. Monitoring External and Internal Environments
5. Planning and Risk Assessment
Grading:
Test
1 Chapters 1, 2, and 3 1/7
Test
2 Chapter 4
1/7
Test 3 Chapter 5
1/7
Test 4 Chapters 6, 7, 8, and 9 1/7
Final Exam Chapters 10, 11, and 12 1/7
Homework/Daily
Work 1/7
Project/Presentation 1/7
100%
The
following assignments will be given during the semester as the chapters are
covered in class. Specific due dates
will be given in class.
Chapter 1 Assignment: Find an authentic Security Policy (a Security Policy from where you work, from a business or organization, or on the Internet, etc.) and summarize it. Critique the Security Policy in your own words as to if it is complete, strengths and weaknesses, etc.
Chapter 4 Assignment: Case Exercises, Number 1. The Question of Risk Management pages 149-150.
Chapter 5 Assignment: Exercises page 185. Do Number 1 only. Create the Chart in Excel and determine the
SLE, ARO, and ALE.
Chapter 6 Assignment: Case Exercise Enterprise Security, pages 232-233.
Chapter 7 Assignment: Do numbers 4 and 5 under Exercises on page 269.
Chapter 9 Assignment: Answer Review Questions 1 through 7 on page 385.
Chapter 11 Assignment: Review Questions 1, 6, 7, 9, and 10, page 446.
Chapter 12 Assignment: Case Exercise, A Slap on the Wrist, page 492.